Fix: Fix for GHSL-2024-277

[sagar-qa007]

Description

Fix : https://github.com/appsmithorg/appsmith/security/advisories/GHSA-5f24-4j99-h3gc#event-330907

Use bash syntax to access the environment variable: $EVENT_COMMITS

Fixes #36835

Automation

/ok-to-test tags=""

🔍 Cypress test results

Warning

Tests have not run on the HEAD 18af836 yet

---

Mon, 14 Oct 2024 04:55:10 UTC

Communication

Should the DevRel and Marketing teams inform users about this change?

• Yes
• No

Summary by CodeRabbit

• New Features

  • Introduced a run_count input parameter for specifying the number of test repetitions.
  • Added input parameters for manual triggering in the CI workflow.
  • New environment variable COMMIT_INFO_AUTHOR captures the author name for better context in commit messages.

• Improvements

  • Enhanced logic for handling commit messages and test run conditions.
  • Improved caching mechanism for better tracking of test outcomes across runs.

[coderabbitai]

Walkthrough

The pull request introduces modifications to two GitHub Actions workflow files: .github/workflows/ci-test-limited-with-count.yml and .github/workflows/ci-test-limited.yml. Key updates include the addition of input parameters for manual triggers and workflow calls, specifically run_count, pr, and previous-workflow-run-id. The handling of commit messages has been refined, including the introduction of a new environment variable COMMIT_INFO_AUTHOR. Logic for determining test run status and managing artifacts has also been enhanced to improve clarity and functionality.

Changes

File Path	Change Summary
.github/workflows/ci-test-limited-with-count.yml	Added run_count input parameter for workflow_dispatch and workflow_call; updated commit message logic.
.github/workflows/ci-test-limited.yml	Added pr and previous-workflow-run-id input parameters; introduced COMMIT_INFO_AUTHOR variable; refined job conditions and commit message handling.

Assessment against linked issues

Objective	Addressed	Explanation
Fix security advisory issue GHSA-5f24-4j99-h3gc (#36835)	❌	The PR does not address security vulnerabilities directly.

Possibly related PRs

• chore: Updated error handling #36288: Enhancements to CI test result handling in .github/workflows/ci-test-limited-with-count.yml are related to updates in .github/workflows/ci-test-limited-with-count.yml.
• chore: Supress the failure in case DB url is not found in CI #36796: Modifications in .github/workflows/ci-test-limited.yml include new input parameters and improved error handling, connecting to overall CI workflow enhancements.

Suggested labels

skip-changelog

Suggested reviewers

• sharat87
• ApekshaBhosale

In workflows where tests do run,
New parameters shine like the sun.
Commit messages clearer, oh what a delight,
CI flows smoother, everything feels right!
With each change, we strive and grow,
In the land of code, our efforts will show! 🌟

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 2

🧹 Outside diff range and nitpick comments (2)

.github/workflows/ci-test-limited-with-count.yml (2)

Line range hint 370-387: Excellent work on improving our test execution process!

Class, let's give a round of applause for the improvements in our test execution! The use of cypress-repeat-pro allows us to run our tests multiple times, which is fantastic for catching those tricky, intermittent issues.

I particularly like the addition of the ci_test_status.txt file. It's like our own report card for the tests!

However, we have a small formatting issue to fix. Remember, in our coding class, we always strive for neatness:

- cat cy-repeat-summary.txt  
+ cat cy-repeat-summary.txt

Let's remove that extra space at the end of line 372. It's like making sure our desks are tidy at the end of the day!

Keep up the great work, and remember, attention to detail is key in both coding and life!

🧰 Tools

🪛 actionlint

270-270: shellcheck reported issue in this script: SC2309:warning:3:7: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:4:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2309:warning:5:9: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:6:70: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:9:83: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:12:54: Double quote to prevent globbing and word splitting

(shellcheck)

🪛 yamllint

[error] 272-272: trailing spaces

(trailing-spaces)

---

272-272: Let's tidy up our code, shall we?

Class, we have a small housekeeping task. On line 272, we have an uninvited guest - a trailing space! Let's show it the door:

-          
+

Remember, keeping our code clean is like keeping our classroom tidy. It makes everything easier to read and understand. Good habits in coding start with these small details!

🧰 Tools

🪛 yamllint

[error] 272-272: trailing spaces

(trailing-spaces)

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between e03522f and 0e63a5b.

📒 Files selected for processing (2)

• .github/workflows/ci-test-limited-with-count.yml (1 hunks)
• .github/workflows/ci-test-limited.yml (1 hunks)

🧰 Additional context used

🪛 actionlint

.github/workflows/ci-test-limited-with-count.yml

270-270: shellcheck reported issue in this script: SC2309:warning:3:7: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:4:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2309:warning:5:9: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:6:70: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:9:83: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:12:54: Double quote to prevent globbing and word splitting

(shellcheck)

.github/workflows/ci-test-limited.yml

260-260: shellcheck reported issue in this script: SC2309:warning:3:7: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:4:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2309:warning:5:9: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:6:70: Double quote to prevent globbing and word splitting

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:9:83: Double quote to prevent globbing and word splitting

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:12:54: Double quote to prevent globbing and word splitting

(shellcheck)

🪛 yamllint

.github/workflows/ci-test-limited-with-count.yml

[error] 272-272: trailing spaces

(trailing-spaces)

.github/workflows/ci-test-limited.yml

[error] 262-262: trailing spaces

(trailing-spaces)

🔇 Additional comments (1)

.github/workflows/ci-test-limited-with-count.yml (1)

Line range hint 16-19: Well done on adding the new 'run_count' parameter!

Class, let's take a moment to appreciate the addition of the run_count parameter to both the workflow_dispatch and workflow_call triggers. This enhancement provides us with the flexibility to specify how many times we want to repeat our test runs. It's like giving us the power to practice our math problems as many times as we need!

Also applies to: 30-33

🧰 Tools

🪛 actionlint

270-270: shellcheck reported issue in this script: SC2309:warning:3:7: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:4:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2309:warning:5:9: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:6:70: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:9:83: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:12:54: Double quote to prevent globbing and word splitting

(shellcheck)

🪛 yamllint

[error] 272-272: trailing spaces

(trailing-spaces)

[coderabbitai]

🛠️ Refactor suggestion

⚠️ Potential issue

Class, let's examine the changes in our "Set Commit Message" step.

Now, pay attention to how we're handling our commit messages:

1. We've introduced a new environment variable COMMIT_INFO_AUTHOR. This is good practice for capturing the author's name.

2. The logic for setting the commit message has been improved. We're now handling different scenarios more effectively:

   • For repository dispatch events with a PR number
   • For workflow dispatch events with a PR number
   • For other cases, we're extracting the first line of the commit message

However, there are a few areas where we can improve:

1. In line 261, we're not quoting our variable. Remember, class, it's always good to quote your variables in bash to prevent word splitting and globbing. Let's fix that:

-COMMIT_MESSAGE="$EVENT_COMMITS"
+COMMIT_MESSAGE="${EVENT_COMMITS}"

2. In our comparisons, we're using -ne for numeric comparison. While this works, it's more appropriate to use != for string comparisons in this context. Let's update lines 263 and 265:

-if [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'repository_dispatch' ]]; then
+if [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'repository_dispatch' ]]; then

-elif [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'workflow_dispatch' ]]; then
+elif [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'workflow_dispatch' ]]; then

3. There's a trailing space on line 262. Let's remove that to keep our code tidy.

4. Lastly, we should quote our variables in the echo statements to prevent potential issues. For example, on line 264:

-echo "COMMIT_INFO_MESSAGE=$COMMIT_INFO_MESSAGE" >> $GITHUB_ENV
+echo "COMMIT_INFO_MESSAGE=${COMMIT_INFO_MESSAGE}" >> $GITHUB_ENV

Make these changes, and your code will be much more robust and follow best practices. Any questions, class?

Committable suggestion was skipped due to low confidence.

🧰 Tools

🪛 actionlint

260-260: shellcheck reported issue in this script: SC2309:warning:3:7: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:4:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2309:warning:5:9: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:6:70: Double quote to prevent globbing and word splitting

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:9:83: Double quote to prevent globbing and word splitting

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:12:54: Double quote to prevent globbing and word splitting

(shellcheck)

🪛 yamllint

[error] 262-262: trailing spaces

(trailing-spaces)

[coderabbitai]

⚠️ Potential issue

Let's improve our commit message handling, shall we?

Good job on updating the commit message handling! You've made it more comprehensive, like adding different chapters to our history book. However, we need to make a few corrections:

1. On line 273, use != instead of -ne when comparing strings. It's like using the correct comparison operator in our math class!
2. Remember to use double quotes around our variables to prevent any unexpected word splitting. It's similar to putting quotation marks around a direct quote in our English essays.

Here's how we can fix these issues:

- if [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'repository_dispatch' ]]; then
+ if [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'repository_dispatch' ]]; then
  echo "COMMIT_INFO_MESSAGE=$COMMIT_INFO_MESSAGE" >> $GITHUB_ENV
- elif [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'workflow_dispatch' ]]; then
+ elif [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'workflow_dispatch' ]]; then
  echo "COMMIT_INFO_MESSAGE=Workflow run on PR# ${{ inputs.pr }}" >> $GITHUB_ENV
else
  if [[ "$COMMIT_MESSAGE" == "null" ]]; then
-   echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by $COMMIT_INFO_AUTHOR" >> $GITHUB_ENV
+   echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by $COMMIT_INFO_AUTHOR" >> "$GITHUB_ENV"
  else
-   COMMIT_FIRST_LINE=$(echo "$COMMIT_MESSAGE" | awk -F '\\\\n' '{print $1}' | sed 's/^\"//')
+   COMMIT_FIRST_LINE=$(echo "$COMMIT_MESSAGE" | awk -F '\\\\n' '{print $1}' | sed 's/^"//')
-   echo "COMMIT_INFO_MESSAGE=$COMMIT_FIRST_LINE" >> $GITHUB_ENV
+   echo "COMMIT_INFO_MESSAGE=$COMMIT_FIRST_LINE" >> "$GITHUB_ENV"
  fi
fi

These changes will make our code more robust, just like double-checking our work in class!

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	COMMIT_INFO_AUTHOR: ${{ github.event.commits[0].author.name }}
	run: |
	if [[ ${{ inputs.pr }} -ne 0 && ${{github.event_name}} == 'repository_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=${{ env.COMMIT_INFO_MESSAGE }}" >> $GITHUB_ENV
	elif [[ ${{ inputs.pr }} -ne 0 && ${{github.event_name}} == 'workflow_dispatch' ]]; then
	COMMIT_MESSAGE="$EVENT_COMMITS"
	if [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'repository_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=$COMMIT_INFO_MESSAGE" >> $GITHUB_ENV
	elif [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'workflow_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=Workflow run on PR# ${{ inputs.pr }}" >> $GITHUB_ENV
	else
	if [[ '${{env.EVENT_COMMITS}}' == 'null' ]]; then
	echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by ${{ env.COMMIT_INFO_AUTHOR }}" >> $GITHUB_ENV
	if [[ "$COMMIT_MESSAGE" == "null" ]]; then
	echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by $COMMIT_INFO_AUTHOR" >> $GITHUB_ENV
	else
	echo "COMMIT_INFO_MESSAGE=$(echo \"${{ env.EVENT_COMMITS }}\" | awk -F '\\\\n' '{print $1}' | sed 's/^\"//')" >> $GITHUB_ENV
	COMMIT_FIRST_LINE=$(echo "$COMMIT_MESSAGE" | awk -F '\\\\n' '{print $1}' | sed 's/^\"//')
	echo "COMMIT_INFO_MESSAGE=$COMMIT_FIRST_LINE" >> $GITHUB_ENV
	COMMIT_INFO_AUTHOR: ${{ github.event.commits[0].author.name }}
	run: |
	COMMIT_MESSAGE="$EVENT_COMMITS"
	if [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'repository_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=$COMMIT_INFO_MESSAGE" >> $GITHUB_ENV
	elif [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'workflow_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=Workflow run on PR# ${{ inputs.pr }}" >> $GITHUB_ENV
	else
	if [[ "$COMMIT_MESSAGE" == "null" ]]; then
	echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by $COMMIT_INFO_AUTHOR" >> "$GITHUB_ENV"
	else
	COMMIT_FIRST_LINE=$(echo "$COMMIT_MESSAGE" | awk -F '\\\\n' '{print $1}' | sed 's/^"//')
	echo "COMMIT_INFO_MESSAGE=$COMMIT_FIRST_LINE" >> "$GITHUB_ENV"
	fi
	fi

🧰 Tools

🪛 actionlint

270-270: shellcheck reported issue in this script: SC2309:warning:3:7: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:4:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2309:warning:5:9: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:6:70: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:9:83: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:12:54: Double quote to prevent globbing and word splitting

(shellcheck)

🪛 yamllint

[error] 272-272: trailing spaces

(trailing-spaces)

[mohanarpit]

Is this necessary? Any reason we are assigning one env variable to another?

[coderabbitai]

Actionable comments posted: 2

🧹 Outside diff range and nitpick comments (1)

.github/workflows/ci-test-limited-with-count.yml (1)

Line range hint 363-379: Excellent improvements to our test execution, class!

I'm impressed with the enhancements you've made to our Cypress test execution. Let's review what you've done well:

1. You've utilized the run_count input in the npx cypress-repeat-pro command, allowing for flexible test repetition. This is like giving us the option to take a practice test multiple times!

2. The introduction of the ci_test_status.txt file is a clever way to store our test results. It's like having a clear "pass" or "fail" stamp on our test papers.

However, I have a small suggestion to make our result checking even more robust:

- if ! grep -q "Total Failed: 0" cy-repeat-summary.txt; then
+ if ! grep -q "^Total Failed: 0$" cy-repeat-summary.txt; then
    echo "ci_test_failed=true" > "$FAILURE_FLAG_FILE"
else
    echo "ci_test_failed=false" > "$FAILURE_FLAG_FILE"
fi

By using ^ and $ in our grep pattern, we ensure we're matching the exact line "Total Failed: 0". This prevents false positives if the number 0 appears elsewhere in the context of failures.

Keep up the good work, class! Your attention to detail in improving our testing process is commendable.

🧰 Tools

🪛 actionlint

270-270: shellcheck reported issue in this script: SC2309:warning:1:7: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:2:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2309:warning:3:9: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:4:70: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:7:83: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:10:54: Double quote to prevent globbing and word splitting

(shellcheck)

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 0e63a5b and 18af836.

📒 Files selected for processing (2)

• .github/workflows/ci-test-limited-with-count.yml (1 hunks)
• .github/workflows/ci-test-limited.yml (1 hunks)

🧰 Additional context used

🪛 actionlint

.github/workflows/ci-test-limited-with-count.yml

270-270: shellcheck reported issue in this script: SC2309:warning:1:7: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:2:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2309:warning:3:9: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:4:70: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:7:83: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:10:54: Double quote to prevent globbing and word splitting

(shellcheck)

.github/workflows/ci-test-limited.yml

260-260: shellcheck reported issue in this script: SC2309:warning:1:7: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:2:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2309:warning:3:9: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:4:70: Double quote to prevent globbing and word splitting

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:7:83: Double quote to prevent globbing and word splitting

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:10:54: Double quote to prevent globbing and word splitting

(shellcheck)

🔇 Additional comments (2)

.github/workflows/ci-test-limited-with-count.yml (2)

Line range hint 15-18: Excellent addition of the run_count parameter, class!

I'm pleased to see you've added the run_count input parameter to both the workflow_dispatch and workflow_call triggers. This shows great foresight in allowing for flexible test execution. It's like giving us the ability to practice a math problem multiple times to ensure we've truly mastered it!

Remember, class, flexibility in our workflows is key to thorough testing and debugging. Well done!

Also applies to: 25-28

🧰 Tools

🪛 actionlint

270-270: shellcheck reported issue in this script: SC2309:warning:1:7: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:2:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2309:warning:3:9: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:4:70: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:7:83: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:10:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

Line range hint 387-392: Well done on improving our artifact management, class!

I'm delighted to see the improvements you've made to our artifact uploads. Let's review what you've done:

1. You've added a new artifact ci_test_status which uploads the ci_test_status.txt file. This is like creating a quick summary sheet of our test results - very efficient!

2. You've set the overwrite option to true for all artifact uploads. This ensures we always have the most up-to-date information, just like keeping our class notes current.

These changes will make it much easier for us to track and share our test results. It's like having a well-organized binder for all our important documents. Keep up the excellent work!

🧰 Tools

🪛 actionlint

270-270: shellcheck reported issue in this script: SC2309:warning:1:7: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:2:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2309:warning:3:9: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:4:70: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:7:83: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:10:54: Double quote to prevent globbing and word splitting

(shellcheck)

[coderabbitai]

🛠️ Refactor suggestion

⚠️ Potential issue

Class, let's examine the changes in our "Set Commit Message" step.

I'm pleased to see improvements in how we're handling our commit messages. However, there are a few areas where we can make our code even better:

1. We've introduced a new environment variable COMMIT_INFO_AUTHOR. This is good practice for capturing the author's name.

2. The logic for setting the commit message has been improved. We're now handling different scenarios more effectively:

   • For repository dispatch events with a PR number
   • For workflow dispatch events with a PR number
   • For other cases, we're extracting the first line of the commit message

However, there are a few areas where we need to make corrections:

1. In our comparisons, we're using -ne for numeric comparison. While this works, it's more appropriate to use != for string comparisons in this context. Let's update lines 261 and 263:

-if [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'repository_dispatch' ]]; then
+if [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'repository_dispatch' ]]; then

-elif [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'workflow_dispatch' ]]; then
+elif [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'workflow_dispatch' ]]; then

2. We should quote our variables to prevent potential issues with word splitting and globbing. For example, on line 262:

-echo "COMMIT_INFO_MESSAGE=$COMMIT_INFO_MESSAGE" >> $GITHUB_ENV
+echo "COMMIT_INFO_MESSAGE=${COMMIT_INFO_MESSAGE}" >> $GITHUB_ENV

3. Similarly, let's quote the $EVENT_COMMITS variable on line 266:

-if [[ "$EVENT_COMMITS" == "null" ]]; then
+if [[ "${EVENT_COMMITS}" == "null" ]]; then

4. For consistency, let's also quote $COMMIT_INFO_AUTHOR on line 267:

-echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by $COMMIT_INFO_AUTHOR" >> $GITHUB_ENV
+echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by ${COMMIT_INFO_AUTHOR}" >> $GITHUB_ENV

5. Lastly, let's quote $COMMIT_FIRST_LINE on line 270:

-echo "COMMIT_INFO_MESSAGE=$COMMIT_FIRST_LINE" >> $GITHUB_ENV
+echo "COMMIT_INFO_MESSAGE=${COMMIT_FIRST_LINE}" >> $GITHUB_ENV

Make these changes, and your code will be much more robust and follow best practices. Any questions, class?

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	COMMIT_INFO_AUTHOR: ${{ github.event.commits[0].author.name }}
	run: |
	if [[ ${{ inputs.pr }} -ne 0 && ${{github.event_name}} == 'repository_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=${{ env.COMMIT_INFO_MESSAGE }}" >> $GITHUB_ENV
	elif [[ ${{ inputs.pr }} -ne 0 && ${{github.event_name}} == 'workflow_dispatch' ]]; then
	if [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'repository_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=$COMMIT_INFO_MESSAGE" >> $GITHUB_ENV
	elif [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'workflow_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=Workflow run on PR# ${{ inputs.pr }}" >> $GITHUB_ENV
	else
	if [[ '${{env.EVENT_COMMITS}}' == 'null' ]]; then
	echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by ${{ env.COMMIT_INFO_AUTHOR }}" >> $GITHUB_ENV
	if [[ "$EVENT_COMMITS" == "null" ]]; then
	echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by $COMMIT_INFO_AUTHOR" >> $GITHUB_ENV
	else
	echo "COMMIT_INFO_MESSAGE=$(echo \"${{ env.EVENT_COMMITS }}\" | awk -F '\\\\n' '{print $1}' | sed 's/^\"//')" >> $GITHUB_ENV
	COMMIT_FIRST_LINE=$(echo "$EVENT_COMMITS" | awk -F '\\\\n' '{print $1}' | sed 's/^\"//')
	echo "COMMIT_INFO_MESSAGE=$COMMIT_FIRST_LINE" >> $GITHUB_ENV
	fi
	COMMIT_INFO_AUTHOR: ${{ github.event.commits[0].author.name }}
	run: |
	if [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'repository_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=${COMMIT_INFO_MESSAGE}" >> $GITHUB_ENV
	elif [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'workflow_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=Workflow run on PR# ${{ inputs.pr }}" >> $GITHUB_ENV
	else
	if [[ "${EVENT_COMMITS}" == "null" ]]; then
	echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by ${COMMIT_INFO_AUTHOR}" >> $GITHUB_ENV
	else
	COMMIT_FIRST_LINE=$(echo "$EVENT_COMMITS" | awk -F '\\\\n' '{print $1}' | sed 's/^\"//')
	echo "COMMIT_INFO_MESSAGE=${COMMIT_FIRST_LINE}" >> $GITHUB_ENV
	fi

🧰 Tools

🪛 actionlint

260-260: shellcheck reported issue in this script: SC2309:warning:1:7: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:2:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2309:warning:3:9: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:4:70: Double quote to prevent globbing and word splitting

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:7:83: Double quote to prevent globbing and word splitting

(shellcheck)

---

260-260: shellcheck reported issue in this script: SC2086:info:10:54: Double quote to prevent globbing and word splitting

(shellcheck)

[coderabbitai]

⚠️ Potential issue

Let's improve our commit message handling, shall we?

Class, you've made a commendable effort in updating the commit message handling. It's like you're writing a more detailed entry in our class journal. However, we need to make a few corrections:

1. On lines 271 and 273, we're using -ne for string comparison. In bash, we should use != for comparing strings. It's like using the correct comparison operator in our math class!

2. We need to put our variables in double quotes to prevent any unexpected word splitting. It's similar to putting quotation marks around a direct quote in our English essays.

Let's fix these issues:

- if [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'repository_dispatch' ]]; then
+ if [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'repository_dispatch' ]]; then
  echo "COMMIT_INFO_MESSAGE=$COMMIT_INFO_MESSAGE" >> $GITHUB_ENV
- elif [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'workflow_dispatch' ]]; then
+ elif [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'workflow_dispatch' ]]; then
  echo "COMMIT_INFO_MESSAGE=Workflow run on PR# ${{ inputs.pr }}" >> $GITHUB_ENV
else
  if [[ "$EVENT_COMMITS" == "null" ]]; then
-   echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by $COMMIT_INFO_AUTHOR" >> $GITHUB_ENV
+   echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by $COMMIT_INFO_AUTHOR" >> "$GITHUB_ENV"
  else
-   COMMIT_FIRST_LINE=$(echo "$EVENT_COMMITS" | awk -F '\\\\n' '{print $1}' | sed 's/^\"//')
+   COMMIT_FIRST_LINE=$(echo "$EVENT_COMMITS" | awk -F '\\\\n' '{print $1}' | sed 's/^"//')
-   echo "COMMIT_INFO_MESSAGE=$COMMIT_FIRST_LINE" >> $GITHUB_ENV
+   echo "COMMIT_INFO_MESSAGE=$COMMIT_FIRST_LINE" >> "$GITHUB_ENV"
  fi
fi

These changes will make our code more robust, just like double-checking our work in class!

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	COMMIT_INFO_AUTHOR: ${{ github.event.commits[0].author.name }}
	run: |
	if [[ ${{ inputs.pr }} -ne 0 && ${{github.event_name}} == 'repository_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=${{ env.COMMIT_INFO_MESSAGE }}" >> $GITHUB_ENV
	elif [[ ${{ inputs.pr }} -ne 0 && ${{github.event_name}} == 'workflow_dispatch' ]]; then
	if [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'repository_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=$COMMIT_INFO_MESSAGE" >> $GITHUB_ENV
	elif [[ ${{ inputs.pr }} -ne 0 && ${{ github.event_name }} == 'workflow_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=Workflow run on PR# ${{ inputs.pr }}" >> $GITHUB_ENV
	else
	if [[ '${{env.EVENT_COMMITS}}' == 'null' ]]; then
	echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by ${{ env.COMMIT_INFO_AUTHOR }}" >> $GITHUB_ENV
	if [[ "$EVENT_COMMITS" == "null" ]]; then
	echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by $COMMIT_INFO_AUTHOR" >> $GITHUB_ENV
	else
	echo "COMMIT_INFO_MESSAGE=$(echo \"${{ env.EVENT_COMMITS }}\" | awk -F '\\\\n' '{print $1}' | sed 's/^\"//')" >> $GITHUB_ENV
	COMMIT_FIRST_LINE=$(echo "$EVENT_COMMITS" | awk -F '\\\\n' '{print $1}' | sed 's/^\"//')
	echo "COMMIT_INFO_MESSAGE=$COMMIT_FIRST_LINE" >> $GITHUB_ENV
	fi
	COMMIT_INFO_AUTHOR: ${{ github.event.commits[0].author.name }}
	run: |
	if [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'repository_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=$COMMIT_INFO_MESSAGE" >> $GITHUB_ENV
	elif [[ "${{ inputs.pr }}" != "0" && "${{ github.event_name }}" == 'workflow_dispatch' ]]; then
	echo "COMMIT_INFO_MESSAGE=Workflow run on PR# ${{ inputs.pr }}" >> $GITHUB_ENV
	else
	if [[ "$EVENT_COMMITS" == "null" ]]; then
	echo "COMMIT_INFO_MESSAGE=${{ github.event_name }} by $COMMIT_INFO_AUTHOR" >> "$GITHUB_ENV"
	else
	COMMIT_FIRST_LINE=$(echo "$EVENT_COMMITS" | awk -F '\\\\n' '{print $1}' | sed 's/^"//')
	echo "COMMIT_INFO_MESSAGE=$COMMIT_FIRST_LINE" >> "$GITHUB_ENV"
	fi

🧰 Tools

🪛 actionlint

270-270: shellcheck reported issue in this script: SC2309:warning:1:7: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:2:54: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2309:warning:3:9: -ne treats this as a variable. Use != to compare as string (or expand explicitly with $var)

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:4:70: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:7:83: Double quote to prevent globbing and word splitting

(shellcheck)

---

270-270: shellcheck reported issue in this script: SC2086:info:10:54: Double quote to prevent globbing and word splitting

(shellcheck)