chore(deps-dev): bump prettier from 3.5.3 to 3.6.2 #667
fmenezescheck.yml
on: pull_request
check-style
2m 1s
check-generate
2m 0s
Check dependencies
1m 34s
Annotations
1 error and 7 warnings
|
check-style
Process completed with exit code 1.
|
|
check-style
echo "--all done--"
|
|
check-style
1 added, 0 removed; done.
|
|
check-style
rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL
|
|
check-style
Updating certificates in /etc/ssl/certs...
|
|
check-style
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
|
|
check-style
# kill mitmdump, we'll start it again in transparent mode
pid=$(sudo lsof -i -P -n 2>/dev/null | sed -En "s/Python *([0-9]*) *mitmproxyuser *.*TCP \*:8080 \(LISTEN\)/\1/p" | head -1)
sudo kill $pid
# install mitmproxy certificate as CA
# disable any GUI prompts for certificate installation
sudo security authorizationdb write com.apple.trust-settings.admin allow
# the command itself may run https requests, this is why we didn't setup transparent proxy yet
# TODO: check if -r trustRoot is needed
sudo security add-trusted-cert -d -p ssl -p basic -k /Library/Keychains/System.keychain /Users/mitmproxyuser/.mitmproxy/mitmproxy-ca-cert.pem
# sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /Users/mitmproxyuser/.mitmproxy/mitmproxy-ca-cert.pem
# curl doesn't use the system keychain, so we need to add the certificate to the openssl keychain
sudo cat /Users/mitmproxyuser/.mitmproxy/mitmproxy-ca-cert.pem >> `openssl version -d | awk '{ gsub(/"/, "", $2); print $2 }'`/cert.pem
# set environment variable for NodeJS to use the certificate
echo "NODE_EXTRA_CA_CERTS=/Users/mitmproxyuser/.mitmproxy/mitmproxy-ca-cert.pem" >> $GITHUB_ENV
# set environment variable for the Python requests library to use the certificate
echo "REQUESTS_CA_BUNDLE=/Users/mitmproxyuser/.mitmproxy/mitmproxy-ca-cert.pem" >> $GITHUB_ENV
# set environment variable for the Elixir Hex package manager to use the certificate
echo "HEX_CACERTS_PATH=/Users/mitmproxyuser/.mitmproxy/mitmproxy-ca-cert.pem" >> $GITHUB_ENV
# set environment variable for AWS tools
echo "AWS_CA_BUNDLE=/Users/mitmproxyuser/.mitmproxy/mitmproxy-ca-cert.pem" >> $GITHUB_ENV
# Enable IP forwarding.
sudo sysctl -w net.inet.ip.forwarding=1
# Configure pf with the rules and enable it
sudo pfctl -f pf.conf
sudo pfctl -e
# Configure sudoers to allow mitmproxy to access pfctl.
echo "ALL ALL=NOPASSWD: /sbin/pfctl -s state" | sudo tee -a /etc/sudoers
# finally, start mitmdump in transparent mode
sudo -u mitmproxyuser -H bash -e -c "cd /Users/mitmproxyuser && /Users/mitmproxyuser/venv/bin/mitmdump \
--mode transparent \
--showhost \
--allow-hosts '$filter' \
-q \
`#--set termlog_verbosity=debug` \
`#--set proxy_debug=true` \
-s /Users/mitmproxyuser/mitm_plugin.py \
--set output='/Users/mitmproxyuser/out.txt' \
--set token='$INPUT_TOKEN' \
--set hosts=$@ \
--set debug='$RUNNER_DEBUG' \
--set ACTIONS_ID_TOKEN_REQUEST_URL='$ACTIONS_ID_TOKEN_REQUEST_URL' \
--set ACTIONS_ID_TOKEN_REQUEST_TOKEN='$ACTIONS_ID_TOKEN_REQUEST_TOKEN' \
--set GITHUB_REPOSITORY_ID='$GITHUB_REPOSITORY_ID' \
--set GITHUB_REPOSITORY='$GITHUB_REPOSITORY' \
--set GITHUB_API_URL='$GITHUB_API_URL' \
&"
# >>/Users/mitmproxyuser/out.txt 2>&1
# wait for mitmdump to start
counter=0
while [ ! $(sudo lsof -i -P -n 2>/dev/null | sed -En "s/Python *([0-9]*) *mitmproxyuser *.*TCP \*:8080 \(LISTEN\)/\1/p" | head -1) ]
do
echo "waiting for mitmdump to start..."
sleep 1
counter=$((counter+1))
if [ $counter -gt 10 ]; then
exit 1
fi
done
echo "pid is $(sudo lsof -i -P -n 2>/dev/null | sed -En "s/Python *([0-9]*) *mitmproxyuser *.*/\1/p" | head -1)"
elif [ "$RUNNER_OS" = "Linux" ]; then
# ubuntu 24.04 and later install python 3.12 or later by default
python_package="python3"
# install python 3.12, otherwise ubuntu 20.04 installs 3.8 and ubuntu 22.04 installs
# 3.10 so we won't get the latest mitmproxy with important bug fixes
if (( "$(lsb_release --short --release | cut --delimiter='.' --fields=1)" < 24 )); then
sudo add-apt-repository ppa:deadsnakes/ppa -y
python_package="python3.12"
fi
sudo apt install -y "$python_package"-venv
# create mitmproxyuser, otherwise proxy won't intercept local trafic from the same user
sudo useradd --create-home mitmproxyuser
sudo passwd -d mitmproxyuser
# install mitmproxy
sudo -u
|
|
check-style
#!/bin/bash
set -e
# build the filter regex for mitmproxy --allow-hosts
filter='\b('
first=true
IFS=',' read -ra args <<< "$@"
for arg in "${args[@]}"; do
if [ "$first" = true ] ; then
first=false
else
filter+='|'
fi
filter+=${arg//./\\.}
done
filter+=')(:\d+)?|$'
if [ "$RUNNER_OS" = "macOS" ]; then
echo "runner ALL=(ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers
sudo sysadminctl -addUser mitmproxyuser -admin
sudo -u mitmproxyuser -H bash -e -c 'cd /Users/mitmproxyuser && \
python -m venv venv && \
venv/bin/pip install mitmproxy==11.1.3 requests==2.32.3'
# install requests for mitm plugin
sudo cp mitm_plugin.py /Users/mitmproxyuser/mitm_plugin.py
# start mitmdump in simple mode for now to generate CA certificate
sudo -u mitmproxyuser -H bash -e -c "cd /Users/mitmproxyuser && \
/Users/mitmproxyuser/venv/bin/mitmdump &"
# wait for mitmdump to start and generate CA certificate
counter=0
while [ ! -f /Users/mitmproxyuser/.mitmproxy/mitmproxy-ca-cert.pem ]
do
echo "waiting for mitmdump to generate the certificate..."
sleep 1
counter=$((counter+1))
if [ $counter -gt 10 ]; then
exit 1
fi
done
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
check-style-permissions-388102e006691edf37fb45f033a13474
Expired
|
140 Bytes |
sha256:76cf040a349915b0e06a9056f2198413c7c9840eda1ebe53ad30e284a8ae7188
|
|