From 8568fed59bb265d07a8fea10505f8397dba2189a Mon Sep 17 00:00:00 2001 From: Srijan Saurav <68371686+srijan-deepsource@users.noreply.github.com> Date: Tue, 2 Jan 2024 15:21:34 +0530 Subject: [PATCH 1/3] chore: update kubelinter snippets (#21) Update example config and CI snippet --------- Signed-off-by: Srijan Saurav <68371686+srijan-deepsource@users.noreply.github.com> --- analyzers/kube-linter/.deepsource/analyzer/example_config.toml | 1 + analyzers/kube-linter/CI/github-actions.yaml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/analyzers/kube-linter/.deepsource/analyzer/example_config.toml b/analyzers/kube-linter/.deepsource/analyzer/example_config.toml index 5fc666ed..da97d5c5 100644 --- a/analyzers/kube-linter/.deepsource/analyzer/example_config.toml +++ b/analyzers/kube-linter/.deepsource/analyzer/example_config.toml @@ -2,3 +2,4 @@ version = 1 [[analyzers]] name = "kube-linter" +type = "community" diff --git a/analyzers/kube-linter/CI/github-actions.yaml b/analyzers/kube-linter/CI/github-actions.yaml index af1d817f..5891813e 100644 --- a/analyzers/kube-linter/CI/github-actions.yaml +++ b/analyzers/kube-linter/CI/github-actions.yaml @@ -40,7 +40,7 @@ jobs: curl https://deepsource.io/cli | sh # Send the report to DeepSource - ./bin/deepsource report --analyzer kube-linter --value-file ./kube-linter.sarif + ./bin/deepsource report --analyzer kube-linter --analyzer-type community --value-file ./kube-linter.sarif # Ensure the workflow eventually fails if files did not pass kube-linter checks. - name: Verify kube-linter-action succeeded From a58bdba25061f3269d830b641dc833082af0691b Mon Sep 17 00:00:00 2001 From: Yash Dave <87606277+yash-deepsource@users.noreply.github.com> Date: Tue, 2 Jan 2024 18:15:38 +0530 Subject: [PATCH 2/3] chore: update sync workflow file prod (#22) Signed-off-by: Yash Dave <87606277+yash-deepsource@users.noreply.github.com> --- .github/workflows/syncer.yaml | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/.github/workflows/syncer.yaml b/.github/workflows/syncer.yaml index 0fad7889..85991562 100644 --- a/.github/workflows/syncer.yaml +++ b/.github/workflows/syncer.yaml @@ -6,8 +6,8 @@ on: - v* env: - SYNC_ENDPOINT: ${{ secrets.SYNC_ENDPOINT_DEV }} - DATASYNC_SECRET: ${{ secrets.DATASYNC_SECRET_DEV }} + SYNC_ENDPOINT: ${{ secrets.SYNC_ENDPOINT }} + DATASYNC_SECRET: ${{ secrets.DATASYNC_SECRET }} jobs: sync_analyzers: @@ -17,11 +17,6 @@ jobs: - uses: actions/checkout@v3 with: ref: ${{ github.event.pull_request.head.sha }} - - - name: Tailscale - uses: tailscale/github-action@v1 - with: - authkey: ${{ secrets.TAILSCALE_AUTHKEY }} - name: Send sync signal run: | From 735b51b7858348203377f971b51ec16587ade91b Mon Sep 17 00:00:00 2001 From: Jai Pradeesh <68369919+jai-deepsource@users.noreply.github.com> Date: Tue, 2 Jan 2024 10:16:44 -0800 Subject: [PATCH 3/3] Update misc instructions (#23) Signed-off-by: Jai Pradeesh <68369919+jai-deepsource@users.noreply.github.com> --- README.md | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index f8b2700d..889de41e 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,11 @@ # DeepSource Community Analyzers -Hub of all open-sourced third-party static analyzers supported by DeepSource. +Hub of all open-source third-party static analyzers supported by DeepSource. Usage docs can be found at [docs.deepsource.com/docs/community-analyzers](https://docs.deepsource.com/docs/community-analyzers) ## Supported Analyzers | Analyzer name | Latest version | Language / Technology | | :---------------------------------------------------------------------------- | :------------- | :--------------------- | -| [Azure/bicep](https://github.com/Azure/bicep) | v0.20.4 | Azure Resource Manager | | [stackrox/kube-linter](https://github.com/stackrox/kube-linter) | 0.6.4 | Kubernetes, Helm | | [crytic/slither](https://github.com/crytic/slither) | 0.10.0 | Solidity, Vyper | | [aws-cloudformation/cfn-lint](https://github.com/aws-cloudformation/cfn-lint) | 0.83.3 | AWS CloudFormation | @@ -46,6 +45,7 @@ The following are very important to sync analyzers with DeepSource: 3. `CI` directory: Put example configs of all CIs under this directory. These worlflow / CI configs should run the analyzer, create a sarif report and send it to DeepSource. + Each file should be names as `.`. Example: `github.yml`, `circleci.yml`, etc.` 4. `utils` directory: @@ -60,6 +60,8 @@ For example, please check out `analyzers/kube-linter/utils`. Push a tag after merging all the changes to the default (master) branch. The `Sync community analyzers` workflow triggers on tag pushes matching `v*` and will sync the analyzers and their issues with DeepSource. +> Note: This action will be done by a member of the DeepSource team; contributors need not create a tag. + ### Running tests - Create and activate a virtual environment @@ -81,7 +83,3 @@ extension. ### Type Checking Run `mypy .` - -## Maintenance Guide - -...