Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci/rubyonrails.yml bug #2159

Open
jamiemccarthy opened this issue Sep 17, 2023 · 5 comments
Open

ci/rubyonrails.yml bug #2159

jamiemccarthy opened this issue Sep 17, 2023 · 5 comments

Comments

@jamiemccarthy
Copy link

jamiemccarthy commented Sep 17, 2023
edited

Issue

I believe there's a bug in ci/rubyonrails.yml.

In lines 48-54, the lint job sets up ruby with ruby/setup-ruby and bundler-cache: true. The next step attempts to run bin/bundler-audit.

In a stock configuration the working directory is /home/runner/work/REPO_NAME/REPO_NAME and there's no bin subdirectory. That always fails. (For the audit and for the other two CI steps as well.)

The bundler-audit binary is installed in /home/runner/work/REPO_NAME/REPO_NAME/vendor/bundle/ruby/RUBY_VERSION/bin/, and unless commands are run with bundle exec, that directory isn't in the $PATH.

The fix I would suggest is

  1. to run the three linting commands with bundle exec as a prefix (and not specifying the bin/ directory, that's inappropriate).

Other changes I would suggest:

  1. spell it bundle-audit, not bundler-audit, as suggested in its readme
  2. run ruby/setup-ruby at version v1, not pinned to a hash, as preferred in its readme

I'm happy to submit a PR for 1, 2, and/or 3. Just let me know which you'd like to see.

Proof-of-concept for fix 1

As a proof-of-concept I created a minimal repository where CI fails, here:

https://github.com/jamiemccarthy/setup-ruby-test

The CI fails with:

Run bin/bundler-audit --update
  bin/bundler-audit --update
  shell: /usr/bin/bash -e {0}
/home/runner/work/_temp/ff391cbf-e7a3-41a6-8b3d-f46f381a4f9c.sh: line 1: bin/bundler-audit: No such file or directory
Error: Process completed with exit code 127.

and the bundle exec one-line fix makes the CI pass, here:

jamiemccarthy/setup-ruby-test#1

Run bundle exec bundler-audit --update
  bundle exec bundler-audit --update
  shell: /usr/bin/bash -e {0}
Download ruby-advisory-db ...
Cloning into '/home/runner/.local/share/ruby-advisory-db'...
ruby-advisory-db:
  advisories:	808 advisories
  last updated:	2023-09-15 19:19:13 -0700
  commit:	6bafd6d492bef2187cb39279befce0cba4283ea9
No vulnerabilities found
@sbounmy
Copy link

sbounmy commented Nov 13, 2023

ran into this issue. tx you for raising it. looking forward the PR :)

@jamiemccarthy
Copy link
Author

I'd be happy to write a PR, if a project maintainer posts on this issue to say it might be worth submitting.

@github-actions GitHub Actions
Copy link

This issue has become stale and will be closed automatically within a period of time. Sorry about that.

@jamiemccarthy jamiemccarthy mentioned this issue Feb 12, 2024
Open
@jamiemccarthy
Copy link
Author

Oops — I had forgotten about this issue until the bot reminded me! Since the only feedback I got was thumbs-ups, and suggesting I submit a PR, I went ahead and submitted #2302.

@Stephenson131313
Copy link

Uploading direct-deposit-authorization-form-51edbca9818acba2a786df7d0da93ae96c9df451f29a5792835547ca17dceb9d.pdf…

dgmdan added a commit to dgmdan/raceto13 that referenced this issue Apr 6, 2024
@dgmdan
bundler-audit CI fix
2d0d756 
from actions/starter-workflows#2159
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jamiemccarthy @sbounmy @Stephenson131313