mirror of
https://github.com/fleetdm/fleet
synced 2026-05-22 00:18:27 +00:00
54823b0b9d
Resolving https://github.com/fleetdm/fleet/security/code-scanning/1422 https://github.com/fleetdm/fleet/security/code-scanning/1421 https://github.com/fleetdm/fleet/security/code-scanning/1420 https://github.com/fleetdm/fleet/security/code-scanning/1419 - [x] QA'd all new/changed functionality manually
85 lines
3.1 KiB
YAML
85 lines
3.1 KiB
YAML
name: Test Fleet Maintained Apps - Windows
|
|
|
|
on:
|
|
pull_request:
|
|
types: [opened, synchronize, reopened]
|
|
paths:
|
|
- ee/maintained-apps/inputs/**
|
|
- ee/maintained-apps/outputs/**
|
|
- cmd/maintained-apps/validate/**
|
|
workflow_dispatch: # Manual trigger
|
|
inputs:
|
|
log_level:
|
|
description: 'Log level (debug, info, warn, error)'
|
|
required: false
|
|
default: 'info'
|
|
type: choice
|
|
options:
|
|
- debug
|
|
- info
|
|
- warn
|
|
- error
|
|
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
jobs:
|
|
test-fma:
|
|
env:
|
|
LOG_LEVEL: ${{ github.event.inputs.log_level || 'info' }}
|
|
runs-on: windows-latest
|
|
|
|
steps:
|
|
- name: Checkout Fleet
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
|
with:
|
|
repository: fleetdm/fleet
|
|
fetch-depth: 1
|
|
ref: ${{ github.ref }}
|
|
path: fleet
|
|
|
|
- name: Setup Go
|
|
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
|
|
with:
|
|
go-version-file: 'fleet/go.mod'
|
|
|
|
- name: Install osquery windows
|
|
run: |
|
|
Write-Host "Runner architecture: $env:PROCESSOR_ARCHITECTURE"
|
|
curl -L -o osquery.zip "https://github.com/osquery/osquery/releases/download/5.18.1/osquery-5.18.1.windows_x86_64.zip"
|
|
Expand-Archive -Path osquery.zip -DestinationPath osquery
|
|
Get-ChildItem -Recurse osquery | Where-Object { $_.Name -like "*osquery*" -and $_.Extension -eq ".exe" }
|
|
$osqueryPath = (Get-ChildItem -Recurse osquery | Where-Object { $_.Name -eq "osqueryi.exe" }).Directory.FullName
|
|
echo "Adding to PATH: $osqueryPath"
|
|
echo $osqueryPath | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
|
|
shell: pwsh
|
|
|
|
- name: Remove pre-installed google chrome
|
|
run: |
|
|
Write-Host "Listing all installed packages containing 'Chrome':"
|
|
Get-Package | Where-Object { $_.Name -like "*Chrome*" } | ForEach-Object {
|
|
Write-Host " - $($_.Name) (Version: $($_.Version))"
|
|
}
|
|
|
|
$uninstallPath = Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*" | Where-Object { $_.DisplayName -like "*Google Chrome*" } | Select-Object -ExpandProperty UninstallString
|
|
if ($uninstallPath) {
|
|
Write-Host "Found Chrome uninstall path: $uninstallPath"
|
|
try {
|
|
$guid = ($uninstallPath -split "/X")[1]
|
|
Write-Host "Uninstalling Chrome MSI with GUID: $guid"
|
|
Start-Process -FilePath "msiexec.exe" -ArgumentList "/X$guid", "/quiet", "/norestart" -Wait -NoNewWindow
|
|
Write-Host "Successfully removed Google Chrome via MSI uninstaller"
|
|
} catch {
|
|
Write-Host "Failed to remove Chrome: $($_.Exception.Message)"
|
|
}
|
|
} else {
|
|
Write-Host "Chrome uninstall path not found in registry"
|
|
}
|
|
shell: pwsh
|
|
|
|
- name: Verify Fleet Maintained Apps windows
|
|
run: |
|
|
ls "C:\Program Files"
|
|
cd fleet
|
|
go run ./cmd/maintained-apps/validate
|
|
shell: pwsh
|