Issue with Foundry Installation in crytic/slither-action@v0.3.0: Gzip and Tar Extraction Failure

[danielj86]

Hello,

I've encountered an issue with the crytic/slither-action@v0.3.0 GitHub Action, specifically in the automatic installation of Foundry. The problem arises in the entrypoint.sh script during the extraction of forge and cast from the downloaded tarball.

Error Details:

When the script attempts to download and extract the Foundry binaries (both forge and cast), it fails, showing the following error messages:

gzip: stdin: not in gzip format tar: Child returned status 1 tar: Error is not recoverable: exiting now

This suggests that the expected gzip-compressed tar file is not being retrieved correctly. The relevant part of the log is as follows:

[-] Foundry target detected, installing foundry nightly foundryup: installing foundry (version nightly, tag nightly-b78289a0bc9df6e35624c632396e16f27d4ccb3f) foundryup: downloading latest forge and cast ######################################################################## 100.0% gzip: stdin: not in gzip format ...

[jamesondh]

I am also encountering this issue since 2 days ago; before it was passing.

[elopez]

Hi! Thanks for the report. This is an error from foundryup, the upstream foundry installation tool. It will also fail if you try to install Foundry locally on a Linux system.

It seems Foundry is having some issues with their build process at the moment:

• https://github.com/foundry-rs/foundry/issues/6964
• https://github.com/foundry-rs/foundry/issues/6946

[pcaversaccio]

Having the same issue: https://github.com/pcaversaccio/createx/actions/runs/7708432101/job/21019015713#step:19:256

Interestingly, the foundry tests previously in the pipeline pass...

[mds1]

A potential cause is that slither-action is using a very old version of foundryup: https://github.com/crytic/slither-action/blob/5c7580c54648c48c709498dc7acb7133a89db179/entrypoint.sh#L156C83-L156C123

The pinned commit is ~10 months old, even though foundryup was most recently updated last month. Other foundry jobs in pipelines typically install foundry with curl -L https://foundry.paradigm.xyz | bash which always uses the latest foundryup, and those are still installing properly and passing (but I understand why you might not want that in slither action).

I'm not sure what may have changed that caused this version to start failing, but it's worth bumping it and seeing if that resolves the issue

[montyly]

thanks @mds1 that's a good point

Looking at the error message, it might also be https://github.com/foundry-rs/foundry/issues/3942 (which would explain why the tests are passing in @pcaversaccio CI).

@elopez : maybe we can update the commit used for foundryup, and if installing foundry fails, we do a sleep for 1-2 second, and try again?

[elopez]

I'll open a PR shortly to bump the version, it's probably a good idea to keep it updated in any case 👍

[elopez]

@mds1 @pcaversaccio @danielj86 @jamesondh I merged a bumped version of foundryup to dev, you can try it by changing your workflows to say uses: crytic/slither-action@dev

Let me know if that helped, and I'll create a new release if that's the case.

[jamesondh]

@mds1 @pcaversaccio @danielj86 @jamesondh I merged a bumped version of foundryup to dev, you can try it by changing your workflows to say uses: crytic/slither-action@dev

Let me know if that helped, and I'll create a new release if that's the case.

That's passing now, thanks! 🙏

[danielj86]

Looking good on my end thanks @elopez

[pcaversaccio]

@mds1 @pcaversaccio @danielj86 @jamesondh I merged a bumped version of foundryup to dev, you can try it by changing your workflows to say uses: crytic/slither-action@dev

Let me know if that helped, and I'll create a new release if that's the case.

Testing right now here (wait some mins to pass): https://github.com/pcaversaccio/createx/actions/runs/7730097607/job/21074739561

[pcaversaccio]

@mds1 @pcaversaccio @danielj86 @jamesondh I merged a bumped version of foundryup to dev, you can try it by changing your workflows to say uses: crytic/slither-action@dev Let me know if that helped, and I'll create a new release if that's the case.

Testing right now here (wait some mins to pass): https://github.com/pcaversaccio/createx/actions/runs/7730097607/job/21074739561

Alright, it passed!

[mds1]

Glad to hear that fixed it, thanks for the swift fix @elopez @montyly!

[elopez]

Awesome, I've released v0.3.1 now which has the new foundryup version so I'll close this issue, but I'll open a new one to track @montyly's suggestion of some extra retry logic.