Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-shell
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-shell
Commits
cde5b73c
Commit
cde5b73c
authored
Jun 03, 2019
by
Igor
Committed by
Nick Thomas
Jun 03, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Go implementation for git-upload-pack
parent
beb58555
Changes
16
Show whitespace changes
Inline
Side-by-side
Showing
16 changed files
with
213 additions
and
48 deletions
+213
-48
go/internal/command/command.go
go/internal/command/command.go
+3
-0
go/internal/command/command_test.go
go/internal/command/command_test.go
+13
-0
go/internal/command/commandargs/command_args.go
go/internal/command/commandargs/command_args.go
+1
-0
go/internal/command/commandargs/command_args_test.go
go/internal/command/commandargs/command_args_test.go
+7
-0
go/internal/command/receivepack/gitalycall.go
go/internal/command/receivepack/gitalycall.go
+1
-9
go/internal/command/receivepack/receivepack.go
go/internal/command/receivepack/receivepack.go
+2
-7
go/internal/command/receivepack/receivepack_test.go
go/internal/command/receivepack/receivepack_test.go
+2
-16
go/internal/command/shared/disallowedcommand/disallowedcommand.go
...nal/command/shared/disallowedcommand/disallowedcommand.go
+7
-0
go/internal/command/uploadpack/gitalycall.go
go/internal/command/uploadpack/gitalycall.go
+36
-0
go/internal/command/uploadpack/gitalycall_test.go
go/internal/command/uploadpack/gitalycall_test.go
+40
-0
go/internal/command/uploadpack/uploadpack.go
go/internal/command/uploadpack/uploadpack.go
+36
-0
go/internal/command/uploadpack/uploadpack_test.go
go/internal/command/uploadpack/uploadpack_test.go
+31
-0
go/internal/gitlabnet/accessverifier/client.go
go/internal/gitlabnet/accessverifier/client.go
+4
-12
go/internal/gitlabnet/accessverifier/client_test.go
go/internal/gitlabnet/accessverifier/client_test.go
+4
-3
go/internal/gitlabnet/testserver/gitalyserver.go
go/internal/gitlabnet/testserver/gitalyserver.go
+8
-1
go/internal/testhelper/requesthandlers/requesthandlers.go
go/internal/testhelper/requesthandlers/requesthandlers.go
+18
-0
No files found.
go/internal/command/command.go
View file @
cde5b73c
...
...
@@ -7,6 +7,7 @@ import (
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/readwriter"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/receivepack"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/twofactorrecover"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/uploadpack"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/config"
)
...
...
@@ -38,6 +39,8 @@ func buildCommand(args *commandargs.CommandArgs, config *config.Config, readWrit
return
&
twofactorrecover
.
Command
{
Config
:
config
,
Args
:
args
,
ReadWriter
:
readWriter
}
case
commandargs
.
ReceivePack
:
return
&
receivepack
.
Command
{
Config
:
config
,
Args
:
args
,
ReadWriter
:
readWriter
}
case
commandargs
.
UploadPack
:
return
&
uploadpack
.
Command
{
Config
:
config
,
Args
:
args
,
ReadWriter
:
readWriter
}
}
return
nil
...
...
go/internal/command/command_test.go
View file @
cde5b73c
...
...
@@ -9,6 +9,7 @@ import (
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/fallback"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/receivepack"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/twofactorrecover"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/uploadpack"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/config"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/testhelper"
)
...
...
@@ -68,6 +69,18 @@ func TestNew(t *testing.T) {
},
expectedType
:
&
receivepack
.
Command
{},
},
{
desc
:
"it returns a UploadPack command if the feature is enabled"
,
config
:
&
config
.
Config
{
GitlabUrl
:
"http+unix://gitlab.socket"
,
Migration
:
config
.
MigrationConfig
{
Enabled
:
true
,
Features
:
[]
string
{
"git-upload-pack"
}},
},
environment
:
map
[
string
]
string
{
"SSH_CONNECTION"
:
"1"
,
"SSH_ORIGINAL_COMMAND"
:
"git-upload-pack"
,
},
expectedType
:
&
uploadpack
.
Command
{},
},
{
desc
:
"it returns a Fallback command if the feature is unimplemented"
,
config
:
&
config
.
Config
{
...
...
go/internal/command/commandargs/command_args.go
View file @
cde5b73c
...
...
@@ -14,6 +14,7 @@ const (
Discover
CommandType
=
"discover"
TwoFactorRecover
CommandType
=
"2fa_recovery_codes"
ReceivePack
CommandType
=
"git-receive-pack"
UploadPack
CommandType
=
"git-upload-pack"
)
var
(
...
...
go/internal/command/commandargs/command_args_test.go
View file @
cde5b73c
...
...
@@ -76,6 +76,13 @@ func TestParseSuccess(t *testing.T) {
"SSH_ORIGINAL_COMMAND"
:
`git-receive-pack group/repo; any command`
,
},
expectedArgs
:
&
CommandArgs
{
SshArgs
:
[]
string
{
"git-receive-pack"
,
"group/repo"
},
CommandType
:
ReceivePack
},
},
{
desc
:
"It parses git-upload-pack command"
,
environment
:
map
[
string
]
string
{
"SSH_CONNECTION"
:
"1"
,
"SSH_ORIGINAL_COMMAND"
:
`git upload-pack "group/repo"`
,
},
expectedArgs
:
&
CommandArgs
{
SshArgs
:
[]
string
{
"git-upload-pack"
,
"group/repo"
},
CommandType
:
UploadPack
},
},
}
...
...
go/internal/command/receivepack/gitalycall.go
View file @
cde5b73c
...
...
@@ -20,16 +20,8 @@ func (c *Command) performGitalyCall(response *accessverifier.Response) error {
Token
:
response
.
Gitaly
.
Token
,
}
repo
:=
response
.
Gitaly
.
Repo
request
:=
&
pb
.
SSHReceivePackRequest
{
Repository
:
&
pb
.
Repository
{
StorageName
:
repo
.
StorageName
,
RelativePath
:
repo
.
RelativePath
,
GitObjectDirectory
:
repo
.
GitObjectDirectory
,
GitAlternateObjectDirectories
:
repo
.
GitAlternateObjectDirectories
,
GlRepository
:
repo
.
RepoName
,
GlProjectPath
:
repo
.
ProjectPath
,
},
Repository
:
&
response
.
Gitaly
.
Repo
,
GlId
:
response
.
UserId
,
GlRepository
:
response
.
Repo
,
GlUsername
:
response
.
Username
,
...
...
go/internal/command/receivepack/receivepack.go
View file @
cde5b73c
package
receivepack
import
(
"errors"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/commandargs"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/readwriter"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/shared/accessverifier"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/shared/disallowedcommand"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/config"
)
var
(
disallowedCommandError
=
errors
.
New
(
"> GitLab: Disallowed command"
)
)
type
Command
struct
{
Config
*
config
.
Config
Args
*
commandargs
.
CommandArgs
...
...
@@ -22,7 +17,7 @@ type Command struct {
func
(
c
*
Command
)
Execute
()
error
{
args
:=
c
.
Args
.
SshArgs
if
len
(
args
)
!=
2
{
return
disallowed
Command
Error
return
disallowed
command
.
Error
}
repo
:=
args
[
1
]
...
...
go/internal/command/receivepack/receivepack_test.go
View file @
cde5b73c
...
...
@@ -2,8 +2,6 @@ package receivepack
import
(
"bytes"
"encoding/json"
"net/http"
"testing"
"github.com/stretchr/testify/require"
...
...
@@ -12,23 +10,11 @@ import (
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/readwriter"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/config"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/gitlabnet/testserver"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/testhelper/requesthandlers"
)
func
TestForbiddenAccess
(
t
*
testing
.
T
)
{
requests
:=
[]
testserver
.
TestRequestHandler
{
{
Path
:
"/api/v4/internal/allowed"
,
Handler
:
func
(
w
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
body
:=
map
[
string
]
interface
{}{
"status"
:
false
,
"message"
:
"Disallowed by API call"
,
}
w
.
WriteHeader
(
http
.
StatusForbidden
)
require
.
NoError
(
t
,
json
.
NewEncoder
(
w
)
.
Encode
(
body
))
},
},
}
requests
:=
requesthandlers
.
BuildDisallowedByApiHandlers
(
t
)
url
,
cleanup
:=
testserver
.
StartHttpServer
(
t
,
requests
)
defer
cleanup
()
...
...
go/internal/command/shared/disallowedcommand/disallowedcommand.go
0 → 100644
View file @
cde5b73c
package
disallowedcommand
import
"errors"
var
(
Error
=
errors
.
New
(
"> GitLab: Disallowed command"
)
)
go/internal/command/uploadpack/gitalycall.go
0 → 100644
View file @
cde5b73c
package
uploadpack
import
(
"context"
"google.golang.org/grpc"
pb
"gitlab.com/gitlab-org/gitaly-proto/go/gitalypb"
"gitlab.com/gitlab-org/gitaly/client"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/commandargs"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/gitlabnet/accessverifier"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/handler"
)
func
(
c
*
Command
)
performGitalyCall
(
response
*
accessverifier
.
Response
)
error
{
gc
:=
&
handler
.
GitalyCommand
{
Config
:
c
.
Config
,
ServiceName
:
string
(
commandargs
.
UploadPack
),
Address
:
response
.
Gitaly
.
Address
,
Token
:
response
.
Gitaly
.
Token
,
}
request
:=
&
pb
.
SSHUploadPackRequest
{
Repository
:
&
response
.
Gitaly
.
Repo
,
GitProtocol
:
response
.
GitProtocol
,
GitConfigOptions
:
response
.
GitConfigOptions
,
}
return
gc
.
RunGitalyCommand
(
func
(
ctx
context
.
Context
,
conn
*
grpc
.
ClientConn
)
(
int32
,
error
)
{
ctx
,
cancel
:=
context
.
WithCancel
(
ctx
)
defer
cancel
()
rw
:=
c
.
ReadWriter
return
client
.
UploadPack
(
ctx
,
conn
,
rw
.
In
,
rw
.
Out
,
rw
.
ErrOut
,
request
)
})
}
go/internal/command/uploadpack/gitalycall_test.go
0 → 100644
View file @
cde5b73c
package
uploadpack
import
(
"bytes"
"testing"
"github.com/stretchr/testify/require"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/commandargs"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/readwriter"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/config"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/gitlabnet/testserver"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/testhelper/requesthandlers"
)
func
TestUploadPack
(
t
*
testing
.
T
)
{
gitalyAddress
,
cleanup
:=
testserver
.
StartGitalyServer
(
t
)
defer
cleanup
()
requests
:=
requesthandlers
.
BuildAllowedWithGitalyHandlers
(
t
,
gitalyAddress
)
url
,
cleanup
:=
testserver
.
StartHttpServer
(
t
,
requests
)
defer
cleanup
()
output
:=
&
bytes
.
Buffer
{}
input
:=
&
bytes
.
Buffer
{}
userId
:=
"1"
repo
:=
"group/repo"
cmd
:=
&
Command
{
Config
:
&
config
.
Config
{
GitlabUrl
:
url
},
Args
:
&
commandargs
.
CommandArgs
{
GitlabKeyId
:
userId
,
CommandType
:
commandargs
.
UploadPack
,
SshArgs
:
[]
string
{
"git-upload-pack"
,
repo
}},
ReadWriter
:
&
readwriter
.
ReadWriter
{
ErrOut
:
output
,
Out
:
output
,
In
:
input
},
}
err
:=
cmd
.
Execute
()
require
.
NoError
(
t
,
err
)
require
.
Equal
(
t
,
"UploadPack: "
+
repo
,
output
.
String
())
}
go/internal/command/uploadpack/uploadpack.go
0 → 100644
View file @
cde5b73c
package
uploadpack
import
(
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/commandargs"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/readwriter"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/shared/accessverifier"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/shared/disallowedcommand"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/config"
)
type
Command
struct
{
Config
*
config
.
Config
Args
*
commandargs
.
CommandArgs
ReadWriter
*
readwriter
.
ReadWriter
}
func
(
c
*
Command
)
Execute
()
error
{
args
:=
c
.
Args
.
SshArgs
if
len
(
args
)
!=
2
{
return
disallowedcommand
.
Error
}
repo
:=
args
[
1
]
response
,
err
:=
c
.
verifyAccess
(
repo
)
if
err
!=
nil
{
return
err
}
return
c
.
performGitalyCall
(
response
)
}
func
(
c
*
Command
)
verifyAccess
(
repo
string
)
(
*
accessverifier
.
Response
,
error
)
{
cmd
:=
accessverifier
.
Command
{
c
.
Config
,
c
.
Args
,
c
.
ReadWriter
}
return
cmd
.
Verify
(
c
.
Args
.
CommandType
,
repo
)
}
go/internal/command/uploadpack/uploadpack_test.go
0 → 100644
View file @
cde5b73c
package
uploadpack
import
(
"bytes"
"testing"
"github.com/stretchr/testify/require"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/commandargs"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/readwriter"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/config"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/gitlabnet/testserver"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/testhelper/requesthandlers"
)
func
TestForbiddenAccess
(
t
*
testing
.
T
)
{
requests
:=
requesthandlers
.
BuildDisallowedByApiHandlers
(
t
)
url
,
cleanup
:=
testserver
.
StartHttpServer
(
t
,
requests
)
defer
cleanup
()
output
:=
&
bytes
.
Buffer
{}
cmd
:=
&
Command
{
Config
:
&
config
.
Config
{
GitlabUrl
:
url
},
Args
:
&
commandargs
.
CommandArgs
{
GitlabKeyId
:
"disallowed"
,
SshArgs
:
[]
string
{
"git-upload-pack"
,
"group/repo"
}},
ReadWriter
:
&
readwriter
.
ReadWriter
{
ErrOut
:
output
,
Out
:
output
},
}
err
:=
cmd
.
Execute
()
require
.
Equal
(
t
,
"Disallowed by API call"
,
err
.
Error
())
}
go/internal/gitlabnet/accessverifier/client.go
View file @
cde5b73c
...
...
@@ -4,6 +4,7 @@ import (
"fmt"
"net/http"
pb
"gitlab.com/gitlab-org/gitaly-proto/go/gitalypb"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/commandargs"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/config"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/gitlabnet"
...
...
@@ -27,17 +28,8 @@ type Request struct {
Username
string
`json:"username,omitempty"`
}
type
GitalyRepo
struct
{
StorageName
string
`json:"storage_name"`
RelativePath
string
`json:"relative_path"`
GitObjectDirectory
string
`json:"git_object_directory"`
GitAlternateObjectDirectories
[]
string
`json:"git_alternate_object_directories"`
RepoName
string
`json:"gl_repository"`
ProjectPath
string
`json:"gl_project_path"`
}
type
Gitaly
struct
{
Repo
GitalyRepo
`json:"repository"`
Repo
pb
.
Repository
`json:"repository"`
Address
string
`json:"address"`
Token
string
`json:"token"`
}
...
...
go/internal/gitlabnet/accessverifier/client_test.go
View file @
cde5b73c
...
...
@@ -9,6 +9,7 @@ import (
"github.com/stretchr/testify/require"
pb
"gitlab.com/gitlab-org/gitaly-proto/go/gitalypb"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/commandargs"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/config"
"gitlab.com/gitlab-org/gitlab-shell/go/internal/gitlabnet"
...
...
@@ -29,13 +30,13 @@ func buildExpectedResponse(who string) *Response {
Username
:
"root"
,
GitConfigOptions
:
[]
string
{
"option"
},
Gitaly
:
Gitaly
{
Repo
:
GitalyRepo
{
Repo
:
pb
.
Repository
{
StorageName
:
"default"
,
RelativePath
:
"@hashed/5f/9c/5f9c4ab08cac7457e9111a30e4664920607ea2c115a1433d7be98e97e64244ca.git"
,
GitObjectDirectory
:
"path/to/git_object_directory"
,
GitAlternateObjectDirectories
:
[]
string
{
"path/to/git_alternate_object_directory"
},
RepoName
:
"project-26"
,
ProjectPath
:
repo
,
GlRepository
:
"project-26"
,
GlProjectPath
:
repo
,
},
Address
:
"unix:gitaly.socket"
,
Token
:
"token"
,
...
...
go/internal/gitlabnet/testserver/gitalyserver.go
View file @
cde5b73c
...
...
@@ -18,7 +18,6 @@ type testGitalyServer struct{}
func
(
s
*
testGitalyServer
)
SSHReceivePack
(
stream
pb
.
SSHService_SSHReceivePackServer
)
error
{
req
,
err
:=
stream
.
Recv
()
if
err
!=
nil
{
return
err
}
...
...
@@ -30,6 +29,14 @@ func (s *testGitalyServer) SSHReceivePack(stream pb.SSHService_SSHReceivePackSer
}
func
(
s
*
testGitalyServer
)
SSHUploadPack
(
stream
pb
.
SSHService_SSHUploadPackServer
)
error
{
req
,
err
:=
stream
.
Recv
()
if
err
!=
nil
{
return
err
}
response
:=
[]
byte
(
"UploadPack: "
+
req
.
Repository
.
GlRepository
)
stream
.
Send
(
&
pb
.
SSHUploadPackResponse
{
Stdout
:
response
})
return
nil
}
...
...
go/internal/testhelper/requesthandlers/requesthandlers.go
View file @
cde5b73c
...
...
@@ -10,6 +10,24 @@ import (
"gitlab.com/gitlab-org/gitlab-shell/go/internal/gitlabnet/testserver"
)
func
BuildDisallowedByApiHandlers
(
t
*
testing
.
T
)
[]
testserver
.
TestRequestHandler
{
requests
:=
[]
testserver
.
TestRequestHandler
{
{
Path
:
"/api/v4/internal/allowed"
,
Handler
:
func
(
w
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
body
:=
map
[
string
]
interface
{}{
"status"
:
false
,
"message"
:
"Disallowed by API call"
,
}
w
.
WriteHeader
(
http
.
StatusForbidden
)
require
.
NoError
(
t
,
json
.
NewEncoder
(
w
)
.
Encode
(
body
))
},
},
}
return
requests
}
func
BuildAllowedWithGitalyHandlers
(
t
*
testing
.
T
,
gitalyAddress
string
)
[]
testserver
.
TestRequestHandler
{
requests
:=
[]
testserver
.
TestRequestHandler
{
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment