Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 13 additions & 13 deletions .github/actions/stage2-setup/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ inputs:
description: 'The earthly version to use'
required: false
default: 'latest'
BUILT_EARTHLY_PATH:
BUILT_EARTHBUILD_PATH:

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Based on this comment, I would prefer EARTH instead of EARHBUILD.

Suggested change
BUILT_EARTHBUILD_PATH:
BUILT_EARTH_PATH:

description: "Path to the built earthly binary"
required: true
BINARY:
Expand Down Expand Up @@ -75,11 +75,11 @@ runs:
if: steps.fork-check.outputs.is_fork == 'true'
shell: bash
run: |
test -n "${{inputs.BUILT_EARTHLY_PATH}}" || (echo "BUILT_EARTHLY_PATH is empty" && exit 1)
mkdir -p $(dirname "${{inputs.BUILT_EARTHLY_PATH}}")
cp ./fork-artifacts/earthly "${{inputs.BUILT_EARTHLY_PATH}}"
chmod +x "${{inputs.BUILT_EARTHLY_PATH}}"
echo "Earthly binary installed from artifact to ${{inputs.BUILT_EARTHLY_PATH}}"
test -n "${{inputs.BUILT_EARTHBUILD_PATH}}" || (echo "BUILT_EARTHBUILD_PATH is empty" && exit 1)
mkdir -p $(dirname "${{inputs.BUILT_EARTHBUILD_PATH}}")

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The command substitution $(dirname ...) is unquoted. If the path in BUILT_EARTHBUILD_PATH contains spaces or special characters, this will result in word splitting and cause the mkdir command to fail. Wrap the command substitution in double quotes to ensure robustness.

        mkdir -p "$(dirname "${{inputs.BUILT_EARTHBUILD_PATH}}")"

cp ./fork-artifacts/earthly "${{inputs.BUILT_EARTHBUILD_PATH}}"
chmod +x "${{inputs.BUILT_EARTHBUILD_PATH}}"
echo "Earthly binary installed from artifact to ${{inputs.BUILT_EARTHBUILD_PATH}}"

# Read the tag suffix and set EARTHLY_BUILDKIT_IMAGE env var for subsequent steps
TAG_SUFFIX=$(cat ./fork-artifacts/tag-suffix.txt)
Expand Down Expand Up @@ -172,26 +172,26 @@ runs:
if [ "${{inputs.USE_NEXT}}" = "true" ]; then export TAG="$TAG-ticktock"; fi
${{inputs.SUDO}} ./earthly upgrade
${{inputs.SUDO}} chown -R $USER ~/.earthly # restore non-sudo user ownership
test -n "${{inputs.BUILT_EARTHLY_PATH}}" || (echo "BUILT_EARTHLY_PATH is empty" && exit 1)
mkdir -p $(dirname "${{inputs.BUILT_EARTHLY_PATH}}")
test -n "${{inputs.BUILT_EARTHBUILD_PATH}}" || (echo "BUILT_EARTHBUILD_PATH is empty" && exit 1)
mkdir -p $(dirname "${{inputs.BUILT_EARTHBUILD_PATH}}")

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The command substitution $(dirname ...) is unquoted. Wrap it in double quotes to prevent word splitting if the path contains spaces.

        mkdir -p "$(dirname "${{inputs.BUILT_EARTHBUILD_PATH}}")"

${{inputs.SUDO}} ls "${HOME}/.earthly/"
${{inputs.SUDO}} mv "${HOME}/.earthly/earthly-$TAG" "${{inputs.BUILT_EARTHLY_PATH}}"
echo "extracted ${{inputs.BUILT_EARTHLY_PATH}}"
${{inputs.SUDO}} mv "${HOME}/.earthly/earthly-$TAG" "${{inputs.BUILT_EARTHBUILD_PATH}}"
echo "extracted ${{inputs.BUILT_EARTHBUILD_PATH}}"
shell: bash
- run: |-
echo "Configuring earthbuild to use GCR mirror"
${{inputs.BUILT_EARTHLY_PATH}} config global.buildkit_additional_config "'[registry.\"docker.io\"]
${{inputs.BUILT_EARTHBUILD_PATH}} config global.buildkit_additional_config "'[registry.\"docker.io\"]

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The binary path ${{inputs.BUILT_EARTHBUILD_PATH}} is unquoted. Wrap it in double quotes to prevent shell parsing errors if the path contains spaces.

        "${{inputs.BUILT_EARTHBUILD_PATH}}" config global.buildkit_additional_config "'[registry.\"docker.io\"]

mirrors = [\"mirror.gcr.io\", \"public.ecr.aws\"]'"
shell: bash
- if: ${{ inputs.USE_NEXT == 'true' }}
run: |-
export expected_buildkit_client_sha="$(cat earthly-next | head -c 12)"
test -n "$expected_buildkit_client_sha" || ( echo "expected_buildkit_client_sha is empty" && exit 1)
(strings ${{inputs.BUILT_EARTHLY_PATH}} | grep "$expected_buildkit_client_sha" ) || ( echo "expected to find $expected_buildkit_client_sha in earthly binary" && exit 1)
(strings ${{inputs.BUILT_EARTHBUILD_PATH}} | grep "$expected_buildkit_client_sha" ) || ( echo "expected to find $expected_buildkit_client_sha in earthly binary" && exit 1)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The binary path ${{inputs.BUILT_EARTHBUILD_PATH}} is unquoted inside the strings command. Wrap it in double quotes to prevent word splitting.

        (strings "${{inputs.BUILT_EARTHBUILD_PATH}}" | grep "$expected_buildkit_client_sha" ) || ( echo "expected to find $expected_buildkit_client_sha in earthly binary" && exit 1)

echo "correctly found $expected_buildkit_client_sha in earthly binary; this confirms earthly-next was used"
shell: bash
- if: ${{ inputs.BINARY == 'podman' }}
run: ${{inputs.SUDO}} ${{inputs.BUILT_EARTHLY_PATH}} bootstrap
run: ${{inputs.SUDO}} ${{inputs.BUILT_EARTHBUILD_PATH}} bootstrap

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The binary path ${{inputs.BUILT_EARTHBUILD_PATH}} is unquoted. Wrap it in double quotes to prevent word splitting.

      run: ${{inputs.SUDO}} "${{inputs.BUILT_EARTHBUILD_PATH}}" bootstrap

shell: bash
- run: echo "stage2-setup action complete"
shell: bash
2 changes: 1 addition & 1 deletion .github/workflows/build-earthly.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: Earthly Build
on:
workflow_call:
inputs:
BUILT_EARTHLY_PATH:
BUILT_EARTHBUILD_PATH:
required: true
type: string
BINARY:
Expand Down
Loading
Loading