From aab85f3600caf04b491d6ca4fc3f0f004d9e3fc0 Mon Sep 17 00:00:00 2001 From: Patrick Bajao Date: Mon, 29 Jul 2019 14:33:01 +0800 Subject: Support falling back to ruby version of checkers Rename the ruby scripts to have `-ruby` suffix and add a symlink for both to `./gitlab-shell`. The executable name will be used to determine how args will be parsed. For now, we only parse the arguments for gitlab-shell commands. If the executable is `gitlab-shell-authorized-keys-check` or `gitlab-shell-authorized-principals-check`, it'll always fallback to the ruby version. Ruby specs test the ruby script, the fallback from go to ruby and go implementation of both (still pending). --- go/internal/command/fallback/fallback.go | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) (limited to 'go/internal/command/fallback/fallback.go') diff --git a/go/internal/command/fallback/fallback.go b/go/internal/command/fallback/fallback.go index f525a57..cec94d5 100644 --- a/go/internal/command/fallback/fallback.go +++ b/go/internal/command/fallback/fallback.go @@ -1,14 +1,22 @@ package fallback import ( + "fmt" "os" "path/filepath" "syscall" + + "gitlab.com/gitlab-org/gitlab-shell/go/internal/command/commandargs" ) +type CommandArgs interface { + Executable() commandargs.Executable + Arguments() []string +} + type Command struct { RootDir string - Args []string + Args CommandArgs } var ( @@ -16,15 +24,15 @@ var ( execFunc = syscall.Exec ) -const ( - RubyProgram = "gitlab-shell-ruby" -) - func (c *Command) Execute() error { - rubyCmd := filepath.Join(c.RootDir, "bin", RubyProgram) + rubyCmd := filepath.Join(c.RootDir, "bin", c.fallbackProgram()) // Ensure rubyArgs[0] is the full path to gitlab-shell-ruby - rubyArgs := append([]string{rubyCmd}, c.Args[1:]...) + rubyArgs := append([]string{rubyCmd}, c.Args.Arguments()...) return execFunc(rubyCmd, rubyArgs, os.Environ()) } + +func (c *Command) fallbackProgram() string { + return fmt.Sprintf("%s-ruby", c.Args.Executable()) +} -- cgit v1.2.1 From 3b0176df497263323da2fae793a79b568502e6db Mon Sep 17 00:00:00 2001 From: Patrick Bajao Date: Mon, 29 Jul 2019 15:56:00 +0800 Subject: Support different CommandArgs type `CommandArgs` has been renamed to `Shell`. An interface has been added that includes `Executable()` and `Arguments()` method. The `BaseArgs` implement this methods and should be embeeded in each type. --- go/internal/command/fallback/fallback.go | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) (limited to 'go/internal/command/fallback/fallback.go') diff --git a/go/internal/command/fallback/fallback.go b/go/internal/command/fallback/fallback.go index cec94d5..81baaf5 100644 --- a/go/internal/command/fallback/fallback.go +++ b/go/internal/command/fallback/fallback.go @@ -9,14 +9,9 @@ import ( "gitlab.com/gitlab-org/gitlab-shell/go/internal/command/commandargs" ) -type CommandArgs interface { - Executable() commandargs.Executable - Arguments() []string -} - type Command struct { RootDir string - Args CommandArgs + Args commandargs.CommandArgs } var ( -- cgit v1.2.1 From 3b6f9f7583755e041e76142d7caf7716937907fa Mon Sep 17 00:00:00 2001 From: Patrick Bajao Date: Fri, 2 Aug 2019 16:10:17 +0800 Subject: Add Executable struct This struct is responsible for determining the name and root dir of the executable. The `RootDir` property will be used to find the config. The `Name` property will be used to determine what `Command` and `CommandArgs` to be built. --- go/internal/command/fallback/fallback.go | 36 ++++++++++++++++++++++++++------ 1 file changed, 30 insertions(+), 6 deletions(-) (limited to 'go/internal/command/fallback/fallback.go') diff --git a/go/internal/command/fallback/fallback.go b/go/internal/command/fallback/fallback.go index 81baaf5..781eda1 100644 --- a/go/internal/command/fallback/fallback.go +++ b/go/internal/command/fallback/fallback.go @@ -1,33 +1,57 @@ package fallback import ( + "errors" "fmt" "os" "path/filepath" "syscall" "gitlab.com/gitlab-org/gitlab-shell/go/internal/command/commandargs" + "gitlab.com/gitlab-org/gitlab-shell/go/internal/executable" ) type Command struct { - RootDir string - Args commandargs.CommandArgs + Executable *executable.Executable + RootDir string + Args commandargs.CommandArgs } var ( // execFunc is overridden in tests - execFunc = syscall.Exec + execFunc = syscall.Exec + whitelist = []string{ + executable.GitlabShell, + executable.AuthorizedKeysCheck, + executable.AuthorizedPrincipalsCheck, + } ) func (c *Command) Execute() error { - rubyCmd := filepath.Join(c.RootDir, "bin", c.fallbackProgram()) + if !c.isWhitelisted() { + return errors.New("Failed to execute unknown executable") + } + + rubyCmd := c.fallbackProgram() // Ensure rubyArgs[0] is the full path to gitlab-shell-ruby - rubyArgs := append([]string{rubyCmd}, c.Args.Arguments()...) + rubyArgs := append([]string{rubyCmd}, c.Args.GetArguments()...) return execFunc(rubyCmd, rubyArgs, os.Environ()) } +func (c *Command) isWhitelisted() bool { + for _, item := range whitelist { + if c.Executable.Name == item { + return true + } + } + + return false +} + func (c *Command) fallbackProgram() string { - return fmt.Sprintf("%s-ruby", c.Args.Executable()) + fileName := fmt.Sprintf("%s-ruby", c.Executable.Name) + + return filepath.Join(c.RootDir, "bin", fileName) } -- cgit v1.2.1