From 0da2400651dfbff69ddf551b067f0f037e7c335d Mon Sep 17 00:00:00 2001
From: Trent Schmidt <trent.schmidt@sentry.io>
Date: Thu, 19 Oct 2023 17:14:53 -0400
Subject: [PATCH 1/7] Update typescript-standard.yml

---
 .github/workflows/typescript-standard.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/typescript-standard.yml b/.github/workflows/typescript-standard.yml
index 3ae70c5..59b49ca 100644
--- a/.github/workflows/typescript-standard.yml
+++ b/.github/workflows/typescript-standard.yml
@@ -3,6 +3,9 @@ on: [push, pull_request]
 jobs:
   test-and-upstream:
     runs-on: ubuntu-latest
+    permissions:
+      contents: 'write'
+      repository-projects: 'write'
     steps:
       - uses: actions/checkout@v4
       - uses: actions/cache@v3
@@ -30,7 +33,7 @@ jobs:
           CORRECT_COVERAGE: ${{ vars.CORRECT_COVERAGE }}
       - name: Upstream to Standards
         env:
-          GH_TOKEN: ${{ secrets.GH_TOKEN }}
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           COVERAGE_SOURCE_FILE: ${{ secrets.COVERAGE_SOURCE_FILE }}
         if: ${{ github.event_name == 'push'}}
         run: |

From dfc75bbdaa793a5d7137c1c0d5a90330ae4327c9 Mon Sep 17 00:00:00 2001
From: Tom Hu <thomas.hu@sentry.io>
Date: Fri, 20 Oct 2023 12:21:39 +1100
Subject: [PATCH 2/7] test: clone locally

---
 .github/workflows/typescript-standard.yml |  8 ++++
 standards.sh                              | 45 +++++++++++++++++++++++
 2 files changed, 53 insertions(+)
 create mode 100644 standards.sh

diff --git a/.github/workflows/typescript-standard.yml b/.github/workflows/typescript-standard.yml
index 59b49ca..1960856 100644
--- a/.github/workflows/typescript-standard.yml
+++ b/.github/workflows/typescript-standard.yml
@@ -31,6 +31,14 @@ jobs:
         env:
           API_KEY: ${{ secrets.API_KEY }}
           CORRECT_COVERAGE: ${{ vars.CORRECT_COVERAGE }}
+      - name: Upstream to Standards (local)
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          COVERAGE_SOURCE_FILE: ${{ secrets.COVERAGE_SOURCE_FILE }}
+        if: ${{ github.event_name == 'push'}}
+        run: |
+          bash standards.sh
+
       - name: Upstream to Standards
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/standards.sh b/standards.sh
new file mode 100644
index 0000000..6c277f2
--- /dev/null
+++ b/standards.sh
@@ -0,0 +1,45 @@
+#!/usr/bin/env bash
+
+# Update this to the coverage file you want to upload to the standards repo
+COVERAGE_SOURCE_FILE=${COVERAGE_SOURCE_FILE}
+
+# -=- Nothing below here should need to be changed -=-
+
+echo "Starting the coverage data push to the standards repo..."
+echo "Generating the SHA.txt file"
+PROJECT_NAME=$(basename `git rev-parse --show-toplevel`)
+echo $PROJECT_NAME
+COVERAGE_SHA=$(git rev-list HEAD | head -1)
+echo $COVERAGE_SHA > SHA.txt
+echo "Processing coverage for report belonging to latest commit"
+PROD_COVERAGE=$(curl https://codecov.io/api/gh/codecov/$PROJECT_NAME/commit/$COVERAGE_SHA | \
+python3 -c "import sys, json; print(json.load(sys.stdin)['commit']['totals']['c'])")
+echo "Validating if production coverage is a number"
+if ! [[ $PROD_COVERAGE =~ ^[0-9]+([.][0-9]+)?$ ]] ; then
+  echo "error: Not a number" >&2; exit 1
+fi
+echo "Generating coverage_totals.txt file"
+echo $PROD_COVERAGE > coverage_totals.txt
+echo "Cloning the standards repo in the parent directory"
+cd ..
+git clone https://codecov:${GH_TOKEN}@github.com/codecov/standards.git
+cd standards
+echo "Deleting content in coverage_data if it exists"
+COVERAGE_DEST_DIR="coverage_data/$PROJECT_NAME"
+rm -rf $COVERAGE_DEST_DIR
+echo "Commiting deletion of coverage data"
+git config --global user.email "devops@codecov.io"
+git config --global user.name "Codecov Devops"
+git add .
+git commit -m "Deleting existing coverage data for $PROJECT_NAME with SHA $COVERAGE_SHA"
+echo "Recreating coverage directory"
+mkdir -p $COVERAGE_DEST_DIR
+echo "Copying the coverage file and SHA.txt to the coverage directory"
+cp ../$PROJECT_NAME/$COVERAGE_SOURCE_FILE $COVERAGE_DEST_DIR/
+cp ../$PROJECT_NAME/SHA.txt $COVERAGE_DEST_DIR/
+cp ../$PROJECT_NAME/coverage_totals.txt $COVERAGE_DEST_DIR/
+echo "Commiting and pushing the coverage data to the standards repo."
+git add coverage_data
+git commit -m "Updating coverage data for $PROJECT_NAME with SHA $COVERAGE_SHA"
+git push origin --force
+echo "Push to upstream complete!"

From 4d41c4ea3183c941db7b3638438e3e966718df18 Mon Sep 17 00:00:00 2001
From: Tom Hu <thomas.hu@sentry.io>
Date: Fri, 20 Oct 2023 12:41:27 +1100
Subject: [PATCH 3/7] fix: unset extra header

---
 standards.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/standards.sh b/standards.sh
index 6c277f2..9f946de 100644
--- a/standards.sh
+++ b/standards.sh
@@ -41,5 +41,6 @@ cp ../$PROJECT_NAME/coverage_totals.txt $COVERAGE_DEST_DIR/
 echo "Commiting and pushing the coverage data to the standards repo."
 git add coverage_data
 git commit -m "Updating coverage data for $PROJECT_NAME with SHA $COVERAGE_SHA"
+git config --unset-all http.https://github.com/.extraheader
 git push origin --force
 echo "Push to upstream complete!"

From 9a6ce9983db5af1212001faef5a2443000930bd2 Mon Sep 17 00:00:00 2001
From: Tom Hu <thomas.hu@sentry.io>
Date: Fri, 20 Oct 2023 12:47:36 +1100
Subject: [PATCH 4/7] fix: push with token

---
 standards.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/standards.sh b/standards.sh
index 9f946de..24b19e2 100644
--- a/standards.sh
+++ b/standards.sh
@@ -42,5 +42,5 @@ echo "Commiting and pushing the coverage data to the standards repo."
 git add coverage_data
 git commit -m "Updating coverage data for $PROJECT_NAME with SHA $COVERAGE_SHA"
 git config --unset-all http.https://github.com/.extraheader
-git push origin --force
+git push --prune https://codecov:${GH_TOKEN}@github.com/codecov/standards.git
 echo "Push to upstream complete!"

From 97e48955aa89b64a3c5dfa95e53431177914cb49 Mon Sep 17 00:00:00 2001
From: Tom Hu <thomas.hu@sentry.io>
Date: Fri, 20 Oct 2023 14:40:15 +1100
Subject: [PATCH 5/7] fix: try to use GH_TOKEN

---
 .github/workflows/typescript-standard.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/typescript-standard.yml b/.github/workflows/typescript-standard.yml
index 1960856..56a291b 100644
--- a/.github/workflows/typescript-standard.yml
+++ b/.github/workflows/typescript-standard.yml
@@ -8,6 +8,8 @@ jobs:
       repository-projects: 'write'
     steps:
       - uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.GH_TOKEN }}
       - uses: actions/cache@v3
         with:
           path: ~/.npm
@@ -33,7 +35,7 @@ jobs:
           CORRECT_COVERAGE: ${{ vars.CORRECT_COVERAGE }}
       - name: Upstream to Standards (local)
         env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.GH_TOKEN }}
           COVERAGE_SOURCE_FILE: ${{ secrets.COVERAGE_SOURCE_FILE }}
         if: ${{ github.event_name == 'push'}}
         run: |

From ec84eb1ac3d6fc38eb5bce7f40c9e4d3f8637a16 Mon Sep 17 00:00:00 2001
From: Tom Hu <thomas.hu@sentry.io>
Date: Fri, 20 Oct 2023 14:44:13 +1100
Subject: [PATCH 6/7] fix: clean up

---
 .github/workflows/typescript-standard.yml |  8 ----
 standards.sh                              | 46 -----------------------
 2 files changed, 54 deletions(-)
 delete mode 100644 standards.sh

diff --git a/.github/workflows/typescript-standard.yml b/.github/workflows/typescript-standard.yml
index 56a291b..3e2083d 100644
--- a/.github/workflows/typescript-standard.yml
+++ b/.github/workflows/typescript-standard.yml
@@ -33,14 +33,6 @@ jobs:
         env:
           API_KEY: ${{ secrets.API_KEY }}
           CORRECT_COVERAGE: ${{ vars.CORRECT_COVERAGE }}
-      - name: Upstream to Standards (local)
-        env:
-          GH_TOKEN: ${{ secrets.GH_TOKEN }}
-          COVERAGE_SOURCE_FILE: ${{ secrets.COVERAGE_SOURCE_FILE }}
-        if: ${{ github.event_name == 'push'}}
-        run: |
-          bash standards.sh
-
       - name: Upstream to Standards
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/standards.sh b/standards.sh
deleted file mode 100644
index 24b19e2..0000000
--- a/standards.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/usr/bin/env bash
-
-# Update this to the coverage file you want to upload to the standards repo
-COVERAGE_SOURCE_FILE=${COVERAGE_SOURCE_FILE}
-
-# -=- Nothing below here should need to be changed -=-
-
-echo "Starting the coverage data push to the standards repo..."
-echo "Generating the SHA.txt file"
-PROJECT_NAME=$(basename `git rev-parse --show-toplevel`)
-echo $PROJECT_NAME
-COVERAGE_SHA=$(git rev-list HEAD | head -1)
-echo $COVERAGE_SHA > SHA.txt
-echo "Processing coverage for report belonging to latest commit"
-PROD_COVERAGE=$(curl https://codecov.io/api/gh/codecov/$PROJECT_NAME/commit/$COVERAGE_SHA | \
-python3 -c "import sys, json; print(json.load(sys.stdin)['commit']['totals']['c'])")
-echo "Validating if production coverage is a number"
-if ! [[ $PROD_COVERAGE =~ ^[0-9]+([.][0-9]+)?$ ]] ; then
-  echo "error: Not a number" >&2; exit 1
-fi
-echo "Generating coverage_totals.txt file"
-echo $PROD_COVERAGE > coverage_totals.txt
-echo "Cloning the standards repo in the parent directory"
-cd ..
-git clone https://codecov:${GH_TOKEN}@github.com/codecov/standards.git
-cd standards
-echo "Deleting content in coverage_data if it exists"
-COVERAGE_DEST_DIR="coverage_data/$PROJECT_NAME"
-rm -rf $COVERAGE_DEST_DIR
-echo "Commiting deletion of coverage data"
-git config --global user.email "devops@codecov.io"
-git config --global user.name "Codecov Devops"
-git add .
-git commit -m "Deleting existing coverage data for $PROJECT_NAME with SHA $COVERAGE_SHA"
-echo "Recreating coverage directory"
-mkdir -p $COVERAGE_DEST_DIR
-echo "Copying the coverage file and SHA.txt to the coverage directory"
-cp ../$PROJECT_NAME/$COVERAGE_SOURCE_FILE $COVERAGE_DEST_DIR/
-cp ../$PROJECT_NAME/SHA.txt $COVERAGE_DEST_DIR/
-cp ../$PROJECT_NAME/coverage_totals.txt $COVERAGE_DEST_DIR/
-echo "Commiting and pushing the coverage data to the standards repo."
-git add coverage_data
-git commit -m "Updating coverage data for $PROJECT_NAME with SHA $COVERAGE_SHA"
-git config --unset-all http.https://github.com/.extraheader
-git push --prune https://codecov:${GH_TOKEN}@github.com/codecov/standards.git
-echo "Push to upstream complete!"

From eda4f6be4335a1ed20509d3169bffb0fe18f7ab4 Mon Sep 17 00:00:00 2001
From: Tom Hu <thomas.hu@sentry.io>
Date: Fri, 20 Oct 2023 14:45:24 +1100
Subject: [PATCH 7/7] fix: will it still work

---
 .github/workflows/typescript-standard.yml | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/.github/workflows/typescript-standard.yml b/.github/workflows/typescript-standard.yml
index 3e2083d..54c888c 100644
--- a/.github/workflows/typescript-standard.yml
+++ b/.github/workflows/typescript-standard.yml
@@ -3,9 +3,6 @@ on: [push, pull_request]
 jobs:
   test-and-upstream:
     runs-on: ubuntu-latest
-    permissions:
-      contents: 'write'
-      repository-projects: 'write'
     steps:
       - uses: actions/checkout@v4
         with:
@@ -35,7 +32,7 @@ jobs:
           CORRECT_COVERAGE: ${{ vars.CORRECT_COVERAGE }}
       - name: Upstream to Standards
         env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.GH_TOKEN }}
           COVERAGE_SOURCE_FILE: ${{ secrets.COVERAGE_SOURCE_FILE }}
         if: ${{ github.event_name == 'push'}}
         run: |