Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Delete unused Rakefile #198

Merged
merged 1 commit into from
May 29, 2024
Merged

Delete unused Rakefile #198

merged 1 commit into from
May 29, 2024

Conversation

ChrisBAshton
Copy link
Contributor

The build script has been replaced by

govuk-browser-extension/build.sh

Line 1 in 9a5ae77

#!/usr/bin/env bash

And the jasmine test script has been replaced by NPM:

govuk-browser-extension/.github/workflows/ci.yml

Lines 36 to 37 in 7913847

- name: Run Jasmine
run: npm test

The presence of the Rakefile is causing issues for our CodeQL integration in #196, which is detecting Ruby but then failing to run the scan. It is hoped that removing the Rakefile will resolve this.

@ChrisBAshton
Delete unused Rakefile
a866fc9 
The build script has been replaced by
https://github.com/alphagov/govuk-browser-extension/blob/9a5ae779e126b09fd303147d91c616c0fa527462/build.sh#L1

And the jasmine test script has been replaced by NPM:
https://github.com/alphagov/govuk-browser-extension/blob/7913847c4aa8b366826ada973264798cdb113ed2/.github/workflows/ci.yml#L36-L37

The presence of the Rakefile is causing issues for our CodeQL
integration in #196, which is detecting Ruby but then failing to
run the scan. It is hoped that removing the Rakefile will resolve
this.
@ChrisBAshton ChrisBAshton merged commit 4b77157 into main May 29, 2024
3 checks passed
@ChrisBAshton ChrisBAshton deleted the remove-unused-rakefile branch May 29, 2024 14:17
ChrisBAshton added a commit that referenced this pull request May 29, 2024
@ChrisBAshton
Add missing SCA / SAST scans to CI
c7667e9 
This will resolve the alert at https://gds.slack.com/archives/C02L13S214K/p1714381348726429.

NB, this took a bit of effort! We were [seeing](https://github.com/alphagov/govuk-browser-extension/actions/runs/9283183060/job/25542847886?pr=196) an error with the default code analysis:

```
Extracting javascript
Extracting ruby
Finalizing javascript
Finalizing ruby
  /opt/hostedtoolcache/CodeQL/2.17.1/x64/codeql/codeql database finalize --finalize-dataset --threads=4 --ram=14567 /home/runner/work/_temp/codeql_databases/ruby
  CodeQL detected code written in JavaScript/TypeScript, but not any written in Ruby. Confirm that there is some source code for Ruby in the project. For more information, review our troubleshooting guide at https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build .
  Error: Encountered a fatal error while running "/opt/hostedtoolcache/CodeQL/2.17.1/x64/codeql/codeql database finalize --finalize-dataset --threads=4 --ram=14567 /home/runner/work/_temp/codeql_databases/ruby". Exit code was 32 and last log line was: CodeQL detected code written in JavaScript/TypeScript, but not any written in Ruby. Confirm that there is some source code for Ruby in the project. For more information, review our troubleshooting guide at https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build . See the logs for more details.
```

We explored configuring the [reusable workflow](https://github.com/alphagov/govuk-infrastructure/blob/main/.github/workflows/codeql-analysis.yml) to take a `languages` input, but there [doesn't seem to be a way of defaulting to 'undefined'](actions/runner#924) if the parameter isn't passed, meaning we'd have to set a default of, say, 'ruby'. This would break the workflow for repos that may already be working with both Ruby and JS, where they'd be forced to pass the `languages` parameter now.

We also explored setting up CodeQL directly within the GitHub UI and explicitly opting out of Ruby to have JS only, but the reusable workflow still does a language detection and runs both JS and Ruby scans (the "JS only" scan appears as a separate job called "CodeQL / Analyze (javascript-typescript) (dynamic)"):

![Screenshot 2024-05-29 at 09 50 26](https://github.com/alphagov/govuk-browser-extension/assets/5111927/114bb17b-ac2e-4f42-8560-a0df69a49178)

Eventually, on closer inspection, we found that only ruby in this
project was a disused Rakefile, so we removed it in #198. Now the
CodeQL scan passes.
@ChrisBAshton ChrisBAshton mentioned this pull request May 29, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@minhngocd minhngocd minhngocd approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ChrisBAshton @minhngocd