From e25a20f85f8bf11bd31c31ca2e8d884b348fb0a0 Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 25 Oct 2023 15:12:11 +1300 Subject: [PATCH 01/16] run lint in container --- .github/workflows/lint.yaml | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 43aa6a8b..7083478b 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -16,6 +16,7 @@ permissions: jobs: compatibility: runs-on: ubuntu-latest + container: returntocorp/ocaml:alpine steps: - name: Checkout tree uses: actions/checkout@v4 @@ -23,17 +24,6 @@ jobs: fetch-depth: 0 fetch-tags: true - - name: Set-up OCaml - uses: ocaml/setup-ocaml@v2 - with: - ocaml-compiler: 5.1 - opam-pin: false - opam-depext: false - dune-cache: true - - - name: install atddiff - run: opam install atd - - name: atddiff all supported tags id: diff shell: bash From f6f33015cfe0ff972a27218cbd1314f957895e49 Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 25 Oct 2023 15:14:00 +1300 Subject: [PATCH 02/16] skip opam env --- .github/workflows/lint.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 7083478b..c14baf18 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -28,7 +28,6 @@ jobs: id: diff shell: bash run: | - eval $(opam env) echo -ne 'Backwards compatability summary:\n\n```' > summary-00-header.txt echo '```' >> summary-20-footer.txt ./scripts/check-backwards-compatability.sh | tee summary-10-body.txt From 10cda85aac20c92710791bbe451a5704c0e8acd6 Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 25 Oct 2023 15:25:41 +1300 Subject: [PATCH 03/16] add jq and improve error handling in the script --- .github/workflows/lint.yaml | 1 + scripts/check-backwards-compatability.sh | 7 ++++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index c14baf18..24a9ccab 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -28,6 +28,7 @@ jobs: id: diff shell: bash run: | + apk add jq echo -ne 'Backwards compatability summary:\n\n```' > summary-00-header.txt echo '```' >> summary-20-footer.txt ./scripts/check-backwards-compatability.sh | tee summary-10-body.txt diff --git a/scripts/check-backwards-compatability.sh b/scripts/check-backwards-compatability.sh index 77cee745..22902f2b 100755 --- a/scripts/check-backwards-compatability.sh +++ b/scripts/check-backwards-compatability.sh @@ -10,13 +10,12 @@ # - Diff against origin/main to establish a baseline # - Diff against HEAD # - Diff the two diffs to see if new issues were introduced - -set -u # no "-eo pipefail" because we do our own error handling +set -euo pipefail minimum="v$(curl -s https://semgrep.dev/api/check-version | jq -r '.versions.minimum')" tags=$(git log --simplify-by-decoration --pretty=format:%D "${minimum}^!" origin/main | grep -o 'tag: [^,)]\+' | sed 's/^tag: //' | sort -n) -checked=() +checked=("dummy") errors=0 for tag in $tags; do commit=$(git rev-list -n 1 "$tag") @@ -31,12 +30,14 @@ for tag in $tags; do git difftool -x 'atddiff --backward' -y "$tag" "HEAD" semgrep_output_v1.atd > after.txt # neccesary because filenames have temp paths and line numbers can change without causing issues + set +e expr='s|File "/.*/\(.*.atd\)", line .*$|File "\1", line |g' diff -u <(sed "$expr" before.txt) <(sed "$expr" after.txt) if [ "$?" -ne 0 ]; then echo "ERROR: semgrep_output_v1.atd is not backward compatible with $tag" errors=$((errors + 1)) fi + set -e done if [ "$errors" -ne 0 ]; then From 4806cce700b94582499e38f6077cb615b16f8e3b Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 25 Oct 2023 15:32:55 +1300 Subject: [PATCH 04/16] run opam env afterall --- .github/workflows/lint.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 24a9ccab..88210240 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -28,6 +28,7 @@ jobs: id: diff shell: bash run: | + eval $(opam env) apk add jq echo -ne 'Backwards compatability summary:\n\n```' > summary-00-header.txt echo '```' >> summary-20-footer.txt From 84b25d54d6db9e27828b9571db192b7c5f7fe8f6 Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 25 Oct 2023 15:39:06 +1300 Subject: [PATCH 05/16] debug --- .github/workflows/lint.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 88210240..e2d5cb65 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -28,6 +28,8 @@ jobs: id: diff shell: bash run: | + env + pwd eval $(opam env) apk add jq echo -ne 'Backwards compatability summary:\n\n```' > summary-00-header.txt From b323182372daf52b82141e390303366e49ee5a01 Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 25 Oct 2023 15:42:34 +1300 Subject: [PATCH 06/16] remove debug and fix env --- .github/workflows/lint.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index e2d5cb65..83625f63 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -28,10 +28,11 @@ jobs: id: diff shell: bash run: | - env - pwd - eval $(opam env) + # github actions sets HOME=/home/github where we don't have an opam env + eval $(HOME=/root opam env) apk add jq + + # run the checks echo -ne 'Backwards compatability summary:\n\n```' > summary-00-header.txt echo '```' >> summary-20-footer.txt ./scripts/check-backwards-compatability.sh | tee summary-10-body.txt From 5e00ca23ee7e1ed8dd1f8d60939956a6c328eb06 Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 25 Oct 2023 15:50:55 +1300 Subject: [PATCH 07/16] catch atddiff errors --- scripts/check-backwards-compatability.sh | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/scripts/check-backwards-compatability.sh b/scripts/check-backwards-compatability.sh index 22902f2b..4d160f63 100755 --- a/scripts/check-backwards-compatability.sh +++ b/scripts/check-backwards-compatability.sh @@ -25,12 +25,20 @@ for tag in $tags; do fi checked+=("$commit") + set +e # do our own error handling for a bit echo "Checking backward compatibility of semgrep_output_v1.atd against past version $tag" - git difftool -x 'atddiff --backward' -y "$tag" "origin/main" semgrep_output_v1.atd > before.txt - git difftool -x 'atddiff --backward' -y "$tag" "HEAD" semgrep_output_v1.atd > after.txt + git difftool --trust-exit-code -x 'atddiff --backward' -y "$tag" "origin/main" semgrep_output_v1.atd > before.txt + if [ "$?" -ge 1 ] && [ "$?" -le 2 ]; then + echo "ERROR: atddiff had an error" + exit 1 + fi + git difftool --trust-exit-code -x 'atddiff --backward' -y "$tag" "HEAD" semgrep_output_v1.atd > after.txt + if [ "$?" -ge 1 ] && [ "$?" -le 2 ]; then + echo "ERROR: atddiff had an error" + exit 1 + fi # neccesary because filenames have temp paths and line numbers can change without causing issues - set +e expr='s|File "/.*/\(.*.atd\)", line .*$|File "\1", line |g' diff -u <(sed "$expr" before.txt) <(sed "$expr" after.txt) if [ "$?" -ne 0 ]; then From 68b63ed8798921d0673a911969a475bf112a67c6 Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 8 Nov 2023 07:15:39 +1300 Subject: [PATCH 08/16] Update lint.yaml print atddiff version --- .github/workflows/lint.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 1d180d2c..353cfa74 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -28,10 +28,15 @@ jobs: id: diff shell: bash run: | + set -x + # github actions sets HOME=/home/github where we don't have an opam env eval $(HOME=/root opam env) apk add jq + # check / print version of atddiff + atddiff --version + # run the checks echo -ne 'Backwards compatability summary:\n\n```' > summary-00-header.txt echo '```' >> summary-20-footer.txt @@ -53,4 +58,4 @@ jobs: run: | pip install mypy rm __init__.py # because dir has a - in it - mypy semgrep_output_v1.py \ No newline at end of file + mypy semgrep_output_v1.py From 7889382988d6ba3a586240fe2ff649981d1dda11 Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 8 Nov 2023 07:22:51 +1300 Subject: [PATCH 09/16] Update lint.yaml --- .github/workflows/lint.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 353cfa74..d4d4310f 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -23,6 +23,7 @@ jobs: with: fetch-depth: 0 fetch-tags: true + set-safe-directory: '*' - name: atddiff all supported tags id: diff From 8293ae5349575af8ad16525a4cdbb0a3bd6dfc9f Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 8 Nov 2023 07:25:43 +1300 Subject: [PATCH 10/16] Update lint.yaml --- .github/workflows/lint.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index d4d4310f..7969e675 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -23,7 +23,7 @@ jobs: with: fetch-depth: 0 fetch-tags: true - set-safe-directory: '*' + set-safe-directory: true - name: atddiff all supported tags id: diff From 97bd493a3dd578991fe0cf826bd92d1c6bf47511 Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 8 Nov 2023 07:28:53 +1300 Subject: [PATCH 11/16] Update lint.yaml --- .github/workflows/lint.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 7969e675..b2d1531d 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -23,13 +23,14 @@ jobs: with: fetch-depth: 0 fetch-tags: true - set-safe-directory: true - name: atddiff all supported tags id: diff shell: bash run: | set -x + + git config --global --add safe.directory "$(pwd)" # github actions sets HOME=/home/github where we don't have an opam env eval $(HOME=/root opam env) From 4c35534ee65cf50d22a6fbd1d1438114d5c9215e Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 8 Nov 2023 07:43:08 +1300 Subject: [PATCH 12/16] Update check-backwards-compatability.sh --- scripts/check-backwards-compatability.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/check-backwards-compatability.sh b/scripts/check-backwards-compatability.sh index 4d160f63..163bfaa0 100755 --- a/scripts/check-backwards-compatability.sh +++ b/scripts/check-backwards-compatability.sh @@ -27,12 +27,12 @@ for tag in $tags; do set +e # do our own error handling for a bit echo "Checking backward compatibility of semgrep_output_v1.atd against past version $tag" - git difftool --trust-exit-code -x 'atddiff --backward' -y "$tag" "origin/main" semgrep_output_v1.atd > before.txt + git difftool --trust-exit-code -x 'atddiff --backward' -y "$tag" "origin/main" semgrep_output_v1.atd | tee before.txt if [ "$?" -ge 1 ] && [ "$?" -le 2 ]; then echo "ERROR: atddiff had an error" exit 1 fi - git difftool --trust-exit-code -x 'atddiff --backward' -y "$tag" "HEAD" semgrep_output_v1.atd > after.txt + git difftool --trust-exit-code -x 'atddiff --backward' -y "$tag" "HEAD" semgrep_output_v1.atd | tee after.txt if [ "$?" -ge 1 ] && [ "$?" -le 2 ]; then echo "ERROR: atddiff had an error" exit 1 @@ -50,4 +50,4 @@ done if [ "$errors" -ne 0 ]; then exit 1 -fi \ No newline at end of file +fi From 23695bc6e47011ddfa7c230bb1cde0a318c8835f Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 8 Nov 2023 07:46:17 +1300 Subject: [PATCH 13/16] Update check-backwards-compatability.sh --- scripts/check-backwards-compatability.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/check-backwards-compatability.sh b/scripts/check-backwards-compatability.sh index 163bfaa0..1a70ab06 100755 --- a/scripts/check-backwards-compatability.sh +++ b/scripts/check-backwards-compatability.sh @@ -29,12 +29,12 @@ for tag in $tags; do echo "Checking backward compatibility of semgrep_output_v1.atd against past version $tag" git difftool --trust-exit-code -x 'atddiff --backward' -y "$tag" "origin/main" semgrep_output_v1.atd | tee before.txt if [ "$?" -ge 1 ] && [ "$?" -le 2 ]; then - echo "ERROR: atddiff had an error" + echo "ERROR: atddiff had an error: $?" exit 1 fi git difftool --trust-exit-code -x 'atddiff --backward' -y "$tag" "HEAD" semgrep_output_v1.atd | tee after.txt if [ "$?" -ge 1 ] && [ "$?" -le 2 ]; then - echo "ERROR: atddiff had an error" + echo "ERROR: atddiff had an error: $?" exit 1 fi From 792b895d66f2a6600098b5a763e13f6eb0170890 Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 8 Nov 2023 07:52:45 +1300 Subject: [PATCH 14/16] Update check-backwards-compatability.sh --- scripts/check-backwards-compatability.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/scripts/check-backwards-compatability.sh b/scripts/check-backwards-compatability.sh index 1a70ab06..6faf3b28 100755 --- a/scripts/check-backwards-compatability.sh +++ b/scripts/check-backwards-compatability.sh @@ -28,12 +28,14 @@ for tag in $tags; do set +e # do our own error handling for a bit echo "Checking backward compatibility of semgrep_output_v1.atd against past version $tag" git difftool --trust-exit-code -x 'atddiff --backward' -y "$tag" "origin/main" semgrep_output_v1.atd | tee before.txt - if [ "$?" -ge 1 ] && [ "$?" -le 2 ]; then + ret=$? + if [ "$ret" -ge 1 ] && [ "$ret" -le 2 ]; then echo "ERROR: atddiff had an error: $?" exit 1 fi git difftool --trust-exit-code -x 'atddiff --backward' -y "$tag" "HEAD" semgrep_output_v1.atd | tee after.txt - if [ "$?" -ge 1 ] && [ "$?" -le 2 ]; then + ret=$? + if [ "$ret" -ge 1 ] && [ "$ret" -le 2 ]; then echo "ERROR: atddiff had an error: $?" exit 1 fi From 717a899d7074bdc3d194e3c2670c0e2215d2bacf Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 8 Nov 2023 07:58:04 +1300 Subject: [PATCH 15/16] Update check-backwards-compatability.sh --- scripts/check-backwards-compatability.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/check-backwards-compatability.sh b/scripts/check-backwards-compatability.sh index 6faf3b28..8066fd9a 100755 --- a/scripts/check-backwards-compatability.sh +++ b/scripts/check-backwards-compatability.sh @@ -27,13 +27,13 @@ for tag in $tags; do set +e # do our own error handling for a bit echo "Checking backward compatibility of semgrep_output_v1.atd against past version $tag" - git difftool --trust-exit-code -x 'atddiff --backward' -y "$tag" "origin/main" semgrep_output_v1.atd | tee before.txt + git difftool --trust-exit-code -x 'atddiff --no-locations --backward' -y "$tag" "origin/main" semgrep_output_v1.atd | tee before.txt ret=$? if [ "$ret" -ge 1 ] && [ "$ret" -le 2 ]; then echo "ERROR: atddiff had an error: $?" exit 1 fi - git difftool --trust-exit-code -x 'atddiff --backward' -y "$tag" "HEAD" semgrep_output_v1.atd | tee after.txt + git difftool --trust-exit-code -x 'atddiff --no-locations --backward' -y "$tag" "HEAD" semgrep_output_v1.atd | tee after.txt ret=$? if [ "$ret" -ge 1 ] && [ "$ret" -le 2 ]; then echo "ERROR: atddiff had an error: $?" @@ -41,8 +41,8 @@ for tag in $tags; do fi # neccesary because filenames have temp paths and line numbers can change without causing issues - expr='s|File "/.*/\(.*.atd\)", line .*$|File "\1", line |g' - diff -u <(sed "$expr" before.txt) <(sed "$expr" after.txt) + #expr='s|File "/.*/\(.*.atd\)", line .*$|File "\1", line |g' + diff -u <(cat before.txt) <(cat after.txt) if [ "$?" -ne 0 ]; then echo "ERROR: semgrep_output_v1.atd is not backward compatible with $tag" errors=$((errors + 1)) From 86a5b0a050bab7d155e37cc31764f088cdf661b2 Mon Sep 17 00:00:00 2001 From: Jonas Bergler Date: Wed, 8 Nov 2023 08:01:10 +1300 Subject: [PATCH 16/16] Update check-backwards-compatability.sh --- scripts/check-backwards-compatability.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/check-backwards-compatability.sh b/scripts/check-backwards-compatability.sh index 8066fd9a..1e525ebe 100755 --- a/scripts/check-backwards-compatability.sh +++ b/scripts/check-backwards-compatability.sh @@ -27,21 +27,21 @@ for tag in $tags; do set +e # do our own error handling for a bit echo "Checking backward compatibility of semgrep_output_v1.atd against past version $tag" - git difftool --trust-exit-code -x 'atddiff --no-locations --backward' -y "$tag" "origin/main" semgrep_output_v1.atd | tee before.txt + git difftool --trust-exit-code -x 'atddiff --no-locations --backward' -y "$tag" "origin/main" semgrep_output_v1.atd > before.txt ret=$? if [ "$ret" -ge 1 ] && [ "$ret" -le 2 ]; then echo "ERROR: atddiff had an error: $?" + cat before.txt exit 1 fi - git difftool --trust-exit-code -x 'atddiff --no-locations --backward' -y "$tag" "HEAD" semgrep_output_v1.atd | tee after.txt + git difftool --trust-exit-code -x 'atddiff --no-locations --backward' -y "$tag" "HEAD" semgrep_output_v1.atd > after.txt ret=$? if [ "$ret" -ge 1 ] && [ "$ret" -le 2 ]; then echo "ERROR: atddiff had an error: $?" + cat after.txt exit 1 fi - # neccesary because filenames have temp paths and line numbers can change without causing issues - #expr='s|File "/.*/\(.*.atd\)", line .*$|File "\1", line |g' diff -u <(cat before.txt) <(cat after.txt) if [ "$?" -ne 0 ]; then echo "ERROR: semgrep_output_v1.atd is not backward compatible with $tag"