t/08taint.t blowing up in Docker container

[mohawk2]

Error: Insecure directory in $ENV{PATH} while running with -T switch at /opt/hostedtoolcache/perl/5.10.1/x64/lib/site_perl/5.10.1/Inline.pm line 849.
Error: BEGIN failed--compilation aborted at /home/runner/.cpanm/work/1614786335.4278/Inline-C-0.81/t/08taint_1.p line 12.
Compilation failed in require at t/08taint.t line 41 (#1)
    (F) You can't use system(), exec(), or a piped open in a setuid or
    setgid script if $ENV{PATH} contains a directory that is writable by
    the world.  Also, the PATH must not contain any relative directory.
    See perlsec.

Uncaught exception from user code:
Error:  Insecure directory in $ENV{PATH} while running with -T switch at /opt/hostedtoolcache/perl/5.10.1/x64/lib/site_perl/5.10.1/Inline.pm line 849.
Error: BEGIN failed--compilation aborted at /home/runner/.cpanm/work/1614786335.4278/Inline-C-0.81/t/08taint_1.p line 12.
Error: Compilation failed in require at t/08taint.t line 41.
 at t/08taint.t line 41.
    main::require_taint_1() called at t/08taint.t line 36
    Test::Warn::warnings_like(CODE(0x55f03379d298), ARRAY(0x55f033ad7770), "warn_test 1") called at t/08taint.t line 36
# Looks like your test exited with 2 just after 1.

Could this test be made author-only? See https://github.com/mohawk2/Photonic/runs/2023449187

[eserte]

This seems to be a general problem of linux docker containers:

~~$ docker run -it ubuntu:20.04 bash $ perl -T -e 'system "true"' Insecure $ENV{PATH} while running with -T switch at -e line 1.~~

A quick glance at the default PATH does not show any obvious problems.

Anyway, the problem needs to be researched, and seems to be a common problem of perl scripts using -T, but the suggestion here (make it an author-only test) looks wrong to me.

Sorry, this was a wrong analysis...

[eserte]

Basically the test suite runs fine in a stock docker container. I just tried successfully to build+run:

FROM ubuntu:20.04
RUN apt update
RUN apt install -y perl-modules make gcc
RUN cpan Inline::C
CMD perl -e 'use Inline C => q{void test(){printf("Hello, world\n");}}; test();'

The system perl here is 5.30.0 which is significantly newer than your 5.10.1. However, http://matrix.cpantesters.org/?dist=Inline-C%200.81;perl=5.10.1;reports=1 shows only pass reports for 5.10.1, so there don't seem to be problems with this perl version.

It is possible that the problems happen only with the specific perl 5.10.1 installed during the github action, or with the docker setup on github, or some combination of these. But I don't think that the proposed solution here (make it an author test) is a valid one. If there are problems, then it's likely that these problems happen also with other CPAN module test suites.

[eserte]

I just tried the above within github actions using this definition: https://github.com/eserte/sandbox/blob/39f0d8b81baca6ed2f5112a11b979afcad2e0c73/.github/workflows/test.yml#L102-L120 This also worked OK, see https://github.com/eserte/sandbox/runs/2213771055?check_suite_focus=true