REPOSITORY_SEMGREP_RULESETS throws a v8r schema error

[wesley-dean-flexion]

Describe the bug
v8r is throwing a validation error based on the megalinter configuration schema when encountering REPOSITORY_SEMGREP_RULESETS assering that it is an additional property.

To Reproduce
Steps to reproduce the behavior:

1. include a REPOSITORY_SEMGREP_RULESETS value in the .mega-linter.yml configuration file (e.g., REPOSITORY_SEMGREP_RULESETS: auto)
2. run MegaLinter with semgrep enabled

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots

- Image Creation Date: 2023-10-28T23:02:14Z
 - Image Revision: b48455a119cc28045eee8f1e9d0a542a85e71f4f
 - Image Version: v7.5.0

...

✅ Linted [YAML] files with [v8r]: Found 1 non blocking error(s) - (31.31s)
- Using [v8r v2.1.0] https://megalinter.io/7.5.0/descriptors/yaml_v8r
- MegaLinter key: [YAML_V8R]
- Rules config: identified by [v8r]
- Number of files analyzed: [9]
--Error detail:

[...]

ℹ Processing ./.github/workflows/render_dot.yml
ℹ Found schema in https://www.schemastore.org/api/json/catalog.json ...
ℹ Validating ./.github/workflows/render_dot.yml against schema from https://json.schemastore.org/github-workflow.json ...
✔ ./.github/workflows/render_dot.yml is valid

ℹ Processing ./.mega-linter.yml
ℹ Found schema in https://www.schemastore.org/api/json/catalog.json ...
ℹ Validating ./.mega-linter.yml against schema from https://raw.githubusercontent.com/megalinter/megalinter/main/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json ...
✖ ./.mega-linter.yml is invalid

./.mega-linter.yml# must NOT have additional properties

Additional context

Per the repository_semgrep docs, REPOSITORY_SEMGREP_RULESETS is used to "List of semgrep rulesets identifiers that you want to enforce"

I see https://github.com/oxsecurity/megalinter/blob/main/megalinter/descriptors/repository.megalinter-descriptor.yml#L436-L438 includes REPOSITORY_SEMGREP_RULESETS so I'm guessing that the the JSON schema is't generated directly from that file.

[wesley-dean-flexion]

https://github.com/oxsecurity/megalinter/blob/main/.automation/build.py#L2287-L2290 is where the JSON schema is generated when stuff is added

[nvuillam]

Some parts of the json schema are manually added, and we forgot to add this variable, good catch :)

Would u like to make a PR ? :)

Meanwhile, you can use YAML_V8R_FILTER_REGEX_EXCLUDE

[wesley-dean-flexion]

make a PR?
Please!

Next, I started looking through the repo for instances of something that made it into the schema (_ARGUMENTS) and something that didn't (_RULESETS) to try to figure out where it could be added. Given your comment, I obviously wasn't successful with this approach. :)

[wdean@yaoguai ~/src/megalinter][04:38 PM] (main) $ ack -li REPOSITORY_SEMGREP_ARGUMENTS
docs/descriptors/repository_semgrep.md
docs/json-schemas/configuration.html
megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json
megalinter/linters/SemgrepLinter.py
site/descriptors/repository_semgrep/index.html
site/json-schemas/configuration.html
site/search/search_index.json
[wdean@yaoguai ~/src/megalinter][04:38 PM] (main) $ ack -li REPOSITORY_SEMGREP_RULESET
CHANGELOG.md
docs/descriptors/repository_semgrep.md
megalinter/descriptors/repository.megalinter-descriptor.yml
megalinter/linters/SemgrepLinter.py
site/CHANGELOG/index.html
site/descriptors/repository_semgrep/index.html
site/search/search_index.json

(including this so if someone else should come behind me, they might see what did (or didn't) work)

[wesley-dean-flexion]

https://github.com/oxsecurity/megalinter/blob/main/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json#L14266

 "REPOSITORY_SEMGREP_ARGUMENTS": {
      "$id": "#/properties/REPOSITORY_SEMGREP_ARGUMENTS",
      "description": "REPOSITORY_SEMGREP: User custom arguments to add in linter CLI call",
      "examples:": [
        "--foo",
        "bar"
      ],
      "items": {
        "type": "string"
      },
      "title": "REPOSITORY_SEMGREP: Custom arguments",
      "type": [
        "array",
        "string"
      ]
    },

^ currently exists

 "REPOSITORY_SEMGREP_RULESETS": {
      "$id": "#/properties/REPOSITORY_SEMGREP_RULESETS",
      "description": "REPOSITORY_SEMGREP: Specify custom ruleset(s) for semgrep",
      "examples:": [
        "auto",
        "p/ci"
      ],
      "items": {
        "type": "string"
      },
      "title": "REPOSITORY_SEMGREP: Custom arguments",
      "type": [
        "array",
        "string"
      ]
    },

^ proposed addition

@nvuillam something like that?

[wesley-dean-flexion]

see #3164

I didn't add an entry to the changelog as the update was a trivial bug fix. I can add something if you want.

[nvuillam]

@wesley-dean-flexion i'll add it when releasing, that's ok :)

[wesley-dean-flexion]

Thank you.