Upgrade semgrep to latest version #135
Labels
enhancement
New feature or request
Comments
|
looks like drone is not using semgrep at all and skipping those tests === RUN TestAccessEnvVariables
coderules_test.go:24: semgrep not installed, skipping test
--- SKIP: TestAccessEnvVariables (0.00s)
=== RUN TestAccessAllowedEnvVariables
coderules_test.go:48: semgrep not installed, skipping test
--- SKIP: TestAccessAllowedEnvVariables (0.00s)
=== RUN TestAccessFS
coderules_test.go:73: semgrep not installed, skipping test
--- SKIP: TestAccessFS (0.00s)
=== RUN TestUseSyscall
coderules_test.go:98: semgrep not installed, skipping test
--- SKIP: TestUseSyscall (0.00s) |
|
@briangann from which CI are these logs? |
See https://drone.grafana.net/grafana/plugin-validator/194/1/2 Line 316 (expand all logs first) |
|
@briangann I looked into it. that's expected. What drone does is build the Docker image (on main merge). The docker image will have semgrep installed and the validator binary, to build the validator binary, the drone runner needs to run the tests which skip semgrep because the drone runner doesn't have it installed. That doesn't affect the final docker image that will have both the binary and semgrep. nevertheless, the github action that runs on PRs and commits to main does install semgrep on the runner and validates it. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In #133 we had to lock the semgrep version to 1.28 because the newer version (>=1.38) is not working as expected.
We should research what's not working in this new version and patch it so we can keep using the updated tool.
The text was updated successfully, but these errors were encountered: