Skip to content

Commit

Permalink
fix(framework): sanitize gitextractor plugin options correctly (#7622) (
Browse files Browse the repository at this point in the history
#7623)

* fix(framework): sanitize gitextractor plugin options correctly

* fix(test): fix panic when running CI

Co-authored-by: Lynwee <[email protected]>
  • Loading branch information
github-actions[bot] and d4x1 authored Jun 14, 2024
1 parent 2b8aaa3 commit a6d2768
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 2 deletions.
14 changes: 12 additions & 2 deletions backend/server/services/pipeline.go
Original file line number Diff line number Diff line change
Expand Up @@ -47,10 +47,19 @@ var pluginOptionSanitizers = map[string]func(map[string]interface{}){
"gitextractor": func(options map[string]interface{}) {
if v, ok := options["url"]; ok {
gitUrl := cast.ToString(v)
u, _ := url.Parse(gitUrl)
u, err := url.Parse(gitUrl)
if err != nil {
logger.Error(err, "failed to parse git url", gitUrl)
}
if u != nil && u.User != nil {
password, ok := u.User.Password()
if ok {
escapedUrl, err := url.QueryUnescape(gitUrl)
if err != nil {
logger.Warn(err, "failed to unescape url %s", gitUrl)
} else {
gitUrl = escapedUrl
}
gitUrl = strings.Replace(gitUrl, password, strings.Repeat("*", len(password)), -1)
options["url"] = gitUrl
}
Expand Down Expand Up @@ -148,7 +157,8 @@ func SanitizeBlueprint(blueprint *models.Blueprint) error {
func SanitizePipeline(pipeline *models.Pipeline) error {
for planStageIdx, pipelineStage := range pipeline.Plan {
for planTaskIdx := range pipelineStage {
pipelineTask, err := SanitizeTask(pipeline.Plan[planStageIdx][planTaskIdx])
task := pipeline.Plan[planStageIdx][planTaskIdx]
pipelineTask, err := SanitizeTask(task)
if err != nil {
return err
}
Expand Down
5 changes: 5 additions & 0 deletions backend/server/services/project.go
Original file line number Diff line number Diff line change
Expand Up @@ -416,6 +416,11 @@ func makeProjectOutput(project *models.Project, withLastPipeline bool) (*models.
if err != nil {
return nil, errors.Default.Wrap(err, "Error to get blueprint by project")
}
if projectOutput.Blueprint != nil {
if err := SanitizeBlueprint(projectOutput.Blueprint); err != nil {
return nil, errors.Convert(err)
}
}
if withLastPipeline {
if projectOutput.Blueprint == nil {
logger.Warn(fmt.Errorf("blueprint is nil"), "want to get latest pipeline, but blueprint is nil")
Expand Down

0 comments on commit a6d2768

Please sign in to comment.