Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
4fc02032
Commit
4fc02032
authored
Jun 07, 2018
by
Michael Kozono
Committed by
Robert Speicher
Jun 07, 2018
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
QA: Redact credentials from URI in git output
parent
85b6b56a
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
49 additions
and
12 deletions
+49
-12
qa/qa/git/repository.rb
qa/qa/git/repository.rb
+7
-10
qa/qa/specs/features/repository/protected_branches_spec.rb
qa/qa/specs/features/repository/protected_branches_spec.rb
+2
-2
qa/spec/git/repository_spec.rb
qa/spec/git/repository_spec.rb
+40
-0
No files found.
qa/qa/git/repository.rb
View file @
4fc02032
...
...
@@ -7,7 +7,7 @@ module QA
class
Repository
include
Scenario
::
Actable
attr_reader
:push_
error
attr_reader
:push_
output
def
self
.
perform
(
*
args
)
Dir
.
mktmpdir
do
|
dir
|
...
...
@@ -35,7 +35,7 @@ module QA
end
def
clone
(
opts
=
''
)
`git clone
#{
opts
}
#{
@uri
.
to_s
}
./
#{
suppress_output
}
`
run_and_redact_credentials
(
"git clone
#{
opts
}
#{
@uri
}
./"
)
end
def
checkout
(
branch_name
)
...
...
@@ -71,8 +71,7 @@ module QA
end
def
push_changes
(
branch
=
'master'
)
# capture3 returns stdout, stderr and status.
_
,
@push_error
,
_
=
Open3
.
capture3
(
"git push
#{
@uri
}
#{
branch
}
#{
suppress_output
}
"
)
@push_output
,
_
=
run_and_redact_credentials
(
"git push
#{
@uri
}
#{
branch
}
"
)
end
def
commits
...
...
@@ -81,12 +80,10 @@ module QA
private
def
suppress_output
# If we're running as the default user, it's probably a temporary
# instance and output can be useful for debugging
return
if
@username
==
Runtime
::
User
.
default_name
"&>
#{
File
::
NULL
}
"
# Since the remote URL contains the credentials, and git occasionally
# outputs the URL. Note that stderr is redirected to stdout.
def
run_and_redact_credentials
(
command
)
Open3
.
capture2
(
"
#{
command
}
2>&1 | sed -E 's#://[^@]+@#://****@#g'"
)
end
end
end
...
...
qa/qa/specs/features/repository/protected_branches_spec.rb
View file @
4fc02032
...
...
@@ -60,9 +60,9 @@ module QA
push_changes
(
'protected-branch'
)
end
expect
(
repository
.
push_
error
)
expect
(
repository
.
push_
output
)
.
to
match
(
/remote\: GitLab\: You are not allowed to push code to protected branches on this project/
)
expect
(
repository
.
push_
error
)
expect
(
repository
.
push_
output
)
.
to
match
(
/\[remote rejected\]
#{
branch_name
}
->
#{
branch_name
}
\(pre-receive hook declined\)/
)
end
end
...
...
qa/spec/git/repository_spec.rb
0 → 100644
View file @
4fc02032
describe
QA
::
Git
::
Repository
do
let
(
:repository
)
{
described_class
.
new
}
before
do
cd_empty_temp_directory
set_bad_uri
repository
.
use_default_credentials
end
describe
'#clone'
do
it
'redacts credentials from the URI in output'
do
output
,
_
=
repository
.
clone
expect
(
output
).
to
include
(
"fatal: unable to access 'http://****@foo/bar.git/'"
)
end
end
describe
'#push_changes'
do
before
do
`git init`
# need a repo to push from
end
it
'redacts credentials from the URI in output'
do
output
,
_
=
repository
.
push_changes
expect
(
output
).
to
include
(
"error: failed to push some refs to 'http://****@foo/bar.git'"
)
end
end
def
cd_empty_temp_directory
tmp_dir
=
'tmp/git-repository-spec/'
FileUtils
.
rm_r
(
tmp_dir
)
if
File
.
exist?
(
tmp_dir
)
FileUtils
.
mkdir_p
tmp_dir
FileUtils
.
cd
tmp_dir
end
def
set_bad_uri
repository
.
uri
=
'http://foo/bar.git'
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment