support sanitizing error messages using regex

Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>

reposerver/repository/repository.go

@@ -158,7 +158,7 @@ func (s *Service) Init() error {
 
 // List a subset of the refs (currently, branches and tags) of a git repo
 func (s *Service) ListRefs(ctx context.Context, q *apiclient.ListRefsRequest) (*apiclient.Refs, error) {
-	gitClient, err := s.newClient(ctx, q.Repo)
+	gitClient, err := s.newClient(q.Repo)
 	if err != nil {
 		return nil, err
 	}
@@ -181,7 +181,7 @@ func (s *Service) ListRefs(ctx context.Context, q *apiclient.ListRefsRequest) (*
 
 // ListApps lists the contents of a GitHub repo
 func (s *Service) ListApps(ctx context.Context, q *apiclient.ListAppsRequest) (*apiclient.AppList, error) {
-	gitClient, commitSHA, err := s.newClientResolveRevision(ctx, q.Repo, q.Revision)
+	gitClient, commitSHA, err := s.newClientResolveRevision(q.Repo, q.Revision)
 	if err != nil {
 		return nil, err
 	}
@@ -252,6 +252,11 @@ func (s *Service) runRepoOperation(
 	operation func(repoRoot, commitSHA, cacheKey string, ctxSrc operationContextSrc) error,
 	settings operationSettings) error {
 
+	if sanitizer, ok := grpc.SanitizerFromContext(ctx); ok {
+		// make sure randomized path replaced with '.' in the error message
+		sanitizer.AddRegexReplacement(regexp.MustCompile(`(`+s.rootDir+`/.*?)/`), ".")
+	}
+
 	var gitClient git.Client
 	var helmClient helm.Client
 	var err error
@@ -262,7 +267,7 @@ func (s *Service) runRepoOperation(
 			return err
 		}
 	} else {
-		gitClient, revision, err = s.newClientResolveRevision(ctx, repo, revision, git.WithCache(s.cache, !settings.noRevisionCache && !settings.noCache))
+		gitClient, revision, err = s.newClientResolveRevision(repo, revision, git.WithCache(s.cache, !settings.noRevisionCache && !settings.noCache))
 		if err != nil {
 			return err
 		}
@@ -1663,7 +1668,7 @@ func (s *Service) GetRevisionMetadata(ctx context.Context, q *apiclient.RepoServ
 		}
 	}
 
-	gitClient, _, err := s.newClientResolveRevision(ctx, q.Repo, q.Revision)
+	gitClient, _, err := s.newClientResolveRevision(q.Repo, q.Revision)
 	if err != nil {
 		return nil, err
 	}
@@ -1719,23 +1724,19 @@ func fileParameters(q *apiclient.RepoServerAppDetailsQuery) []v1alpha1.HelmFileP
 	return q.Source.Helm.FileParameters
 }
 
-func (s *Service) newClient(ctx context.Context, repo *v1alpha1.Repository, opts ...git.ClientOpts) (git.Client, error) {
+func (s *Service) newClient(repo *v1alpha1.Repository, opts ...git.ClientOpts) (git.Client, error) {
 	repoPath, err := s.gitRepoPaths.GetPath(git.NormalizeGitURL(repo.Repo))
 	if err != nil {
 		return nil, err
 	}
-	if sanitizer, ok := grpc.SanitizerFromContext(ctx); ok {
-		// make sure randomized path replaced with '.' in the error message
-		sanitizer.AddReplacement(repoPath, ".")
-	}
 	opts = append(opts, git.WithEventHandlers(metrics.NewGitClientEventHandlers(s.metricsServer)))
 	return s.newGitClient(repo.Repo, repoPath, repo.GetGitCreds(s.gitCredsStore), repo.IsInsecure(), repo.EnableLFS, repo.Proxy, opts...)
 }
 
 // newClientResolveRevision is a helper to perform the common task of instantiating a git client
 // and resolving a revision to a commit SHA
-func (s *Service) newClientResolveRevision(ctx context.Context, repo *v1alpha1.Repository, revision string, opts ...git.ClientOpts) (git.Client, string, error) {
-	gitClient, err := s.newClient(ctx, repo, opts...)
+func (s *Service) newClientResolveRevision(repo *v1alpha1.Repository, revision string, opts ...git.ClientOpts) (git.Client, string, error) {
+	gitClient, err := s.newClient(repo, opts...)
 	if err != nil {
 		return nil, "", err
 	}

util/grpc/sanitizer.go

@@ -2,6 +2,7 @@ package grpc
 
 import (
 	"errors"
+	"regexp"
 	"strings"
 
 	"golang.org/x/net/context"
@@ -46,28 +47,36 @@ func SanitizerFromContext(ctx context.Context) (Sanitizer, bool) {
 type Sanitizer interface {
 	Replace(s string) string
 	AddReplacement(val string, replacement string)
+	AddRegexReplacement(regex *regexp.Regexp, replacement string)
 }
 
 type sanitizer struct {
-	replacements map[string]string
+	replacers []func(in string) string
 }
 
 // NewSanitizer returns a new Sanitizer instance
 func NewSanitizer() *sanitizer {
-	return &sanitizer{
-		replacements: map[string]string{},
-	}
+	return &sanitizer{}
 }
 
 // AddReplacement adds a replacement to the Sanitizer
 func (s *sanitizer) AddReplacement(val string, replacement string) {
-	s.replacements[val] = replacement
+	s.replacers = append(s.replacers, func(in string) string {
+		return strings.Replace(in, val, replacement, -1)
+	})
+}
+
+// AddRegexReplacement adds a replacement to the sanitizer using regexp
+func (s *sanitizer) AddRegexReplacement(regex *regexp.Regexp, replacement string) {
+	s.replacers = append(s.replacers, func(in string) string {
+		return regex.ReplaceAllString(in, replacement)
+	})
 }
 
 // Replace replaces all occurrences of the configured values in the sanitizer with the replacements
 func (s *sanitizer) Replace(val string) string {
-	for k, v := range s.replacements {
-		val = strings.Replace(val, k, v, -1)
+	for _, replacer := range s.replacers {
+		val = replacer(val)
 	}
 	return val
 }

util/grpc/sanitizer_test.go

@@ -2,6 +2,7 @@ package grpc
 
 import (
 	"context"
+	"regexp"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -23,6 +24,19 @@ func TestSanitizer(t *testing.T) {
 	assert.Equal(t, "error at ./sub-dir: something went wrong", res)
 }
 
+func TestSanitizer_RegexReplacement(t *testing.T) {
+	s := NewSanitizer()
+
+	ctx := ContextWithSanitizer(context.TODO(), s)
+
+	sanitizer, ok := SanitizerFromContext(ctx)
+	require.True(t, ok)
+
+	sanitizer.AddRegexReplacement(regexp.MustCompile("(/my-random/path)"), ".")
+	res := s.Replace("error at /my-random/path/something: something went wrong")
+	assert.Equal(t, "error at ./something: something went wrong", res)
+}
+
 func TestErrorSanitizerUnaryServerInterceptor(t *testing.T) {
 	interceptor := ErrorSanitizerUnaryServerInterceptor()