[Snyk] Security upgrade puppeteer-core from 13.7.0 to 22.11.2 #23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: DevTools | |
on: | |
push: | |
branches: [master] | |
pull_request: # run on all PRs, not just PRs to a particular branch | |
env: | |
DEPOT_TOOLS_PATH: ${{ github.workspace }}/depot-tools | |
DEVTOOLS_PATH: ${{ github.workspace }}/devtools-frontend | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set $PATH | |
run: echo "$DEPOT_TOOLS_PATH" >> $GITHUB_PATH | |
- name: git clone | |
uses: actions/checkout@v2 | |
with: | |
path: lighthouse | |
- name: Use Node.js 14.x | |
uses: actions/setup-node@v1 | |
with: | |
node-version: 14.x | |
- name: Generate cache hash | |
run: bash $GITHUB_WORKSPACE/lighthouse/.github/scripts/generate-devtools-hash.sh > cdt-test-hash.txt | |
- name: Set week of the year | |
run: echo "WEEK_OF_THE_YEAR=$(date +%V)" >> $GITHUB_ENV | |
# Caches are invalidated at least once a week, so that's the max time between testing | |
# with the latest dependencies. Any commit to the DevTools repo touching Lighthouse | |
# code will invalidate the cache sooner. | |
- name: Cache depot tools and devtools | |
id: devtools-cache | |
uses: actions/cache@v3 | |
with: | |
path: | | |
${{ env.DEPOT_TOOLS_PATH }} | |
${{ env.DEVTOOLS_PATH }} | |
${{ github.workspace }}/.gclient | |
${{ github.workspace }}/.gclient_entries | |
# This hash key changes: | |
# 1) every monday (so invalidates once a week) | |
# 2) every commit to CDT touching files important to Lighthouse web tests | |
# 3) every change to file in Lighthouse repo important to running these tests. | |
# | |
# The number is how many times this hash key was manually updated to break the cache. | |
key: ${{ runner.os }}-9-${{ env.WEEK_OF_THE_YEAR }}-${{ hashFiles('cdt-test-hash.txt') }} | |
restore-keys: ${{ runner.os }}-9 | |
- name: Set GHA_DEVTOOLS_CACHE_HIT | |
if: steps.devtools-cache.outputs.cache-hit == 'true' | |
run: echo "GHA_DEVTOOLS_CACHE_HIT=1" >> $GITHUB_ENV | |
- run: yarn --frozen-lockfile --network-timeout 1000000 | |
working-directory: ${{ github.workspace }}/lighthouse | |
- name: Download depot tools | |
run: bash $GITHUB_WORKSPACE/lighthouse/lighthouse-core/test/devtools-tests/download-depot-tools.sh | |
- name: Download DevTools Frontend | |
run: bash $GITHUB_WORKSPACE/lighthouse/lighthouse-core/test/devtools-tests/download-devtools.sh | |
- name: Roll Lighthouse + build DevTools | |
run: bash $GITHUB_WORKSPACE/lighthouse/lighthouse-core/test/devtools-tests/roll-devtools.sh | |
- name: Cache build artifacts | |
id: devtools-build-artifacts | |
uses: actions/cache@v3 | |
with: | |
path: | | |
${{ env.DEVTOOLS_PATH }} | |
${{ github.workspace }}/.gclient | |
${{ github.workspace }}/.gclient_entries | |
key: devtools-build-artifacts-${{ github.run_id }} | |
e2e: | |
needs: [build] | |
runs-on: ubuntu-latest | |
steps: | |
- name: git clone | |
uses: actions/checkout@v2 | |
with: | |
path: lighthouse | |
- name: Use Node.js 14.x | |
uses: actions/setup-node@v1 | |
with: | |
node-version: 14.x | |
- run: yarn --frozen-lockfile --network-timeout 1000000 | |
working-directory: ${{ github.workspace }}/lighthouse | |
- name: Set $PATH | |
run: echo "$DEPOT_TOOLS_PATH" >> $GITHUB_PATH | |
# For vpython. | |
- name: Download depot tools | |
run: bash $GITHUB_WORKSPACE/lighthouse/lighthouse-core/test/devtools-tests/download-depot-tools.sh | |
- name: Load build artifacts | |
id: devtools-build-artifacts | |
uses: actions/cache@v3 | |
with: | |
path: | | |
${{ env.DEVTOOLS_PATH }} | |
${{ github.workspace }}/.gclient | |
${{ github.workspace }}/.gclient_entries | |
key: devtools-build-artifacts-${{ github.run_id }} | |
- name: Run e2e tests | |
run: bash $GITHUB_WORKSPACE/lighthouse/lighthouse-core/test/devtools-tests/run-e2e-tests.sh | |
smoke: | |
needs: [build] | |
strategy: | |
matrix: | |
smoke-test-shard: [1, 2, 3] | |
# e.g. if set 1 fails, continue with set 2 anyway | |
fail-fast: false | |
runs-on: ubuntu-latest | |
name: DevTools smoke ${{ matrix.smoke-test-shard }}/${{ strategy.job-total }} | |
steps: | |
- name: git clone | |
uses: actions/checkout@v2 | |
with: | |
path: lighthouse | |
- name: Use Node.js 14.x | |
uses: actions/setup-node@v1 | |
with: | |
node-version: 14.x | |
- name: Load build artifacts | |
id: devtools-build-artifacts | |
uses: actions/cache@v3 | |
with: | |
path: | | |
${{ env.DEVTOOLS_PATH }} | |
${{ github.workspace }}/.gclient | |
${{ github.workspace }}/.gclient_entries | |
key: devtools-build-artifacts-${{ github.run_id }} | |
- run: yarn --frozen-lockfile --network-timeout 1000000 | |
working-directory: ${{ github.workspace }}/lighthouse | |
# This is only done because the import of `parseChromeFlags` in pptr-run-devtool.js triggers imports that eventually | |
# fail because of how report-assets.js reads generated files. | |
- run: yarn build-report | |
working-directory: ${{ github.workspace }}/lighthouse | |
- name: Define ToT chrome path | |
run: echo "CHROME_PATH=/home/runner/chrome-linux-tot/chrome" >> $GITHUB_ENV | |
- name: Install Chrome ToT | |
working-directory: /home/runner | |
run: bash ${{ github.workspace }}/lighthouse/lighthouse-core/scripts/download-chrome.sh && mv chrome-linux chrome-linux-tot | |
- run: mkdir latest-run | |
working-directory: ${{ github.workspace }}/lighthouse | |
- name: yarn smoke --runner devtools | |
# Disabled because normal Chrome usage makes DevTools not function on these poorly constructed pages | |
# errors-expired-ssl errors-infinite-loop | |
# Disabled because Chrome will follow the redirect first, and Lighthouse will only ever see/run the final URL. | |
# redirects-client-paint-server redirects-multiple-server redirects-single-server redirects-single-client | |
run: xvfb-run --auto-servernum yarn smoke --runner devtools --shard=${{ matrix.smoke-test-shard }}/${{ strategy.job-total }} --jobs=3 --retries=2 --invert-match a11y byte-efficiency byte-gzip dbw errors-expired-ssl errors-infinite-loop lantern-idle-callback-short legacy-javascript metrics-tricky-tti metrics-tricky-tti-late-fcp perf-budgets perf-fonts perf-frame-metrics perf-preload perf-trace-elements pwa redirects-client-paint-server redirects-history-push-state redirects-multiple-server redirects-single-server redirects-single-client redirects-scripts screenshot seo-passing seo-tap-targets | |
working-directory: ${{ github.workspace }}/lighthouse | |
- name: Upload failures | |
if: failure() | |
uses: actions/upload-artifact@v1 | |
with: | |
name: Smokehouse (devtools smoke) | |
path: ${{ github.workspace }}/lighthouse/.tmp/smokehouse-ci-failures/ |