Skip to content

Commit 0357060

Browse files
adishM98adishM98
authored
Added security fixes (ToolJet#15766)
2 parents 91db41c + 5e370de commit 0357060

1 file changed

Lines changed: 30 additions & 23 deletions

File tree

.github/workflows/code-coverage.yml

Lines changed: 30 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -1,40 +1,48 @@
11
name: Cypress Code-Coverage
22

33
on:
4-
pull_request_target:
5-
types: [labeled, unlabeled, closed]
4+
pull_request:
5+
types: [labeled, unlabeled, synchronize, closed]
66

77
workflow_dispatch:
88

99
env:
10-
PR_NUMBER: ${{ github.event.number }}
10+
PR_NUMBER: ${{ github.event.pull_request.number }}
1111
BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
1212

1313
jobs:
1414
Cypress-Code-Coverage:
1515
name: Code coverage
1616
runs-on: ubuntu-22.04
1717

18-
if: ${{ github.event.action == 'labeled' && (github.event.label.name == 'check-coverage') }}
18+
if: >-
19+
(
20+
(github.event.action == 'labeled' && github.event.label.name == 'check-coverage')
21+
|| (github.event.action == 'synchronize' && contains(github.event.pull_request.labels.*.name, 'check-coverage'))
22+
)
23+
&& github.event.pull_request.head.repo.full_name == github.repository
1924
2025
steps:
2126
- name: Setup Node.js
22-
uses: actions/setup-node@v2
27+
uses: actions/setup-node@v4
2328
with:
2429
node-version: 18.18.2
2530

2631
- name: Set up Docker
2732
uses: docker-practice/actions-setup-docker@master
2833

29-
- name: Run PosgtreSQL Database Docker Container
34+
- name: Run PostgreSQL Database Docker Container
3035
run: |
3136
sudo docker network create tooljet
32-
sudo docker run -d --name postgres --network tooljet -p 5432:5432 -e POSTGRES_PASSWORD=postgres -e POSTGRES_USER=postgres -e POSTGRES_PORT=5432 -d postgres:13
37+
sudo docker run -d --name postgres --network tooljet \
38+
-p 5432:5432 \
39+
-e POSTGRES_PASSWORD=postgres \
40+
-e POSTGRES_USER=postgres \
41+
-e POSTGRES_PORT=5432 \
42+
postgres:13
3343
3444
- name: Checkout
35-
uses: actions/checkout@v3
36-
with:
37-
ref: ${{ github.event.pull_request.head.ref }}
45+
uses: actions/checkout@v4
3846

3947
- name: Install and build dependencies
4048
run: |
@@ -61,22 +69,24 @@ jobs:
6169
echo "TOOLJET_DB_PASS=postgres" >> .env
6270
echo "PGRST_JWT_SECRET=r9iMKoe5CRMgvJBBtp4HrqN7QiPpUToj" >> .env
6371
echo "PGRST_HOST=localhost:3001" >> .env
64-
echo "NODE_ENV=developement" >> .env
72+
echo "NODE_ENV=development" >> .env
6573
6674
- name: Set up database
6775
run: |
6876
npm run --prefix server db:create
6977
npm run --prefix server db:reset
7078
npm run --prefix server db:seed
7179
72-
- name: sleep 5
80+
- name: Wait for database seed to settle
7381
run: sleep 5
7482

7583
- name: Run PostgREST Docker Container
7684
run: |
7785
sudo docker run -d --name postgrest --network tooljet -p 3001:3000 \
78-
-e PGRST_DB_URI="postgres://postgres:postgres@postgres:5432/tooljet" -e PGRST_DB_ANON_ROLE="postgres" -e PGRST_JWT_SECRET="r9iMKoe5CRMgvJBBtp4HrqN7QiPpUToj" \
79-
postgrest/postgrest:v10.1.1.20221215
86+
-e PGRST_DB_URI="postgres://postgres:postgres@postgres:5432/tooljet" \
87+
-e PGRST_DB_ANON_ROLE="postgres" \
88+
-e PGRST_JWT_SECRET="r9iMKoe5CRMgvJBBtp4HrqN7QiPpUToj" \
89+
postgrest/postgrest:v10.1.1.20221215
8090
8191
- name: Run plugins compilation in watch mode
8292
run: cd plugins && npm start &
@@ -94,7 +104,7 @@ jobs:
94104
sleep 5
95105
done'
96106
97-
- name: docker logs
107+
- name: PostgREST logs
98108
run: sudo docker logs postgrest
99109

100110
- name: Create Cypress environment file
@@ -107,25 +117,22 @@ jobs:
107117

108118
- name: Install Cypress
109119
working-directory: ./cypress-tests
110-
run: |
111-
npm install
112-
120+
run: npm install
113121

114122
- name: Run Cypress tests
115123
working-directory: ./cypress-tests
116-
run: |
117-
npm run cy:run
124+
run: npm run cy:run
118125

119126
- name: Debugging
127+
if: always()
120128
run: |
121129
ls -R cypress-tests
122130
ls -R /home/runner/work/ToolJet/ToolJet/cypress-tests
123131
cat /home/runner/work/ToolJet/ToolJet/cypress-tests/.nyc_output/out.json
124-
125132
126133
- name: Upload Coverage Report
127-
uses: actions/upload-artifact@v3
134+
uses: actions/upload-artifact@v4
128135
if: always()
129136
with:
130137
name: coverage
131-
path: cypress-tests/coverage
138+
path: cypress-tests/coverage

0 commit comments

Comments
 (0)