Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Specify directory to run audit on

See original GitHub issue

Do the checklist before filing an issue:

Is this related to the actions-rs Actions? If you think it’s a problem related to Github Actions in general, use GitHub Community forum instead: https://github.community
You’ve read the Contributing section about feature requests: https://github.com/actions-rs/.github/blob/master/CONTRIBUTING.md#feature-requests
Is this something you can debug and fix? Send a pull request! Bug fixes and documentation fixes are welcome.

Motivation

My rust/cargo project isn’t at the top level of my repo, so my audit check always fails because it can’t find my Cargo.toml/Cargo.lock file and it doesn’t take a manifest-path like other cargo commands do.

Describe your idea, motivation, and how Rust community could benefit from this feature.

Workflow example

It would be awesome if the action would read working-directory or take a manifest-path arg

jobs:
  security_audit:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      - uses: actions-rs/audit-check@v1
        with:
          # consume working-directory
          working-directory: api
          # or read args
          args: --manifest-path api/Cargo.lock
          token: ${{ secrets.GITHUB_TOKEN }}

Additional context

I’ve tried a couple work arounds but couldn’t get any of them working, I hope this isn’t an invasive/difficult addition.

Issue Analytics

State:
Created 2 years ago
Reactions:16
Comments:5

Top GitHub Comments

1reaction

martin-gcommented, Jul 8, 2021

The best would be if it takes into account the current working directory:

defaults:
  run:
    working-directory: lang/rust

See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#defaultsrun

0reactions

MariusVBcommented, Oct 26, 2021

I’m also interested in this but have found a temporary solution. Just replace {CARGO_SUBDIR} with your cargo project directory in your repo and {DIRS_TO_REMOVE} with all the non-cargo directories in the top-level of your repo:


jobs:
  audit:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      # Moves all files in sub dir to top-level dir
      - run: cd $GITHUB_WORKSPACE && mv {CARGO_SUBDIR}/* .
      # Delete directories not to be audited
      - run: cd $GITHUB_WORKSPACE && rm -rf {DIRS_TO_REMOVE}
      - uses: actions-rs/audit-check@v1
        with:
          token: ${{ secrets.GITHUB_TOKEN }}