From f238986831900d67bc81650e22c836d6aba0b9dd Mon Sep 17 00:00:00 2001 From: Salim Afiune Maya Date: Mon, 16 Oct 2023 15:44:55 -0700 Subject: [PATCH] ci: migrate windows pipelines to GH actions Signed-off-by: Salim Afiune Maya --- .github/workflows/chocolatey-release.yml | 25 +++++++++++++++++++ .github/workflows/commit-lint.yml | 2 +- .github/workflows/windows-integration.yml | 29 +++++++++++++++++++++++ vendor/golang.org/x/net/html/doc.go | 22 ++++++++++------- vendor/golang.org/x/net/html/render.go | 28 ++++++++++++++++++---- vendor/golang.org/x/net/html/token.go | 9 ++++++- 6 files changed, 101 insertions(+), 14 deletions(-) create mode 100644 .github/workflows/chocolatey-release.yml create mode 100644 .github/workflows/windows-integration.yml diff --git a/.github/workflows/chocolatey-release.yml b/.github/workflows/chocolatey-release.yml new file mode 100644 index 000000000..3f228e842 --- /dev/null +++ b/.github/workflows/chocolatey-release.yml @@ -0,0 +1,25 @@ +name: Publish the Lacework CLI to Chocolatey + +on: workflow_dispatch + +jobs: + publish-chocolatey: + runs-on: windows-latest + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.ref }} + fetch-depth: 0 + + - name: Running integration tests + container: lacework/win-golang:1.18-20h2 + shell: pwsh + run: | + # install chocolatey + Set-ExecutionPolicy Bypass -Scope Process -Force + [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072 + iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1')) + # publish chocolatey package + ./scripts/chocolatey/package.ps1 + exit $LastExitCode diff --git a/.github/workflows/commit-lint.yml b/.github/workflows/commit-lint.yml index 907090ecd..5fec51c26 100644 --- a/.github/workflows/commit-lint.yml +++ b/.github/workflows/commit-lint.yml @@ -21,4 +21,4 @@ jobs: - name: Run gitlint shell: bash run: | - gitlint --commit ${{ github.event.pull_request.head.sha }} --debug \ No newline at end of file + gitlint --commit ${{ github.event.pull_request.head.sha }} --debug diff --git a/.github/workflows/windows-integration.yml b/.github/workflows/windows-integration.yml new file mode 100644 index 000000000..a295bb4b5 --- /dev/null +++ b/.github/workflows/windows-integration.yml @@ -0,0 +1,29 @@ +name: Run integration tests for the Lacework CLI on Windows + +on: + push: + branches: + - main + - release + +jobs: + windows-integration-tests: + runs-on: windows-latest + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.ref }} + fetch-depth: 0 + + - uses: actions/setup-go@v4 + with: + go-version: '^1.21' + - run: go version + + - name: Running integration tests + shell: pwsh + run: | + Set-ExecutionPolicy Bypass -Scope Process -Force + ./scripts/codefresh.ps1 + exit $LastExitCode diff --git a/vendor/golang.org/x/net/html/doc.go b/vendor/golang.org/x/net/html/doc.go index 7a96eae33..2466ae3d9 100644 --- a/vendor/golang.org/x/net/html/doc.go +++ b/vendor/golang.org/x/net/html/doc.go @@ -99,14 +99,20 @@ Care should be taken when parsing and interpreting HTML, whether full documents or fragments, within the framework of the HTML specification, especially with regard to untrusted inputs. -This package provides both a tokenizer and a parser. Only the parser constructs -a DOM according to the HTML specification, resolving malformed and misplaced -tags where appropriate. The tokenizer simply tokenizes the HTML presented to it, -and as such does not resolve issues that may exist in the processed HTML, -producing a literal interpretation of the input. - -If your use case requires semantically well-formed HTML, as defined by the -WHATWG specifiction, the parser should be used rather than the tokenizer. +This package provides both a tokenizer and a parser, which implement the +tokenization, and tokenization and tree construction stages of the WHATWG HTML +parsing specification respectively. While the tokenizer parses and normalizes +individual HTML tokens, only the parser constructs the DOM tree from the +tokenized HTML, as described in the tree construction stage of the +specification, dynamically modifying or extending the docuemnt's DOM tree. + +If your use case requires semantically well-formed HTML documents, as defined by +the WHATWG specification, the parser should be used rather than the tokenizer. + +In security contexts, if trust decisions are being made using the tokenized or +parsed content, the input must be re-serialized (for instance by using Render or +Token.String) in order for those trust decisions to hold, as the process of +tokenization or parsing may alter the content. */ package html // import "golang.org/x/net/html" diff --git a/vendor/golang.org/x/net/html/render.go b/vendor/golang.org/x/net/html/render.go index 8b2803190..e8c123345 100644 --- a/vendor/golang.org/x/net/html/render.go +++ b/vendor/golang.org/x/net/html/render.go @@ -194,9 +194,8 @@ func render1(w writer, n *Node) error { } } - // Render any child nodes. - switch n.Data { - case "iframe", "noembed", "noframes", "noscript", "plaintext", "script", "style", "xmp": + // Render any child nodes + if childTextNodesAreLiteral(n) { for c := n.FirstChild; c != nil; c = c.NextSibling { if c.Type == TextNode { if _, err := w.WriteString(c.Data); err != nil { @@ -213,7 +212,7 @@ func render1(w writer, n *Node) error { // last element in the file, with no closing tag. return plaintextAbort } - default: + } else { for c := n.FirstChild; c != nil; c = c.NextSibling { if err := render1(w, c); err != nil { return err @@ -231,6 +230,27 @@ func render1(w writer, n *Node) error { return w.WriteByte('>') } +func childTextNodesAreLiteral(n *Node) bool { + // Per WHATWG HTML 13.3, if the parent of the current node is a style, + // script, xmp, iframe, noembed, noframes, or plaintext element, and the + // current node is a text node, append the value of the node's data + // literally. The specification is not explicit about it, but we only + // enforce this if we are in the HTML namespace (i.e. when the namespace is + // ""). + // NOTE: we also always include noscript elements, although the + // specification states that they should only be rendered as such if + // scripting is enabled for the node (which is not something we track). + if n.Namespace != "" { + return false + } + switch n.Data { + case "iframe", "noembed", "noframes", "noscript", "plaintext", "script", "style", "xmp": + return true + default: + return false + } +} + // writeQuoted writes s to w surrounded by quotes. Normally it will use double // quotes, but if s contains a double quote, it will use single quotes. // It is used for writing the identifiers in a doctype declaration. diff --git a/vendor/golang.org/x/net/html/token.go b/vendor/golang.org/x/net/html/token.go index 5c2a1f4ef..de67f938a 100644 --- a/vendor/golang.org/x/net/html/token.go +++ b/vendor/golang.org/x/net/html/token.go @@ -913,7 +913,14 @@ func (z *Tokenizer) readTagAttrKey() { case ' ', '\n', '\r', '\t', '\f', '/': z.pendingAttr[0].end = z.raw.end - 1 return - case '=', '>': + case '=': + if z.pendingAttr[0].start+1 == z.raw.end { + // WHATWG 13.2.5.32, if we see an equals sign before the attribute name + // begins, we treat it as a character in the attribute name and continue. + continue + } + fallthrough + case '>': z.raw.end-- z.pendingAttr[0].end = z.raw.end return