From dfeb38bee30d5802874489fb2abe0a9d0f1f70e6 Mon Sep 17 00:00:00 2001 From: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Date: Mon, 24 Apr 2023 20:04:23 +0200 Subject: [PATCH] feat: better repo path sanitization (#12974) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --- reposerver/repository/repository.go | 11 ++++++++++- reposerver/repository/repository_test.go | 8 ++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/reposerver/repository/repository.go b/reposerver/repository/repository.go index ba1f669a0ecaa..a1f753be951cd 100644 --- a/reposerver/repository/repository.go +++ b/reposerver/repository/repository.go @@ -295,7 +295,7 @@ func (s *Service) runRepoOperation( if sanitizer, ok := grpc.SanitizerFromContext(ctx); ok { // make sure randomized path replaced with '.' in the error message - sanitizer.AddRegexReplacement(regexp.MustCompile(`(`+regexp.QuoteMeta(s.rootDir)+`/.*?)/`), ".") + sanitizer.AddRegexReplacement(getRepoSanitizerRegex(s.rootDir), "") } var gitClient git.Client @@ -441,6 +441,15 @@ func (s *Service) runRepoOperation( } } +func getRepoSanitizerRegex(rootDir string) *regexp.Regexp { + // This regex assumes that the sensitive part of the path (the component immediately after "rootDir") contains no + // spaces. This assumption allows us to avoid sanitizing "more info" in "/tmp/_argocd-repo/SENSITIVE more info". + // + // The no-spaces assumption holds for our actual use case, which is "/tmp/_argocd-repo/{random UUID}". The UUID will + // only ever contain digits and hyphens. + return regexp.MustCompile(regexp.QuoteMeta(rootDir) + `/[^ /]*`) +} + type gitClientGetter func(repo *v1alpha1.Repository, revision string, opts ...git.ClientOpts) (git.Client, string, error) // resolveReferencedSources resolves the revisions for the given referenced sources. This lets us invalidate the cached diff --git a/reposerver/repository/repository_test.go b/reposerver/repository/repository_test.go index 46f2958a6395d..076ff3b38685c 100644 --- a/reposerver/repository/repository_test.go +++ b/reposerver/repository/repository_test.go @@ -2772,3 +2772,11 @@ func Test_getResolvedValueFiles(t *testing.T) { }) } } + +func Test_getRepoSanitizerRegex(t *testing.T) { + r := getRepoSanitizerRegex("/tmp/_argocd-repo") + msg := r.ReplaceAllString("error message containing /tmp/_argocd-repo/SENSITIVE and other stuff", "") + assert.Equal(t, "error message containing and other stuff", msg) + msg = r.ReplaceAllString("error message containing /tmp/_argocd-repo/SENSITIVE/with/trailing/path and other stuff", "") + assert.Equal(t, "error message containing /with/trailing/path and other stuff", msg) +}