Skip to content

Use safevalues to fix trusted types issues reported by tsec #12495

Use safevalues to fix trusted types issues reported by tsec

Use safevalues to fix trusted types issues reported by tsec #12495

# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Test Firestore Integration
on: pull_request
env:
# Bump Node memory limit
NODE_OPTIONS: "--max_old_space_size=4096"
jobs:
test:
name: Test Firestore Integration If Changed
runs-on: ubuntu-latest
env:
run_terraform_steps: ${{ secrets.JSSDK_ACTIONS_SA_KEY != '' }}
steps:
- name: Checkout Repo
uses: actions/checkout@master
with:
# This makes Actions fetch all Git history so run-changed script can diff properly.
fetch-depth: 0
- uses: 'google-github-actions/auth@v0'
if: ${{ fromJSON(env.run_terraform_steps) }}
with:
credentials_json: '${{ secrets.JSSDK_ACTIONS_SA_KEY }}'
# create composite indexes with Terraform
- name: Setup Terraform
if: ${{ fromJSON(env.run_terraform_steps) }}
uses: hashicorp/setup-terraform@v2
- name: Terraform Init
if: ${{ fromJSON(env.run_terraform_steps) }}
run: |
cp config/ci.config.json config/project.json
cd packages/firestore
terraform init
continue-on-error: true
- name: Terraform Apply
if: github.event_name == 'pull_request' && fromJSON(env.run_terraform_steps)
run: |
cd packages/firestore
# Define a temporary file, redirect both stdout and stderr to it
output_file=$(mktemp)
if ! terraform apply -var-file=../../config/project.json -auto-approve > "$output_file" 2>&1 ; then
cat "$output_file"
if cat "$output_file" | grep -q "index already exists"; then
echo "==================================================================================="
echo -e "\e[93m\e[1mTerraform apply failed due to index already exists; We can safely ignore this error.\e[0m"
echo "==================================================================================="
fi
exit 1
fi
rm -f "$output_file"
continue-on-error: true
- name: Set up Node (20)
uses: actions/setup-node@v3
with:
node-version: 20.x
- name: install Chrome stable
run: |
sudo apt-get update
sudo apt-get install google-chrome-stable
- name: Test setup and yarn install
run: yarn
- name: build
run: yarn build:changed firestore-integration
- name: Run tests if firestore or its dependencies has changed
run: yarn test:changed firestore-integration