bump @cypress/request to 3.0.0 due to CVE-2023-28155 #342
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
# Copyright OpenSearch Contributors | |
# SPDX-License-Identifier: Apache-2.0 | |
## | |
name: Test and Build Dashboards Notifications | |
on: [pull_request, push] | |
env: | |
PLUGIN_NAME: notifications-dashboards | |
OPENSEARCH_DASHBOARDS_VERSION: 'main' | |
NOTIFICATIONS_PLUGIN_VERSION: 'main' | |
OPENSEARCH_VERSION: '3.0.0-SNAPSHOT' | |
jobs: | |
tests: | |
env: | |
JEST_TEST_ARGS: ${{ matrix.jest_test_args }} | |
# prevents extra Cypress installation progress messages | |
CI: 1 | |
# avoid warnings like "tput: No value for $TERM and no -T specified" | |
TERM: xterm | |
WORKING_DIR: ${{ matrix.working_directory }}. | |
strategy: | |
# This setting says that all jobs should finish, even if one fails | |
fail-fast: false | |
matrix: | |
# TODO: macos-latest was removed due to CI flakiness, we can revisit adding it back later | |
os: [ ubuntu-latest, windows-latest ] | |
include: | |
- os: windows-latest | |
os_build_args: -x integTest -x jacocoTestReport | |
working_directory: X:\ | |
os_java_options: -Xmx4096M | |
cypress_cache_folder: ~/AppData/Local/Cypress/Cache | |
- os: ubuntu-latest | |
os_build_args: -x integTest -x jacocoTestReport | |
jest_test_args: --coverage | |
cypress_cache_folder: ~/.cache/Cypress | |
# TODO: Add back when macos-latest is back in the test matrix | |
# - os: macos-latest | |
# cypress_cache_folder: ~/Library/Caches/Cypress | |
name: Test and Build Dashboards Notifications on ${{ matrix.os }} | |
runs-on: ${{ matrix.os }} | |
steps: | |
- name: Set up JDK | |
uses: actions/setup-java@v2 | |
with: | |
distribution: temurin # Temurin is a distribution of adoptium | |
java-version: 11 | |
- name: Checkout Plugin | |
uses: actions/checkout@v2 | |
with: | |
path: notifications | |
repository: opensearch-project/notifications | |
ref: '2.x' | |
# This is a hack, but this step creates a link to the X: mounted drive, which makes the path | |
# short enough to work on Windows | |
- name: Shorten Path | |
if: ${{ matrix.os == 'windows-latest' }} | |
run: | | |
git config --system core.longpaths true | |
subst 'X:' . | |
- name: enable long paths in git | |
if: ${{ matrix.os == 'windows-latest' }} | |
run: | | |
# enable long paths to fix "path too long" errors when cloning repos in windows | |
git config --system core.longpaths true | |
shell: bash | |
- name: Check out the notifications repo | |
uses: actions/checkout@v2 | |
with: | |
repository: opensearch-project/notifications | |
ref: ${{ env.NOTIFICATIONS_PLUGIN_VERSION }} | |
path: notifications | |
- name: Run Opensearch with plugin | |
working-directory: ${{ env.WORKING_DIR }} | |
run: | | |
# Install coreutils for macOS since timeout doesn't seem to available on that OS even when forcing bash shell | |
if [ "$RUNNER_OS" == "macOS" ]; then | |
brew install coreutils | |
fi | |
cd notifications/notifications | |
./gradlew run -Dopensearch.version=${{ env.OPENSEARCH_VERSION }} -x integTest -x jacocoTestReport & | |
timeout 300 bash -c 'while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:9200)" != "200" ]]; do sleep 5; done' | |
shell: bash | |
env: | |
_JAVA_OPTIONS: ${{ matrix.os_java_options }} | |
- name: Checkout Notification Dashboards plugin | |
uses: actions/checkout@v2 | |
with: | |
path: dashboards-notifications | |
- name: Checkout OpenSearch Dashboards | |
uses: actions/checkout@v2 | |
with: | |
repository: opensearch-project/Opensearch-Dashboards | |
ref: ${{ env.OPENSEARCH_DASHBOARDS_VERSION }} | |
path: OpenSearch-Dashboards | |
- name: Setup Node | |
uses: actions/setup-node@v3 | |
with: | |
node-version-file: './OpenSearch-Dashboards/.nvmrc' | |
registry-url: 'https://registry.npmjs.org' | |
- name: Install correct yarn version for OpenSearch Dashboards | |
# Need to use bash to avoid having a windows/linux specific step | |
shell: bash | |
run: | | |
YARN_VERSION=$(node -p "require('./OpenSearch-Dashboards/package.json').engines.yarn") | |
echo "Installing yarn@$YARN_VERSION" | |
npm i -g yarn@$YARN_VERSION | |
- run: node -v | |
- run: yarn -v | |
- name: Set npm to use bash for shell | |
if: ${{ matrix.os == 'windows-latest' }} | |
run: | | |
# Sets Windows to use bash for npm shell so the script commands work as intended | |
npm config set script-shell "C:\\Program Files\\git\\bin\\bash.exe" | |
- name: Move Notifications to Plugins Dir | |
run: | | |
mv dashboards-notifications OpenSearch-Dashboards/plugins/dashboards-notifications | |
- name: OpenSearch Dashboards Plugin Bootstrap | |
run: | | |
cd ./OpenSearch-Dashboards/plugins/dashboards-notifications | |
yarn osd bootstrap | |
- name: Build Artifact | |
run: | | |
cd ./OpenSearch-Dashboards/plugins/dashboards-notifications | |
yarn build | |
- name: Run unit tests | |
uses: nick-fields/retry@v2 | |
with: | |
timeout_minutes: 30 | |
max_attempts: 1 | |
command: cd ./OpenSearch-Dashboards/plugins/dashboards-notifications; yarn test:jest ${{ env.JEST_TEST_ARGS }} | |
shell: bash | |
- name: Run OpenSearch Dashboards server | |
run: | | |
cd ./OpenSearch-Dashboards | |
yarn start --no-base-path --no-watch --server.host="0.0.0.0" & | |
timeout 400 bash -c 'while [[ "$(curl -s http://localhost:5601/api/status | jq -r '.status.overall.state')" != "green" ]]; do echo sleeping 5; sleep 5; done' | |
curl -sk localhost:5601/api/status | jq | |
netstat -anp tcp | grep LISTEN | grep 5601 || netstat -ntlp | grep 5601 | |
shell: bash | |
- name: Add sleep to wait for bundle build completion | |
run: | | |
sleep 300 | |
# sleep two more minutes to make sure all the bundles have been built. | |
shell: bash | |
- name: Install Cypress | |
run: | | |
cd ./OpenSearch-Dashboards/plugins/dashboards-notifications | |
# This will install Cypress in case the binary is missing which can happen on Windows and Mac | |
# If the binary exists, this will exit quickly so it should not be an expensive operation | |
npx cypress install | |
shell: bash | |
- name: Get Cypress version | |
id: cypress_version | |
run: | | |
cd ./OpenSearch-Dashboards/plugins/dashboards-notifications | |
echo "::set-output name=cypress_version::$(cat ./package.json | jq '.dependencies.cypress' | tr -d '"')" | |
- name: Cache Cypress | |
id: cache-cypress | |
uses: actions/cache@v2 | |
with: | |
path: ${{ matrix.cypress_cache_folder }} | |
key: cypress-cache-v2-${{ runner.os }}-${{ hashFiles('OpenSearch-Dashboards/plugins/dashboards-notifications/package.json') }} | |
- name: Reset npm's script shell | |
if: ${{ matrix.os == 'windows-latest' }} | |
run: | | |
# Resetting npm's script shell for Windows so `yarn run cypress` doesn't have conflicts | |
npm config delete script-shell | |
- name: Run Cypress tests | |
uses: cypress-io/github-action@v2 | |
with: | |
working-directory: OpenSearch-Dashboards/plugins/dashboards-notifications | |
command: yarn run cypress run | |
wait-on: 'http://localhost:5601' | |
env: | |
CYPRESS_CACHE_FOLDER: ${{ matrix.cypress_cache_folder }} | |
# Screenshots are only captured on failure, will change this once we do visual regression tests | |
- uses: actions/upload-artifact@v1 | |
if: failure() | |
with: | |
name: cypress-screenshots-${{ matrix.os }} | |
path: OpenSearch-Dashboards/plugins/dashboards-notifications/.cypress/screenshots | |
# Test run video was always captured, so this action uses "always()" condition | |
- uses: actions/upload-artifact@v1 | |
if: always() | |
with: | |
name: cypress-videos-${{ matrix.os }} | |
path: OpenSearch-Dashboards/plugins/dashboards-notifications/.cypress/videos | |
- name: Upload coverage | |
if: ${{ matrix.os == 'ubuntu-latest' }} | |
uses: codecov/codecov-action@v1 | |
with: | |
flags: dashboards-notifications | |
directory: OpenSearch-Dashboards/plugins/ | |
token: ${{ secrets.CODECOV_TOKEN }} | |
- name: Upload Artifact | |
uses: actions/upload-artifact@v1 | |
with: | |
name: dashboards-notifications | |
path: OpenSearch-Dashboards/plugins/dashboards-notifications/build |