allow codemodder namespace to activate semgrep module #2351
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Run Checks and Tests | |
on: | |
push: | |
workflow_dispatch: | |
env: | |
TEST_FRAMEWORK_PATH: core-codemods/src/test/java/io/codemodder/codemods/integration | |
jobs: | |
check: | |
name: Check | |
runs-on: ubuntu-latest | |
steps: | |
- name: Clone repository | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
- name: Setup Java | |
uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0 # v3.13.0 | |
with: | |
distribution: 'temurin' | |
java-version: '17' | |
# tar file generation, tar file contains codemodder executable file to be used in the codemodder-base image | |
- name: Generate distribution | |
uses: gradle/gradle-build-action@842c587ad8aa4c68eeba24c396e15af4c2e9f30a # v2.9.0 | |
with: | |
arguments: core-codemods:distTar | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 | |
with: | |
driver: docker | |
- name: Build codemodder base image | |
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 | |
with: | |
context: . | |
file: ${{ env.TEST_FRAMEWORK_PATH }}/baseimage/Dockerfile | |
tags: codemodder/codemodder-base:latest | |
# defining the list of test projects for which an image will be generated | |
- name: Setup test project names | |
run: | | |
TEST_PROJECT_NAMES=$(./gradlew core-codemods:getTestProjectNames -q) | |
echo "TEST_PROJECT_NAMES<<EOF">> $GITHUB_ENV | |
echo $TEST_PROJECT_NAMES >> $GITHUB_ENV | |
echo "EOF" >> $GITHUB_ENV | |
- name: Build test projects images | |
run: | | |
for TEST_PROJECT_NAME in ${{ env.TEST_PROJECT_NAMES }}; do | |
docker build \ | |
-f ${{ env.TEST_FRAMEWORK_PATH }}/projectimage/Dockerfile \ | |
--build-arg CODEMODDER_BASE_IMAGE=codemodder/codemodder-base \ | |
--build-arg CODEMOD_ID=${TEST_PROJECT_NAME} \ | |
-t codemodder/${TEST_PROJECT_NAME}:latest \ | |
. | |
done | |
- name: Setup Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: '3.11' | |
- name: Install Semgrep | |
run: python3 -m pip install semgrep | |
- name: Run Check task | |
uses: gradle/gradle-build-action@842c587ad8aa4c68eeba24c396e15af4c2e9f30a # v2.9.0 | |
env: | |
ORG_GRADLE_PROJECT_codemodderOpenAIKey: ${{ secrets.CODEMODDER_OPENAI_API_KEY }} | |
with: | |
arguments: check --stacktrace | |
cache-read-only: ${{ github.ref != 'refs/heads/main' }} | |
# - name: "Archives Test Repo" | |
# if: always() | |
# run: | | |
# mkdir target | |
# tar czvf target/webgoat-temp.tar.gz /tmp/WebGoat* | |
# - name: Archive build results | |
# uses: actions/upload-artifact@v3 | |
# if: always() | |
# with: | |
# name: build-reports | |
# path: 'target/**/*' |