diff --git a/reposerver/repository/repository.go b/reposerver/repository/repository.go index 54c008e97bab9..39c7178299a23 100644 --- a/reposerver/repository/repository.go +++ b/reposerver/repository/repository.go @@ -158,7 +158,7 @@ func (s *Service) Init() error { // List a subset of the refs (currently, branches and tags) of a git repo func (s *Service) ListRefs(ctx context.Context, q *apiclient.ListRefsRequest) (*apiclient.Refs, error) { - gitClient, err := s.newClient(ctx, q.Repo) + gitClient, err := s.newClient(q.Repo) if err != nil { return nil, err } @@ -181,7 +181,7 @@ func (s *Service) ListRefs(ctx context.Context, q *apiclient.ListRefsRequest) (* // ListApps lists the contents of a GitHub repo func (s *Service) ListApps(ctx context.Context, q *apiclient.ListAppsRequest) (*apiclient.AppList, error) { - gitClient, commitSHA, err := s.newClientResolveRevision(ctx, q.Repo, q.Revision) + gitClient, commitSHA, err := s.newClientResolveRevision(q.Repo, q.Revision) if err != nil { return nil, err } @@ -252,6 +252,11 @@ func (s *Service) runRepoOperation( operation func(repoRoot, commitSHA, cacheKey string, ctxSrc operationContextSrc) error, settings operationSettings) error { + if sanitizer, ok := grpc.SanitizerFromContext(ctx); ok { + // make sure randomized path replaced with '.' in the error message + sanitizer.AddRegexReplacement(regexp.MustCompile(`(`+s.rootDir+`/.*?)/`), ".") + } + var gitClient git.Client var helmClient helm.Client var err error @@ -262,7 +267,7 @@ func (s *Service) runRepoOperation( return err } } else { - gitClient, revision, err = s.newClientResolveRevision(ctx, repo, revision, git.WithCache(s.cache, !settings.noRevisionCache && !settings.noCache)) + gitClient, revision, err = s.newClientResolveRevision(repo, revision, git.WithCache(s.cache, !settings.noRevisionCache && !settings.noCache)) if err != nil { return err } @@ -1663,7 +1668,7 @@ func (s *Service) GetRevisionMetadata(ctx context.Context, q *apiclient.RepoServ } } - gitClient, _, err := s.newClientResolveRevision(ctx, q.Repo, q.Revision) + gitClient, _, err := s.newClientResolveRevision(q.Repo, q.Revision) if err != nil { return nil, err } @@ -1719,23 +1724,19 @@ func fileParameters(q *apiclient.RepoServerAppDetailsQuery) []v1alpha1.HelmFileP return q.Source.Helm.FileParameters } -func (s *Service) newClient(ctx context.Context, repo *v1alpha1.Repository, opts ...git.ClientOpts) (git.Client, error) { +func (s *Service) newClient(repo *v1alpha1.Repository, opts ...git.ClientOpts) (git.Client, error) { repoPath, err := s.gitRepoPaths.GetPath(git.NormalizeGitURL(repo.Repo)) if err != nil { return nil, err } - if sanitizer, ok := grpc.SanitizerFromContext(ctx); ok { - // make sure randomized path replaced with '.' in the error message - sanitizer.AddReplacement(repoPath, ".") - } opts = append(opts, git.WithEventHandlers(metrics.NewGitClientEventHandlers(s.metricsServer))) return s.newGitClient(repo.Repo, repoPath, repo.GetGitCreds(s.gitCredsStore), repo.IsInsecure(), repo.EnableLFS, repo.Proxy, opts...) } // newClientResolveRevision is a helper to perform the common task of instantiating a git client // and resolving a revision to a commit SHA -func (s *Service) newClientResolveRevision(ctx context.Context, repo *v1alpha1.Repository, revision string, opts ...git.ClientOpts) (git.Client, string, error) { - gitClient, err := s.newClient(ctx, repo, opts...) +func (s *Service) newClientResolveRevision(repo *v1alpha1.Repository, revision string, opts ...git.ClientOpts) (git.Client, string, error) { + gitClient, err := s.newClient(repo, opts...) if err != nil { return nil, "", err } diff --git a/util/grpc/sanitizer.go b/util/grpc/sanitizer.go index b06928212aa7c..90eafd62f5aac 100644 --- a/util/grpc/sanitizer.go +++ b/util/grpc/sanitizer.go @@ -2,6 +2,7 @@ package grpc import ( "errors" + "regexp" "strings" "golang.org/x/net/context" @@ -46,28 +47,36 @@ func SanitizerFromContext(ctx context.Context) (Sanitizer, bool) { type Sanitizer interface { Replace(s string) string AddReplacement(val string, replacement string) + AddRegexReplacement(regex *regexp.Regexp, replacement string) } type sanitizer struct { - replacements map[string]string + replacers []func(in string) string } // NewSanitizer returns a new Sanitizer instance func NewSanitizer() *sanitizer { - return &sanitizer{ - replacements: map[string]string{}, - } + return &sanitizer{} } // AddReplacement adds a replacement to the Sanitizer func (s *sanitizer) AddReplacement(val string, replacement string) { - s.replacements[val] = replacement + s.replacers = append(s.replacers, func(in string) string { + return strings.Replace(in, val, replacement, -1) + }) +} + +// AddRegexReplacement adds a replacement to the sanitizer using regexp +func (s *sanitizer) AddRegexReplacement(regex *regexp.Regexp, replacement string) { + s.replacers = append(s.replacers, func(in string) string { + return regex.ReplaceAllString(in, replacement) + }) } // Replace replaces all occurrences of the configured values in the sanitizer with the replacements func (s *sanitizer) Replace(val string) string { - for k, v := range s.replacements { - val = strings.Replace(val, k, v, -1) + for _, replacer := range s.replacers { + val = replacer(val) } return val } diff --git a/util/grpc/sanitizer_test.go b/util/grpc/sanitizer_test.go index f809527ff8300..bd7108b6d0085 100644 --- a/util/grpc/sanitizer_test.go +++ b/util/grpc/sanitizer_test.go @@ -2,6 +2,7 @@ package grpc import ( "context" + "regexp" "testing" "github.com/stretchr/testify/assert" @@ -23,6 +24,19 @@ func TestSanitizer(t *testing.T) { assert.Equal(t, "error at ./sub-dir: something went wrong", res) } +func TestSanitizer_RegexReplacement(t *testing.T) { + s := NewSanitizer() + + ctx := ContextWithSanitizer(context.TODO(), s) + + sanitizer, ok := SanitizerFromContext(ctx) + require.True(t, ok) + + sanitizer.AddRegexReplacement(regexp.MustCompile("(/my-random/path)"), ".") + res := s.Replace("error at /my-random/path/something: something went wrong") + assert.Equal(t, "error at ./something: something went wrong", res) +} + func TestErrorSanitizerUnaryServerInterceptor(t *testing.T) { interceptor := ErrorSanitizerUnaryServerInterceptor()