From a2fabbe38b2705fd7ed34618ce07953eda3bb12e Mon Sep 17 00:00:00 2001
From: Sam Doran <sdoran@redhat.com>
Date: Sun, 16 May 2021 22:48:10 -0400
Subject: [PATCH] [stable-2.9] Use our own copy of the Codecov uploader
 (#74460) (#74493)

Due to the recent security incident, use our own copy hosted in S3
to mitigate future risk from running an arbitrary script downloaded from a
remote and untrtusted server.
(cherry picked from commit aa12af1d34)

Co-authored-by: Sam Doran <sdoran@redhat.com>
---
 .azure-pipelines/scripts/publish-codecov.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.azure-pipelines/scripts/publish-codecov.sh b/.azure-pipelines/scripts/publish-codecov.sh
index 7aeabda0c02..6d184f0b8da 100755
--- a/.azure-pipelines/scripts/publish-codecov.sh
+++ b/.azure-pipelines/scripts/publish-codecov.sh
@@ -7,7 +7,7 @@ set -o pipefail -eu
 
 output_path="$1"
 
-curl --silent --show-error https://codecov.io/bash > codecov.sh
+curl --silent --show-error https://ansible-ci-files.s3.us-east-1.amazonaws.com/codecov/codecov.sh > codecov.sh
 
 for file in "${output_path}"/reports/coverage*.xml; do
     name="${file}"