Skip to content

Commit

Permalink
Switch to osemgrep test --experimental (from 3min to 21s) (#3472)
Browse files Browse the repository at this point in the history 
* Switch to osemgrep test --experimental

test plan:
wait for green CI check

* comment

* comments
  • Loading branch information
@aryx
aryx authored Sep 19, 2024
1 parent 7427b82 commit be389ac
Showing 1 changed file with 13 additions and 9 deletions.
22 changes: 13 additions & 9 deletions .github/workflows/semgrep-rules-test-develop.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# Running the tests in the repo using `semgrep test --experimental` and
# the semgrep/semgrep:pro-develop docker image (the bleeding edge!).

name: semgrep-rules-test-develop
on:
pull_request:
Expand All @@ -9,26 +12,27 @@ on:
- develop
- release
jobs:
# Note: if you change this test there will likely need to be a
# corresponding change in returntocorp/semgrep
test-develop:
name: rules-test-develop
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
with:
path: semgrep-rules
- name: delete stats directory
run: rm -rf semgrep-rules/stats
- name: delete fingerprints directory
run: rm -rf semgrep-rules/fingerprints
- name: delete directories not containing rules
run: rm -rf semgrep-rules/stats semgrep-rules/fingerprints
#TODO: in theory we could run those tests by using --test --pro
# since our docker image now contains semgrep-core-pro (but
# it would require to be logged in though via a SEMGREP_APP_TOKEN)
- name: delete rules requiring Semgrep Pro
run: rm -rf semgrep-rules/apex semgrep-rules/elixir
# TODO: this takes 1m20 in CI and could be optimized by switching to osemgrep
- name: validate rules
run: |
export SEMGREP="docker run --rm -w /src -v ${GITHUB_WORKSPACE}/semgrep-rules:/src returntocorp/semgrep:develop semgrep"
export SEMGREP="docker run --rm -w /src -v ${GITHUB_WORKSPACE}/semgrep-rules:/src semgrep/semgrep:pro-develop semgrep"
make -C "$GITHUB_WORKSPACE"/semgrep-rules validate
- name: test with semgrep develop branch
# this now takes 21s with osemgrep instead of 3min with pysemgrep
- name: test with semgrep pro develop branch and with --experimental
run: |
export SEMGREP="docker run --rm -w /src -v ${GITHUB_WORKSPACE}/semgrep-rules:/src returntocorp/semgrep:develop semgrep"
export SEMGREP="docker run --rm -w /src -v ${GITHUB_WORKSPACE}/semgrep-rules:/src semgrep/semgrep:pro-develop semgrep --experimental"
make -C "$GITHUB_WORKSPACE"/semgrep-rules test-only

0 comments on commit be389ac

Please sign in to comment.