credential-helper: validate git command data

gitpod-io · Jan 21, 2022 · 9a7411f · 9a7411f
1 parent 7eb7d13
commit 9a7411f
Showing 1 changed file with 31 additions and 16 deletions.
diff --git a/components/gitpod-cli/cmd/credential-helper.go b/components/gitpod-cli/cmd/credential-helper.go
@@ -54,10 +54,13 @@ var credentialHelper = &cobra.Command{
 			fmt.Printf("username=%s\npassword=%s\n", user, token)
 		}()
 
-		repoURL, gitCommand := parseProcessTree()
+		gitCommandData := parseProcessTree()
+		if gitCommandData == nil {
+			return
+		}
 
 		// Starts another process which tracks the executed git event
-		gitCommandTracker := exec.Command("/proc/self/exe", "git-track-command", "--gitCommand", gitCommand)
+		gitCommandTracker := exec.Command("/proc/self/exe", "git-track-command", "--gitCommand", gitCommandData.GitCommand)
 		err = gitCommandTracker.Start()
 		if err != nil {
 			log.WithError(err).Print("error spawning tracker")
@@ -95,7 +98,7 @@ var credentialHelper = &cobra.Command{
 
 		validator := exec.Command("/proc/self/exe", "git-token-validator",
 			"--user", resp.User, "--token", resp.Token, "--scopes", strings.Join(resp.Scope, ","),
-			"--host", host, "--repoURL", repoURL, "--gitCommand", gitCommand)
+			"--host", host, "--repoURL", gitCommandData.RepoUrl, "--gitCommand", gitCommandData.GitCommand)
 		err = validator.Start()
 		if err != nil {
 			log.WithError(err).Print("error spawning validator")
@@ -131,7 +134,10 @@ func parseHostFromStdin() string {
 	return host
 }
 
-func parseProcessTree() (repoUrl string, gitCommand string) {
+func parseProcessTree() (result *struct {
+	RepoUrl    string
+	GitCommand string
+}) {
 	gitCommandRegExp := regexp.MustCompile(`git(,\d+\s+|\s+)(push|clone|fetch|pull|diff)`)
 	repoUrlRegExp := regexp.MustCompile(`\sorigin\s*(https:[^\s]*)\s`)
 	pid := os.Getpid()
@@ -141,24 +147,33 @@ func parseProcessTree() (repoUrl string, gitCommand string) {
 			return
 		}
 		cmdLineString := strings.ReplaceAll(cmdLine, string(byte(0)), " ")
-		if gitCommand == "" {
-			match := gitCommandRegExp.FindStringSubmatch(cmdLineString)
-			if len(match) == 3 {
-				gitCommand = match[2]
-			}
+
+		var gitCommand string
+		matchCommand := gitCommandRegExp.FindStringSubmatch(cmdLineString)
+		if len(matchCommand) == 3 {
+			gitCommand = matchCommand[2]
 		}
-		if repoUrl == "" {
-			match := repoUrlRegExp.FindStringSubmatch(cmdLineString)
-			if len(match) == 2 {
-				repoUrl = match[1]
-				if !strings.HasSuffix(repoUrl, ".git") {
-					repoUrl = repoUrl + ".git"
-				}
+
+		var repoUrl string
+		matchRepo := repoUrlRegExp.FindStringSubmatch(cmdLineString)
+		if len(matchRepo) == 2 {
+			repoUrl = matchRepo[1]
+			if !strings.HasSuffix(repoUrl, ".git") {
+				repoUrl = repoUrl + ".git"
 			}
 		}
+
 		if repoUrl != "" && gitCommand != "" {
+			result = &struct {
+				RepoUrl    string
+				GitCommand string
+			}{
+				RepoUrl:    repoUrl,
+				GitCommand: gitCommand,
+			}
 			return
 		}
+
 		statsString := readProc(pid, "stat")
 		if statsString == "" {
 			return