From 74289ac0415a731375ba00f9d82ccfef00bb3c34 Mon Sep 17 00:00:00 2001 From: Parth <86726240+parth-deepsource@users.noreply.github.com> Date: Tue, 2 Jan 2024 11:58:36 +0300 Subject: [PATCH 1/2] feat: add azure CI snippet for dart-analyze --- analyzers/dart-analyze/CI/azure.yaml | 41 ++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 analyzers/dart-analyze/CI/azure.yaml diff --git a/analyzers/dart-analyze/CI/azure.yaml b/analyzers/dart-analyze/CI/azure.yaml new file mode 100644 index 0000000..21ca68c --- /dev/null +++ b/analyzers/dart-analyze/CI/azure.yaml @@ -0,0 +1,41 @@ +trigger: + - "*" + +pool: + vmImage: "ubuntu-latest" + +variables: + - name: DEEPSOURCE_DSN + value: $(DEEPSOURCE_DSN) + +stages: + - stage: scan_and_report + jobs: + - job: scan_and_report + displayName: "Scan and Report" + steps: + - script: | + sudo apt update + sudo apt install apt-transport-https + wget -qO- https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo gpg --dearmor -o /usr/share/keyrings/dart.gpg + echo 'deb [signed-by=/usr/share/keyrings/dart.gpg arch=amd64] https://storage.googleapis.com/download.dartlang.org/linux/debian stable main' | sudo tee /etc/apt/sources.list.d/dart_stable.list + sudo apt update + sudo apt install -y dart + displayName: "Setup Dart" + + - checkout: self + displayName: "Code checkout" + + - script: | + dart analyze > dart_analyze.txt || true + displayName: "Run dart analyze" + + - script: | + curl -sSL https://raw.githubusercontent.com/advanced-security/dart-analyzer-sarif/main/dart_analyzer_sarif.py > dart-analyzer-sarif + python3 dart-analyzer-sarif dart_analyze.txt dart_analyze.sarif $(Build.Repository.LocalPath) --repo-uri $(Build.Repository.Uri) --branch $(Build.SourceBranchName) --revision-id $(Build.SourceVersion) + displayName: "Dart analyze to SARIF" + + - script: | + curl -sSL https://deepsource.io/cli | sh + ./bin/deepsource report --analyzer dart-analyze --analyzer-type community --value-file ./dart_analyze.sarif + displayName: "Report to DeepSource" From 9f8e0dc998ca3a50da8a00d3246c16b38f507bca Mon Sep 17 00:00:00 2001 From: Parth <86726240+parth-deepsource@users.noreply.github.com> Date: Tue, 16 Jan 2024 13:19:08 +0530 Subject: [PATCH 2/2] fix: properly set env variable --- analyzers/dart-analyze/CI/azure.yaml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/analyzers/dart-analyze/CI/azure.yaml b/analyzers/dart-analyze/CI/azure.yaml index 21ca68c..412cd26 100644 --- a/analyzers/dart-analyze/CI/azure.yaml +++ b/analyzers/dart-analyze/CI/azure.yaml @@ -4,10 +4,6 @@ trigger: pool: vmImage: "ubuntu-latest" -variables: - - name: DEEPSOURCE_DSN - value: $(DEEPSOURCE_DSN) - stages: - stage: scan_and_report jobs: @@ -15,12 +11,12 @@ stages: displayName: "Scan and Report" steps: - script: | - sudo apt update - sudo apt install apt-transport-https + sudo apt-get update + sudo apt-get install apt-transport-https wget -qO- https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo gpg --dearmor -o /usr/share/keyrings/dart.gpg echo 'deb [signed-by=/usr/share/keyrings/dart.gpg arch=amd64] https://storage.googleapis.com/download.dartlang.org/linux/debian stable main' | sudo tee /etc/apt/sources.list.d/dart_stable.list - sudo apt update - sudo apt install -y dart + sudo apt-get update + sudo apt-get install -y dart displayName: "Setup Dart" - checkout: self @@ -39,3 +35,5 @@ stages: curl -sSL https://deepsource.io/cli | sh ./bin/deepsource report --analyzer dart-analyze --analyzer-type community --value-file ./dart_analyze.sarif displayName: "Report to DeepSource" + env: + DEEPSOURCE_DSN: $(DEEPSOURCE_DSN)