Skip to content

[Backport 2.x] Bump micromatch for CVE-2024-4067 #4425

[Backport 2.x] Bump micromatch for CVE-2024-4067

[Backport 2.x] Bump micromatch for CVE-2024-4067 #4425

name: Integration Tests
on: [push, pull_request]
env:
TEST_BROWSER_HEADLESS: 1
CI: 1
PLUGIN_NAME: opensearch-security
OPENSEARCH_INITIAL_ADMIN_PASSWORD: myStrongPassword123!
jobs:
tests:
name: Run integration tests
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest , windows-latest ]
runs-on: ${{ matrix.os }}
steps:
- name: Checkout Branch
uses: actions/checkout@v3
- name: Set up JDK
uses: actions/setup-java@v1
with:
java-version: 11
- name: Set env
run: |
opensearch_version=$(node -p "require('./package.json').opensearchDashboards.version")
plugin_version=$(node -p "require('./package.json').version")
echo "OPENSEARCH_VERSION=$opensearch_version" >> $GITHUB_ENV
echo "PLUGIN_VERSION=$plugin_version" >> $GITHUB_ENV
shell: bash
- name: Download security plugin and create setup scripts for remote cluster
uses: ./.github/actions/download-plugin
with:
opensearch-version: ${{ env.OPENSEARCH_VERSION }}
plugin-name: ${{ env.PLUGIN_NAME }}
download-location: ${{env.PLUGIN_NAME}}-${{ env.OPENSEARCH_VERSION }}
plugin-version: ${{ env.PLUGIN_VERSION }}
- name: Download security plugin and create setup scripts for local cluster
uses: ./.github/actions/download-plugin
with:
opensearch-version: ${{ env.OPENSEARCH_VERSION }}
plugin-name: ${{ env.PLUGIN_NAME }}
download-location: ${{env.PLUGIN_NAME}}
plugin-version: ${{ env.PLUGIN_VERSION }}
- name: Run Opensearch with A Single Plugin Remote Cluster
uses: derek-ho/start-opensearch@v4
with:
opensearch-version: ${{ env.OPENSEARCH_VERSION }}
plugins: "file:$(pwd)/opensearch-security-${{ env.OPENSEARCH_VERSION }}.zip"
security-enabled: true
admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}
security_config_file: ${{ inputs.security_config_file }}
port: 9202
- name: Check OpenSearch remote is running
run: |
curl https://localhost:9202/_cat/plugins -v -u admin:${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} -k
shell: bash
- name: Run Opensearch with security
uses: derek-ho/start-opensearch@v2
with:
opensearch-version: ${{ env.OPENSEARCH_VERSION }}
plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip"
security-enabled: true
admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}
# https://github.com/actions/runner-images/issues/2840#issuecomment-790492173
- name: Remove unnecessary files Linux
if: ${{ runner.os == 'Linux' }}
run: |
sudo rm -rf /usr/share/dotnet
sudo rm -rf "$AGENT_TOOLSDIRECTORY"
- id: install-dashboards
uses: derek-ho/setup-opensearch-dashboards@v3
with:
plugin_name: security-dashboards-plugin
- name: Start Dashboards in background
run: node scripts/build_opensearch_dashboards_platform_plugins.js
working-directory: ${{ steps.install-dashboards.outputs.dashboards-directory }}
- name: Yarn cache clean
run: yarn cache clean
- name: Run integration tests on Linux
if: ${{ runner.os == 'Linux' }}
run: |
echo "check if opensearch is ready"
curl -XGET https://localhost:9200 -u 'admin:${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}' -k
ADMIN_PASSWORD=${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} yarn test:jest_server --coverage
shell: bash
working-directory: ${{ steps.install-dashboards.outputs.plugin-directory }}
- name: Run integration tests on Windows
if: ${{ runner.os == 'Windows' }}
run: |
echo "check if opensearch is ready"
curl -XGET https://localhost:9200 -u 'admin:${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}' -k
export ADMIN_PASSWORD=${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} && node ./test/run_jest_tests.js --runInBand --detectOpenHandles --forceExit --config ./test/jest.config.server.js
shell: bash
working-directory: ${{ steps.install-dashboards.outputs.plugin-directory }}