luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Leverage upstream docker image returntocorp/semgrep in CircleCI (#16440) 

- Instead of installing semgrep through PyPI on every run, leverage
   the upstream docker image.
 - This should isolate us from dependency updates required to run newer
   versions of semgrep
This commit is contained in:
Steven Clark 2022-07-25 14:04:12 -04:00 committed by GitHub
parent 887e77c2ae
commit 96a355c53d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 4 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.circleci/config.yml generated
View File

@ -738,20 +738,10 @@ jobs:
- GO_TAGS: ''
semgrep:
docker:
- image: docker.mirror.hashicorp.services/alpine:3.13
- image: docker.mirror.hashicorp.services/returntocorp/semgrep:0.106.0
shell: /bin/sh
working_directory: /home/circleci/go/src/github.com/hashicorp/vault
steps:
- run:
command: |
apk add --no-cache python3 python3-dev py3-pip make gcc g++
python3 -m pip install --user semgrep==0.106.0
export PATH="$HOME/.local/bin:$PATH"
echo "$ semgrep --version"
semgrep --version
name: Setup Semgrep
working_directory: ~/
- checkout
- attach_workspace:
at: .

14
.circleci/config/commands/setup-semgrep.yml
View File

@ -1,14 +0,0 @@
---
description: >
Ensure semgrep is installed.
steps:
- run:
working_directory: ~/
name: Setup Semgrep
command: |
apk add --no-cache python3 python3-dev py3-pip make gcc g++
python3 -m pip install --user semgrep==0.106.0
export PATH="$HOME/.local/bin:$PATH"
echo "$ semgrep --version"
semgrep --version

4
.circleci/config/executors/@executors.yml
View File

@ -22,9 +22,9 @@ python:
- image: docker.mirror.hashicorp.services/python:3-alpine
shell: /usr/bin/env bash -euo pipefail -c
working_directory: /home/circleci/go/src/github.com/hashicorp/vault
alpine:
semgrep:
docker:
- image: docker.mirror.hashicorp.services/alpine:3.13
- image: docker.mirror.hashicorp.services/returntocorp/semgrep:0.106.0
shell: /bin/sh
working_directory: /home/circleci/go/src/github.com/hashicorp/vault
docker-env-go-test-remote-docker:

3
.circleci/config/jobs/semgrep.yml
View File

@ -1,7 +1,6 @@
---
executor: alpine
executor: semgrep
steps:
- setup-semgrep
- checkout
- attach_workspace:
at: .