Skip to content

Added missing CWE links for several codemods (#490) #2449

Added missing CWE links for several codemods (#490)

Added missing CWE links for several codemods (#490) #2449

Workflow file for this run

name: Run Checks and Tests
on:
push:
workflow_dispatch:
env:
TEST_FRAMEWORK_PATH: core-codemods/src/test/java/io/codemodder/codemods/integration
jobs:
check:
name: Check
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Setup Java
uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0 # v3.13.0
with:
distribution: 'temurin'
java-version: '17'
# tar file generation, tar file contains codemodder executable file to be used in the codemodder-base image
- name: Generate distribution
uses: gradle/gradle-build-action@842c587ad8aa4c68eeba24c396e15af4c2e9f30a # v2.9.0
with:
arguments: core-codemods:distTar
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
with:
driver: docker
- name: Build codemodder base image
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0
with:
context: .
file: ${{ env.TEST_FRAMEWORK_PATH }}/baseimage/Dockerfile
tags: codemodder/codemodder-base:latest
# defining the list of test projects for which an image will be generated
- name: Setup test project names
run: |
TEST_PROJECT_NAMES=$(./gradlew core-codemods:getTestProjectNames -q)
echo "TEST_PROJECT_NAMES<<EOF">> $GITHUB_ENV
echo $TEST_PROJECT_NAMES >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
- name: Build test projects images
run: |
for TEST_PROJECT_NAME in ${{ env.TEST_PROJECT_NAMES }}; do
docker build \
-f ${{ env.TEST_FRAMEWORK_PATH }}/projectimage/Dockerfile \
--build-arg CODEMODDER_BASE_IMAGE=codemodder/codemodder-base \
--build-arg CODEMOD_ID=${TEST_PROJECT_NAME} \
-t codemodder/${TEST_PROJECT_NAME}:latest \
.
done
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Install Semgrep
run: python3 -m pip install semgrep==1.84.1
- name: Run Check task
uses: gradle/gradle-build-action@842c587ad8aa4c68eeba24c396e15af4c2e9f30a # v2.9.0
env:
ORG_GRADLE_PROJECT_codemodderOpenAIKey: ${{ secrets.CODEMODDER_OPENAI_API_KEY }}
with:
arguments: check --stacktrace
cache-read-only: ${{ github.ref != 'refs/heads/main' }}
# - name: "Archives Test Repo"
# if: always()
# run: |
# mkdir target
# tar czvf target/webgoat-temp.tar.gz /tmp/WebGoat*
# - name: Archive build results
# uses: actions/upload-artifact@v3
# if: always()
# with:
# name: build-reports
# path: 'target/**/*'