From 7d62bbc3dd92f1e73b3e2a199f6b6b613d5821d9 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Sun, 19 Jul 2020 23:24:32 -0700 Subject: Log remote IP for executed commands Admins may want to know what client IP originated the request. This commit adds a `remote_ip` field to the log that extracts the IP address from the `SSH_CONNECTION` environment variable. Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/199 --- internal/command/receivepack/gitalycall_test.go | 7 ++++++- internal/handler/exec.go | 2 ++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/internal/command/receivepack/gitalycall_test.go b/internal/command/receivepack/gitalycall_test.go index 0cfbf5c..e93860a 100644 --- a/internal/command/receivepack/gitalycall_test.go +++ b/internal/command/receivepack/gitalycall_test.go @@ -24,6 +24,10 @@ func TestReceivePack(t *testing.T) { url, cleanup := testserver.StartHttpServer(t, requests) defer cleanup() + envCleanup, err := testhelper.Setenv("SSH_CONNECTION", "127.0.0.1 0") + require.NoError(t, err) + defer envCleanup() + output := &bytes.Buffer{} input := &bytes.Buffer{} @@ -38,7 +42,7 @@ func TestReceivePack(t *testing.T) { hook := testhelper.SetupLogger() - err := cmd.Execute() + err = cmd.Execute() require.NoError(t, err) require.Equal(t, "ReceivePack: "+userId+" "+repo, output.String()) @@ -49,4 +53,5 @@ func TestReceivePack(t *testing.T) { require.Equal(t, logrus.InfoLevel, entries[1].Level) require.Contains(t, entries[1].Message, "executing git command") require.Contains(t, entries[1].Message, "command=git-receive-pack") + require.Contains(t, entries[1].Message, "remote_ip=127.0.0.1") } diff --git a/internal/handler/exec.go b/internal/handler/exec.go index d6e06aa..060b709 100644 --- a/internal/handler/exec.go +++ b/internal/handler/exec.go @@ -14,6 +14,7 @@ import ( "gitlab.com/gitlab-org/gitlab-shell/internal/config" "gitlab.com/gitlab-org/gitlab-shell/internal/executable" "gitlab.com/gitlab-org/gitlab-shell/internal/gitlabnet/accessverifier" + "gitlab.com/gitlab-org/gitlab-shell/internal/sshenv" grpccorrelation "gitlab.com/gitlab-org/labkit/correlation/grpc" "gitlab.com/gitlab-org/labkit/tracing" "google.golang.org/grpc" @@ -64,6 +65,7 @@ func (gc *GitalyCommand) LogExecution(repository *pb.Repository, response *acces "user_id": response.UserId, "username": response.Username, "git_protocol": protocol, + "remote_ip": sshenv.LocalAddr(), } log.WithFields(fields).Info("executing git command") -- cgit v1.2.1