Skip to content

Commit

Permalink
Fix git related issues found in release testing (cloudfoundry#4850)
Browse files Browse the repository at this point in the history
* Fix helm chart note for ClusterIP

* CF Push: Ensure git credentials are not stored in env var
- use a specific var for clone url instead of obj that becomes env var
- tidy up logic

* Fix issue where path was unescaped, causing proxy fetch of gitlab projects containing %2f to 404

* Update clone failed text, repo does not now have to be public

* Apply nginx uri substituion fix to nginx.dev.conf as well
- think this is only used by docker compose, which isn't supported anymore
  • Loading branch information
richard-cox authored Jan 4, 2021
1 parent 423c241 commit 39b4bd9
Show file tree
Hide file tree
Showing 6 changed files with 28 additions and 27 deletions.
4 changes: 2 additions & 2 deletions deploy/containers/nginx/conf/nginx.dev.conf
Original file line number Diff line number Diff line change
Expand Up @@ -66,13 +66,13 @@ http {
proxy_set_header Connection $connection_upgrade;
}

location /api/ {
location /api {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass https://portalproxy/api/;
proxy_pass https://portalproxy;
proxy_intercept_errors on;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
Expand Down
6 changes: 3 additions & 3 deletions deploy/containers/nginx/conf/nginx.k8s.conf
Original file line number Diff line number Diff line change
Expand Up @@ -66,18 +66,18 @@ http {
proxy_set_header Connection $connection_upgrade;
}

location /api/ {
location /api {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass https://portalproxy/api/;
proxy_pass https://portalproxy;
proxy_intercept_errors on;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}

location / {
root /usr/share/nginx/html;
Expand Down
2 changes: 1 addition & 1 deletion deploy/kubernetes/console/templates/NOTES.txt
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ Get the URL by running these commands in the same shell:
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ .Release.Name }}-ui-ext -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.console.service.servicePort }}
{{- else if contains "ClusterIP" .Values.console.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app=stratos-0,component=ui" -o jsonpath="{.items[0].metadata.name}")
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ .Release.Name }},component=stratos" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 443
{{- end }}
{{- end }}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -341,7 +341,7 @@ export class DeployApplicationDeployer {
break;
case SocketEventTypes.CLOSE_FAILED_CLONE:
this.onClose(log, 'Deploy Failed - Failed to clone repository!',
'Failed to deploy app! Please make sure the repository is public.');
'Failed to deploy app! Please make sure the repository is accessible.');
break;
case SocketEventTypes.CLOSE_FAILED_NO_BRANCH:
this.onClose(log, 'Deploy Failed - Failed to located branch!',
Expand Down
34 changes: 17 additions & 17 deletions src/jetstream/plugins/cfapppush/deploy.go
Original file line number Diff line number Diff line change
Expand Up @@ -389,29 +389,27 @@ func (cfAppPush *CFAppPush) getGitSCMSource(clientWebSocket *websocket.Conn, tem
}

loggerURL := info.URL
cloneURL := info.URL

// Apply credentials associated with the endpoint
if len(info.EndpointGUID) != 0 {
parsedURL, err := url.Parse(info.URL)
if err != nil {
return StratosProject{}, tempDir, errors.New("Failed to parse SCM URL")
}

// mask the credentials for the logs

tokenRecord, isTokenFound := cfAppPush.portalProxy.GetCNSITokenRecord(info.EndpointGUID, userGUID)
if !isTokenFound {
loggerURL = parsedURL.String()
} else {
var (
username string
password string
)

if isTokenFound {
authTokenDecodedBytes, err := base64.StdEncoding.DecodeString(tokenRecord.AuthToken)
if err != nil {
return StratosProject{}, tempDir, errors.New("Failed to decode auth token")
}

var (
username string
password string
)

switch info.SCM {
case SCM_TYPE_GITHUB:
// GitHub API uses token auth: username and password are stored in the token information
Expand All @@ -429,20 +427,22 @@ func (cfAppPush *CFAppPush) getGitSCMSource(clientWebSocket *websocket.Conn, tem
return StratosProject{}, tempDir, errors.New("Username is empty")
}

// mask the credentials for the logs and env var
parsedURL.User = url.UserPassword("REDACTED", "REDACTED")
loggerURL = parsedURL.String()

// apply the correct credentials
parsedURL.User = url.UserPassword(username, password)
cloneURL = parsedURL.String()
}

info.URL = parsedURL.String()
}

log.Debugf("GitSCM SCM: %s, Source: %s, branch %s, url: %s", info.SCM, info.Project, info.Branch, loggerURL)
cloneDetails := CloneDetails{
Url: info.URL,
Branch: info.Branch,
Commit: info.CommitHash,
Url: cloneURL,
LoggerUrl: loggerURL,
Branch: info.Branch,
Commit: info.CommitHash,
}
info.CommitHash, err = cloneRepository(cloneDetails, clientWebSocket, tempDir)
if err != nil {
Expand Down Expand Up @@ -594,7 +594,7 @@ func cloneRepository(cloneDetails CloneDetails, clientWebSocket *websocket.Conn,

if len(cloneDetails.Branch) == 0 {
err := errors.New("No branch supplied")
log.Infof("Failed to checkout repo %s due to %+v", cloneDetails.Url, err)
log.Infof("Failed to checkout repo %s due to %+v", cloneDetails.LoggerUrl, err)
sendErrorMessage(clientWebSocket, err, CLOSE_FAILED_NO_BRANCH)
return "", err
}
Expand All @@ -603,7 +603,7 @@ func cloneRepository(cloneDetails CloneDetails, clientWebSocket *websocket.Conn,

err := vcsGit.Create(tempDir, cloneDetails.Url, cloneDetails.Branch)
if err != nil {
log.Infof("Failed to clone repo %s due to %+v", cloneDetails.Url, err)
log.Infof("Failed to clone repo %s due to %+v", cloneDetails.LoggerUrl, err)
sendErrorMessage(clientWebSocket, err, CLOSE_FAILED_CLONE)
return "", err
}
Expand Down
7 changes: 4 additions & 3 deletions src/jetstream/plugins/cfapppush/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,8 @@ type Applications struct {
}

type CloneDetails struct {
Url string
Branch string
Commit string
Url string
LoggerUrl string
Branch string
Commit string
}

0 comments on commit 39b4bd9

Please sign in to comment.