From 019f983e8fe5dda6ca7bd999bea48568bf0493b4 Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Sat, 23 Dec 2023 16:12:56 +0100 Subject: [PATCH] fix: fix git config and missing git steps --- cmd/wp-git-clone/flags.go | 11 ++++----- docs/content/_index.md | 6 ++--- docs/data/data.yaml | 8 +++--- git/config.go | 10 ++++---- git/type.go | 6 ++--- plugin/impl.go | 51 +++++++++++++++------------------------ plugin/impl_test.go | 6 ++--- plugin/plugin.go | 4 +-- plugin/utils.go | 23 ++++++++++++++++++ 9 files changed, 67 insertions(+), 58 deletions(-) diff --git a/cmd/wp-git-clone/flags.go b/cmd/wp-git-clone/flags.go index 9a9aecb..e234e2a 100644 --- a/cmd/wp-git-clone/flags.go +++ b/cmd/wp-git-clone/flags.go @@ -28,7 +28,7 @@ func settingsFlags(settings *plugin.Settings, category string) []cli.Flag { Name: "remote-ssh", Usage: "git clone ssh url", EnvVars: []string{"PLUGIN_REMOTE_SSH", "CI_REPO_CLONE_SSH_URL"}, - Destination: &settings.Repo.RemoteURL, + Destination: &settings.Repo.RemoteSSH, Category: category, }, &cli.StringFlag{ @@ -105,11 +105,10 @@ func settingsFlags(settings *plugin.Settings, category string) []cli.Flag { Category: category, }, &cli.BoolFlag{ - Name: "insecure-ssl-verify", - Usage: "set SSL verification of the remote machine", - EnvVars: []string{"PLUGIN_INSECURE_SSL_VERIFY"}, - Destination: &settings.Repo.InsecureSSLVerify, - Value: false, + Name: "insecure-skip-ssl-verify", + Usage: "skip ssl verification of the remote machine", + EnvVars: []string{"PLUGIN_INSECURE_SKIP_SSL_VERIFY"}, + Destination: &settings.Repo.InsecureSkipSSLVerify, Category: category, }, &cli.BoolFlag{ diff --git a/docs/content/_index.md b/docs/content/_index.md index e65ae95..c2211a6 100644 --- a/docs/content/_index.md +++ b/docs/content/_index.md @@ -57,10 +57,10 @@ docker build --file Containerfile.multiarch --tag thegeeklab/wp-git-clone . docker run --rm \ -e CI_REPO_CLONE_URL=https://github.com/octocat/Hello-World.git \ -e CI_PIPELINE_EVENT=push \ - -e CI_COMMIT_SHA=553c2077f0edc3d5dc5d17262f6aa498e69d6f8e \ - -e CI_COMMIT_REF=refs/heads/master \ + -e CI_COMMIT_SHA=b3cbd5bbd7e81436d2eee04537ea2b4c0cad4cdf \ + -e CI_COMMIT_REF=refs/heads/test \ -e CI_WORKSPACE=/tmp/wp_git_testrepo \ -v $(pwd):/build:z \ -w /build \ - quay.io/thegeeklab/wp-git-clone + thegeeklab/wp-git-clone ``` diff --git a/docs/data/data.yaml b/docs/data/data.yaml index b7d9f02..182bda6 100644 --- a/docs/data/data.yaml +++ b/docs/data/data.yaml @@ -36,10 +36,12 @@ properties: Clone depth. defaultvalue: 0 - - name: insecure_ssl_verify + - name: insecure_skip_ssl_verify description: | - Set SSL verification of the remote machine. - defaultvalue: false + Skip SSL verification of the remote machine. Activating this option is insecure + and should be avoided in most cases. + defaultvalue: true + type: bool - name: lfs description: | diff --git a/git/config.go b/git/config.go index 2c54375..cd7e744 100644 --- a/git/config.go +++ b/git/config.go @@ -11,9 +11,9 @@ import ( func ConfigSSLVerify(repo Repository) *execabs.Cmd { args := []string{ "config", - "--local", + "--global", "http.sslVerify", - strconv.FormatBool(repo.InsecureSSLVerify), + strconv.FormatBool(!repo.InsecureSkipSSLVerify), } return execabs.Command( @@ -26,7 +26,7 @@ func ConfigSSLVerify(repo Repository) *execabs.Cmd { func ConfigSafeDirectory(repo Repository) *execabs.Cmd { args := []string{ "config", - "--local", + "--global", "--replace-all", "safe.directory", repo.SafeDirectory, @@ -43,7 +43,7 @@ func ConfigSafeDirectory(repo Repository) *execabs.Cmd { func ConfigRemapSubmodule(name, url string) *execabs.Cmd { args := []string{ "config", - "--local", + "--global", fmt.Sprintf("submodule.%s.url", name), url, } @@ -58,7 +58,7 @@ func ConfigRemapSubmodule(name, url string) *execabs.Cmd { func ConfigSSHCommand(sshKey string) *execabs.Cmd { args := []string{ "config", - "--local", + "--global", "core.sshCommand", "ssh -i " + sshKey, } diff --git a/git/type.go b/git/type.go index 9dbf69a..2b5a713 100644 --- a/git/type.go +++ b/git/type.go @@ -12,7 +12,7 @@ type Repository struct { SubmoduleRemote bool SubmodulePartial bool - InsecureSSLVerify bool - SafeDirectory string - InitExists bool + InsecureSkipSSLVerify bool + SafeDirectory string + InitExists bool } diff --git a/plugin/impl.go b/plugin/impl.go index a76072f..127ca06 100644 --- a/plugin/impl.go +++ b/plugin/impl.go @@ -16,7 +16,6 @@ import ( "strings" "time" - "github.com/cenkalti/backoff/v4" "github.com/rs/zerolog/log" "github.com/thegeeklab/wp-git-clone/git" "github.com/thegeeklab/wp-plugin-go/types" @@ -85,14 +84,6 @@ func (p *Plugin) Validate() error { func (p *Plugin) Execute() error { cmds := make([]*execabs.Cmd, 0) - if err := os.Setenv("GIT_TERMINAL_PROMPT", "0"); err != nil { - return err - } - // prevents git-lfs from retrieving any LFS files - if err := os.Setenv("GIT_LFS_SKIP_SMUDGE", "1"); err != nil { - return err - } - // Handle init initPath := filepath.Join(p.Settings.WorkDir, ".git") @@ -102,6 +93,8 @@ func (p *Plugin) Execute() error { //nolint:nestif if _, err := os.Stat(initPath); os.IsNotExist(err) { + cmds = append(cmds, git.ConfigSafeDirectory(p.Settings.Repo)) + if err := p.execCmd(git.Init(p.Settings.Repo), new(bytes.Buffer)); err != nil { return err } @@ -116,7 +109,9 @@ func (p *Plugin) Execute() error { } } - cmds = append(cmds, git.ConfigSSLVerify(p.Settings.Repo)) + if p.Settings.Repo.InsecureSkipSSLVerify { + cmds = append(cmds, git.ConfigSSLVerify(p.Settings.Repo)) + } if err := git.WriteNetrc(p.Settings.Netrc.Machine, p.Settings.Netrc.Login, p.Settings.Netrc.Password); err != nil { return err @@ -156,26 +151,7 @@ func (p *Plugin) Execute() error { switch { case err != nil && shouldRetry(buf.String()): - backoffOps := func() error { - // copy the original command - //nolint:gosec - retry := execabs.Command(cmd.Args[0], cmd.Args[1:]...) - retry.Dir = cmd.Dir - retry.Env = cmd.Env - retry.Stdout = os.Stdout - retry.Stderr = os.Stderr - - trace(cmd) - - return cmd.Run() - } - backoffLog := func(err error, delay time.Duration) { - log.Error().Msgf("failed to find remote ref: %v: retry in %s", err, delay.Truncate(time.Second)) - } - - if err := backoff.RetryNotify(backoffOps, newBackoff(daemonBackoffMaxRetries), backoffLog); err != nil { - return err - } + return retryCmd(cmd) case err != nil: return err } @@ -196,12 +172,23 @@ func (p *Plugin) FlagsFromContext() error { } func (p *Plugin) execCmd(cmd *execabs.Cmd, buf *bytes.Buffer) error { - cmd.Env = os.Environ() + // Don' set GIT_TERMINAL_PROMPT=0 as it prevents git from loading .netrc + defaultEnvVars := []string{ + "GIT_LFS_SKIP_SMUDGE=1", // prevents git-lfs from retrieving any LFS files + } + + if p.Settings.Home != "" { + if _, err := os.Stat(p.Settings.Home); !os.IsNotExist(err) { + defaultEnvVars = append(defaultEnvVars, fmt.Sprintf("HOME=%s", p.Settings.Home)) + } + } + + cmd.Env = append(os.Environ(), defaultEnvVars...) cmd.Stdout = io.MultiWriter(os.Stdout, buf) cmd.Stderr = io.MultiWriter(os.Stderr, buf) cmd.Dir = p.Settings.WorkDir - fmt.Println(cmd.Dir) + trace(cmd) return cmd.Run() } diff --git a/plugin/impl_test.go b/plugin/impl_test.go index d32d6d0..2bec026 100644 --- a/plugin/impl_test.go +++ b/plugin/impl_test.go @@ -1,7 +1,6 @@ package plugin import ( - "fmt" "os" "path/filepath" "testing" @@ -41,6 +40,7 @@ func TestClone(t *testing.T) { Pipeline: Pipeline{ Event: tt.event, }, + Home: "/tmp", WorkDir: filepath.Join(dir, tt.path), Recursive: tt.recursive, Lfs: tt.lfs, @@ -86,14 +86,13 @@ func TestCloneNonEmpty(t *testing.T) { Pipeline: Pipeline{ Event: tt.event, }, + Home: "/tmp", WorkDir: filepath.Join(dir, tt.path), Recursive: tt.recursive, Lfs: tt.lfs, }, } - fmt.Println(plugin.Settings.Repo.CommitSha, tt.commit, fmt.Sprintf("%q", tt.data)) - if err := plugin.Execute(); err != nil { t.Errorf("Expected successful clone. Got error. %s.", err) } @@ -133,7 +132,6 @@ func teardown(dir string) { // helper function to read a file in the temporary worskapce. func readFile(dir, file string) string { filename := filepath.Join(dir, file) - fmt.Println(filename) data, _ := os.ReadFile(filename) return string(data) diff --git a/plugin/plugin.go b/plugin/plugin.go index c1831d5..447c840 100644 --- a/plugin/plugin.go +++ b/plugin/plugin.go @@ -17,8 +17,7 @@ type Plugin struct { } type Pipeline struct { - Event string - Number int + Event string } type Netrc struct { @@ -37,6 +36,7 @@ type Settings struct { Filter string UseSSH bool SSHKey string + Home string WorkDir string Pipeline Pipeline diff --git a/plugin/utils.go b/plugin/utils.go index 1a6150a..e492176 100644 --- a/plugin/utils.go +++ b/plugin/utils.go @@ -4,8 +4,10 @@ import ( "fmt" "os" "strings" + "time" "github.com/cenkalti/backoff/v4" + "github.com/rs/zerolog/log" "golang.org/x/sys/execabs" ) @@ -26,3 +28,24 @@ func newBackoff(maxRetries uint64) backoff.BackOff { func trace(cmd *execabs.Cmd) { fmt.Fprintf(os.Stdout, "+ %s\n", strings.Join(cmd.Args, " ")) } + +func retryCmd(cmd *execabs.Cmd) error { + backoffOps := func() error { + // copy the original command + //nolint:gosec + retry := execabs.Command(cmd.Args[0], cmd.Args[1:]...) + retry.Dir = cmd.Dir + retry.Env = cmd.Env + retry.Stdout = os.Stdout + retry.Stderr = os.Stderr + + trace(cmd) + + return cmd.Run() + } + backoffLog := func(err error, delay time.Duration) { + log.Error().Msgf("failed to find remote ref: %v: retry in %s", err, delay.Truncate(time.Second)) + } + + return backoff.RetryNotify(backoffOps, newBackoff(daemonBackoffMaxRetries), backoffLog) +}