Updated workflow examples to use Socket Container

Author: dacoburn

pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "socketsecurity"
-version = "2.1.24"
+version = "2.1.25"
 requires-python = ">= 3.10"
 license = {"file" = "LICENSE"}
 dependencies = [

socketsecurity/__init__.py

@@ -1,2 +1,2 @@
 __author__ = 'socket.dev'
-__version__ = '2.1.24'
+__version__ = '2.1.25'

workflows/bitbucket-pipelines.yml

@@ -2,17 +2,16 @@
 # This pipeline runs Socket Security scans on every commit to any branch
 # The CLI automatically detects most information from the git repository
 
-image: python:3.12-slim
+image: socketdev/cli:latest
 
 definitions:
   steps:
     - step: &socket-scan
         name: Socket Security Scan
-        caches:
-          - pip
         script:
-          - pip install --upgrade pip
-          - pip install socketsecurity
+          # Socket CLI is pre-installed in the socketdev/cli:latest image
+          # Git is also pre-installed for auto-detection features
+          - socketcli --version
           # Run Socket CLI with minimal required parameters
           # The CLI automatically detects:
           # - Repository name from git

workflows/github-actions.yml

@@ -26,19 +26,15 @@ jobs:
       pull-requests: write
     runs-on: ubuntu-latest
 
+    # Option 1: Use the official Socket CLI container (faster, more reliable)
+    container: socketdev/cli:latest
+    
     steps:
       - uses: actions/checkout@v4
         with:
           # For PRs, fetch one additional commit for proper diff analysis
           fetch-depth: ${{ github.event_name == 'pull_request' && 2 || 0 }}
 
-      - uses: actions/setup-python@v5
-        with:
-          python-version: '3.12'
-      
-      - name: Install Socket CLI
-        run: pip install socketsecurity --upgrade
-      
       - name: Run Socket Security Scan
         env:
           SOCKET_SECURITY_API_KEY: ${{ secrets.SOCKET_SECURITY_API_KEY }}
@@ -65,3 +61,42 @@ jobs:
             --target-path $GITHUB_WORKSPACE \
             --scm github \
             --pr-number $PR_NUMBER
+
+# Alternative Option 2: Traditional Python setup (if you prefer not to use containers)
+# Replace the job above with this version if you want to use the traditional approach:
+#
+#  socket-security:
+#    permissions:
+#      issues: write
+#      contents: read
+#      pull-requests: write
+#    runs-on: ubuntu-latest
+#    
+#    steps:
+#      - uses: actions/checkout@v4
+#        with:
+#          fetch-depth: ${{ github.event_name == 'pull_request' && 2 || 0 }}
+#      
+#      - uses: actions/setup-python@v5
+#        with:
+#          python-version: '3.12'
+#      
+#      - name: Install Socket CLI
+#        run: pip install socketsecurity --upgrade
+#      
+#      - name: Run Socket Security Scan
+#        env:
+#          SOCKET_SECURITY_API_KEY: ${{ secrets.SOCKET_SECURITY_API_KEY }}
+#          GH_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+#        run: |
+#          PR_NUMBER=0
+#          if [ "${{ github.event_name }}" == "pull_request" ]; then
+#            PR_NUMBER=${{ github.event.pull_request.number }}
+#          elif [ "${{ github.event_name }}" == "issue_comment" ]; then
+#            PR_NUMBER=${{ github.event.issue.number }}
+#          fi
+#          
+#          socketcli \
+#            --target-path $GITHUB_WORKSPACE \
+#            --scm github \
+#            --pr-number $PR_NUMBER

workflows/gitlab-ci.yml

@@ -7,7 +7,7 @@ stages:
 
 socket-security:
   stage: security-scan
-  image: python:3.12-slim
+  image: socketdev/cli:latest
 
   # Run on all branches and merge requests
   rules:
@@ -24,8 +24,9 @@ socket-security:
       - .cache/pip/
 
   before_script:
-    - pip install --upgrade pip
-    - pip install socketsecurity
+    # Socket CLI is pre-installed in the socketdev/cli:latest image
+    # Git is also pre-installed for auto-detection features
+    - socketcli --version
 
   script:
     # Run Socket CLI with minimal required parameters