From 91777408e4b7c09a5c1153908c6d9760c414ac03 Mon Sep 17 00:00:00 2001 From: Joshua Li Date: Thu, 18 Aug 2022 16:48:49 -0700 Subject: [PATCH] [7.10] Restrict chromium requests (#433) * Fix ci (#2) Signed-off-by: Joshua Li * Markdown patch fix (#1) Signed-off-by: David Cui * Detect iframe, embed, object tags Signed-off-by: Joshua Li * Disallow redirection to non-localhost urls Signed-off-by: Joshua Li * Disallow connection to non-allowlisted urls Signed-off-by: Joshua Li * Disable JIT Signed-off-by: Joshua Li * Fix localstorage logic Signed-off-by: Joshua Li * Try to fix CI Signed-off-by: Joshua Li Signed-off-by: Joshua Li Signed-off-by: David Cui Co-authored-by: David Cui <53581635+davidcui1225@users.noreply.github.com> --- ...kibana-reports-test-and-build-workflow.yml | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/kibana-reports-test-and-build-workflow.yml b/.github/workflows/kibana-reports-test-and-build-workflow.yml index c660fdf0..7040c6e7 100644 --- a/.github/workflows/kibana-reports-test-and-build-workflow.yml +++ b/.github/workflows/kibana-reports-test-and-build-workflow.yml @@ -18,7 +18,7 @@ jobs: with: repository: elastic/kibana ref: v7.10.2 - path: dashboards-reports/kibana + path: kibana - name: Setup Node uses: actions/setup-node@v1 @@ -26,12 +26,12 @@ jobs: node-version: "10.23.1" - name: Move Kibana Reports to Plugins Dir - run: mv kibana-reports kibana/plugins/${{ env.PLUGIN_NAME }} + run: mv kibana-reports ../kibana/plugins/${{ env.PLUGIN_NAME }} - name: Add Chromium Binary to Reporting for Testing run: | sudo apt install -y libnss3-dev fonts-liberation libfontconfig1 - cd kibana/plugins/${{ env.PLUGIN_NAME }} + cd ../kibana/plugins/${{ env.PLUGIN_NAME }} wget https://github.com/opendistro-for-elasticsearch/kibana-reports/releases/download/chromium-1.12.0.0/chromium-linux-x64.zip unzip chromium-linux-x64.zip rm chromium-linux-x64.zip @@ -41,25 +41,25 @@ jobs: with: timeout_minutes: 30 max_attempts: 3 - command: cd kibana/plugins/${{ env.PLUGIN_NAME }}; yarn kbn bootstrap + command: cd ../kibana/plugins/${{ env.PLUGIN_NAME }}; yarn kbn bootstrap - name: Test uses: nick-invision/retry@v1 with: timeout_minutes: 30 max_attempts: 3 - command: cd kibana/plugins/${{ env.PLUGIN_NAME }}; yarn test --coverage + command: cd ../kibana/plugins/${{ env.PLUGIN_NAME }}; yarn test --coverage - name: Upload coverage uses: codecov/codecov-action@v1 with: flags: Kibana-reports - directory: kibana/plugins/ + directory: ../kibana/plugins/ token: ${{ secrets.CODECOV_TOKEN }} - name: Build Artifact run: | - cd kibana/plugins/${{ env.PLUGIN_NAME }} + cd ../kibana/plugins/${{ env.PLUGIN_NAME }} yarn build cd build @@ -93,16 +93,16 @@ jobs: uses: actions/upload-artifact@v1 with: name: kibana-reports-linux-x64 - path: kibana/plugins/${{ env.PLUGIN_NAME }}/build/${{ env.PLUGIN_NAME }}-${{ env.OD_VERSION }}-linux-x64.zip + path: ../kibana/plugins/${{ env.PLUGIN_NAME }}/build/${{ env.PLUGIN_NAME }}-${{ env.OD_VERSION }}-linux-x64.zip - name: Upload Artifact For Linux arm64 uses: actions/upload-artifact@v1 with: name: kibana-reports-linux-arm64 - path: kibana/plugins/${{ env.PLUGIN_NAME }}/build/${{ env.PLUGIN_NAME }}-${{ env.OD_VERSION }}-linux-arm64.zip + path: ../kibana/plugins/${{ env.PLUGIN_NAME }}/build/${{ env.PLUGIN_NAME }}-${{ env.OD_VERSION }}-linux-arm64.zip - name: Upload Artifact For Windows uses: actions/upload-artifact@v1 with: name: kibana-reports-windows-x64 - path: kibana/plugins/${{ env.PLUGIN_NAME }}/build/${{ env.PLUGIN_NAME }}-${{ env.OD_VERSION }}-windows-x64.zip + path: ../kibana/plugins/${{ env.PLUGIN_NAME }}/build/${{ env.PLUGIN_NAME }}-${{ env.OD_VERSION }}-windows-x64.zip