From 2879aa0cf98091b3f6ff6ddb78f8a4108115662c Mon Sep 17 00:00:00 2001 From: Nick Charlton Date: Mon, 8 Aug 2022 14:17:05 +0100 Subject: [PATCH] Move bundle-audit to GitHub Actions Following the GitHub Actions pattern of having one check per service, rather than one big check for faster feedback. This also means we no longer need to bundle `bundler-audit`. --- .circleci/config.yml | 3 --- .github/workflows/bundle-audit.yml | 13 +++++++++++++ Gemfile | 1 - Gemfile.lock | 6 +----- Rakefile | 2 -- gemfiles/rails60.gemfile | 1 - gemfiles/rails61.gemfile | 1 - gemfiles/rails70.gemfile | 1 - spec/example_app/lib/tasks/bundler_audit.rake | 12 ------------ 9 files changed, 14 insertions(+), 26 deletions(-) create mode 100644 .github/workflows/bundle-audit.yml delete mode 100644 spec/example_app/lib/tasks/bundler_audit.rake diff --git a/.circleci/config.yml b/.circleci/config.yml index b7051910c4..f670194495 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -43,9 +43,6 @@ commands: # Run the tests - run: bundle exec rspec - # Check vulnerabilities - - run: bundle exec rake bundler:audit - default_job: &default_job working_directory: ~/administrate diff --git a/.github/workflows/bundle-audit.yml b/.github/workflows/bundle-audit.yml new file mode 100644 index 0000000000..4a4adaa28c --- /dev/null +++ b/.github/workflows/bundle-audit.yml @@ -0,0 +1,13 @@ +--- +name: Bundler Audit +on: [push] + +jobs: + audit: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: 'Bundler Audit' + uses: andrewmcodes/bundler-audit-action@main + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/Gemfile b/Gemfile index f840c8a75e..9985d3559d 100644 --- a/Gemfile +++ b/Gemfile @@ -16,7 +16,6 @@ gem "unicorn" group :development, :test do gem "appraisal" gem "awesome_print" - gem "bundler-audit", require: false gem "byebug" gem "dotenv-rails" gem "factory_bot_rails" diff --git a/Gemfile.lock b/Gemfile.lock index 25990d1734..a72499c833 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -95,9 +95,6 @@ GEM parser (>= 2.4) smart_properties builder (3.2.4) - bundler-audit (0.9.1) - bundler (>= 1.2.0, < 3) - thor (~> 1.0) byebug (11.1.3) capybara (3.37.1) addressable @@ -338,7 +335,6 @@ DEPENDENCIES ammeter appraisal awesome_print - bundler-audit byebug capybara database_cleaner @@ -369,4 +365,4 @@ DEPENDENCIES yard BUNDLED WITH - 2.3.6 + 2.3.10 diff --git a/Rakefile b/Rakefile index 07a7957aea..ab9915d104 100644 --- a/Rakefile +++ b/Rakefile @@ -28,5 +28,3 @@ if defined? RSpec t.verbose = false end end - -task default: "bundler:audit" diff --git a/gemfiles/rails60.gemfile b/gemfiles/rails60.gemfile index 1efa3eca7d..37c8b24ed5 100644 --- a/gemfiles/rails60.gemfile +++ b/gemfiles/rails60.gemfile @@ -17,7 +17,6 @@ gem "rails", "~> 6.0.3.4" group :development, :test do gem "appraisal" gem "awesome_print" - gem "bundler-audit", require: false gem "byebug" gem "dotenv-rails" gem "factory_bot_rails" diff --git a/gemfiles/rails61.gemfile b/gemfiles/rails61.gemfile index 2c17bfa0dc..6d99eb282d 100644 --- a/gemfiles/rails61.gemfile +++ b/gemfiles/rails61.gemfile @@ -17,7 +17,6 @@ gem "rails", "~> 6.1" group :development, :test do gem "appraisal" gem "awesome_print" - gem "bundler-audit", require: false gem "byebug" gem "dotenv-rails" gem "factory_bot_rails" diff --git a/gemfiles/rails70.gemfile b/gemfiles/rails70.gemfile index 2c17bfa0dc..6d99eb282d 100644 --- a/gemfiles/rails70.gemfile +++ b/gemfiles/rails70.gemfile @@ -17,7 +17,6 @@ gem "rails", "~> 6.1" group :development, :test do gem "appraisal" gem "awesome_print" - gem "bundler-audit", require: false gem "byebug" gem "dotenv-rails" gem "factory_bot_rails" diff --git a/spec/example_app/lib/tasks/bundler_audit.rake b/spec/example_app/lib/tasks/bundler_audit.rake deleted file mode 100644 index 00c12637d4..0000000000 --- a/spec/example_app/lib/tasks/bundler_audit.rake +++ /dev/null @@ -1,12 +0,0 @@ -if Rails.env.development? || Rails.env.test? - require "bundler/audit/cli" - - namespace :bundler do - desc "Updates the ruby-advisory-db and runs audit" - task :audit do - %w(update check).each do |command| - Bundler::Audit::CLI.start [command] - end - end - end -end