112 fix insecure BUNDLE_RUBYGEMS__PKG__GITHUB__COM

[CAMOBAP]

• 112

[CAMOBAP]

Also, how do I run this locally? The Gemfile would require my local credentials, how do I set it up / or do we have to update a Makefile?

It is possible to run it locally docker will get credentials from ~/.bundle/config it can be updated with bundle config ... command like this https://github.com/metanorma/metanorma-build-scripts/blob/master/gh-rubygems-setup-action/action.yml#L34

Actually, I have missed that we removed nist from required processors 2 month ago https://github.com/metanorma/metanorma-cli/commit/390037715f5b8d8d473b7b427c603201034fca43

But this PR still can be used for future when we will create a separate image for nist or other private processor

@ronaldtse I think we should remove source "https://rubygems.pkg.github.com/metanorma" line from Gemfile.in, right?

[ronaldtse]

@ronaldtse I think we should remove source "https://rubygems.pkg.github.com/metanorma" line from Gemfile.in, right?

• Public version of metanorma-docker, remove private source
• We also need to build private metanorma containers because the private flavors users need to either build their own or retrieve them from us. We must provide instructions on how to build them.

[CAMOBAP]

Public version of metanorma-docker, remove private source

Done

We also need to build private metanorma containers because the private flavors users need to either build their own or retrieve them from us. We must provide instructions on how to build them.

I think it will be easier build those images on our side, otherwise we will need to provide access to GitHub RubyGem Pacjage server

AFAIR we have a ticket for this. I propose to create separate directories (as we have right now mn, metanorma, metanorma-ubuntu and mn-ubuntu) with special Gemfile which will have our private Gem repo

[ronaldtse]

Then please feel free to merge when ready, thanks!