Merge branch 'update-license-finder' into 'master'v2.1.0

Update license finder to 5.9.2 See merge request gitlab-org/security-products/license-management!86
author: Can Eldem <celdem@gitlab.com> 2019-12-05 17:06:27 +0000
committer: Can Eldem <celdem@gitlab.com> 2019-12-05 17:06:27 +0000
commit: daf6c9d460938ff58ba910cf4b518082f34378f6 (patch)
tree: 1269089ec3853a4a42be338d26f468d566876d1c /run.sh
parent: 669ee51b1296d0fa18501fddec4ac64f5ec43dc2 (diff)
parent: 0749b1f14a5a1632a433550a59420054cbab4f28 (diff)
1 files changed, 9 insertions, 21 deletions
diff --git a/run.sh b/run.sh
index 10069e1..30d1eff 100755
--- a/run.sh
+++ b/run.sh
@@ -95,9 +95,6 @@ case "$COMMAND" in
   analyze)
     # Analyze project
 
-    # Load RVM
-    source /rvm.sh
-
     # Change current directory to the project path.
     APP_PATH=$1
     shift
@@ -112,7 +109,9 @@ case "$COMMAND" in
             # So we ignore the error.
             $($rvm_recommended_ruby) 2>/dev/null || true
             rvm use .
-            gem install bundler
+            # rvm pulls outdated gems
+            # need this to update system bundler
+            gem update --system
             # We need to install the license_finder gem into this Ruby version too.
             gem install license_finder -v "$LICENSE_FINDER_VERSION"
             gem install --no-document /opt/license-management/*.gem
@@ -121,37 +120,28 @@ case "$COMMAND" in
           # Ignore test and development dependencies.
           license_finder ignored_groups add development
           license_finder ignored_groups add test
-          bundle install --without "development test" --jobs $(nproc)
+          bundle install --jobs $(nproc)
           skip_prepare=true
         fi
 
         if test -f package.json; then
-          # Check is npm is being used, if so convert it to yarn
+          # Check is npm is being used
           if [ -f package-lock.json ] && [ ! -f yarn.lock ] ; then
-            # restore original lock file state on EXIT
-            function restore_lockfile {
-              echo "Cleanup generated $APP_PATH/yarn.lock"
-              rm -f $APP_PATH/yarn.lock || true
-            }
-            trap restore_lockfile EXIT
-
-            echo "Convert package-lock.json to yarn.lock"
-            yarn import --ignore-engines --ignore-scripts
+            echo "Installing npm packages with npm ci"
+            npm ci
           fi
 
           # install via yarn
           if [ ! -d node_modules ]; then
+            echo "Installing yarn packages"
             yarn install --ignore-engines --ignore-scripts
-
-            # Try to install Peer packages too, npm install doesn't do it anymore.
-            /node_modules/.bin/npm-install-peers
           fi
           skip_prepare=true
         fi
 
 
         if find . -name "*.go" -printf "found" -quit |grep found >/dev/null ; then
-          if [ ! -f glide.lock -a ! -f vendor/manifest -a ! -f Gopkg.lock -a ! -f go.mod ]; then
+          if [[ ( ! -f glide.lock ) && ( ! -f vendor/manifest ) && (! -f Gopkg.lock ) && (! -f go.mod ) ]]; then
             echo "running go get"
             # Only install deps if not using glide, govendor or dep
             # Symlink the project into GOPATH to allow fetching dependencies.
@@ -195,8 +185,6 @@ case "$COMMAND" in
     fi
     echo "Preparing JSON report..."
     license_management report ${prepare} --format=json --save=gl-license-management-report.json ${LICENSE_FINDER_CLI_OPTS}
-    # rvm removes trap in bash: https://github.com/rvm/rvm/issues/4416
-    declare -f restore_lockfile > /dev/null && restore_lockfile
     popd > /dev/null
     ;;
author	Can Eldem <celdem@gitlab.com>	2019-12-05 17:06:27 +0000
committer	Can Eldem <celdem@gitlab.com>	2019-12-05 17:06:27 +0000
commit	daf6c9d460938ff58ba910cf4b518082f34378f6 (patch)
tree	1269089ec3853a4a42be338d26f468d566876d1c /run.sh
parent	669ee51b1296d0fa18501fddec4ac64f5ec43dc2 (diff)
parent	0749b1f14a5a1632a433550a59420054cbab4f28 (diff)