capi-release icon indicating copy to clipboard operation
capi-release copied to clipboard

Published 20 hours ago verified publisher icon cloudfoundry

Can rubocop gem be excluded from distribution?

Open danielvaughan opened this issue 4 years ago • 4 comments

Thanks for submitting an issue to cloud_controller_ng. We are always trying to improve! To help us, please fill out the following template.

Issue

Please consider not distributing the rubocop-0.79.0.gem.

Context

RuboCop from my understanding is a Ruby linter used in this project in testing. Unfortunately, the rubocop gem file gets packaged up and makes it through to the capi-release release and so into Cloud Foundry distributions. The problem with this is the "Robocop like" logo gets included in gem (rubocop-0.79.0.gem/assets/logo.png). The logo itself has a non-commercial licence this may cause problems to upstream projects.

As from what I see rubocop is only used for testing and is likely, not necessary in the Cloud Foundry release can it be excluded by only being used in the test context to get around this potential problem, please?

Steps to Reproduce

The problem file is in:

var/vcap/packages/cloud_controller_ng/cloud_controller_ng/vendor/cache/rubocop-0.79.0.gem/assets/logo.png

Expected result

Please exclude rubocop-0.79.0.gem when packaging for release

Current result

Rubocop gem is included at:

var/vcap/packages/cloud_controller_ng/cloud_controller_ng/vendor/cache/rubocop-0.79.0.gem

Possible Fix

[not obligatory, but suggest fixes or reasons for the bug]

name of issue screenshot

[if relevant, include a screenshot]

danielvaughan avatar Oct 07 '20 10:10 danielvaughan

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/175162482

The labels on this github issue will be updated when the story is started.

cf-gitbot avatar Oct 07 '20 10:10 cf-gitbot

It looks like we are attempting to omit test dependencies from capi-release, but I can confirm that rubocop and other test dependencies are included in the releases.

Related issue: https://github.com/rubygems/bundler/issues/2595

Gerg avatar Oct 29 '20 06:10 Gerg

Looks like we can't avoid using bundle package in our pre-packaging step which will include all our gems in the vendored path.

However, we can remove the entire vendor path once we're finished doing our bundle install during our packaging step. Once we finish bosh_bundle_local it will only include production gems in the Gem path for bosh making it safe to delete the vendor folder.

weymanf avatar Feb 05 '21 20:02 weymanf

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/176985343

The labels on this github issue will be updated when the story is started.

cf-gitbot avatar Feb 17 '21 18:02 cf-gitbot

Development and test gems will be skipped in release package with this PR https://github.com/cloudfoundry/capi-release/pull/436

kathap avatar Jul 09 '24 08:07 kathap

Development and test gems are now excluded from the capi-release tarball.

philippthun avatar Jul 24 '24 13:07 philippthun