Skip to content

Version from pip package & CI #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Version from pip package & CI #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
09b85e0
set version from pip package
artivis Jan 12, 2024
67e772b
snap ci
artivis Jan 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
61 changes: 58 additions & 3 deletions .github/workflows/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,67 @@
name: build-snap
name: Snap

on:
workflow_dispatch:
pull_request:
push:
branches:
- main

jobs:
build:
runs-on: ubuntu-latest
outputs:
snap-file: ${{ steps.build-snap.outputs.snap }}

steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Build snap
id: build-snap
uses: snapcore/action-build@v1

- name: Upload snap
uses: actions/upload-artifact@v3
with:
name: snap
path: ${{ steps.build-snap.outputs.snap }}

test:
runs-on: ubuntu-latest
needs: build

steps:
- uses: actions/checkout@v3
- uses: snapcore/action-build@v1
- uses: actions/download-artifact@v3
with:
name: snap
path: .

- name: Install snap
run: |
sudo snap install --dangerous ${{needs.build.outputs.snap-file}}

- name: Run snap
run: |
semgrep --version

publish:
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
needs: test

steps:
- uses: actions/download-artifact@v3
with:
name: snap
path: .

- uses: snapcore/action-publish@v1
env:
SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.STORE_LOGIN }}
if: env.SNAPCRAFT_STORE_CREDENTIALS
with:
snap: ${{needs.build.outputs.snap-file}}
release: candidate
12 changes: 8 additions & 4 deletions snapcraft.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
# Identifier
name: semgrep

# Version of the snap, synced with the one of Semgrep
version: '1.56.0'
# Version of the snap retrieved from the pip package
adopt-info: semgrep

# Base snap
base: core22
Expand All @@ -25,9 +25,13 @@ parts:
source: .
python-packages:
- semgrep
override-build: |
craftctl default
version="$(python3 -m pip show semgrep | sed -n 's|^Version: ||p')"
craftctl set version="$version"

# Apps, aka entry points in the snap
#
#
# The following plugs are used:
# 1. Home directory access
# 2. Network access: Semgrep communicated with its Registry to fetch rules. In
Expand All @@ -48,7 +52,7 @@ title: Semgrep
# Sentence summarising the snap
summary: Static code scanning

# Detailed
# Detailed
description: |
Semgrep is a fast, open-source, static analysis engine for finding bugs,
detecting vulnerabilities in third-party dependencies, and enforcing code
Expand Down