fix(audit): split slurp + jq for gh CLI 2.59+#20
Conversation
|
Note Gemini is unable to generate a review for this pull request due to the file types involved not being currently supported. |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: c47b4f4a34
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
`gh api --paginate --slurp --jq` started failing once the runner
picked up gh CLI 2.59 or newer, where `--slurp` and `--jq` are
mutually exclusive ("the --slurp option is not supported with
--jq or --template"). Pipe to jq separately to keep the same
"flatten paginated pages, default to []" semantics.
Fixes the failing scheduled Audit Branch Protection job.
jan-kubica
force-pushed
the
fix/audit-paginate-slurp-incompat
branch
from
c47b4f4 to
ac3e762
Compare
Without pipefail, a failing `gh api` upstream of `| jq 'add // []'`
would let the step exit 0 — jq emits `[]` on empty stdin, and the
default `bash -e {0}` only checks the last command's status. That
masked auth/rate-limit/5xx errors and produced a false "no drift"
result. Pin a custom shell with `-eo pipefail` for this step.
Also use `jq . live-rulesets.json` directly instead of `cat | jq` to
keep the same pipefail discipline in the debug print.
Addresses codex P2 review on PR #20.
|
CC on behalf of @jan-kubica Addressed in 5fcdd28: the step now runs with |
1 participant
Summary
gh api --paginate --slurp --jqstarted failing once GitHub-hosted runners picked up gh CLI ≥ 2.59, which made--slurpand--jqmutually exclusive. Pipe tojqseparately to preserve the original "flatten paginated pages, default to[]" behavior. Fixes the scheduledAudit Branch Protectionjob (last run failed in stella/stella withthe --slurp option is not supported with --jq or --template).Test plan
workflow_dispatchand confirm theFetch live rulesetsstep exits 0.live-rulesets.jsoncontents look correct (flat array, or[]for a repo without rulesets).