Skip to content

[CVE] Fix CVE-2024-21538 issue #891

[CVE] Fix CVE-2024-21538 issue

[CVE] Fix CVE-2024-21538 issue #891

name: Test and Build Gantt Chart
on: [pull_request, push]
env:
PLUGIN_NAME: gantt-chart-dashboards
OPENSEARCH_VERSION: 'main'
OPENSEARCH_PLUGIN_VERSION: 3.0.0.0
jobs:
Get-CI-Image-Tag:
uses: opensearch-project/opensearch-build/.github/workflows/get-ci-image-tag.yml@main
with:
product: opensearch-dashboards
linux-build:
needs: Get-CI-Image-Tag
runs-on: ubuntu-latest
container:
# using the same image which is used by opensearch-build team to build the OpenSearch Distribution
# this image tag is subject to change as more dependencies and updates will arrive over time
image: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-version-linux }}
# need to switch to root so that github actions can install runner binary on container without permission issues.
options: --user root
steps:
- name: Checkout OpenSearch Dashboards
uses: actions/checkout@v2
with:
repository: opensearch-project/Opensearch-Dashboards
ref: ${{ env.OPENSEARCH_VERSION }}
path: OpenSearch-Dashboards
- name: Checkout Plugin
uses: actions/checkout@v2
with:
path: OpenSearch-Dashboards/plugins/dashboards-visualizations
- name: Plugin Bootstrap / stylelint / test
run: |
chown -R 1000:1000 `pwd`
cd OpenSearch-Dashboards/
su `id -un 1000` -c "source $NVM_DIR/nvm.sh && nvm use && node -v && yarn -v &&
cd ./plugins/dashboards-visualizations &&
whoami && yarn osd bootstrap --single-version=loose && yarn lint:style && yarn test --coverage"
- name: Upload coverage
uses: codecov/codecov-action@v1
with:
directory: ./OpenSearch-Dashboards/plugins/dashboards-visualizations
token: ${{ secrets.CODECOV_TOKEN }}
- name: Build Artifact
run: |
chown -R 1000:1000 `pwd`
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations
su `id -un 1000` -c "source $NVM_DIR/nvm.sh && nvm use && node -v && yarn -v && yarn build"
mv ./build/*.zip ./build/${{ env.PLUGIN_NAME }}-${{ env.OPENSEARCH_PLUGIN_VERSION }}.zip
- name: Upload Artifact
uses: actions/upload-artifact@v4
with:
name: gantt-chart-ubuntu
path: ./OpenSearch-Dashboards/plugins/dashboards-visualizations/build
windows-build:
runs-on: windows-latest
steps:
# Enable longer filenames for windows
- name: Enable longer filenames
run: git config --system core.longpaths true
- name: Checkout OpenSearch Dashboards
uses: actions/checkout@v2
with:
repository: opensearch-project/Opensearch-Dashboards
ref: ${{ env.OPENSEARCH_VERSION }}
path: OpenSearch-Dashboards
- name: Checkout Plugin
uses: actions/checkout@v2
with:
path: OpenSearch-Dashboards/plugins/dashboards-visualizations
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version-file: './OpenSearch-Dashboards/.nvmrc'
registry-url: 'https://registry.npmjs.org'
- name: Install Yarn
# Need to use bash to avoid having a windows/linux specific step
shell: bash
run: |
YARN_VERSION=$(node -p "require('./OpenSearch-Dashboards/package.json').engines.yarn")
echo "Installing yarn@$YARN_VERSION"
npm i -g yarn@$YARN_VERSION
- run: node -v
- run: yarn -v
- name: Plugin Bootstrap
run: |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations
yarn osd bootstrap --single-version=loose
- name: Run Stylelint
run: |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations
yarn lint:style
- name: Test
run: |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations
yarn test
- name: Build Artifact
run: |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations
yarn build
mv ./build/*.zip ./build/${{ env.PLUGIN_NAME }}-${{ env.OPENSEARCH_PLUGIN_VERSION }}.zip
- name: Upload Artifact
uses: actions/upload-artifact@v4
with:
name: gantt-chart-windows
path: ./OpenSearch-Dashboards/plugins/dashboards-visualizations/build
macos-build:
runs-on: macos-latest
steps:
- name: Checkout OpenSearch Dashboards
uses: actions/checkout@v2
with:
repository: opensearch-project/Opensearch-Dashboards
ref: ${{ env.OPENSEARCH_VERSION }}
path: OpenSearch-Dashboards
- name: Checkout Plugin
uses: actions/checkout@v2
with:
path: OpenSearch-Dashboards/plugins/dashboards-visualizations
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version-file: './OpenSearch-Dashboards/.nvmrc'
registry-url: 'https://registry.npmjs.org'
- name: Install Yarn
# Need to use bash to avoid having a windows/linux specific step
shell: bash
run: |
YARN_VERSION=$(node -p "require('./OpenSearch-Dashboards/package.json').engines.yarn")
echo "Installing yarn@$YARN_VERSION"
npm i -g yarn@$YARN_VERSION
- run: node -v
- run: yarn -v
- name: Plugin Bootstrap
run: |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations
yarn osd bootstrap --single-version=loose
- name: Run Stylelint
run: |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations
yarn lint:style
- name: Test
run: |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations
yarn test
- name: Build Artifact
run: |
cd ./OpenSearch-Dashboards/plugins/dashboards-visualizations
yarn build
mv ./build/*.zip ./build/${{ env.PLUGIN_NAME }}-${{ env.OPENSEARCH_PLUGIN_VERSION }}.zip
- name: Upload Artifact
uses: actions/upload-artifact@v4
with:
name: gantt-chart-macos
path: ./OpenSearch-Dashboards/plugins/dashboards-visualizations/build