[CVE] Fix CVE-2024-21538 issue #888
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test and Build Gantt Chart | |
on: [pull_request, push] | |
env: | |
PLUGIN_NAME: gantt-chart-dashboards | |
OPENSEARCH_VERSION: 'main' | |
OPENSEARCH_PLUGIN_VERSION: 3.0.0.0 | |
jobs: | |
Get-CI-Image-Tag: | |
uses: opensearch-project/opensearch-build/.github/workflows/get-ci-image-tag.yml@main | |
with: | |
product: opensearch-dashboards | |
linux-build: | |
needs: Get-CI-Image-Tag | |
runs-on: ubuntu-latest | |
container: | |
# using the same image which is used by opensearch-build team to build the OpenSearch Distribution | |
# this image tag is subject to change as more dependencies and updates will arrive over time | |
image: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-version-linux }} | |
# need to switch to root so that github actions can install runner binary on container without permission issues. | |
options: --user root | |
steps: | |
- name: Checkout OpenSearch Dashboards | |
uses: actions/checkout@v2 | |
with: | |
repository: opensearch-project/Opensearch-Dashboards | |
ref: ${{ env.OPENSEARCH_VERSION }} | |
path: OpenSearch-Dashboards | |
- name: Checkout Plugin | |
uses: actions/checkout@v2 | |
with: | |
path: OpenSearch-Dashboards/plugins/dashboards-visualizations | |
- name: Plugin Bootstrap / stylelint / test | |
run: | | |
chown -R 1000:1000 `pwd` | |
cd OpenSearch-Dashboards/ | |
su `id -un 1000` -c "source $NVM_DIR/nvm.sh && nvm use && node -v && yarn -v && | |
cd ./plugins/dashboards-visualizations && | |
whoami && yarn osd bootstrap --single-version=loose && yarn lint:style && yarn test --coverage" | |
- name: Upload coverage | |
uses: codecov/codecov-action@v1 | |
with: | |
directory: ./OpenSearch-Dashboards/plugins/dashboards-visualizations | |
token: ${{ secrets.CODECOV_TOKEN }} | |
- name: Build Artifact | |
run: | | |
chown -R 1000:1000 `pwd` | |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations | |
su `id -un 1000` -c "source $NVM_DIR/nvm.sh && nvm use && node -v && yarn -v && yarn build" | |
mv ./build/*.zip ./build/${{ env.PLUGIN_NAME }}-${{ env.OPENSEARCH_PLUGIN_VERSION }}.zip | |
- name: Upload Artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: gantt-chart-ubuntu | |
path: ./OpenSearch-Dashboards/plugins/dashboards-visualizations/build | |
windows-build: | |
runs-on: windows-latest | |
steps: | |
# Enable longer filenames for windows | |
- name: Enable longer filenames | |
run: git config --system core.longpaths true | |
- name: Checkout OpenSearch Dashboards | |
uses: actions/checkout@v2 | |
with: | |
repository: opensearch-project/Opensearch-Dashboards | |
ref: ${{ env.OPENSEARCH_VERSION }} | |
path: OpenSearch-Dashboards | |
- name: Checkout Plugin | |
uses: actions/checkout@v2 | |
with: | |
path: OpenSearch-Dashboards/plugins/dashboards-visualizations | |
- name: Setup Node | |
uses: actions/setup-node@v3 | |
with: | |
node-version-file: './OpenSearch-Dashboards/.nvmrc' | |
registry-url: 'https://registry.npmjs.org' | |
- name: Install Yarn | |
# Need to use bash to avoid having a windows/linux specific step | |
shell: bash | |
run: | | |
YARN_VERSION=$(node -p "require('./OpenSearch-Dashboards/package.json').engines.yarn") | |
echo "Installing yarn@$YARN_VERSION" | |
npm i -g yarn@$YARN_VERSION | |
- run: node -v | |
- run: yarn -v | |
- name: Plugin Bootstrap | |
run: | | |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations | |
yarn osd bootstrap --single-version=loose | |
- name: Run Stylelint | |
run: | | |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations | |
yarn lint:style | |
- name: Test | |
run: | | |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations | |
yarn test | |
- name: Build Artifact | |
run: | | |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations | |
yarn build | |
mv ./build/*.zip ./build/${{ env.PLUGIN_NAME }}-${{ env.OPENSEARCH_PLUGIN_VERSION }}.zip | |
- name: Upload Artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: gantt-chart-windows | |
path: ./OpenSearch-Dashboards/plugins/dashboards-visualizations/build | |
macos-build: | |
runs-on: macos-latest | |
steps: | |
- name: Checkout OpenSearch Dashboards | |
uses: actions/checkout@v2 | |
with: | |
repository: opensearch-project/Opensearch-Dashboards | |
ref: ${{ env.OPENSEARCH_VERSION }} | |
path: OpenSearch-Dashboards | |
- name: Checkout Plugin | |
uses: actions/checkout@v2 | |
with: | |
path: OpenSearch-Dashboards/plugins/dashboards-visualizations | |
- name: Setup Node | |
uses: actions/setup-node@v3 | |
with: | |
node-version-file: './OpenSearch-Dashboards/.nvmrc' | |
registry-url: 'https://registry.npmjs.org' | |
- name: Install Yarn | |
# Need to use bash to avoid having a windows/linux specific step | |
shell: bash | |
run: | | |
YARN_VERSION=$(node -p "require('./OpenSearch-Dashboards/package.json').engines.yarn") | |
echo "Installing yarn@$YARN_VERSION" | |
npm i -g yarn@$YARN_VERSION | |
- run: node -v | |
- run: yarn -v | |
- name: Plugin Bootstrap | |
run: | | |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations | |
yarn osd bootstrap --single-version=loose | |
- name: Run Stylelint | |
run: | | |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations | |
yarn lint:style | |
- name: Test | |
run: | | |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations | |
yarn test | |
- name: Build Artifact | |
run: | | |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations | |
yarn build | |
mv ./build/*.zip ./build/${{ env.PLUGIN_NAME }}-${{ env.OPENSEARCH_PLUGIN_VERSION }}.zip | |
- name: Upload Artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: gantt-chart-macos | |
path: ./OpenSearch-Dashboards/plugins/dashboards-visualizations/build | |