Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

brew audit failure with latest action #535

Closed
zosocanuck opened this issue May 10, 2024 · 2 comments
Closed

brew audit failure with latest action #535

zosocanuck opened this issue May 10, 2024 · 2 comments

Comments

@zosocanuck
Copy link

Hi,

I'm using the latest action as follows

steps:
      - name: Set up Homebrew
        id: set-up-homebrew
        uses: Homebrew/actions/setup-homebrew@master

However getting this error when running the audit with the latest version of brew (4.2.21):

2024-05-10T15:23:20.2032760Z shell: /bin/bash -e {0}
2024-05-10T15:23:20.2032970Z env:
2024-05-10T15:23:20.2033130Z   HOMEBREW_NO_INSTALL_FROM_API: 
2024-05-10T15:23:20.2033370Z ##[endgroup]
2024-05-10T15:23:20.7330260Z �[36m==>�[0m �[1mUsing Homebrew/homebrew-test-bot 0e9092b (Merge pull request #1058 from Homebrew/dependabot/bundler/sorbet-runtime-0.5.11371)�[0m
2024-05-10T15:23:20.7714670Z �[36m==>�[0m �[1mUsing Homebrew/brew 4.2.21-88-gf590dadbf2 (Merge pull request #17270 from Homebrew/fix_opoo_onoe_sigs)�[0m
2024-05-10T15:23:20.7797730Z �[36m==>�[0m �[1mUsing Homebrew/homebrew-core 9038b2b1e91 (Merge pull request #169764 from Homebrew/bump-renovate-37.318.0)�[0m
2024-05-10T15:23:20.7882790Z �[36m==>�[0m �[1mTesting Venafi/homebrew-tap 3130fac (Merge 45651a7cbfa1f78ac870761016b6805ea94d2f13 into d7e82a0ee0660f7e12ce2001d34bc6bcac5ac5fc):�[0m
2024-05-10T15:23:20.7888510Z 
2024-05-10T15:23:20.7888810Z �[35m==>�[0m �[1mRunning TapSyntax#run!�[0m
2024-05-10T15:23:20.7889480Z �[34m==>�[0m �[1mbrew style venafi/tap�[0m
2024-05-10T15:23:23.4138990Z �[34m==>�[0m �[1mbrew readall --aliases --os=all --arch=all venafi/tap�[0m
2024-05-10T15:23:23.7967500Z �[34m==>�[0m �[1mbrew audit --except=installed --tap=venafi/tap�[0m
2024-05-10T15:23:25.0788220Z �[31m==>�[0m �[1m�[31mFAILED�[0m�[0m
2024-05-10T15:23:25.0790920Z ##[group]Full audit --except=installed --tap=venafi/tap output
2024-05-10T15:23:25.0791290Z venafi/tap/sigscan
2024-05-10T15:23:25.0791530Z   * Stable: Checksum is missing
2024-05-10T15:23:25.0791900Z   * Stable: version 0.3.0 is redundant with version scanned from URL
2024-05-10T15:23:25.0792260Z venafi/tap/vsign
2024-05-10T15:23:25.0792480Z   * Stable: Checksum is missing
2024-05-10T15:23:25.0792830Z   * Stable: version 1.0.2 is redundant with version scanned from URL
2024-05-10T15:23:25.0809330Z ##[error]4 problems in 2 formulae detected.
2024-05-10T15:23:25.0814130Z �[31mError:�[0m 4 problems in 2 formulae detected.
2024-05-10T15:23:25.0817940Z ##[error]Stable: Checksum is missing
2024-05-10T15:23:25.0819280Z ##[error]Stable: version 0.3.0 is redundant with version scanned from URL
2024-05-10T15:23:25.0820350Z ##[error]Stable: Checksum is missing
2024-05-10T15:23:25.0821510Z ##[error]Stable: version 1.0.2 is redundant with version scanned from URL
2024-05-10T15:23:25.0822360Z ##[endgroup]
2024-05-10T15:23:25.0822550Z Error: 1 failed step!
2024-05-10T15:23:25.0822840Z brew audit --except=installed --tap=venafi/tap
2024-05-10T15:23:25.0829240Z ##[error]Process completed with exit code 1.

We did this previously with an older version of brew (4.2.18) with no issues:

2024-04-15T14:30:25.3178360Z shell: /bin/bash -e {0}
2024-04-15T14:30:25.3178780Z env:
2024-04-15T14:30:25.3179270Z   HOMEBREW_NO_INSTALL_FROM_API: 
2024-04-15T14:30:25.3179770Z ##[endgroup]
2024-04-15T14:30:26.5478840Z �[36m==>�[0m �[1mUsing Homebrew/homebrew-test-bot 07bf6a4 (Merge pull request #1037 from Moisan/pin_setup-ruby)�[0m
2024-04-15T14:30:26.6179400Z �[36m==>�[0m �[1mUsing Homebrew/brew 4.2.18-15-g40d2f5c23a (Merge pull request #17087 from cho-m/keg-python2.7-refs-deprecate)�[0m
2024-04-15T14:30:26.6365860Z �[36m==>�[0m �[1mUsing Homebrew/homebrew-core de45c571dd4 (Merge pull request #168204 from Homebrew/otf2-six)�[0m
2024-04-15T14:30:26.6543340Z �[36m==>�[0m �[1mTesting Venafi/homebrew-tap d8664a5 (Merge c0e46aae36bb3baef53652b51b8a746050309399 into a14fdede510ceee91b05246cc524398022e09c0b):�[0m
2024-04-15T14:30:26.6610380Z 
2024-04-15T14:30:26.6612010Z �[35m==>�[0m �[1mRunning TapSyntax#run!�[0m
2024-04-15T14:30:26.6615730Z �[34m==>�[0m �[1mbrew style venafi/tap�[0m
2024-04-15T14:30:32.8225270Z �[34m==>�[0m �[1mbrew readall --aliases --os=all --arch=all venafi/tap�[0m
2024-04-15T14:30:33.6332930Z �[34m==>�[0m �[1mbrew audit --except=installed --tap=venafi/tap�[0m
2024-04-15T14:30:36.9477570Z All steps passed!

Any ideas?
@woodruffw
Copy link
Member

From a quick look, it seems like the audits just became stricter, and the formulae in your tap are now failing them.

For example, your sigscan formula doesn't appear to list a top-level source checksum:

  desc "Inspect container images and other artifacts for signatures"
  homepage "https://github.com/venafi/sigscan"
  url "https://github.com/venafi/sigscan/archive/refs/tags/v0.3.0.tar.gz"
  version "0.3.0"
  license "Apache-2.0"
  head "https://github.com/venafi/sigscan.git", tag: "v0.3.0"

(and the other audit complaint is that the version is redundant with the version in the url, so you can just remove that line.)

I think your options here are either to ignore these audit failures or fix them.

@Bo98
Copy link
Member

Bo98 commented May 10, 2024

Not entirely sure why the behaviour changed as it shouldn't have. But in any case, the buggy behaviour is the old version of Homebrew rather than the new one.

@Bo98 Bo98 closed this as not planned Won't fix, can't repro, duplicate, stale May 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zosocanuck @Bo98 @woodruffw