feat: add X-Tokenless-PR header (#342)

* feat: add X-Tokenless-PR header

If you look at codecov/codecov-api#304 you'll notice
that it expects 2 headers - `X-Tokenless` and `X-Tokenless-PR`.

We were not yet sending `X-Tokenless-PR` (because I only realized we'd need
it after doing the API side of things).

These changes add that header to tokenless requests.

* improve coverage

* fix: exception if PR is from same repo

If a PR exists and base and head are from the same repo it seems that
the response["head"]["repo"] is set to None, causing exception when
the code runs.

This fixes that bug so that the CLI can fail gracefully (if a token
is not provided)

Author: giovanni-guidini

.gitignore

@@ -163,3 +163,5 @@ cython_debug/
 # Vim temporary files
 *.swp
 *.swo
+
+.debug

codecov_cli/helpers/git_services/github.py

@@ -22,7 +22,11 @@ def get_pull_request(self, slug, pr_number) -> PullDict:
                     "sha": res["head"]["sha"],
                     "label": res["head"]["label"],
                     "ref": res["head"]["ref"],
-                    "slug": res["head"]["repo"]["full_name"],
+                    # Through empiric test data it seems that the "repo" key in "head" is set to None
+                    # If the PR is from the same repo (e.g. not from a fork)
+                    "slug": res["head"]["repo"]["full_name"]
+                    if res["head"]["repo"]
+                    else res["base"]["repo"]["full_name"],
                 },
                 "base": {
                     "sha": res["base"]["sha"],

codecov_cli/services/commit/__init__.py

@@ -3,7 +3,7 @@
 
 from codecov_cli.helpers.config import CODECOV_API_URL
 from codecov_cli.helpers.encoder import decode_slug, encode_slug
-from codecov_cli.helpers.git import get_git_service, get_pull, is_fork_pr
+from codecov_cli.helpers.git import get_pull, is_fork_pr
 from codecov_cli.helpers.request import (
     get_token_header_or_fail,
     log_warnings_and_errors_if_any,
@@ -46,7 +46,7 @@ def send_commit_data(
     decoded_slug = decode_slug(slug)
     pull_dict = get_pull(service, decoded_slug, pr) if not token else None
     if is_fork_pr(pull_dict):
-        headers = {"X-Tokenless": pull_dict["head"]["slug"]}
+        headers = {"X-Tokenless": pull_dict["head"]["slug"], "X-Tokenless-PR": pr}
         branch = pull_dict["head"]["slug"] + ":" + branch
         logger.info("The PR is happening in a forked repo. Using tokenless upload.")
     else:

codecov_cli/services/report/__init__.py

@@ -52,7 +52,10 @@ def send_create_report_request(
         get_pull(service, decoded_slug, pull_request_number) if not token else None
     )
     if is_fork_pr(pull_dict):
-        headers = {"X-Tokenless": pull_dict["head"]["slug"]}
+        headers = {
+            "X-Tokenless": pull_dict["head"]["slug"],
+            "X-Tokenless-PR": pull_request_number,
+        }
     else:
         headers = get_token_header_or_fail(token)
     upload_url = enterprise_url or CODECOV_API_URL

codecov_cli/services/upload/upload_sender.py

@@ -58,7 +58,10 @@ def send_upload_data(
         )
 
         if is_fork_pr(pull_dict):
-            headers = {"X-Tokenless": pull_dict["head"]["slug"]}
+            headers = {
+                "X-Tokenless": pull_dict["head"]["slug"],
+                "X-Tokenless-PR": pull_request_number,
+            }
         else:
             headers = get_token_header_or_fail(token)
         encoded_slug = encode_slug(slug)

tests/helpers/test_upload_sender.py

@@ -159,6 +159,47 @@ def test_upload_sender_post_called_with_right_parameters(
             post_req_made.headers.items() >= headers.items()
         )  # test dict is a subset of the other
 
+    def test_upload_sender_post_called_with_right_parameters_tokenless(
+        self,
+        mocked_responses,
+        mocked_legacy_upload_endpoint,
+        mocked_storage_server,
+        mocker,
+    ):
+        headers = {"X-Tokenless": "user-forked/repo", "X-Tokenless-PR": "pr"}
+        mock_get_pull = mocker.patch(
+            "codecov_cli.services.upload.upload_sender.get_pull",
+            return_value={
+                "head": {"slug": "user-forked/repo"},
+                "base": {"slug": "org/repo"},
+            },
+        )
+        mocked_legacy_upload_endpoint.match = [
+            matchers.json_params_matcher(request_data),
+            matchers.header_matcher(headers),
+        ]
+
+        sending_result = UploadSender().send_upload_data(
+            upload_collection, random_sha, None, **named_upload_data
+        )
+        assert sending_result.error is None
+        assert sending_result.warnings == []
+
+        assert len(mocked_responses.calls) == 2
+
+        post_req_made = mocked_responses.calls[0].request
+        encoded_slug = encode_slug(named_upload_data["slug"])
+        response = json.loads(mocked_responses.calls[0].response.text)
+        assert response.get("url") == "https://app.codecov.io/commit-url"
+        assert (
+            post_req_made.url
+            == f"https://api.codecov.io/upload/github/{encoded_slug}/commits/{random_sha}/reports/{named_upload_data['report_code']}/uploads"
+        )
+        assert (
+            post_req_made.headers.items() >= headers.items()
+        )  # test dict is a subset of the other
+        mock_get_pull.assert_called()
+
     def test_upload_sender_put_called_with_right_parameters(
         self, mocked_responses, mocked_legacy_upload_endpoint, mocked_storage_server
     ):

tests/services/commit/test_commit_service.py

@@ -195,5 +195,5 @@ def mock_request(*args, headers={}, **kwargs):
             "pullid": "1",
             "branch": "user_forked_repo/codecov-cli:branch",
         },
-        headers={"X-Tokenless": "user_forked_repo/codecov-cli"},
+        headers={"X-Tokenless": "user_forked_repo/codecov-cli", "X-Tokenless-PR": "1"},
     )

tests/services/report/test_report_service.py

@@ -26,6 +26,43 @@ def test_send_create_report_request_200(mocker):
     mocked_response.assert_called_once()
 
 
+def test_send_create_report_request_200_tokneless(mocker):
+    mocked_response = mocker.patch(
+        "codecov_cli.services.report.send_post_request",
+        return_value=RequestResult(
+            status_code=200,
+            error=None,
+            warnings=[],
+            text="mocked response",
+        ),
+    )
+
+    mocked_get_pull = mocker.patch(
+        "codecov_cli.services.report.get_pull",
+        return_value={
+            "head": {"slug": "user-forked/repo"},
+            "base": {"slug": "org/repo"},
+        },
+    )
+    res = send_create_report_request(
+        "commit_sha",
+        "code",
+        "github",
+        None,
+        "owner::::repo",
+        "enterprise_url",
+        1,
+    )
+    assert res.error is None
+    assert res.warnings == []
+    mocked_response.assert_called_with(
+        url=f"enterprise_url/upload/github/owner::::repo/commits/commit_sha/reports",
+        headers={"X-Tokenless": "user-forked/repo", "X-Tokenless-PR": 1},
+        data={"code": "code"},
+    )
+    mocked_get_pull.assert_called()
+
+
 def test_send_create_report_request_403(mocker):
     mocked_response = mocker.patch(
         "codecov_cli.services.report.requests.post",