From 540541caa2857971a7bb53ce1673f6eceffa99e8 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Mon, 28 Mar 2022 01:21:59 +0800 Subject: [PATCH] Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231) * Hide sensitive content on admin panel progress monitor (#19218) Sanitize urls within git process descriptions. Co-authored-by: wxiaoguang Co-authored-by: Andrew Thornton * Do not include global arguments in process manager (#19226) Backport #19226 The git command by default adds a number of global arguments. These are not helpful to be displayed in the process manager and so should be skipped for default process descriptions. Signed-off-by: Andrew Thornton Co-authored-by: wxiaoguang Co-authored-by: Andrew Thornton --- modules/git/command.go | 33 +++++++++++++++++++++++++-------- modules/git/repo.go | 12 ++++++++++++ services/mirror/mirror_pull.go | 20 ++++++++++++++++---- services/mirror/mirror_push.go | 9 ++++++++- 4 files changed, 61 insertions(+), 13 deletions(-) diff --git a/modules/git/command.go b/modules/git/command.go index f2cae52b6f..ba4a8e3688 100644 --- a/modules/git/command.go +++ b/modules/git/command.go @@ -17,6 +17,7 @@ import ( "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/process" + "code.gitea.io/gitea/modules/util" ) var ( @@ -32,10 +33,11 @@ const DefaultLocale = "C" // Command represents a command with its subcommands or arguments. type Command struct { - name string - args []string - parentContext context.Context - desc string + name string + args []string + parentContext context.Context + desc string + globalArgsLength int } func (c *Command) String() string { @@ -56,9 +58,10 @@ func NewCommandContext(ctx context.Context, args ...string) *Command { cargs := make([]string, len(GlobalCommandArgs)) copy(cargs, GlobalCommandArgs) return &Command{ - name: GitExecutable, - args: append(cargs, args...), - parentContext: ctx, + name: GitExecutable, + args: append(cargs, args...), + parentContext: ctx, + globalArgsLength: len(GlobalCommandArgs), } } @@ -145,7 +148,21 @@ func (c *Command) RunWithContext(rc *RunContext) error { desc := c.desc if desc == "" { - desc = fmt.Sprintf("%s %s [repo_path: %s]", c.name, strings.Join(c.args, " "), rc.Dir) + args := c.args[c.globalArgsLength:] + var argSensitiveURLIndexes []int + for i, arg := range c.args { + if strings.Contains(arg, "://") && strings.Contains(arg, "@") { + argSensitiveURLIndexes = append(argSensitiveURLIndexes, i) + } + } + if len(argSensitiveURLIndexes) > 0 { + args = make([]string, len(c.args)) + copy(args, c.args) + for _, urlArgIndex := range argSensitiveURLIndexes { + args[urlArgIndex] = util.NewStringURLSanitizer(args[urlArgIndex], true).Replace(args[urlArgIndex]) + } + } + desc = fmt.Sprintf("%s %s [repo_path: %s]", c.name, strings.Join(args, " "), rc.Dir) } ctx, cancel, finished := process.GetManager().AddContextTimeout(c.parentContext, rc.Timeout, desc) diff --git a/modules/git/repo.go b/modules/git/repo.go index c1b0c55cbd..8864f159a5 100644 --- a/modules/git/repo.go +++ b/modules/git/repo.go @@ -19,6 +19,7 @@ import ( "time" "code.gitea.io/gitea/modules/proxy" + "code.gitea.io/gitea/modules/util" ) // GPGSettings represents the default GPG settings for this repository @@ -158,6 +159,12 @@ func CloneWithArgs(ctx context.Context, from, to string, args []string, opts Clo } cmd.AddArguments("--", from, to) + if strings.Contains(from, "://") && strings.Contains(from, "@") { + cmd.SetDescription(fmt.Sprintf("clone branch %s from %s to %s (shared: %t, mirror: %t, depth: %d)", opts.Branch, util.NewStringURLSanitizer(from, true).Replace(from), to, opts.Shared, opts.Mirror, opts.Depth)) + } else { + cmd.SetDescription(fmt.Sprintf("clone branch %s from %s to %s (shared: %t, mirror: %t, depth: %d)", opts.Branch, from, to, opts.Shared, opts.Mirror, opts.Depth)) + } + if opts.Timeout <= 0 { opts.Timeout = -1 } @@ -234,6 +241,11 @@ func Push(ctx context.Context, repoPath string, opts PushOptions) error { if len(opts.Branch) > 0 { cmd.AddArguments(opts.Branch) } + if strings.Contains(opts.Remote, "://") && strings.Contains(opts.Remote, "@") { + cmd.SetDescription(fmt.Sprintf("push branch %s to %s (force: %t, mirror: %t)", opts.Branch, util.NewStringURLSanitizer(opts.Remote, true).Replace(opts.Remote), opts.Force, opts.Mirror)) + } else { + cmd.SetDescription(fmt.Sprintf("push branch %s to %s (force: %t, mirror: %t)", opts.Branch, opts.Remote, opts.Force, opts.Mirror)) + } var outbuf, errbuf strings.Builder if opts.Timeout == 0 { diff --git a/services/mirror/mirror_pull.go b/services/mirror/mirror_pull.go index 1d361e9805..697e254524 100644 --- a/services/mirror/mirror_pull.go +++ b/services/mirror/mirror_pull.go @@ -39,7 +39,13 @@ func UpdateAddress(m *repo_model.Mirror, addr string) error { return err } - _, err = git.NewCommand("remote", "add", remoteName, "--mirror=fetch", addr).RunInDir(repoPath) + cmd := git.NewCommand("remote", "add", remoteName, "--mirror=fetch", addr) + if strings.Contains(addr, "://") && strings.Contains(addr, "@") { + cmd.SetDescription(fmt.Sprintf("remote add %s --mirror=fetch %s [repo_path: %s]", remoteName, util.NewStringURLSanitizer(addr, true).Replace(addr), repoPath)) + } else { + cmd.SetDescription(fmt.Sprintf("remote add %s --mirror=fetch %s [repo_path: %s]", remoteName, addr, repoPath)) + } + _, err = cmd.RunInDir(repoPath) if err != nil && !strings.HasPrefix(err.Error(), "exit status 128 - fatal: No such remote ") { return err } @@ -53,7 +59,13 @@ func UpdateAddress(m *repo_model.Mirror, addr string) error { return err } - _, err = git.NewCommand("remote", "add", remoteName, "--mirror=fetch", wikiRemotePath).RunInDir(wikiPath) + cmd = git.NewCommand("remote", "add", remoteName, "--mirror=fetch", wikiRemotePath) + if strings.Contains(wikiRemotePath, "://") && strings.Contains(wikiRemotePath, "@") { + cmd.SetDescription(fmt.Sprintf("remote add %s --mirror=fetch %s [repo_path: %s]", remoteName, util.NewStringURLSanitizer(wikiRemotePath, true).Replace(wikiRemotePath), wikiPath)) + } else { + cmd.SetDescription(fmt.Sprintf("remote add %s --mirror=fetch %s [repo_path: %s]", remoteName, wikiRemotePath, wikiPath)) + } + _, err = cmd.RunInDir(wikiPath) if err != nil && !strings.HasPrefix(err.Error(), "exit status 128 - fatal: No such remote ") { return err } @@ -150,8 +162,8 @@ func pruneBrokenReferences(ctx context.Context, timeout time.Duration, stdoutBuilder, stderrBuilder *strings.Builder, sanitizer *strings.Replacer, - isWiki bool) error { - + isWiki bool, +) error { wiki := "" if isWiki { wiki = "Wiki " diff --git a/services/mirror/mirror_push.go b/services/mirror/mirror_push.go index e1c395ea74..c6a50dc50b 100644 --- a/services/mirror/mirror_push.go +++ b/services/mirror/mirror_push.go @@ -10,6 +10,7 @@ import ( "fmt" "io" "regexp" + "strings" "time" repo_model "code.gitea.io/gitea/models/repo" @@ -28,7 +29,13 @@ var stripExitStatus = regexp.MustCompile(`exit status \d+ - `) // AddPushMirrorRemote registers the push mirror remote. func AddPushMirrorRemote(m *repo_model.PushMirror, addr string) error { addRemoteAndConfig := func(addr, path string) error { - if _, err := git.NewCommand("remote", "add", "--mirror=push", m.RemoteName, addr).RunInDir(path); err != nil { + cmd := git.NewCommand("remote", "add", "--mirror=push", m.RemoteName, addr) + if strings.Contains(addr, "://") && strings.Contains(addr, "@") { + cmd.SetDescription(fmt.Sprintf("remote add %s --mirror=push %s [repo_path: %s]", m.RemoteName, util.NewStringURLSanitizer(addr, true).Replace(addr), path)) + } else { + cmd.SetDescription(fmt.Sprintf("remote add %s --mirror=push %s [repo_path: %s]", m.RemoteName, addr, path)) + } + if _, err := cmd.RunInDir(path); err != nil { return err } if _, err := git.NewCommand("config", "--add", "remote."+m.RemoteName+".push", "+refs/heads/*:refs/heads/*").RunInDir(path); err != nil {