reviewdog / action-brakeman

Run brakeman with reviewdog 🐶
MIT License
39 stars 25 forks source link

gemfile: unknown operand #22

Closed davinerd closed 2 years ago

davinerd commented 3 years ago

Hello, when configuring brakeman on Actions I get sh: gemfile: unknown operand with the following configuration:

security-lint:
    name: Security lints
    needs: code-lint
    runs-on: ubuntu-latest
    steps:
      - uses: reviewdog/action-brakeman@v1
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          reporter: github-pr-review

What's interesting is that it says the gem has been installed and the scan resulted in 0 findings. However, running brakeman locally does actually show some findings.

Run reviewdog/action-brakeman@v1
  with:
    github_token: ***
    reporter: github-pr-review
    tool_name: brakeman
    level: error
    filter_mode: added
    fail_on_error: false
  env:
    RUBY_VERSION: 2.7.3
    NODE_VERSION: 12.9.1
/usr/bin/docker run --name REDACTED --label REDACTED --workdir /github/workspace --rm -e RUBY_VERSION -e 
NODE_VERSION -e INPUT_GITHUB_TOKEN -e INPUT_REPORTER -e INPUT_BRAKEMAN_VERSION -e
 INPUT_BRAKEMAN_FLAGS -e INPUT_TOOL_NAME -e INPUT_LEVEL -e INPUT_FILTER_MODE -e 
INPUT_FAIL_ON_ERROR -e INPUT_REVIEWDOG_FLAGS -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e 
GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e 
GITHUB_RETENTION_DAYS -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF 
-e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e 
GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e 
GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP 
-e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e 
GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp
/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner
/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/redacted":"/github/workspace" 
REDACTED  "***" "" "" "brakeman" "error" "github-pr-review" "added" "false" ""
sh: gemfile: unknown operand
Successfully installed brakeman-5.1.1
1 gem installed

I'm quite new to Github Actions so apologies if that's an obvious fix.

mgrachev commented 3 years ago

Hi @davinerd and sorry for the long answer.

Could you give a link to failed GitHub Action to figure out what is wrong? Or if the project is private, you can create a public repository with needed data to reproduce this error.

adnikiforov commented 3 years ago

@mgrachev this line might have a problem https://github.com/reviewdog/action-brakeman/blob/master/entrypoint.sh#L13 I think we need to quote $INPUT_BRAKEMAN_VERSION here.

But, since this issue is new, there might be something different behind that.

mgrachev commented 3 years ago

@adnikiforov Could you quote $INPUT_BRAKEMAN_VERSION and test it?

davinerd commented 2 years ago

Just for reference, I fixed it by adding brakeman_version: 5.1.1 explicitly to the with: section.