From 99af4167dc9879d83b8770b14284466461fc2a6b Mon Sep 17 00:00:00 2001
From: ayushmaheshwari <ayush@devtron.ai>
Date: Wed, 18 Jan 2023 02:58:18 +0530
Subject: [PATCH 01/13] wip: semgrep sql script

---
 assets/semgrep.png                           | Bin 0 -> 8962 bytes
 scripts/sql/108_create_semgrep_plugin.up.sql |  39 +++++++++++++++++++
 2 files changed, 39 insertions(+)
 create mode 100644 assets/semgrep.png
 create mode 100644 scripts/sql/108_create_semgrep_plugin.up.sql

diff --git a/assets/semgrep.png b/assets/semgrep.png
new file mode 100644
index 0000000000000000000000000000000000000000..3fe706e630a44453ee4c7a2f2e0ffc3ad17af4d8
GIT binary patch
literal 8962
zcmds-<xd<8u=QJ7q|gE_R!VVavEovoxI2q3R&>$g4#lmwyF+1dTVQc1?ku*r!{YAT
z=l%z8a=*PNnM^Xt$;{XJ<%Fv!Nq@lng8Ayzs}Hg=5^Aqrp)~zhs2Feln_$cNHvZQf
zRTMNNUtV6W9<FFADfz_}9-kiB_{AvmNm(bE7`VQZrF@}prk-C!AWse@m9;J|FQKq@
z#PuR$51rr)Z+J{%dQL(2QCIZppP|ul<}n79c||q7pO(K|OCVLH+a>lZHXB=8`sOw+
zK7lL)jM9}7?0GCUZB`x}82@djcqJ<#s^PwPm=zUW(DX?vl+Y^itr>>yXFXlZ!Jr$z
zzG0DhG!!Ly#GKRErBaM0B3pO6fFT7k)ZzR3zuW)6Q0F)$#zrBfwI5c%gil_z&OTt!
zPRCU~o)4o3s(DYA(WyN8Pc|;4C=vXn=!06aM;tA-+`EnP0c4pcwgymtcYy`tSv;dt
z9nOOSo{5u^53-z5+tKkBqc=VU&P18A5stSAH^iGKXfM(#FTTzGL?_8e<Qe6xmS%zO
z1FBPdYAyfkI$`Ic4XaT6=Tu*R9Hh7gsT*}{X2PkNsAi6z<7l?HDmJGtd+d}G)s$QQ
zYAmF(PnprFw~%b@Ya4(3=<7?{lpA+sz3e*G7R+WV=Q645_jSpxoBlQ>q*1Vzdox5I
zhluQ~QGFoxq_VzVc4Rf!R&CS8M7Xbmy>T>S)Dz!UcJ93^bu)n$4}dhqcGo4+tI2jc
zTD0F5#joHku_U5a|G`POvSq0HFRMkVmKG+a$0?<!8Q!g2>-M5+9~G7!t;17m=C00?
zo6RQx+JYX}WIvWpXaC(?Y|=y7^0@<;tmEUdRVv_V(GzvVlc3)Q#l8ojL;X{^<>wXr
z(Jqxe7)#eP?;YM0i(8efR%`9M)(`fPM_T8;5(~jtk-6sv-`S2ebeilEw7I2iNJ1Q6
zSeK98K{XXdX^MdDlf6dZajRO(#ch~uy`I!y(2qH<<(+++*ABw@hmGQGC9NH$h=twg
z76SRWMY&}Ul7T;40lQ}vWc1~h>yi@ul344A7Td&!{!{4Bqh3+3fyPf{5?Fqrc75sU
zLWHW<Oz(U<st{7m;aAL~<_bF))IYW51@U(8vy^3A;FX?BS|80y;tvI#5ezrh)q~y!
zmnR1<tt#;Z7h2HpY;?R?Mx6_8vbQHYMCaxAgv$omSBV*TEf!fQZ@Cu>uf;PmKcquR
z>Npl5MzUr)grpui#rv*2&^xz>79U~ceNO(Z{$s`*yxsa4^pEv=Qrkp58_82an&<KY
z?xH^|?HRpN*2VfVU27e=AEDXZXiGP|JyuhFyQFD*rF`vz)9qEK{i~zj(C@nU!FbTs
zwY*KSjrv1RWs>yq*64h$hg`B0giOmB6>6@f{rR6y)VgQq={%<HOAUwmde!aC?BMC{
z*Tyh2W<X1T9_$*xYLii1$Z1@e(rbpl&$u*s(b(4r2{z22g+=uW^F-LrQID>Tw>XoV
zPq}m1)V<OMEO6(C1lUx@q*W&|tKEo=@z&jpKJX{(w+sVw0D=_=pNlFS->SFo$rGyJ
z@x)Pzf)>W&vc(es7u2qRIpW~${lo)n0ynqKbt_cUhfOVj+^x?l_qrYbvNA!1=Mqsv
zgl$)|w(TrM-P+06$X=>XR?}+P36H*=i`P{?_Go^l^~>q|yGUOx!qPYJb^Wg3iK#Ik
z4_24$_BhM!SDRkfD(Iq?i9^vMzT7Qe4A}6WOKn1};V)#?sL7Bc2U^xSwgB(#y}Zez
zyzyqON+1m+`MEASrb0ufwAxab1Zgw0S-=y%t*QRG!FnyUC&`){bNk7XPO*|!xyr%?
zQGME6(E~JzWp7!ztRBxyf;qSF*94R>20Q2#D-jfH^RHc7M>|5QHj}^4eLb!}cE~8+
z_}cKjlcHu#tB|4ruWs+s+J#AIhNFaB*JGnA>DlLie@QZ2jAm?)b!0lpk;k!FIIhTb
zx~I9$r(i7ag_|sg;06!ScNKe;r7V^RQ55@p6>Bs8NHv#1)^f5dyw0w}_=V(W@coi1
z@`!(@n~*kgIUzQ?9$YyEqLB+D@Q%d4bhGkwd?96ye@;+n(O$o!|K2?HnUR6ISBNCH
zad2NUT-;vWfB1@7Z9*BSY~O(g#wRPwn<*BCBvx4ob7#C)!$vpM^*>8xr_?+R?H2fk
zhy8BcoQ>uW*&2_g`-;*o-?^ERab-nf$#`49l3dukbIfO&9yy;e8|2c^MaGG#!~1XT
znK{_l&~QhHa0x{{w3W{g%-#&*F8QlIM&V6qpcJmE^zoRghT>8#qeOgDRK<{0PK3)E
z@Qc)QBv5TWiN|{*n{SDxK~Aeke$*wI^;4IR%gB`)e>uMScnQZp9$ud2w<W=@WDNP!
zrSERLyf{tL^<jYyI`nbf%n=?Ss}w|Tdp5b4$bgej#gXk)bS-W7RiM$ioH}>1o{2FY
zz;YMWcFn;-uk<-}BYB_lSGZyitFP(>;J3PAj9BnedhcFp(RhUz$=S$~!hQ9_MwS)0
z2ZT`oPRj=wezyaU7CSh}85g^4HNJdhtC|#_4&^@VVLap!h!3hmhLAIYzLhAzNzm_m
zj%^tE`hTA%m)SFM?AcBYITBZ|Nf+YEShJ=U$i!<X8*|Utm(wICVMY)BW|s}#clcOI
zPo|~2{ViHC*tW&cavEo83hzjc=|1}sd5XbIP02*^M3KDHOS?W#k1G$z^){i+gQf~r
zCdyQJicO%dr~E4T*6P#0iS4MDT;IA5iyDNkUJ`b0dJ=82T6L~o*sWF<rIYzLkNsPq
zGd3U!>c3+8r+-|!GN1XbVsu#OAAvej?{Y=1)Ww)7gH!ptUFnIzlC`EixKOzmZ$r@W
zb(z<kU`bDJt+x!j{S0}GUiv%g_2k1B;NM_NxFEbLZFyY}bqw$ho1zupPWTW3$46@+
zy$k7sr(bQis1=fu)OP^w0Nd&=52l~GuV^#}j%u2e<^UgxzKJ2!`77{~cSZ(ee3}+C
z4hGpp<Dx|HOC4S(m^6x13eSLIgtv_JH8J0SXSf<Gj+J<#Y>5v>bxm&lO-nt5!t}yL
zc}B!0{s9JH5J@q4R}dTgDe48fJ*qmh=_%%il9#;ULX7P;{xAzFx>DnlO!R0OpqJ>O
zsJ+ln5r1U8#HyCryid@am~QH3(F}ulMD$akB6Ab8(|11~Sw34F&v%welbZHCQbNsr
z1rLq7^GQXh%Y9`-+f?FodCME3j*|ivovva%0pqVlcn08JbyL%C3^&R;X#3L>ycRu_
zkGg-d=I%*FX0mdGZ4b3di-GL5GormbmsEMlFV(^7Crh5Km?ktz$X`{v#YxdTMb~^j
zVxSlX^}OxuuMscpWyTs=?9#qj6-YVLG8~Uow#VV|hWGSS?NVWz=v6;aZO=pG1=g~0
zrc-w%iw7}wH8C${S}jXF2ty_dN;D5n&~bJ1P)7F+{$c7y9*6sHMT%}*e^B1lOy{f`
z?lj9BGW5%;k%gh(X6?T}6@TYsdwO%H^;n?`I^znLP;|1z$sr9ItbJpbj(p)?K66_t
zzW#)POtx{v%<jXS%0zn0H4l0Nwn}O%Z){P9HvviaMrdZBK*#TC8HsX#>OA2ZQU+-5
zpqx~_nG`+9rO`7u(|7gVjaA{}L&jOO*_@cquWa4s&$k{E#hTC~wx^Fjt#`796&n_0
zH~y@|>%#oB(&m&tc&wj>Elwrj>U2ardF)Ar7kd94+hkp#3c#9ab8ar~I4THE$#Hgv
zj6^CVeG@Gg33YE%Q~NUA6H3(PfcM}JxaTPSvfOB>yA<7XHM1>sAGAwN?4SF01TdZy
zm;D(rZZL9)$>CJHaoU4}B)rxF5S-_c$uZ`Q!aqth3AZeL*M)_DlXI(5#xX$-T?p6Y
zD&vwIkh{K#Ss!vTeoqutjwnY^*Xw7bCy~YUcW*11VG_4o#ehGxrxD5w+w`agI~Xjq
zkdFDl<@Rdo)F`P1{UC?K<*<%ihn58&`9?|4Hesn4K&B(fsb6nm)!dCmptFhIFHyDf
z!A6+7#J*WPo2FGS-CQ*3eb&P6P=UjpO(E>l0T0ihH3TuX$@7P{4HSBC_pBi4+C&i~
zXZ9>|T`5_k2*L`HkyDEdHL33U{bBz0#m|BE(s!-6%?r=ou^3@T5=e1o`8g_j%Qk(!
z8Sd%_d)DpQ;b#8i4xcs2ac3co?h-(yeIW8PrSo_|2CLqzU81Z^-QBZVLR!U4u0zlY
zPAf(O8U~ZG<AdBu$3vfdJC^Nk9;Vk_ebV^-HryBZd3e`Y?ZLxcx&q{ZgXY$HS<B|z
zm{^r_h;`HD>5$E=7d3<RsR0L_H&W{v^jM=1sF`X{_``F1>`$jQyUOvp+)*a`g*C9n
zcd<>on^u*SC+M2X&6kHi&es0(#s;cO!LV`8H?SfPPWx=$PbXqdv`!5jAs9Cg>A}-u
zG5N_ymV_GyJOQxr_iW<<&DO0&t+d0t_j)9~#wYE}%EHIM1)YIq)I&|a&(<j-HiK}3
z^;+h|pbwXR+H{SdQKjB=AuRl10mBw%34wL6l9DFXmiwGl-;a%4giS21PerMKCRnT%
z#~ec?CSkM}JLW2%cIV*2p<W4Hb<>6;6-L`K!%F+o=23#>pjnv+&QdRi4LOZ@<}^ZR
z&?OB(panxs+v1U)*S*Y8=N0mLn606&zy<XnQeXjsH)4pXI-xwHg=HgS^N~#+&8Tr)
zb~m0@czpwb+ePJ@Z~qX*3$N`vgr+XW3SudaVcYnGJC(R@vw?0a=&ZgqQE@YLu_iau
zL5jgR#n1+sKdZ7c%r@mRhXn2qoEuA74I9X*a*X2$_0-5-hY@q|ZNvso-qa8&bp?3&
z(sdQUV8bIy@vr^$DOAKPsIhL}`CD25d(*gEZ8dT*?IYiznEFHzr<0N|fT)7>XdfjL
zow`0{Vmrc8bnU14cr^Rjsfk)mfrmL~pC@m`Lk9DqCM?<mT<X9p@9lCEYqvps>~X@n
zH>!MLMX@sv62#F<^;!v7c}}HVd@d(Pi2X7nY-~pU+C|`6B7`xBzGT!XrZR*%rdF(~
z7#Pmc@R~a&>CBU=O(4jFD!c~-32*M&*9;;}+lnG#Sw3|f!(KX7e!YPfL^Spm{aarK
zx1pm)ET`8N3#hC~KW7j1$Az`U>wY+BL11Ukt&z;WH(ay#oK(>BY@11+a9P&f3T~f&
zx+sg!e6VUE(x|m|M1r}~U+6_er?NW>i7@FC<LbXVZ>9$<B)lX4c}~%(VfczB<>K0N
zW%pG0S>m7=T}q!50jnXce3)s^ItEr7?GRly%2keeMj#HyN-kG;<nJ0=tOmKK+w1h}
zDAKU%p9VE=oM#BN7#6>pH!0ZqiM-k<+E6@QFN{Ju5Zn66H=24i-OE;PJJQ-$wHlGy
zbmKI(>_2<I?_uBkwQJolE+Y1EMDG)=36TXl`jf0ke~)wk;4!hJ&o;YZPYRRJuAJ8B
zNSXKj;4gtyR#*Juw{F>0q4%3T<e4_gBOHh61B4MUPQ%et)u^o-XV_TXIVRoE^6AvM
zPx|-Q_OBy#&#zGDkQdBh!w{%_DBkGHr9&poaC&G_h_@`RD{S-3o6q)z-L{WU7TFV3
z=e83l>1uKzwuooR(n-*q$X3svg?%_zI*$W>)-oX<8HAPBf1E#odYs>o%B@U`)+e%0
z1=OKR$n;yry#Qv68eh@Bh{<P`mM49^{a@ztf6*;jr-y(_G-dF(63U}=>~wzSB9AzR
z*%2QQHJ0d<+{l)j>YT3nF(=oCX|1Q@Rm`74R$^-cdu|Nk2Yg?F-_m_5=JtReCLi*#
z+($m@2rV*MKM~GU{BV99Gk_rDFTau*d1m%+{w=-5Qlk^WfxY$14P^&~?1QAac19FX
zb=o+$ey?P9fQ@Orhv;<-YS|MDSUx?&|1;UWDw6eJogUSlW{Y;ROfHZJq7d#N*g1}Q
z`r~gL7v|rXrq>|L4izy5H22&%ol?%KrpO9lCqnHO{F)36Ojj4gXgK=Sv>Xw*g+eCv
z%UX80+<?0)D{%=s0JXCR7kV!Qz#?WbW&i%>JLab(Mh!Q|P`lE0N)`pNS7fMnG}KF8
z-&kx@#F<W;euq-p(K{_}L}zt652@%?q=nNI)mJh;S;G01(0w0cS3UNjJ~ZTey41?Z
z8=dI^^*6hZ`Q$BSPH3dLns+q>DQ&8W*q^0kwNvynJ_gAoyO^~ee#Mbgc5)H>7DfD%
zzFuF4e#Q8lc1EeMS_#wDh`({8v!?ut`v|$mHq+c{C(>}pDtOSCp?>YszV#;0CUa?e
zRMf?=uy`_iwfL5hDgBK{hv_e#C$?#<RLu%?rI5vVv=8f4)J$|^56OF+80qC|hPr0G
zOo!lMf&)(??xN#s7gN)2){x|(#@5fWe3*S6-zZByvt~rZw)FHal9sl5g7vewR|#+%
zy-^+DYvoUo{RWFrV^UKR{1eQ`KTX7Wc$7+$rnB;siV-}PrD4lzE6^^ED7!ej^nIjE
zchrG#yjFS+aYNX0UbUU?Im|#UB3CepbR6dHj<SXqrWf0hWzbnq9k;j)T>~#gqT1m3
zmg#NGJ>^>&+Zlx5Q>DYNd;F-(6*GmoHmBijw-1F`;w;ez=dHEa@Loj-vu3aYhyAe^
zt`KSs-t;@k*)WM?ywevn;EBXTD3<fD$@Y&HeL*2}i8LCa;J-<&5-5lyVI_HnJw@mD
zUvLjivGdN`e(!y=H_=Vy&NWqFd1I79nc?RS5Ju~=*FdVb+KH>6x~|Lr4DK*ut*na`
ziI5uO%1qx(4H+{ldDPN00ewtqILLYSCL;~+=p0DYW!SK~0|c=Vn}vRa7H3KbEJ!VE
zQ#pjm5I9T^dbQ$?-eYpz)J<AXT0MwNMCm5@=em~Nx7Qzx4a(SVL{zzTTf~<GhHI_k
z$W|3RqLMQx76uG{2KtH1K?A6cE&-<C5+;~J%TD><UhBM#WQoiWm01D-rAfOC=*$fe
zOt{NgstnpVmloGAqoq3Pt^BUj&uQ^N_$J}opIM6C9vH)E-PQ`0S(eG49Cn<R`Zx8-
z_eNlXMH?Ls(EG<<4@NXnkEVxx^873=?Y|@DWzM5;cF<eDe#dtVf-4Qhf9@k_wJ|d=
z>TB1In#I`nocsi19p?@^NA(9XNZt&&zv}N;2mK@2fN-nqC)6ZT{k6EzhLf*XW;4>6
zWQpwKor|?y%xWvAh`S$uI{_Lmo?lZpP$b;E=8UMLooh;%9m=g9AjS}_y}64RE=t0A
zIy#ZpqO`b=KINFsmrgCUCkS)Lb#5&9B3IP%R&(2@Ww_$&YS_QhDnH(L#S9X~lm`@<
zsCY?}vh)|d<-^)I7J`OJn|vFET8_0rK9h+3*K-BiaUUG8jzpg(6PP>JggR{*fkIQd
zWfGha3om5WC<<8ZRgy4q>G^Lu;BJBuSD*DFWEW9v-1kts9w825>|yo!Lx`tF=c^#?
zU8O?N5W&CzhF)L}Gqp;h>nUq?WsLJ=GMzxC(ai`5<#G3zG!=E|UkS@Q_24E|cPR^A
zaUGLb?XyxvQdJkG0Od8oSVuU|Xhjfv-)-Vqa473h7gMB|@nenYSI1m(ZBzitMSkKu
zrpoqRRDfDSj<fhyD7}{u%HWgt4xz0xFK$5U?kF|(jgo&Lo#eV+@M#tt8PdIvQ?AWR
zE9^HkkU;TGwAze7!)gcT&f2*ILr3^=G(MJcI+{B9bFr1PplJ2!ey2IbNeh~=?}^Vs
z(zp`G4kS<rb}y=n`pF}i$<>^z_@Fm#-(X%XUUIIT_-t15HN*qm&z~ciig<271C8!p
z!0K0HZL2Ko3q$?Or^yOMv~5JlY(b@Wi6+xfBFg>&dQp?vl2dHcWl<U=BK#bF=13tF
zYP=YquZY5^fPg`SP30E>mZj2X0{{X7lAs^S50YgFH)4;-BPyv(<5us^Dw!NPy>Q<Q
zz`kGvLEYCXMR_x-;(1yC+U$HFL0eb?6Run49>}GF!$69zCG>CC!k0;x9DmeDL&@dV
z9Z5)#_QlOPTN*d(xU^ry&;_Pk4X7`QSb}MD1|#?p@;5)iVcUPCjoZViqFYXdmL5y1
z<&~Do&v8=qZHKvJUie$b;3|51T_Up-N<+_z(VoOUmKX4eftOxi!>jiv7|fDXo#?T#
zuipLlBsezRM%Yp)CN!qsq)qZu9~~!i0nBS`*!owbJzlC5*CGZ~N~M;5td;!{M>|fg
zj&O-vIBVJk5?q(ss0OPWK4l3cA)89Ym?z+)KVr9@ZwCaq8bBOIik{1^Zo0sCGFg7=
zPg2ScA8!nQ^%AUSxUQpBGL`i~tp)~GfCS0fY(1+Uq!j88s5WfU@MR6ALbYH^5bHFt
zv^byeXV~zBUQBq~PJ^?$|3j@dovB;^Wr`_VR1>hg*j)JShA)l=L6Bttj{41a$0wkd
z+Xj2WGIRg@m%<C{o)V`O#z~J#rFBmrS7bBH{&Fyk#6v+1$Vkwn{{3;;-@y=gx*=O6
zFsW4ypc?T9JSJJ?3A`m`@f&YK>`B&(?Vy2Kjx8F~bch|>Ku@2?93)M9my0mLP)MZ|
zM9mc_8ic|t&#K?9^lgTo%7AOntQxPWW1wIP(r+rGk*Cx6il7O-w0khj`e{PXZC0to
zvQ2~18+|<fp(rLh)-3jr>lctTcnq&2d_j|18YTyF->iUR{^z**3gyFDI@1MG0=b*&
zaB{vl)ID16h@)0wbi99DONG>;-YFe4G|?Y^)sk=mImBoY1SK$qJ%G#BSZl*$no=r7
zYSd7>!XD5|i*_6_<wk=PpK8vpvw*?Vp`85EHjbc%Ko3Kpia%nOo~^TDQwlI(E{e;4
z%qCAbb6+B-MX+@Xvs<{cc#64t**{Jb)CJ<E95hXLp|H>saPuFF0!3|r0Z+7oFAXpM
zCd<0x`>@I|J9vi)621)d;>kZx`#zk{IWE~Q5u$gkv&}R1@K@%je<e9*A-5|So!;6k
zGeX%Y=v%xv)^dC~^jV~mn7u+qimWx2QAC$v&Pt>%{?L@PR$Do!mWf7=Wa{TiEm?Y2
zv>S`bXN(gcR6@pg=Cgvs_dWEdUl1GnW!=I+KG36Wypgf(vT7uFXidw&Km;<!lsHM5
z78ou}21WApTyK$S@fR#_4t_);IW5L&|A9t-1c|U&Eo_3zaP__MlnJ&zln8jbZ<qTk
zw+!Zf!Re3CXPYv!dcK{<5Sirr%M@nKU&*xf&q}GRM%Kvd{#XFsOti7VB3^YFRd2eQ
z%!D!2l=FUR(-!qU%gOHg04!wC*eZ0`+MG;cmQCW|<^rmt<@-J%(z3^DXm1J(bh=EA
z6Fy`iH%FHsCXdrGxmcjDJMcYUI~&){%$53jr6lRtQlGgvdGL6~!f9cyFJ4_`s!R7g
zORDpHiXx{aOGU~QYGqR~)@EL3ded}{>_Yz=wIdy+?fixq=x?a?GjcvwuROE{tL_wp
zdh7&5wMWyk*T%`hx4dc))F&+#<O=&0GV|wWwEKnnWf&k{r4XqQkR_N?9_$iF$TCY(
zu-KbQsV)>1gr*9o?CAyjGzlD@hry0WaQp@ig(DtTjQu;|caD1sx1#L^K8k7l`ogiZ
z!|xorIL^nVD(!kd?a9^ob`e6mn^g}=8fN`^?M*#a@wq#AoOaMF?TprZ2FiVhH(H~u
z#TFN5jfKJ^mR|{M-58O`CAo$rgmbrwe@o*nx-6k0Yg@UsZU9W}s(KzB+qZb6zPkw2
zSTBr*A(~e*%ww<7r5dD&#x~^DEpaD}r;zKdjWr2)K1D(s>8{kri5I!)uil|8;S85k
zi?^)s`|k5xYO<L>G+KS}-MJ>F-d91^%?|@`EG#%J?AGi8*Imae>oOEvYds+^(7SDo
zt|5fvoHqGf{@14zYZq%!%js3%)3y~%njP7hk$_tFp)KoxgCwNiaYehM(P}oldyOu@
ze8CpZOdrG|$ei*99CTBt)*o6};s}C4vvBXci_Fw#6Ii7h;&=-DJC{9kheZr@3zw%Z
zuLtgx=IF}le<U#}WZCrz;6uCb&J*PLR^pg1o4q0w;-R+f4O-O+Fz1vZT?>jWlR1}y
zhLUC3RQUDfuImqc|4x0JAdcm{AeX2MA-_3M8iW1@`Jc5{7v4`<3$v}4V5O|uE&+$x
ztuhv%V06LVhj2lkEI-o`cpS;{$F;tSKTF!vbi1M_h5r!^ryVy7ri)V-Iv^#re&(D5
z6yGGm@FjB`v77;4{FASoZ>aqFNn)!qDo&Emb#AmeFG8F%V!)0?mEUlMyaF5VMkS$e
zAPkm$g?C>nzqymY%-uFkZRh^(L|j-ae3^ByC<O5qn=P#_r(RjCBgadAu9`eziE`p>
zEE8`k1V<T^^Y^JjZ-w93@r|TqwjwE|rqs!{fsTlJ5gW2FXB$ObWXcSUG=qS-n;hjN
zOt?YF2OD(PypTmU!`*un6MQ^tF(Z5-D}>tMa;UxBojJmA*&&}s`9VV}VS-Dq#qJPW
z8Bsx8bV^i7V3yK^eqc+a?T%xiHw{wl6M$5)={Awjr<kaA>jUT7TZcWCU@<NRPJ~y=
zQg+|?M!#(TJac8*bn4pgkXB#FO5bs78+&9=>%X9JBm_=EJq&_Ngwt8aVG~PBkLvxV
zj7k-XFAqn7@dw@ZR%UN(H^?UsmaGmYeJ5oF@1n|=kM^xaG@Z)&v~hxtV*2egHK)JI
zAP3hxgq2+Q@k`EDX5f!u%Z(;lNs8{glHW{gpuD8D%u{WgKBf!Q_tIvDb1n<bnX@1N
zizSHsZx+Dxeu5l+HJja)-tn*iU`VF(LtH7laB6#vW_A)3<K3TI>%ROuC)z+aTdV7<
z;UB0qf42C{N@m%SiF=(|QIh3zC{E{B?<Y;9>{idqM)A1oPfCthWhmG5xaHnFF@&v2
zNdWMx2G2Ve@ZK_K%bADVk~y3eU;I-j>lFOW)@RGlT5=Y`8J~BhbooFxZikHuLVOx|
zVvOV1*LVnTu@~w8PW|g_>bGFHt)!=AcA2azy|VX77=UUQ@;U`YOR3(&q|$)@ECi_g
zr|C9Y!<g8~jYWaX$18^1@m|q?I6}`mt|8a@@Ty)?Aklp1j`YF8ov#N%$)#&sP|{+P
zZbo}&Nl4Oe#t+po?GgN4<&dH#U=dXg>0PN+u+EK+Op)#w(`lt!3e>BEJ}NXfP|XUz
zZBo&hKv+G&kKq}!;6eUop3S)!qU?!T>2LN=o*c>cUVCh1AR1~&-<j2(QghORou2Qo
z+iclXxs5hU^qe>^vcy4$hgl-N-UM!usC_0KzuZ5;Wv0Wk(5W5P@ww~q|4K6cFBIhe
d+4}-`dELp<{qvO>&8Po0$x13oREik|{11^ENZbGb

literal 0
HcmV?d00001

diff --git a/scripts/sql/108_create_semgrep_plugin.up.sql b/scripts/sql/108_create_semgrep_plugin.up.sql
new file mode 100644
index 0000000000..bb6c4ac257
--- /dev/null
+++ b/scripts/sql/108_create_semgrep_plugin.up.sql
@@ -0,0 +1,39 @@
+INSERT INTO "plugin_metadata" ("id", "name", "description","type","icon","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_metadata'), 'Semgrep','Semgrep is a fast, open source, static analysis engine for finding bugs, detecting dependency vulnerabilities, and enforcing code standards.','SHARED','link_to_icon','f', 'now()', 1, 'now()', 1);
+
+INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 2, 7,'now()', 1, 'now()', 1);
+INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 3, 7,'now()', 1, 'now()', 1);
+
+
+
+INSERT INTO "plugin_pipeline_script" ("id", "script","type","deleted","created_on", "created_by", "updated_on", "updated_by")
+VALUES (
+    nextval('id_seq_plugin_pipeline_script'),
+    '#!/bin/sh
+set -eo pipefail
+PathToCodeDir=/devtroncd$CheckoutPath
+chmod 741 $PathToCodeDir
+apk add py3-pip
+pip install pip==21.3.1
+pip install semgrep
+cp $PathToCodeDir $SemgrepProjectName -r
+cd $SemgrepProjectName
+export SEMGREP_APP_TOKEN=$SemgrepAppToken
+semgrep ci
+cd $PathToCodeDir
+',
+    'SHELL',
+    'f',
+    'now()',
+    1,
+    'now()',
+    1
+);
+
+INSERT INTO "plugin_step" ("id", "plugin_id","name","description","index","step_type","script_id","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_step'), 7,'Step 1','Step 1 - Dependency Track for Semgrep','1','INLINE','14','f','now()', 1, 'now()', 1);
+
+INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value", "variable_type", "value_type", "variable_step_index", "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
+(nextval('id_seq_plugin_step_variable'), 7, 'SemgrepAppToken','STRING','App token for Semgrep account',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), 7, 'CheckoutPath','STRING','git repo checkout path',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), 7, 'SemgrepProjectName','STRING','Semgrep dashboard project name',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1);
+
+

From 8b929e70851eff1c916a67348bf6f28a72ef0ee5 Mon Sep 17 00:00:00 2001
From: ayushmaheshwari <ayush@devtron.ai>
Date: Fri, 20 Jan 2023 12:40:03 +0530
Subject: [PATCH 02/13] semgrep sql scrit

---
 scripts/sql/108_create_semgrep_plugin.up.sql | 68 ++++++++++++++++----
 1 file changed, 56 insertions(+), 12 deletions(-)

diff --git a/scripts/sql/108_create_semgrep_plugin.up.sql b/scripts/sql/108_create_semgrep_plugin.up.sql
index bb6c4ac257..8f4e205390 100644
--- a/scripts/sql/108_create_semgrep_plugin.up.sql
+++ b/scripts/sql/108_create_semgrep_plugin.up.sql
@@ -3,24 +3,64 @@ INSERT INTO "plugin_metadata" ("id", "name", "description","type","icon","delete
 INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 2, 7,'now()', 1, 'now()', 1);
 INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 3, 7,'now()', 1, 'now()', 1);
 
-
-
 INSERT INTO "plugin_pipeline_script" ("id", "script","type","deleted","created_on", "created_by", "updated_on", "updated_by")
 VALUES (
     nextval('id_seq_plugin_pipeline_script'),
     '#!/bin/sh
 set -eo pipefail
-PathToCodeDir=/devtroncd$CheckoutPath
-chmod 741 $PathToCodeDir
+chmod 741 /devtroncd
+chmod 741 /devtroncd/*
 apk add py3-pip
 pip install pip==21.3.1
 pip install semgrep
-cp $PathToCodeDir $SemgrepProjectName -r
-cd $SemgrepProjectName
 export SEMGREP_APP_TOKEN=$SemgrepAppToken
-semgrep ci
-cd $PathToCodeDir
-',
+
+CiMaterialsEnv=$GIT_MATERIAL_REQUEST
+repoName=""
+checkoutPath=""
+branchName=""
+gitHash=""
+materials=$(echo $CiMaterialsEnv | tr "|" "\n")
+for material in $materials
+do
+    data=$(echo $material | tr "," "\n")
+    i=0
+    for d in $data
+    do
+        if [ $((i)) == 0 ]
+        then
+            repoName=$d
+        elif [ $((i)) == 1 ]
+        then
+            checkoutPath=$d
+        elif [ $((i)) == 2 ]
+        then
+            branchName=$d
+        elif [ $((i)) == 3 ]
+        then
+            gitHash=$d
+        fi
+        i=$((i+1))
+    done
+    #docker run --rm --env SEMGREP_APP_TOKEN=$SemgrepAppToken --env SEMGREP_REPO_NAME=$repoName --env SEMGREP_BRANCH=$branchName -v "${PWD}/:/src/" returntocorp/semgrep semgrep ci
+    cd /devtroncd
+    cd $checkoutPath
+    export SEMGREP_REPO_NAME=$repoName
+    if [ $UseCommitAsSemgrepBranchName == true -a $PrefixAppNameInSemgrepBranchName == true ]
+    then
+        export SEMGREP_BRANCH="$SemgrepAppName - $gitHash"
+    elif [ $PrefixAppNameInSemgrepBranchName == true ]
+    then
+        export SEMGREP_BRANCH="$SemgrepAppName - $branchName"
+    elif [ $UseCommitAsSemgrepBranchName == true ]
+    then
+        export SEMGREP_BRANCH=$gitHash
+    else
+        export SEMGREP_BRANCH=$branchName
+    fi
+    semgrep ci $ExtraCommandArguments
+done'
+        ,
     'SHELL',
     'f',
     'now()',
@@ -32,8 +72,12 @@ cd $PathToCodeDir
 INSERT INTO "plugin_step" ("id", "plugin_id","name","description","index","step_type","script_id","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_step'), 7,'Step 1','Step 1 - Dependency Track for Semgrep','1','INLINE','14','f','now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value", "variable_type", "value_type", "variable_step_index", "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
-(nextval('id_seq_plugin_step_variable'), 7, 'SemgrepAppToken','STRING','App token for Semgrep account',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), 7, 'CheckoutPath','STRING','git repo checkout path',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), 7, 'SemgrepProjectName','STRING','Semgrep dashboard project name',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1);
+(nextval('id_seq_plugin_step_variable'), 7, 'SemgrepAppToken','STRING','App token of Semgrep account',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), 7, 'PrefixAppNameInSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{branchName}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), 7, 'UseCommitAsSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{CommitHash}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), 7, 'SemgrepAppName','STRING','App Name will be used as an extra metadata for publishing results',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), 7, 'ExtraCommandArguments','STRING','Extra Command arguments for semgrep CI command. eg input - --json --sem',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1);
 
+INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value","value","variable_type", "value_type", "variable_step_index",reference_variable_name, "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
+(nextval('id_seq_plugin_step_variable'), 7, 'GIT_MATERIAL_REQUEST','STRING','git material data',false,true,3,'INPUT','GLOBAL',1 ,'GIT_MATERIAL_REQUEST','f','now()', 1, 'now()', 1);
 

From 522f11dc3a0876d33ed696685f27ca28b1c9056a Mon Sep 17 00:00:00 2001
From: ayushmaheshwari <ayush@devtron.ai>
Date: Fri, 20 Jan 2023 12:44:21 +0530
Subject: [PATCH 03/13] wip: adding down script

---
 scripts/sql/108_create_semgrep_plugin.down.sql | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 scripts/sql/108_create_semgrep_plugin.down.sql

diff --git a/scripts/sql/108_create_semgrep_plugin.down.sql b/scripts/sql/108_create_semgrep_plugin.down.sql
new file mode 100644
index 0000000000..1f4130591d
--- /dev/null
+++ b/scripts/sql/108_create_semgrep_plugin.down.sql
@@ -0,0 +1,6 @@
+DELETE FROM plugin_step_variable WHERE name = 'SemgrepAppToken';
+DELETE FROM plugin_step_variable WHERE name = 'PrefixAppNameInSemgrepBranchName';
+DELETE FROM plugin_step_variable WHERE name = 'UseCommitAsSemgrepBranchName';
+DELETE FROM plugin_step_variable WHERE name = 'SemgrepAppName';
+DELETE FROM plugin_step_variable WHERE name = 'ExtraCommandArguments';
+DELETE FROM plugin_step_variable WHERE name = 'GIT_MATERIAL_REQUEST';

From d8eb81b1b7439e14c45f4373e3a654f776708cab Mon Sep 17 00:00:00 2001
From: ayushmaheshwari <ayush@devtron.ai>
Date: Fri, 20 Jan 2023 19:26:42 +0530
Subject: [PATCH 04/13] correcting sql script id

---
 scripts/sql/108_create_semgrep_plugin.up.sql | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/scripts/sql/108_create_semgrep_plugin.up.sql b/scripts/sql/108_create_semgrep_plugin.up.sql
index 8f4e205390..2d5f92f676 100644
--- a/scripts/sql/108_create_semgrep_plugin.up.sql
+++ b/scripts/sql/108_create_semgrep_plugin.up.sql
@@ -1,7 +1,7 @@
-INSERT INTO "plugin_metadata" ("id", "name", "description","type","icon","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_metadata'), 'Semgrep','Semgrep is a fast, open source, static analysis engine for finding bugs, detecting dependency vulnerabilities, and enforcing code standards.','SHARED','link_to_icon','f', 'now()', 1, 'now()', 1);
+INSERT INTO "plugin_metadata" ("id", "name", "description","type","icon","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_metadata'), 'Semgrep','Semgrep is a fast, open source, static analysis engine for finding bugs, detecting dependency vulnerabilities, and enforcing code standards.','PRESET','link_to_icon','f', 'now()', 1, 'now()', 1);
 
-INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 2, 7,'now()', 1, 'now()', 1);
-INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 3, 7,'now()', 1, 'now()', 1);
+INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 2, 6,'now()', 1, 'now()', 1);
+INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 3, 6,'now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_pipeline_script" ("id", "script","type","deleted","created_on", "created_by", "updated_on", "updated_by")
 VALUES (
@@ -69,15 +69,15 @@ done'
     1
 );
 
-INSERT INTO "plugin_step" ("id", "plugin_id","name","description","index","step_type","script_id","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_step'), 7,'Step 1','Step 1 - Dependency Track for Semgrep','1','INLINE','14','f','now()', 1, 'now()', 1);
+INSERT INTO "plugin_step" ("id", "plugin_id","name","description","index","step_type","script_id","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_step'), 6,'Step 1','Step 1 - Dependency Track for Semgrep','1','INLINE',6,'f','now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value", "variable_type", "value_type", "variable_step_index", "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
-(nextval('id_seq_plugin_step_variable'), 7, 'SemgrepAppToken','STRING','App token of Semgrep account',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), 7, 'PrefixAppNameInSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{branchName}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), 7, 'UseCommitAsSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{CommitHash}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), 7, 'SemgrepAppName','STRING','App Name will be used as an extra metadata for publishing results',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), 7, 'ExtraCommandArguments','STRING','Extra Command arguments for semgrep CI command. eg input - --json --sem',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1);
+(nextval('id_seq_plugin_step_variable'), 6, 'SemgrepAppToken','STRING','App token of Semgrep account',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), 6, 'PrefixAppNameInSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{branchName}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), 6, 'UseCommitAsSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{CommitHash}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), 6, 'SemgrepAppName','STRING','App Name will be used as an extra metadata for publishing results',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), 6, 'ExtraCommandArguments','STRING','Extra Command arguments for semgrep CI command. eg input - --json --sem',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value","value","variable_type", "value_type", "variable_step_index",reference_variable_name, "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
-(nextval('id_seq_plugin_step_variable'), 7, 'GIT_MATERIAL_REQUEST','STRING','git material data',false,true,3,'INPUT','GLOBAL',1 ,'GIT_MATERIAL_REQUEST','f','now()', 1, 'now()', 1);
+(nextval('id_seq_plugin_step_variable'), 6, 'GIT_MATERIAL_REQUEST','STRING','git material data',false,true,3,'INPUT','GLOBAL',1 ,'GIT_MATERIAL_REQUEST','f','now()', 1, 'now()', 1);
 

From 9d530439da6823e270386579991b86bdbee6d189 Mon Sep 17 00:00:00 2001
From: vikramdevtron <vikram@devtron.ai>
Date: Mon, 23 Jan 2023 14:54:52 +0530
Subject: [PATCH 05/13] fix sql script for semgrep plugin integration

---
 scripts/sql/108_create_semgrep_plugin.up.sql | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/scripts/sql/108_create_semgrep_plugin.up.sql b/scripts/sql/108_create_semgrep_plugin.up.sql
index 2d5f92f676..baa37d1c60 100644
--- a/scripts/sql/108_create_semgrep_plugin.up.sql
+++ b/scripts/sql/108_create_semgrep_plugin.up.sql
@@ -1,7 +1,7 @@
 INSERT INTO "plugin_metadata" ("id", "name", "description","type","icon","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_metadata'), 'Semgrep','Semgrep is a fast, open source, static analysis engine for finding bugs, detecting dependency vulnerabilities, and enforcing code standards.','PRESET','link_to_icon','f', 'now()', 1, 'now()', 1);
 
-INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 2, 6,'now()', 1, 'now()', 1);
-INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 3, 6,'now()', 1, 'now()', 1);
+INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 2, (SELECT id FROM plugin_metadata WHERE name='Semgrep'),'now()', 1, 'now()', 1);
+INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 3, (SELECT id FROM plugin_metadata WHERE name='Semgrep'),'now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_pipeline_script" ("id", "script","type","deleted","created_on", "created_by", "updated_on", "updated_by")
 VALUES (
@@ -69,15 +69,15 @@ done'
     1
 );
 
-INSERT INTO "plugin_step" ("id", "plugin_id","name","description","index","step_type","script_id","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_step'), 6,'Step 1','Step 1 - Dependency Track for Semgrep','1','INLINE',6,'f','now()', 1, 'now()', 1);
+INSERT INTO "plugin_step" ("id", "plugin_id","name","description","index","step_type","script_id","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_step'), (SELECT id FROM plugin_metadata WHERE name='Semgrep'),'Step 1','Step 1 - Dependency Track for Semgrep','1','INLINE',(SELECT ps.script_id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false),'f','now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value", "variable_type", "value_type", "variable_step_index", "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
-(nextval('id_seq_plugin_step_variable'), 6, 'SemgrepAppToken','STRING','App token of Semgrep account',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), 6, 'PrefixAppNameInSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{branchName}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), 6, 'UseCommitAsSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{CommitHash}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), 6, 'SemgrepAppName','STRING','App Name will be used as an extra metadata for publishing results',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), 6, 'ExtraCommandArguments','STRING','Extra Command arguments for semgrep CI command. eg input - --json --sem',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1);
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppToken','STRING','App token of Semgrep account',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'PrefixAppNameInSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{branchName}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'UseCommitAsSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{CommitHash}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppName','STRING','App Name will be used as an extra metadata for publishing results',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'ExtraCommandArguments','STRING','Extra Command arguments for semgrep CI command. eg input - --json --sem',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value","value","variable_type", "value_type", "variable_step_index",reference_variable_name, "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
-(nextval('id_seq_plugin_step_variable'), 6, 'GIT_MATERIAL_REQUEST','STRING','git material data',false,true,3,'INPUT','GLOBAL',1 ,'GIT_MATERIAL_REQUEST','f','now()', 1, 'now()', 1);
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'GIT_MATERIAL_REQUEST','STRING','git material data',false,true,3,'INPUT','GLOBAL',1 ,'GIT_MATERIAL_REQUEST','f','now()', 1, 'now()', 1);
 

From f6cab3b6759b6760e6c1f5318a4944e304a1abe2 Mon Sep 17 00:00:00 2001
From: vikramdevtron <vikram@devtron.ai>
Date: Mon, 23 Jan 2023 18:23:42 +0530
Subject: [PATCH 06/13] fix semgrep sql insert

---
 scripts/sql/108_create_semgrep_plugin.up.sql | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/sql/108_create_semgrep_plugin.up.sql b/scripts/sql/108_create_semgrep_plugin.up.sql
index baa37d1c60..a90a9958ca 100644
--- a/scripts/sql/108_create_semgrep_plugin.up.sql
+++ b/scripts/sql/108_create_semgrep_plugin.up.sql
@@ -69,7 +69,7 @@ done'
     1
 );
 
-INSERT INTO "plugin_step" ("id", "plugin_id","name","description","index","step_type","script_id","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_step'), (SELECT id FROM plugin_metadata WHERE name='Semgrep'),'Step 1','Step 1 - Dependency Track for Semgrep','1','INLINE',(SELECT ps.script_id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false),'f','now()', 1, 'now()', 1);
+INSERT INTO "plugin_step" ("id", "plugin_id","name","description","index","step_type","script_id","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_step'), (SELECT id FROM plugin_metadata WHERE name='Semgrep'),'Step 1','Step 1 - Dependency Track for Semgrep','1','INLINE',(SELECT last_value FROM id_seq_plugin_pipeline_script),'f','now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value", "variable_type", "value_type", "variable_step_index", "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppToken','STRING','App token of Semgrep account',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),

From 26e901b478e04b9574f2f10e32a084a027e45c7a Mon Sep 17 00:00:00 2001
From: ayushmaheshwari <ayush@devtron.ai>
Date: Mon, 23 Jan 2023 19:14:28 +0530
Subject: [PATCH 07/13] adding semgrep icon link

---
 cmd/external-app/wire_gen.go                 | 2 +-
 scripts/sql/108_create_semgrep_plugin.up.sql | 4 ++--
 wire_gen.go                                  | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/cmd/external-app/wire_gen.go b/cmd/external-app/wire_gen.go
index edcaa70e70..8846cb4410 100644
--- a/cmd/external-app/wire_gen.go
+++ b/cmd/external-app/wire_gen.go
@@ -194,7 +194,7 @@ func InitializeApp() (*App, error) {
 	serverDataStoreServerDataStore := serverDataStore.InitServerDataStore()
 	appStoreApplicationVersionRepositoryImpl := appStoreDiscoverRepository.NewAppStoreApplicationVersionRepositoryImpl(sugaredLogger, db)
 	pipelineRepositoryImpl := pipelineConfig.NewPipelineRepositoryImpl(db, sugaredLogger)
-	helmAppServiceImpl := client2.NewHelmAppServiceImpl(sugaredLogger, clusterServiceImpl, helmAppClientImpl, pumpImpl, enforcerUtilHelmImpl, serverDataStoreServerDataStore, serverEnvConfigServerEnvConfig, appStoreApplicationVersionRepositoryImpl, environmentServiceImpl, pipelineRepositoryImpl, installedAppRepositoryImpl, appRepositoryImpl)
+	helmAppServiceImpl := client2.NewHelmAppServiceImpl(sugaredLogger, clusterServiceImpl, helmAppClientImpl, pumpImpl, enforcerUtilHelmImpl, serverDataStoreServerDataStore, serverEnvConfigServerEnvConfig, appStoreApplicationVersionRepositoryImpl, environmentServiceImpl, pipelineRepositoryImpl, installedAppRepositoryImpl, appRepositoryImpl, clusterRepositoryImpl)
 	appStoreDeploymentCommonServiceImpl := appStoreDeploymentCommon.NewAppStoreDeploymentCommonServiceImpl(sugaredLogger, installedAppRepositoryImpl)
 	attributesRepositoryImpl := repository4.NewAttributesRepositoryImpl(db)
 	attributesServiceImpl := attributes.NewAttributesServiceImpl(sugaredLogger, attributesRepositoryImpl)
diff --git a/scripts/sql/108_create_semgrep_plugin.up.sql b/scripts/sql/108_create_semgrep_plugin.up.sql
index a90a9958ca..909d46f954 100644
--- a/scripts/sql/108_create_semgrep_plugin.up.sql
+++ b/scripts/sql/108_create_semgrep_plugin.up.sql
@@ -1,4 +1,4 @@
-INSERT INTO "plugin_metadata" ("id", "name", "description","type","icon","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_metadata'), 'Semgrep','Semgrep is a fast, open source, static analysis engine for finding bugs, detecting dependency vulnerabilities, and enforcing code standards.','PRESET','link_to_icon','f', 'now()', 1, 'now()', 1);
+INSERT INTO "plugin_metadata" ("id", "name", "description","type","icon","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_metadata'), 'Semgrep','Semgrep is a fast, open source, static analysis engine for finding bugs, detecting dependency vulnerabilities, and enforcing code standards.','PRESET','https://raw.githubusercontent.com/devtron-labs/devtron/main/assets/semgrep.png','f', 'now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 2, (SELECT id FROM plugin_metadata WHERE name='Semgrep'),'now()', 1, 'now()', 1);
 INSERT INTO "plugin_tag_relation" ("id", "tag_id", "plugin_id", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_tag_relation'), 3, (SELECT id FROM plugin_metadata WHERE name='Semgrep'),'now()', 1, 'now()', 1);
@@ -58,7 +58,7 @@ do
     else
         export SEMGREP_BRANCH=$branchName
     fi
-    semgrep ci $ExtraCommandArguments
+    semgrep ci --json $ExtraCommandArguments
 done'
         ,
     'SHELL',
diff --git a/wire_gen.go b/wire_gen.go
index dedc2998e8..75702da33a 100644
--- a/wire_gen.go
+++ b/wire_gen.go
@@ -239,7 +239,7 @@ func InitializeApp() (*App, error) {
 	userServiceImpl := user.NewUserServiceImpl(userAuthRepositoryImpl, sugaredLogger, userRepositoryImpl, roleGroupRepositoryImpl, sessionManager, userCommonServiceImpl, userAuditServiceImpl)
 	userAuthServiceImpl := user.NewUserAuthServiceImpl(userAuthRepositoryImpl, sessionManager, loginService, sugaredLogger, userRepositoryImpl, roleGroupRepositoryImpl, userServiceImpl)
 	environmentServiceImpl := cluster2.NewEnvironmentServiceImpl(environmentRepositoryImpl, clusterServiceImplExtended, sugaredLogger, k8sUtil, k8sInformerFactoryImpl, userAuthServiceImpl)
-	helmAppServiceImpl := client3.NewHelmAppServiceImpl(sugaredLogger, clusterServiceImplExtended, helmAppClientImpl, pumpImpl, enforcerUtilHelmImpl, serverDataStoreServerDataStore, serverEnvConfigServerEnvConfig, appStoreApplicationVersionRepositoryImpl, environmentServiceImpl, pipelineRepositoryImpl, installedAppRepositoryImpl, appRepositoryImpl)
+	helmAppServiceImpl := client3.NewHelmAppServiceImpl(sugaredLogger, clusterServiceImplExtended, helmAppClientImpl, pumpImpl, enforcerUtilHelmImpl, serverDataStoreServerDataStore, serverEnvConfigServerEnvConfig, appStoreApplicationVersionRepositoryImpl, environmentServiceImpl, pipelineRepositoryImpl, installedAppRepositoryImpl, appRepositoryImpl, clusterRepositoryImpl)
 	serverCacheServiceImpl := server.NewServerCacheServiceImpl(sugaredLogger, serverEnvConfigServerEnvConfig, serverDataStoreServerDataStore, helmAppServiceImpl)
 	moduleEnvConfig, err := module.ParseModuleEnvConfig()
 	if err != nil {
@@ -442,7 +442,7 @@ func InitializeApp() (*App, error) {
 	appStoreDeploymentHelmServiceImpl := appStoreDeploymentTool.NewAppStoreDeploymentHelmServiceImpl(sugaredLogger, helmAppServiceImpl, appStoreApplicationVersionRepositoryImpl, environmentRepositoryImpl, helmAppClientImpl, installedAppRepositoryImpl)
 	installedAppVersionHistoryRepositoryImpl := repository3.NewInstalledAppVersionHistoryRepositoryImpl(sugaredLogger, db)
 	appStoreDeploymentCommonServiceImpl := appStoreDeploymentCommon.NewAppStoreDeploymentCommonServiceImpl(sugaredLogger, installedAppRepositoryImpl)
-	appStoreDeploymentArgoCdServiceImpl := appStoreDeploymentGitopsTool.NewAppStoreDeploymentArgoCdServiceImpl(sugaredLogger, appStoreDeploymentFullModeServiceImpl, applicationServiceClientImpl, chartGroupDeploymentRepositoryImpl, installedAppRepositoryImpl, installedAppVersionHistoryRepositoryImpl, chartTemplateServiceImpl, gitFactory, argoUserServiceImpl, appStoreDeploymentCommonServiceImpl, gitOpsConfigRepositoryImpl)
+	appStoreDeploymentArgoCdServiceImpl := appStoreDeploymentGitopsTool.NewAppStoreDeploymentArgoCdServiceImpl(sugaredLogger, appStoreDeploymentFullModeServiceImpl, applicationServiceClientImpl, chartGroupDeploymentRepositoryImpl, installedAppRepositoryImpl, installedAppVersionHistoryRepositoryImpl, chartTemplateServiceImpl, gitFactory, argoUserServiceImpl, appStoreDeploymentCommonServiceImpl, helmAppServiceImpl, gitOpsConfigRepositoryImpl)
 	serviceDeploymentServiceTypeConfig, err := service2.GetDeploymentServiceTypeConfig()
 	if err != nil {
 		return nil, err

From e3692d66943878f90283735212b5e3f682bacffc Mon Sep 17 00:00:00 2001
From: ayushmaheshwari <ayush@devtron.ai>
Date: Mon, 23 Jan 2023 19:26:19 +0530
Subject: [PATCH 08/13] modifying variable description

---
 scripts/sql/108_create_semgrep_plugin.up.sql | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/sql/108_create_semgrep_plugin.up.sql b/scripts/sql/108_create_semgrep_plugin.up.sql
index 909d46f954..90afffc1c7 100644
--- a/scripts/sql/108_create_semgrep_plugin.up.sql
+++ b/scripts/sql/108_create_semgrep_plugin.up.sql
@@ -76,7 +76,7 @@ INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "d
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'PrefixAppNameInSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{branchName}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'UseCommitAsSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{CommitHash}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppName','STRING','App Name will be used as an extra metadata for publishing results',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'ExtraCommandArguments','STRING','Extra Command arguments for semgrep CI command. eg input - --json --sem',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1);
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'ExtraCommandArguments','STRING','Extra Command arguments for semgrep CI command. eg input: --json --dry-run.',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value","value","variable_type", "value_type", "variable_step_index",reference_variable_name, "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'GIT_MATERIAL_REQUEST','STRING','git material data',false,true,3,'INPUT','GLOBAL',1 ,'GIT_MATERIAL_REQUEST','f','now()', 1, 'now()', 1);

From 3ddd4bf11c66daedd89f2850917f70bf0c43d8ff Mon Sep 17 00:00:00 2001
From: ayushmaheshwari <ayush@devtron.ai>
Date: Tue, 24 Jan 2023 00:52:07 +0530
Subject: [PATCH 09/13] adding option to pass semgrep api token from secret

---
 scripts/sql/108_create_semgrep_plugin.up.sql | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/scripts/sql/108_create_semgrep_plugin.up.sql b/scripts/sql/108_create_semgrep_plugin.up.sql
index 90afffc1c7..cdebc7133c 100644
--- a/scripts/sql/108_create_semgrep_plugin.up.sql
+++ b/scripts/sql/108_create_semgrep_plugin.up.sql
@@ -14,7 +14,11 @@ apk add py3-pip
 pip install pip==21.3.1
 pip install semgrep
 export SEMGREP_APP_TOKEN=$SemgrepAppToken
-
+SemgrepTokenLen=$(echo -n $SEMGREP_APP_TOKEN | wc -m)
+if [ $((SemgrepTokenLen)) == 0 ]
+then
+    SEMGREP_APP_TOKEN=$SEMGREP_API_TOKEN
+fi
 CiMaterialsEnv=$GIT_MATERIAL_REQUEST
 repoName=""
 checkoutPath=""
@@ -72,7 +76,7 @@ done'
 INSERT INTO "plugin_step" ("id", "plugin_id","name","description","index","step_type","script_id","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_step'), (SELECT id FROM plugin_metadata WHERE name='Semgrep'),'Step 1','Step 1 - Dependency Track for Semgrep','1','INLINE',(SELECT last_value FROM id_seq_plugin_pipeline_script),'f','now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value", "variable_type", "value_type", "variable_step_index", "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
-(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppToken','STRING','App token of Semgrep account',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppToken','STRING','Input App token of Semgrep account',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'PrefixAppNameInSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{branchName}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'UseCommitAsSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{CommitHash}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppName','STRING','App Name will be used as an extra metadata for publishing results',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),

From e52a5e9a3e3b4d12e3821c8d385687649f72cbb5 Mon Sep 17 00:00:00 2001
From: ayushmaheshwari <ayush@devtron.ai>
Date: Tue, 24 Jan 2023 00:58:47 +0530
Subject: [PATCH 10/13] adding description for semgrep app token

---
 scripts/sql/108_create_semgrep_plugin.up.sql | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/sql/108_create_semgrep_plugin.up.sql b/scripts/sql/108_create_semgrep_plugin.up.sql
index cdebc7133c..ffb22e7e3f 100644
--- a/scripts/sql/108_create_semgrep_plugin.up.sql
+++ b/scripts/sql/108_create_semgrep_plugin.up.sql
@@ -76,7 +76,7 @@ done'
 INSERT INTO "plugin_step" ("id", "plugin_id","name","description","index","step_type","script_id","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_step'), (SELECT id FROM plugin_metadata WHERE name='Semgrep'),'Step 1','Step 1 - Dependency Track for Semgrep','1','INLINE',(SELECT last_value FROM id_seq_plugin_pipeline_script),'f','now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value", "variable_type", "value_type", "variable_step_index", "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
-(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppToken','STRING','Input App token of Semgrep account',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppToken','STRING','Input App token of Semgrep account if not already set in secret',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'PrefixAppNameInSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{branchName}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'UseCommitAsSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{CommitHash}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppName','STRING','App Name will be used as an extra metadata for publishing results',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),

From 16176e67ea1a176bdc31df91ddee157c32469dcc Mon Sep 17 00:00:00 2001
From: ayushmaheshwari <ayush@devtron.ai>
Date: Tue, 24 Jan 2023 11:19:09 +0530
Subject: [PATCH 11/13] changing semgrep logo

---
 assets/semgrep.png | Bin 8962 -> 2072 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/assets/semgrep.png b/assets/semgrep.png
index 3fe706e630a44453ee4c7a2f2e0ffc3ad17af4d8..0848fe5a8ed088021f006927ecad30d6bd75a97f 100644
GIT binary patch
literal 2072
zcmai#i#rnv1I9Nr%QE*P_q#-*iOr=kwv0pA5Nf5|!pLRJZ87TP(%f?mxu0s-nkM(~
ziItEc>`R{x!m`Ni98Sllzu>&j^S;0LA9$ZP!}XHAxR|0C000noz@l+S#QroGbd(<J
zEPDVzbkG5fa*qS9mtMc6j8Pui($v%gdos%3E`{Gde7CrZ`yGtLPMv~yiX2m$6di=u
z%WhUnXs+A2J&}-0?899FzwqI;iaR)m;zJdA(gn-0Mqa~qCn$P4t!&H#y~6o7WI?Qn
zCA^bd+?DR+J3Jz|o!t8=X&G+PTgqR<C1<8+J_hRv{VV=%0sEf~QeE3?YIOAYp3S%9
zeKhZ2dDW{GHt%-(&}Uql*{nHa7=cX>TmAT~yIf%$Y0D8zu>*Uq9@++OFa=X<Iwo~9
z-wNOhwU+isG^*3RevH`le3Lr07Pb#{%~YM`e&bp@BE@lUlAbuS%_|E+ahg`fuOEm4
zbxg)Dl&P#V2Z(kEH*c)_5CVTFrHTbdrxhp4syiYpTsBQ2C>`!k^P?iCwQ-nrtMj_F
zp)9$?<T8y}%MYiLJ6WTN4rZ|H{*~{bx3YvvPRcG2ge%$Uw*wM@%2MJySQV}cI7zCu
zZ-8$q^mBJs*WCwK-`~Y<p$CZjbaWP2=XB=HvFHOBFMjC8zz%28Cn<*VJRP}}Aj7A4
z9Q<Y0fS+^En(vE1EIkic_X}6tthn@4SpB;C(Bs|07h~f<3+Jj7+KX4mdt)dG@)Q@5
zG<n*vx0to#evYdEP;=j{_|<||I%-W}yvS`X4|Bfg>2{m8TKkth#h&>;Dluup)&unF
z%6634@lN+Llo`(BIjzcUMx2rM&?@LMr!fOM6GXeU-9Bn!LzFrjdWBJbFB@Zd#oMxv
zvz6zWcBv=YmNL7ukHiEqk@pgqdVca}|Jv?QALExvEcqQOJ+n4?iQ9Wb*w&{YcB$j9
z+@lQqtvC_?xEAG<DE<;cTuLo#(2eb^1g?W5^sP$>o6cU41>uHk1)2ijV^fevbE6|W
z@-u<(Rk-SEK@8N~#R*YQO^>2{uW*tmWz>LuRgfi9c=y3;0TO{RcfO>ZEft^1rp(k(
zdpJAeJZ8$u-YO4<S`;%Rp6|YxkXv|vTQD}M@$iMAvl=_j)kUHsv|aduL&Pskr&d?)
zcE<`=!~0VfGTu-+_JW13lux+a(>$T-e335WLcfeE_4!yCz8ndgB%Z6&)|4)TRtr#q
zmY{E*VaYDThA#@Kc+R96d4rh@HcOygYA2g_91p_wFmz8#SH7(QJC&SVE+e8Nh?3i+
z$*+4AEtqaf@w)FvYD^BPE?wqz+qlLW;jORj1z57%sX0Uk=?1T;n`AH@INFx|OlNG?
za4jZ?Q>9`cjm*VZvPmd<t?sna`^&A~jsv(IZ|RqMa)QG-pawjXW+u(dwkig9BHL%{
z$g~u*xWxdsAQ3SBLEq+D%0@rt!qThLo1Lpt=0Pg?3WT?^&l<HNR~W!6&QQ_@fD%9n
zHwN?Hdm2G_`Su`7hLj8jS*Io-<N`zD=QDyc;St4J+~5;S&4W6Yp$`K&ZD+9krFRdJ
z?FzwpVOxkUCPqI$q<11weaj+B)jMcfNL58Drp9j{-fg;-{?E+=)n@F?a--4Q`p>O0
zvMq=g40WxXI)-1yZ{CS=8JZ1}HKHl`uxn^r|E_mpqaH9dPCV;3Kc@xkw~>%=vB)oj
z{{y&sH6u(Hqw+$(>W(&&1EBvAsWr+s*w349F|HX|tu+spZC53LTTuC?O<h#t1Zqxs
z^n;jvG%z#rOfPxq*|cc_CkYZPY=Dm)hX;Jnc$Zt>Kv#xG!E9*QkWv|qsF52#7?D<E
zkB(_8L;T|*q|dSHn;}%bQl}vnamp61lwN&RT)~W}bn5%{KVA+z$@N?vn}#O5e>$+B
z&eSW@Oe{n8L#cVrcNe+w#QUE+?wWsn#F{6Mo+Q)p2`N%b8r8z5ErhiT1xBOX8oRHe
zLOCZIC=k6f3ATu#t&tvc`X}T2(N}idJ}&O`lMlK!rAryhD|K=VO`Dox`r@%(=C5ZO
z&8OnXD#iy5oNp&Fb%(nzBR?StU|VeU77<>cO_NsIlk}iXd=GC&V0LZbEG;2Lj)^s$
zY3rLKCpg-3DE)!b9y5>$yD^Q%Zs-3fCNkoN34bcsf9@g~q7XuoC;Ie8eIni{b3|Wr
zl2X>?FUuL{lEf#Pn@X-~9ixWN_~Id4zQ0y#oJ}JH2!i(9kgQLUbe3;QX6O$3YMcHy
zljRWGzf^&S-7`D~0=tnKT>Ww{?i|}BH%<Pkufbmq8(gbomG70KESeAJM7|V`g0lL|
z@xE#D!gsM^wJWLdZ;_YdvOn;iXII$8zFDfE0SK)#MS{P*)O7fXe)hQ6SFQJkjlRTv
zys3h>SWQYd@QFqrityEH<hhUJoX(*oMD;+y{d9Ag<#Yciw(Fd91C$yyh)NIXHU=H%
zDKeFOBct!Y$XSru-zCE8Hn3`Qf3}186WVuFXcKoz`(K;PurG=ojJQ#NZX?s`ucQF)
zA<Kr!E*9Bkvb>!tFa7DjSmz8(o8ub<h868JI6HYs)PH}VD*fD#4aixpr9D~5m)GlY
zJd>$ayS2O8?};w@VYd)1%jRX5x3m_3!1^9|DOV9$Ajan3Ks`iIlY#4$ewJyAdC1YP
fLj$}V0-c=!`bQmn<e!?r7yN_+<`TNu);IP4;`6xG

literal 8962
zcmds-<xd<8u=QJ7q|gE_R!VVavEovoxI2q3R&>$g4#lmwyF+1dTVQc1?ku*r!{YAT
z=l%z8a=*PNnM^Xt$;{XJ<%Fv!Nq@lng8Ayzs}Hg=5^Aqrp)~zhs2Feln_$cNHvZQf
zRTMNNUtV6W9<FFADfz_}9-kiB_{AvmNm(bE7`VQZrF@}prk-C!AWse@m9;J|FQKq@
z#PuR$51rr)Z+J{%dQL(2QCIZppP|ul<}n79c||q7pO(K|OCVLH+a>lZHXB=8`sOw+
zK7lL)jM9}7?0GCUZB`x}82@djcqJ<#s^PwPm=zUW(DX?vl+Y^itr>>yXFXlZ!Jr$z
zzG0DhG!!Ly#GKRErBaM0B3pO6fFT7k)ZzR3zuW)6Q0F)$#zrBfwI5c%gil_z&OTt!
zPRCU~o)4o3s(DYA(WyN8Pc|;4C=vXn=!06aM;tA-+`EnP0c4pcwgymtcYy`tSv;dt
z9nOOSo{5u^53-z5+tKkBqc=VU&P18A5stSAH^iGKXfM(#FTTzGL?_8e<Qe6xmS%zO
z1FBPdYAyfkI$`Ic4XaT6=Tu*R9Hh7gsT*}{X2PkNsAi6z<7l?HDmJGtd+d}G)s$QQ
zYAmF(PnprFw~%b@Ya4(3=<7?{lpA+sz3e*G7R+WV=Q645_jSpxoBlQ>q*1Vzdox5I
zhluQ~QGFoxq_VzVc4Rf!R&CS8M7Xbmy>T>S)Dz!UcJ93^bu)n$4}dhqcGo4+tI2jc
zTD0F5#joHku_U5a|G`POvSq0HFRMkVmKG+a$0?<!8Q!g2>-M5+9~G7!t;17m=C00?
zo6RQx+JYX}WIvWpXaC(?Y|=y7^0@<;tmEUdRVv_V(GzvVlc3)Q#l8ojL;X{^<>wXr
z(Jqxe7)#eP?;YM0i(8efR%`9M)(`fPM_T8;5(~jtk-6sv-`S2ebeilEw7I2iNJ1Q6
zSeK98K{XXdX^MdDlf6dZajRO(#ch~uy`I!y(2qH<<(+++*ABw@hmGQGC9NH$h=twg
z76SRWMY&}Ul7T;40lQ}vWc1~h>yi@ul344A7Td&!{!{4Bqh3+3fyPf{5?Fqrc75sU
zLWHW<Oz(U<st{7m;aAL~<_bF))IYW51@U(8vy^3A;FX?BS|80y;tvI#5ezrh)q~y!
zmnR1<tt#;Z7h2HpY;?R?Mx6_8vbQHYMCaxAgv$omSBV*TEf!fQZ@Cu>uf;PmKcquR
z>Npl5MzUr)grpui#rv*2&^xz>79U~ceNO(Z{$s`*yxsa4^pEv=Qrkp58_82an&<KY
z?xH^|?HRpN*2VfVU27e=AEDXZXiGP|JyuhFyQFD*rF`vz)9qEK{i~zj(C@nU!FbTs
zwY*KSjrv1RWs>yq*64h$hg`B0giOmB6>6@f{rR6y)VgQq={%<HOAUwmde!aC?BMC{
z*Tyh2W<X1T9_$*xYLii1$Z1@e(rbpl&$u*s(b(4r2{z22g+=uW^F-LrQID>Tw>XoV
zPq}m1)V<OMEO6(C1lUx@q*W&|tKEo=@z&jpKJX{(w+sVw0D=_=pNlFS->SFo$rGyJ
z@x)Pzf)>W&vc(es7u2qRIpW~${lo)n0ynqKbt_cUhfOVj+^x?l_qrYbvNA!1=Mqsv
zgl$)|w(TrM-P+06$X=>XR?}+P36H*=i`P{?_Go^l^~>q|yGUOx!qPYJb^Wg3iK#Ik
z4_24$_BhM!SDRkfD(Iq?i9^vMzT7Qe4A}6WOKn1};V)#?sL7Bc2U^xSwgB(#y}Zez
zyzyqON+1m+`MEASrb0ufwAxab1Zgw0S-=y%t*QRG!FnyUC&`){bNk7XPO*|!xyr%?
zQGME6(E~JzWp7!ztRBxyf;qSF*94R>20Q2#D-jfH^RHc7M>|5QHj}^4eLb!}cE~8+
z_}cKjlcHu#tB|4ruWs+s+J#AIhNFaB*JGnA>DlLie@QZ2jAm?)b!0lpk;k!FIIhTb
zx~I9$r(i7ag_|sg;06!ScNKe;r7V^RQ55@p6>Bs8NHv#1)^f5dyw0w}_=V(W@coi1
z@`!(@n~*kgIUzQ?9$YyEqLB+D@Q%d4bhGkwd?96ye@;+n(O$o!|K2?HnUR6ISBNCH
zad2NUT-;vWfB1@7Z9*BSY~O(g#wRPwn<*BCBvx4ob7#C)!$vpM^*>8xr_?+R?H2fk
zhy8BcoQ>uW*&2_g`-;*o-?^ERab-nf$#`49l3dukbIfO&9yy;e8|2c^MaGG#!~1XT
znK{_l&~QhHa0x{{w3W{g%-#&*F8QlIM&V6qpcJmE^zoRghT>8#qeOgDRK<{0PK3)E
z@Qc)QBv5TWiN|{*n{SDxK~Aeke$*wI^;4IR%gB`)e>uMScnQZp9$ud2w<W=@WDNP!
zrSERLyf{tL^<jYyI`nbf%n=?Ss}w|Tdp5b4$bgej#gXk)bS-W7RiM$ioH}>1o{2FY
zz;YMWcFn;-uk<-}BYB_lSGZyitFP(>;J3PAj9BnedhcFp(RhUz$=S$~!hQ9_MwS)0
z2ZT`oPRj=wezyaU7CSh}85g^4HNJdhtC|#_4&^@VVLap!h!3hmhLAIYzLhAzNzm_m
zj%^tE`hTA%m)SFM?AcBYITBZ|Nf+YEShJ=U$i!<X8*|Utm(wICVMY)BW|s}#clcOI
zPo|~2{ViHC*tW&cavEo83hzjc=|1}sd5XbIP02*^M3KDHOS?W#k1G$z^){i+gQf~r
zCdyQJicO%dr~E4T*6P#0iS4MDT;IA5iyDNkUJ`b0dJ=82T6L~o*sWF<rIYzLkNsPq
zGd3U!>c3+8r+-|!GN1XbVsu#OAAvej?{Y=1)Ww)7gH!ptUFnIzlC`EixKOzmZ$r@W
zb(z<kU`bDJt+x!j{S0}GUiv%g_2k1B;NM_NxFEbLZFyY}bqw$ho1zupPWTW3$46@+
zy$k7sr(bQis1=fu)OP^w0Nd&=52l~GuV^#}j%u2e<^UgxzKJ2!`77{~cSZ(ee3}+C
z4hGpp<Dx|HOC4S(m^6x13eSLIgtv_JH8J0SXSf<Gj+J<#Y>5v>bxm&lO-nt5!t}yL
zc}B!0{s9JH5J@q4R}dTgDe48fJ*qmh=_%%il9#;ULX7P;{xAzFx>DnlO!R0OpqJ>O
zsJ+ln5r1U8#HyCryid@am~QH3(F}ulMD$akB6Ab8(|11~Sw34F&v%welbZHCQbNsr
z1rLq7^GQXh%Y9`-+f?FodCME3j*|ivovva%0pqVlcn08JbyL%C3^&R;X#3L>ycRu_
zkGg-d=I%*FX0mdGZ4b3di-GL5GormbmsEMlFV(^7Crh5Km?ktz$X`{v#YxdTMb~^j
zVxSlX^}OxuuMscpWyTs=?9#qj6-YVLG8~Uow#VV|hWGSS?NVWz=v6;aZO=pG1=g~0
zrc-w%iw7}wH8C${S}jXF2ty_dN;D5n&~bJ1P)7F+{$c7y9*6sHMT%}*e^B1lOy{f`
z?lj9BGW5%;k%gh(X6?T}6@TYsdwO%H^;n?`I^znLP;|1z$sr9ItbJpbj(p)?K66_t
zzW#)POtx{v%<jXS%0zn0H4l0Nwn}O%Z){P9HvviaMrdZBK*#TC8HsX#>OA2ZQU+-5
zpqx~_nG`+9rO`7u(|7gVjaA{}L&jOO*_@cquWa4s&$k{E#hTC~wx^Fjt#`796&n_0
zH~y@|>%#oB(&m&tc&wj>Elwrj>U2ardF)Ar7kd94+hkp#3c#9ab8ar~I4THE$#Hgv
zj6^CVeG@Gg33YE%Q~NUA6H3(PfcM}JxaTPSvfOB>yA<7XHM1>sAGAwN?4SF01TdZy
zm;D(rZZL9)$>CJHaoU4}B)rxF5S-_c$uZ`Q!aqth3AZeL*M)_DlXI(5#xX$-T?p6Y
zD&vwIkh{K#Ss!vTeoqutjwnY^*Xw7bCy~YUcW*11VG_4o#ehGxrxD5w+w`agI~Xjq
zkdFDl<@Rdo)F`P1{UC?K<*<%ihn58&`9?|4Hesn4K&B(fsb6nm)!dCmptFhIFHyDf
z!A6+7#J*WPo2FGS-CQ*3eb&P6P=UjpO(E>l0T0ihH3TuX$@7P{4HSBC_pBi4+C&i~
zXZ9>|T`5_k2*L`HkyDEdHL33U{bBz0#m|BE(s!-6%?r=ou^3@T5=e1o`8g_j%Qk(!
z8Sd%_d)DpQ;b#8i4xcs2ac3co?h-(yeIW8PrSo_|2CLqzU81Z^-QBZVLR!U4u0zlY
zPAf(O8U~ZG<AdBu$3vfdJC^Nk9;Vk_ebV^-HryBZd3e`Y?ZLxcx&q{ZgXY$HS<B|z
zm{^r_h;`HD>5$E=7d3<RsR0L_H&W{v^jM=1sF`X{_``F1>`$jQyUOvp+)*a`g*C9n
zcd<>on^u*SC+M2X&6kHi&es0(#s;cO!LV`8H?SfPPWx=$PbXqdv`!5jAs9Cg>A}-u
zG5N_ymV_GyJOQxr_iW<<&DO0&t+d0t_j)9~#wYE}%EHIM1)YIq)I&|a&(<j-HiK}3
z^;+h|pbwXR+H{SdQKjB=AuRl10mBw%34wL6l9DFXmiwGl-;a%4giS21PerMKCRnT%
z#~ec?CSkM}JLW2%cIV*2p<W4Hb<>6;6-L`K!%F+o=23#>pjnv+&QdRi4LOZ@<}^ZR
z&?OB(panxs+v1U)*S*Y8=N0mLn606&zy<XnQeXjsH)4pXI-xwHg=HgS^N~#+&8Tr)
zb~m0@czpwb+ePJ@Z~qX*3$N`vgr+XW3SudaVcYnGJC(R@vw?0a=&ZgqQE@YLu_iau
zL5jgR#n1+sKdZ7c%r@mRhXn2qoEuA74I9X*a*X2$_0-5-hY@q|ZNvso-qa8&bp?3&
z(sdQUV8bIy@vr^$DOAKPsIhL}`CD25d(*gEZ8dT*?IYiznEFHzr<0N|fT)7>XdfjL
zow`0{Vmrc8bnU14cr^Rjsfk)mfrmL~pC@m`Lk9DqCM?<mT<X9p@9lCEYqvps>~X@n
zH>!MLMX@sv62#F<^;!v7c}}HVd@d(Pi2X7nY-~pU+C|`6B7`xBzGT!XrZR*%rdF(~
z7#Pmc@R~a&>CBU=O(4jFD!c~-32*M&*9;;}+lnG#Sw3|f!(KX7e!YPfL^Spm{aarK
zx1pm)ET`8N3#hC~KW7j1$Az`U>wY+BL11Ukt&z;WH(ay#oK(>BY@11+a9P&f3T~f&
zx+sg!e6VUE(x|m|M1r}~U+6_er?NW>i7@FC<LbXVZ>9$<B)lX4c}~%(VfczB<>K0N
zW%pG0S>m7=T}q!50jnXce3)s^ItEr7?GRly%2keeMj#HyN-kG;<nJ0=tOmKK+w1h}
zDAKU%p9VE=oM#BN7#6>pH!0ZqiM-k<+E6@QFN{Ju5Zn66H=24i-OE;PJJQ-$wHlGy
zbmKI(>_2<I?_uBkwQJolE+Y1EMDG)=36TXl`jf0ke~)wk;4!hJ&o;YZPYRRJuAJ8B
zNSXKj;4gtyR#*Juw{F>0q4%3T<e4_gBOHh61B4MUPQ%et)u^o-XV_TXIVRoE^6AvM
zPx|-Q_OBy#&#zGDkQdBh!w{%_DBkGHr9&poaC&G_h_@`RD{S-3o6q)z-L{WU7TFV3
z=e83l>1uKzwuooR(n-*q$X3svg?%_zI*$W>)-oX<8HAPBf1E#odYs>o%B@U`)+e%0
z1=OKR$n;yry#Qv68eh@Bh{<P`mM49^{a@ztf6*;jr-y(_G-dF(63U}=>~wzSB9AzR
z*%2QQHJ0d<+{l)j>YT3nF(=oCX|1Q@Rm`74R$^-cdu|Nk2Yg?F-_m_5=JtReCLi*#
z+($m@2rV*MKM~GU{BV99Gk_rDFTau*d1m%+{w=-5Qlk^WfxY$14P^&~?1QAac19FX
zb=o+$ey?P9fQ@Orhv;<-YS|MDSUx?&|1;UWDw6eJogUSlW{Y;ROfHZJq7d#N*g1}Q
z`r~gL7v|rXrq>|L4izy5H22&%ol?%KrpO9lCqnHO{F)36Ojj4gXgK=Sv>Xw*g+eCv
z%UX80+<?0)D{%=s0JXCR7kV!Qz#?WbW&i%>JLab(Mh!Q|P`lE0N)`pNS7fMnG}KF8
z-&kx@#F<W;euq-p(K{_}L}zt652@%?q=nNI)mJh;S;G01(0w0cS3UNjJ~ZTey41?Z
z8=dI^^*6hZ`Q$BSPH3dLns+q>DQ&8W*q^0kwNvynJ_gAoyO^~ee#Mbgc5)H>7DfD%
zzFuF4e#Q8lc1EeMS_#wDh`({8v!?ut`v|$mHq+c{C(>}pDtOSCp?>YszV#;0CUa?e
zRMf?=uy`_iwfL5hDgBK{hv_e#C$?#<RLu%?rI5vVv=8f4)J$|^56OF+80qC|hPr0G
zOo!lMf&)(??xN#s7gN)2){x|(#@5fWe3*S6-zZByvt~rZw)FHal9sl5g7vewR|#+%
zy-^+DYvoUo{RWFrV^UKR{1eQ`KTX7Wc$7+$rnB;siV-}PrD4lzE6^^ED7!ej^nIjE
zchrG#yjFS+aYNX0UbUU?Im|#UB3CepbR6dHj<SXqrWf0hWzbnq9k;j)T>~#gqT1m3
zmg#NGJ>^>&+Zlx5Q>DYNd;F-(6*GmoHmBijw-1F`;w;ez=dHEa@Loj-vu3aYhyAe^
zt`KSs-t;@k*)WM?ywevn;EBXTD3<fD$@Y&HeL*2}i8LCa;J-<&5-5lyVI_HnJw@mD
zUvLjivGdN`e(!y=H_=Vy&NWqFd1I79nc?RS5Ju~=*FdVb+KH>6x~|Lr4DK*ut*na`
ziI5uO%1qx(4H+{ldDPN00ewtqILLYSCL;~+=p0DYW!SK~0|c=Vn}vRa7H3KbEJ!VE
zQ#pjm5I9T^dbQ$?-eYpz)J<AXT0MwNMCm5@=em~Nx7Qzx4a(SVL{zzTTf~<GhHI_k
z$W|3RqLMQx76uG{2KtH1K?A6cE&-<C5+;~J%TD><UhBM#WQoiWm01D-rAfOC=*$fe
zOt{NgstnpVmloGAqoq3Pt^BUj&uQ^N_$J}opIM6C9vH)E-PQ`0S(eG49Cn<R`Zx8-
z_eNlXMH?Ls(EG<<4@NXnkEVxx^873=?Y|@DWzM5;cF<eDe#dtVf-4Qhf9@k_wJ|d=
z>TB1In#I`nocsi19p?@^NA(9XNZt&&zv}N;2mK@2fN-nqC)6ZT{k6EzhLf*XW;4>6
zWQpwKor|?y%xWvAh`S$uI{_Lmo?lZpP$b;E=8UMLooh;%9m=g9AjS}_y}64RE=t0A
zIy#ZpqO`b=KINFsmrgCUCkS)Lb#5&9B3IP%R&(2@Ww_$&YS_QhDnH(L#S9X~lm`@<
zsCY?}vh)|d<-^)I7J`OJn|vFET8_0rK9h+3*K-BiaUUG8jzpg(6PP>JggR{*fkIQd
zWfGha3om5WC<<8ZRgy4q>G^Lu;BJBuSD*DFWEW9v-1kts9w825>|yo!Lx`tF=c^#?
zU8O?N5W&CzhF)L}Gqp;h>nUq?WsLJ=GMzxC(ai`5<#G3zG!=E|UkS@Q_24E|cPR^A
zaUGLb?XyxvQdJkG0Od8oSVuU|Xhjfv-)-Vqa473h7gMB|@nenYSI1m(ZBzitMSkKu
zrpoqRRDfDSj<fhyD7}{u%HWgt4xz0xFK$5U?kF|(jgo&Lo#eV+@M#tt8PdIvQ?AWR
zE9^HkkU;TGwAze7!)gcT&f2*ILr3^=G(MJcI+{B9bFr1PplJ2!ey2IbNeh~=?}^Vs
z(zp`G4kS<rb}y=n`pF}i$<>^z_@Fm#-(X%XUUIIT_-t15HN*qm&z~ciig<271C8!p
z!0K0HZL2Ko3q$?Or^yOMv~5JlY(b@Wi6+xfBFg>&dQp?vl2dHcWl<U=BK#bF=13tF
zYP=YquZY5^fPg`SP30E>mZj2X0{{X7lAs^S50YgFH)4;-BPyv(<5us^Dw!NPy>Q<Q
zz`kGvLEYCXMR_x-;(1yC+U$HFL0eb?6Run49>}GF!$69zCG>CC!k0;x9DmeDL&@dV
z9Z5)#_QlOPTN*d(xU^ry&;_Pk4X7`QSb}MD1|#?p@;5)iVcUPCjoZViqFYXdmL5y1
z<&~Do&v8=qZHKvJUie$b;3|51T_Up-N<+_z(VoOUmKX4eftOxi!>jiv7|fDXo#?T#
zuipLlBsezRM%Yp)CN!qsq)qZu9~~!i0nBS`*!owbJzlC5*CGZ~N~M;5td;!{M>|fg
zj&O-vIBVJk5?q(ss0OPWK4l3cA)89Ym?z+)KVr9@ZwCaq8bBOIik{1^Zo0sCGFg7=
zPg2ScA8!nQ^%AUSxUQpBGL`i~tp)~GfCS0fY(1+Uq!j88s5WfU@MR6ALbYH^5bHFt
zv^byeXV~zBUQBq~PJ^?$|3j@dovB;^Wr`_VR1>hg*j)JShA)l=L6Bttj{41a$0wkd
z+Xj2WGIRg@m%<C{o)V`O#z~J#rFBmrS7bBH{&Fyk#6v+1$Vkwn{{3;;-@y=gx*=O6
zFsW4ypc?T9JSJJ?3A`m`@f&YK>`B&(?Vy2Kjx8F~bch|>Ku@2?93)M9my0mLP)MZ|
zM9mc_8ic|t&#K?9^lgTo%7AOntQxPWW1wIP(r+rGk*Cx6il7O-w0khj`e{PXZC0to
zvQ2~18+|<fp(rLh)-3jr>lctTcnq&2d_j|18YTyF->iUR{^z**3gyFDI@1MG0=b*&
zaB{vl)ID16h@)0wbi99DONG>;-YFe4G|?Y^)sk=mImBoY1SK$qJ%G#BSZl*$no=r7
zYSd7>!XD5|i*_6_<wk=PpK8vpvw*?Vp`85EHjbc%Ko3Kpia%nOo~^TDQwlI(E{e;4
z%qCAbb6+B-MX+@Xvs<{cc#64t**{Jb)CJ<E95hXLp|H>saPuFF0!3|r0Z+7oFAXpM
zCd<0x`>@I|J9vi)621)d;>kZx`#zk{IWE~Q5u$gkv&}R1@K@%je<e9*A-5|So!;6k
zGeX%Y=v%xv)^dC~^jV~mn7u+qimWx2QAC$v&Pt>%{?L@PR$Do!mWf7=Wa{TiEm?Y2
zv>S`bXN(gcR6@pg=Cgvs_dWEdUl1GnW!=I+KG36Wypgf(vT7uFXidw&Km;<!lsHM5
z78ou}21WApTyK$S@fR#_4t_);IW5L&|A9t-1c|U&Eo_3zaP__MlnJ&zln8jbZ<qTk
zw+!Zf!Re3CXPYv!dcK{<5Sirr%M@nKU&*xf&q}GRM%Kvd{#XFsOti7VB3^YFRd2eQ
z%!D!2l=FUR(-!qU%gOHg04!wC*eZ0`+MG;cmQCW|<^rmt<@-J%(z3^DXm1J(bh=EA
z6Fy`iH%FHsCXdrGxmcjDJMcYUI~&){%$53jr6lRtQlGgvdGL6~!f9cyFJ4_`s!R7g
zORDpHiXx{aOGU~QYGqR~)@EL3ded}{>_Yz=wIdy+?fixq=x?a?GjcvwuROE{tL_wp
zdh7&5wMWyk*T%`hx4dc))F&+#<O=&0GV|wWwEKnnWf&k{r4XqQkR_N?9_$iF$TCY(
zu-KbQsV)>1gr*9o?CAyjGzlD@hry0WaQp@ig(DtTjQu;|caD1sx1#L^K8k7l`ogiZ
z!|xorIL^nVD(!kd?a9^ob`e6mn^g}=8fN`^?M*#a@wq#AoOaMF?TprZ2FiVhH(H~u
z#TFN5jfKJ^mR|{M-58O`CAo$rgmbrwe@o*nx-6k0Yg@UsZU9W}s(KzB+qZb6zPkw2
zSTBr*A(~e*%ww<7r5dD&#x~^DEpaD}r;zKdjWr2)K1D(s>8{kri5I!)uil|8;S85k
zi?^)s`|k5xYO<L>G+KS}-MJ>F-d91^%?|@`EG#%J?AGi8*Imae>oOEvYds+^(7SDo
zt|5fvoHqGf{@14zYZq%!%js3%)3y~%njP7hk$_tFp)KoxgCwNiaYehM(P}oldyOu@
ze8CpZOdrG|$ei*99CTBt)*o6};s}C4vvBXci_Fw#6Ii7h;&=-DJC{9kheZr@3zw%Z
zuLtgx=IF}le<U#}WZCrz;6uCb&J*PLR^pg1o4q0w;-R+f4O-O+Fz1vZT?>jWlR1}y
zhLUC3RQUDfuImqc|4x0JAdcm{AeX2MA-_3M8iW1@`Jc5{7v4`<3$v}4V5O|uE&+$x
ztuhv%V06LVhj2lkEI-o`cpS;{$F;tSKTF!vbi1M_h5r!^ryVy7ri)V-Iv^#re&(D5
z6yGGm@FjB`v77;4{FASoZ>aqFNn)!qDo&Emb#AmeFG8F%V!)0?mEUlMyaF5VMkS$e
zAPkm$g?C>nzqymY%-uFkZRh^(L|j-ae3^ByC<O5qn=P#_r(RjCBgadAu9`eziE`p>
zEE8`k1V<T^^Y^JjZ-w93@r|TqwjwE|rqs!{fsTlJ5gW2FXB$ObWXcSUG=qS-n;hjN
zOt?YF2OD(PypTmU!`*un6MQ^tF(Z5-D}>tMa;UxBojJmA*&&}s`9VV}VS-Dq#qJPW
z8Bsx8bV^i7V3yK^eqc+a?T%xiHw{wl6M$5)={Awjr<kaA>jUT7TZcWCU@<NRPJ~y=
zQg+|?M!#(TJac8*bn4pgkXB#FO5bs78+&9=>%X9JBm_=EJq&_Ngwt8aVG~PBkLvxV
zj7k-XFAqn7@dw@ZR%UN(H^?UsmaGmYeJ5oF@1n|=kM^xaG@Z)&v~hxtV*2egHK)JI
zAP3hxgq2+Q@k`EDX5f!u%Z(;lNs8{glHW{gpuD8D%u{WgKBf!Q_tIvDb1n<bnX@1N
zizSHsZx+Dxeu5l+HJja)-tn*iU`VF(LtH7laB6#vW_A)3<K3TI>%ROuC)z+aTdV7<
z;UB0qf42C{N@m%SiF=(|QIh3zC{E{B?<Y;9>{idqM)A1oPfCthWhmG5xaHnFF@&v2
zNdWMx2G2Ve@ZK_K%bADVk~y3eU;I-j>lFOW)@RGlT5=Y`8J~BhbooFxZikHuLVOx|
zVvOV1*LVnTu@~w8PW|g_>bGFHt)!=AcA2azy|VX77=UUQ@;U`YOR3(&q|$)@ECi_g
zr|C9Y!<g8~jYWaX$18^1@m|q?I6}`mt|8a@@Ty)?Aklp1j`YF8ov#N%$)#&sP|{+P
zZbo}&Nl4Oe#t+po?GgN4<&dH#U=dXg>0PN+u+EK+Op)#w(`lt!3e>BEJ}NXfP|XUz
zZBo&hKv+G&kKq}!;6eUop3S)!qU?!T>2LN=o*c>cUVCh1AR1~&-<j2(QghORou2Qo
z+iclXxs5hU^qe>^vcy4$hgl-N-UM!usC_0KzuZ5;Wv0Wk(5W5P@ww~q|4K6cFBIhe
d+4}-`dELp<{qvO>&8Po0$x13oREik|{11^ENZbGb


From 14767cdf54b46c4efeabe3501f6a24ef57997406 Mon Sep 17 00:00:00 2001
From: ayushmaheshwari <ayush@devtron.ai>
Date: Tue, 24 Jan 2023 11:23:57 +0530
Subject: [PATCH 12/13] changing variable description

---
 scripts/sql/108_create_semgrep_plugin.up.sql | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/sql/108_create_semgrep_plugin.up.sql b/scripts/sql/108_create_semgrep_plugin.up.sql
index ffb22e7e3f..71a6e0b9fa 100644
--- a/scripts/sql/108_create_semgrep_plugin.up.sql
+++ b/scripts/sql/108_create_semgrep_plugin.up.sql
@@ -77,8 +77,8 @@ INSERT INTO "plugin_step" ("id", "plugin_id","name","description","index","step_
 
 INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value", "variable_type", "value_type", "variable_step_index", "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppToken','STRING','Input App token of Semgrep account if not already set in secret',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'PrefixAppNameInSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{branchName}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'UseCommitAsSemgrepBranchName','BOOL','if true, this will publish scan results by name {SemgrepAppName}-{CommitHash}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'PrefixAppNameInSemgrepBranchName','BOOL','if true, this will add app name with branch name: {SemgrepAppName}-{branchName}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'UseCommitAsSemgrepBranchName','BOOL','if true, this will add app name with commit hash: {SemgrepAppName}-{CommitHash}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppName','STRING','App Name will be used as an extra metadata for publishing results',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'ExtraCommandArguments','STRING','Extra Command arguments for semgrep CI command. eg input: --json --dry-run.',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1);
 

From dc81b030922cbcf24d62d1f3e9c52d7dee40940d Mon Sep 17 00:00:00 2001
From: ayushmaheshwari <ayush@devtron.ai>
Date: Tue, 24 Jan 2023 11:33:16 +0530
Subject: [PATCH 13/13] modifying description

---
 scripts/sql/108_create_semgrep_plugin.up.sql | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/scripts/sql/108_create_semgrep_plugin.up.sql b/scripts/sql/108_create_semgrep_plugin.up.sql
index 71a6e0b9fa..d6cae26feb 100644
--- a/scripts/sql/108_create_semgrep_plugin.up.sql
+++ b/scripts/sql/108_create_semgrep_plugin.up.sql
@@ -76,10 +76,10 @@ done'
 INSERT INTO "plugin_step" ("id", "plugin_id","name","description","index","step_type","script_id","deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES (nextval('id_seq_plugin_step'), (SELECT id FROM plugin_metadata WHERE name='Semgrep'),'Step 1','Step 1 - Dependency Track for Semgrep','1','INLINE',(SELECT last_value FROM id_seq_plugin_pipeline_script),'f','now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value", "variable_type", "value_type", "variable_step_index", "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
-(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppToken','STRING','Input App token of Semgrep account if not already set in secret',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'PrefixAppNameInSemgrepBranchName','BOOL','if true, this will add app name with branch name: {SemgrepAppName}-{branchName}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppToken','STRING','If provided, this token will be used. If not provided it will be picked from secret.',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'PrefixAppNameInSemgrepBranchName','BOOL','if true, this will add app name with branch name: {SemgrepAppName}-{branchName}.',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'UseCommitAsSemgrepBranchName','BOOL','if true, this will add app name with commit hash: {SemgrepAppName}-{CommitHash}',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
-(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppName','STRING','App Name will be used as an extra metadata for publishing results',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
+(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'SemgrepAppName','STRING','if provided and PrefixAppNameInSemgrepBranchName is true, then this will be prefixed with branch name/ commit hash',true,false,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1),
 (nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Semgrep' and ps."index"=1 and ps.deleted=false), 'ExtraCommandArguments','STRING','Extra Command arguments for semgrep CI command. eg input: --json --dry-run.',true,true,'INPUT','NEW',1 ,'f','now()', 1, 'now()', 1);
 
 INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value","value","variable_type", "value_type", "variable_step_index",reference_variable_name, "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES