From de62043a7445efeae9e0159e1225480be7954cfa Mon Sep 17 00:00:00 2001 From: sterni Date: Fri, 4 Feb 2022 17:28:09 +0100 Subject: refactor(rust-crates-advisory): move report generation into script This script is somewhat usable by humans (it even has a help screen!) and can be reused in //users/sterni/nixpkgs-crate-holes. We are using bash since that allows us to exit with the actual exit code of cargo-audit - something that's not possible in execline. Change-Id: I3331ae8222a20e23b8e30dc920ab48af78f0247c Reviewed-on: https://cl.tvl.fyi/c/depot/+/5228 Tested-by: BuildkiteCI Reviewed-by: Profpatsch --- users/sterni/nixpkgs-crate-holes/default.nix | 43 ++++++++++------------------ 1 file changed, 15 insertions(+), 28 deletions(-) (limited to 'users') diff --git a/users/sterni/nixpkgs-crate-holes/default.nix b/users/sterni/nixpkgs-crate-holes/default.nix index 4dff82d6aa..c24200ff10 100644 --- a/users/sterni/nixpkgs-crate-holes/default.nix +++ b/users/sterni/nixpkgs-crate-holes/default.nix @@ -126,37 +126,24 @@ let then pkgs.emptyFile else depot.nix.runExecline "${strAttr}-vulnerability-report" { } [ - "pipeline" + "foreground" [ - bins.cargo-audit - "audit" - "--json" - "-n" - "--db" - rustsec-advisory-db - "-f" + "importas" + "out" + "out" + "redirfd" + "-w" + "1" + "$out" + depot.tools.rust-crates-advisory.lock-file-report + strAttr lock + "true" + strMaintainers ] - "importas" - "out" - "out" - "redirfd" - "-w" - "1" - "$out" - bins.jq - "-rj" - "-f" - ../../../tools/rust-crates-advisory/format-audit-result.jq - "--arg" - "attr" - strAttr - "--arg" - "maintainers" - strMaintainers - "--argjson" - "checklist" - "true" + # ignore exit status of report + "exit" + "0" ]; # GHMF in issues splits paragraphs on newlines -- cgit 1.4.1