Check that output file exists before opening #33
Conversation
action.py
Outdated
| with open("/tmp/pip-audit-output.txt", "r") as io: | ||
| output = io.read() | ||
| p = Path("/tmp/pip-audit-output.txt") | ||
| if p.exists(): | ||
| with p.open() as io: | ||
| output = io.read() | ||
|
|
||
| # This is really nasty: our output contains multiple lines, | ||
| # so we can't naively stuff it into an output. | ||
| print(f"output={b64encode(output.encode()).decode()}", file=_GITHUB_OUTPUT) | ||
| # This is really nasty: our output contains multiple lines, | ||
| # so we can't naively stuff it into an output. | ||
| print(f"output={b64encode(output.encode()).decode()}", file=_GITHUB_OUTPUT) | ||
|
|
||
| _log(output) | ||
| _summary(output) | ||
| _log(output) | ||
| _summary(output) |
There was a problem hiding this comment.
Rather than check-and-skip, let's try-and-fail:
try:
# open
except OSError as exc:
# log an explicit error here, before the full stdout log
Signed-off-by: Andrew Pan <a@tny.town>
Signed-off-by: Andrew Pan <a@tny.town>
|
Let me know if this is what you had in mind! I'm not sure of the wording of |
|
This is how a new summary looks: https://github.com/tnytown/gh-action-pip-audit/actions/runs/4196817469/attempts/1#summary-11396846157 Also, do we want to restrict the internal interface to pass a fixed invalid flag, like |
This works for me! The only real constraint is that it needs to be valid Markdown, so this is fine.
I'm good with this approach: it's explicitly an internal option, and it's not a change in the action's security posture. |
Resolves #32.
The action crashes when pip-audit exits without writing anything to
/tmp/pip-audit-output.txt. We now check that the file exists before opening it, which should allow the action to run to completion and write the pip-auditstderrto the summary. This is a quick band-aid to fix the immediate crash, maybe in the future we will want special diagnostics in the summary for when there is no pip-audit output?