From a3195b1b23355bea6b1c16acde1b22734b8ceb72 Mon Sep 17 00:00:00 2001
From: sebasrevuelta <122784773+sebasrevuelta@users.noreply.github.com>
Date: Thu, 14 Dec 2023 15:29:03 +0100
Subject: [PATCH] improve the azure sample with tested configuration (#1273)

* improve the azure sample with tested configuration

* change fetch depth to a standard value

---------

Co-authored-by: Sebastian Revuelta <sebastianrevuelta@gmail.com>
---
 .../code_snippets/_azure-semgrep-app-sast.mdx | 27 +++++++++++--------
 .../code_snippets/_azure-semgrep-app-ssc.mdx  | 27 +++++++++++--------
 2 files changed, 32 insertions(+), 22 deletions(-)

diff --git a/src/components/code_snippets/_azure-semgrep-app-sast.mdx b/src/components/code_snippets/_azure-semgrep-app-sast.mdx
index deb787135..05adf35a5 100644
--- a/src/components/code_snippets/_azure-semgrep-app-sast.mdx
+++ b/src/components/code_snippets/_azure-semgrep-app-sast.mdx
@@ -1,20 +1,25 @@
 ```yaml
-# trigger:
-#  - master
-
-pool:
-  vmImage: ubuntu-latest
 variables:
-- group: Semgrep Cloud Platform token group
-
-steps: 
+- group: Semgrep_Variables
 
+steps:
+- checkout: self
+  clean: true
+  fetchDepth: 20
+  persistCredentials: true
 - script: |
     python -m pip install --upgrade pip
     pip install semgrep
-    semgrep ci
-  env: 
-    SEMGREP_PR_ID: $(System.PullRequest.PullRequestNumber)
+    if [ $(Build.SourceBranchName) = "master" ]; then
+        echo "Semgrep full scan"
+        semgrep ci
+    elif [ $(System.PullRequest.PullRequestId) -ge 0 ]; then
+        echo "Semgrep diff scan"
+        export SEMGREP_PR_ID=$(System.PullRequest.PullRequestId)
+        export SEMGREP_BASELINE_REF='origin/master'
+        git fetch origin master:origin/master
+        semgrep ci 
+    fi
 ```
 
 ### Setting environment variables in Azure Pipelines
diff --git a/src/components/code_snippets/_azure-semgrep-app-ssc.mdx b/src/components/code_snippets/_azure-semgrep-app-ssc.mdx
index bc885f6db..6f020f11a 100644
--- a/src/components/code_snippets/_azure-semgrep-app-ssc.mdx
+++ b/src/components/code_snippets/_azure-semgrep-app-ssc.mdx
@@ -1,20 +1,25 @@
 ```yaml
-# trigger:
-#  - master
-
-pool:
-  vmImage: ubuntu-latest
 variables:
-- group: Semgrep Cloud Platform token group
-
-steps: 
+- group: Semgrep_Variables
 
+steps:
+- checkout: self
+  clean: true
+  fetchDepth: 20
+  persistCredentials: true
 - script: |
     python -m pip install --upgrade pip
     pip install semgrep
-    semgrep ci --supply-chain
-  env: 
-    SEMGREP_PR_ID: $(System.PullRequest.PullRequestNumber)
+    if [ $(Build.SourceBranchName) = "master" ]; then
+        echo "Semgrep full scan"
+        semgrep ci --supply-chain
+    elif [ $(System.PullRequest.PullRequestId) -ge 0 ]; then
+        echo "Semgrep diff scan"
+        export SEMGREP_PR_ID=$(System.PullRequest.PullRequestId)
+        export SEMGREP_BASELINE_REF='origin/master'
+        git fetch origin master:origin/master
+        semgrep ci --supply-chain
+    fi
 ```
 
 ### Setting environment variables in Azure Pipelines