runservice: make and check that group paths are absolute

This commit is contained in:
Simone Gotti 2019-03-29 12:09:32 +01:00
parent 48ab496beb
commit 3c5eb71ba8
3 changed files with 27 additions and 10 deletions

View File

@ -61,6 +61,16 @@ const (
AnnotationPullRequestLink = "pull_request_link" AnnotationPullRequestLink = "pull_request_link"
) )
type GroupType string
const (
GroupTypeProject GroupType = "project"
GroupTypeUser GroupType = "user"
GroupTypeBranch GroupType = "branch"
GroupTypeTag GroupType = "tag"
GroupTypePullRequest GroupType = "pr"
)
func genAnnotationVirtualBranch(webhookData *types.WebhookData) string { func genAnnotationVirtualBranch(webhookData *types.WebhookData) string {
switch webhookData.Event { switch webhookData.Event {
case types.WebhookEventPush: case types.WebhookEventPush:
@ -74,16 +84,16 @@ func genAnnotationVirtualBranch(webhookData *types.WebhookData) string {
panic(fmt.Errorf("invalid webhook event type: %q", webhookData.Event)) panic(fmt.Errorf("invalid webhook event type: %q", webhookData.Event))
} }
func genGroup(baseGroupID string, webhookData *types.WebhookData) string { func genGroup(baseGroupType GroupType, baseGroupID string, webhookData *types.WebhookData) string {
// we pathescape the branch name to handle branches with slashes and make the // we pathescape the branch name to handle branches with slashes and make the
// branch a single path entry // branch a single path entry
switch webhookData.Event { switch webhookData.Event {
case types.WebhookEventPush: case types.WebhookEventPush:
return path.Join(baseGroupID, "branch-"+url.PathEscape(webhookData.Branch)) return path.Join("/", string(baseGroupType), baseGroupID, string(GroupTypeBranch), url.PathEscape(webhookData.Branch))
case types.WebhookEventTag: case types.WebhookEventTag:
return path.Join(baseGroupID, "tag-"+url.PathEscape(webhookData.Tag)) return path.Join("/", string(baseGroupType), baseGroupID, string(GroupTypeTag), url.PathEscape(webhookData.Tag))
case types.WebhookEventPullRequest: case types.WebhookEventPullRequest:
return path.Join(baseGroupID, "pr-"+url.PathEscape(webhookData.PullRequestID)) return path.Join("/", string(baseGroupType), baseGroupID, string(GroupTypePullRequest), url.PathEscape(webhookData.PullRequestID))
} }
panic(fmt.Errorf("invalid webhook event type: %q", webhookData.Event)) panic(fmt.Errorf("invalid webhook event type: %q", webhookData.Event))
@ -288,9 +298,9 @@ func (h *webhooksHandler) handleWebhook(r *http.Request) (int, string, error) {
var group string var group string
if !isUserBuild { if !isUserBuild {
group = genGroup(webhookData.ProjectID, webhookData) group = genGroup(GroupTypeProject, webhookData.ProjectID, webhookData)
} else { } else {
group = genGroup(userID, webhookData) group = genGroup(GroupTypeUser, userID, webhookData)
} }
if err := h.createRuns(ctx, data, group, annotations, env, variables, webhookData); err != nil { if err := h.createRuns(ctx, data, group, annotations, env, variables, webhookData); err != nil {

View File

@ -16,6 +16,7 @@ package command
import ( import (
"context" "context"
"path"
"time" "time"
uuid "github.com/satori/go.uuid" uuid "github.com/satori/go.uuid"
@ -146,6 +147,13 @@ func (s *CommandHandler) newRun(ctx context.Context, req *RunCreateRequest) (*ty
rc := req.RunConfig rc := req.RunConfig
var run *types.Run var run *types.Run
if req.Group == "" {
return nil, errors.Errorf("run group is empty")
}
if !path.IsAbs(req.Group) {
return nil, errors.Errorf("run group %q must be an absolute path", req.Group)
}
// generate a new run sequence that will be the same for the run, runconfig and rundata // generate a new run sequence that will be the same for the run, runconfig and rundata
seq, err := sequence.IncSequence(ctx, s.e, common.EtcdRunSequenceKey) seq, err := sequence.IncSequence(ctx, s.e, common.EtcdRunSequenceKey)
if err != nil { if err != nil {

View File

@ -79,10 +79,9 @@ type Run struct {
Counter uint64 `json:"counter,omitempty"` Counter uint64 `json:"counter,omitempty"`
// Group is the run group of the run. Every run is assigned to a specific group // Group is the run group of the run. Every run is assigned to a specific group
// i.e. project/$projectid/$branch // The format is /$grouptypes/groupname(/$grouptype/groupname ...)
// i.e. user/$projectid/$branch (for a user run) // i.e. /project/$projectid/branch/$branchname
// this is the format that will be used to archive the runs in the lts. It's // /project/$projectid/pr/$prid
// also needed to fetch them when they aren't indexed in the readdb.
Group string `json:"group,omitempty"` Group string `json:"group,omitempty"`
// Annotations contain custom run properties // Annotations contain custom run properties