Skip to content

Commit

Permalink
Ensure that blocked repo string is a valid regexp
Browse files Browse the repository at this point in the history
  • Loading branch information
Andrew Farries committed May 10, 2022
1 parent 9192c26 commit f434d0f
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 1 deletion.
10 changes: 9 additions & 1 deletion install/installer/pkg/components/server/configmap.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ package server

import (
"fmt"
"regexp"

"github.com/gitpod-io/gitpod/installer/pkg/common"
"github.com/gitpod-io/gitpod/installer/pkg/components/workspace"
Expand Down Expand Up @@ -99,9 +100,13 @@ func configmap(ctx *common.RenderContext) ([]runtime.Object, error) {
})

var blockedRepositories []BlockedRepository
_ = ctx.WithExperimental(func(cfg *experimental.Config) error {
err = ctx.WithExperimental(func(cfg *experimental.Config) error {
if cfg.WebApp != nil && cfg.WebApp.Server != nil && len(cfg.WebApp.Server.BlockedRepositories) > 0 {
for _, repo := range cfg.WebApp.Server.BlockedRepositories {
_, err := regexp.Compile(repo.UrlRegExp)
if err != nil {
return fmt.Errorf("invalid regexp %q for blocked user URL: %w", repo.UrlRegExp, err)
}
blockedRepositories = append(blockedRepositories, BlockedRepository{
UrlRegExp: repo.UrlRegExp,
BlockUser: repo.BlockUser,
Expand All @@ -110,6 +115,9 @@ func configmap(ctx *common.RenderContext) ([]runtime.Object, error) {
}
return nil
})
if err != nil {
return nil, err
}

githubApp := GitHubApp{}
_ = ctx.WithExperimental(func(cfg *experimental.Config) error {
Expand Down
22 changes: 22 additions & 0 deletions install/installer/pkg/components/server/configmap_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,3 +138,25 @@ func TestConfigMap(t *testing.T) {

assert.Equal(t, expectation, actual)
}

func TestInvalidBlockedRepositoryRegularExpressions(t *testing.T) {
const invalidRegexp = "["

ctx, err := common.NewRenderContext(config.Config{
Experimental: &experimental.Config{
WebApp: &experimental.WebAppConfig{
Server: &experimental.ServerConfig{
BlockedRepositories: []experimental.BlockedRepository{{
UrlRegExp: invalidRegexp,
BlockUser: false,
}},
},
},
},
}, versions.Manifest{}, "test_namespace")
require.NoError(t, err)

_, err = configmap(ctx)

require.Error(t, err, "expected to fail when rendering configmap with invalid blocked repo regexp %q", invalidRegexp)
}

0 comments on commit f434d0f

Please sign in to comment.