fix: sanitize absolute runner paths in generated schemas#602
fix: sanitize absolute runner paths in generated schemas#602CWAbhi wants to merge 2 commits intomeshery:masterfrom
Conversation
Signed-off-by: Abhijeet Dey <dey20405@gmail.com>
|
Note Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported. |
|
@leecalcote can you check this out . if it works i think we should close and merge this into schemas |
|
@CWAbhi did you address the primary concern of this path being included during mesheryctl docs builds in the meshery/meshery repo? |
|
@hortison Yes, this PR directly addresses the root issue by sanitizing generated schema artifacts, preventing absolute paths from propagating into downstream consumers like mesheryctl docs builds in the meshery/meshery repo. |
alphaX86
requested review from
a team,
Revolyssup,
hortison,
jerensl and
leecalcote
and removed request for
a team,
Revolyssup,
jerensl and
leecalcote
alphaX86
left a comment
alphaX86
left a comment
There was a problem hiding this comment.
This may cause workflow to fail every time based on global grep cmd usage on checking paths...
|
@alphaX86 You’re right , a global recursive grep can cause false positives, especially since mesheryctl docs generation may legitimately include /home/runner paths. |
Signed-off-by: Abhijeet Dey <dey20405@gmail.com>
|
@alphaX86 I’ve updated the workflow to scope the /home/runner path check to schema-generated artifacts only. |
3 participants
Notes for Reviewers
This PR fixes #526
This PR addresses the issue of absolute environment paths being leaked into the repository during the automated type generation process. Currently, the GitHub Action runner’s local workspace path (e.g., /home/runner/work/...) is being captured by the generation tool and committed directly into the TypeScript schemas, such as SchemasOpenApiSchema.ts.
This causes unnecessary git noise and pollutes the codebase with environment-specific metadata that is irrelevant to other developers and production environments.
Changes
•Workflow Sanitization: Updated the generate-types workflow to include a post-generation cleanup step. This step dynamically identifies the $GITHUB_WORKSPACE and replaces it with a relative ./ path across all generated .ts files.
•Verification Gate: Added a validation check before the commit step. The CI will now scan for any remaining /home/runner strings and fail the build if a path leak is detected.
•Standardized Error Logging: Integrated a descriptive error moniker for the verification failure to align with the project's event-tracking framework.