diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/action/custom.rb | 3 | ||||
| -rw-r--r-- | lib/gitlab_access.rb | 4 | ||||
| -rw-r--r-- | lib/gitlab_keys.rb | 28 | ||||
| -rw-r--r-- | lib/gitlab_lfs_authentication.rb | 2 | ||||
| -rw-r--r-- | lib/gitlab_logger.rb | 5 | ||||
| -rw-r--r-- | lib/gitlab_net.rb | 26 | ||||
| -rw-r--r-- | lib/gitlab_post_receive.rb | 2 | ||||
| -rw-r--r-- | lib/gitlab_shell.rb | 14 | ||||
| -rw-r--r-- | lib/http_helper.rb | 2 | ||||
| -rw-r--r-- | lib/httpunix.rb | 7 |
10 files changed, 35 insertions, 58 deletions
diff --git a/lib/action/custom.rb b/lib/action/custom.rb index 3382e83..a2f3d59 100644 --- a/lib/action/custom.rb +++ b/lib/action/custom.rb @@ -96,13 +96,12 @@ module Action def print_flush(str) return false unless str - $stdout.print(Base64.decode64(str)) $stdout.flush end def inform_client(str) - warn(format_gitlab_output(str)) + $stderr.puts(format_gitlab_output(str)) end def format_gitlab_output(str) diff --git a/lib/gitlab_access.rb b/lib/gitlab_access.rb index ce299fe..e1a5e35 100644 --- a/lib/gitlab_access.rb +++ b/lib/gitlab_access.rb @@ -31,10 +31,10 @@ class GitlabAccess true rescue GitlabNet::ApiUnreachableError - warn "GitLab: Failed to authorize your Git request: internal API unreachable" + $stderr.puts "GitLab: Failed to authorize your Git request: internal API unreachable" false rescue AccessDeniedError => ex - warn "GitLab: #{ex.message}" + $stderr.puts "GitLab: #{ex.message}" false end diff --git a/lib/gitlab_keys.rb b/lib/gitlab_keys.rb index c67d336..0600a18 100644 --- a/lib/gitlab_keys.rb +++ b/lib/gitlab_keys.rb @@ -1,5 +1,4 @@ require 'timeout' -require 'open3' require_relative 'gitlab_config' require_relative 'gitlab_logger' @@ -15,7 +14,7 @@ class GitlabKeys # rubocop:disable Metrics/ClassLength end def self.command_key(key_id) - unless /\A[a-z0-9-]+\z/ =~ key_id # rubocop:disable Performance/RegexpMatch + unless /\A[a-z0-9-]+\z/ =~ key_id raise KeyError, "Invalid key_id: #{key_id.inspect}" end @@ -108,9 +107,7 @@ class GitlabKeys # rubocop:disable Metrics/ClassLength open_auth_file('r') do |f| f.each_line do |line| matchd = line.match(/key-(\d+)/) - next unless matchd - puts matchd[1] end end @@ -141,7 +138,6 @@ class GitlabKeys # rubocop:disable Metrics/ClassLength open_auth_file('r+') do |f| while line = f.gets # rubocop:disable Lint/AssignmentInCondition next unless line.start_with?("command=\"#{self.class.command_key(@key_id)}\"") - f.seek(-line.length, IO::SEEK_CUR) # Overwrite the line with #'s. Because the 'line' variable contains # a terminating '\n', we write line.length - 1 '#' characters. @@ -159,24 +155,20 @@ class GitlabKeys # rubocop:disable Metrics/ClassLength def check_permissions open_auth_file(File::RDWR | File::CREAT) { true } - rescue StandardError => ex + rescue => ex puts "error: could not open #{auth_file}: #{ex}" - - cmd = if File.exist?(auth_file) - %W{ls -l #{auth_file}} - else - # Maybe the parent directory is not writable? - %W{ls -ld #{File.dirname(auth_file)}} - end - - output, = Open3.capture2e(cmd.join(' ')) - puts output + if File.exist?(auth_file) + system('ls', '-l', auth_file) + else + # Maybe the parent directory is not writable? + system('ls', '-ld', File.dirname(auth_file)) + end false end def lock(timeout = 10) File.open(lock_file, "w+") do |f| - begin # rubocop:disable Style/RedundantBegin + begin f.flock File::LOCK_EX Timeout.timeout(timeout) { yield } ensure @@ -190,7 +182,7 @@ class GitlabKeys # rubocop:disable Metrics/ClassLength end def open_auth_file(mode) - File.open(auth_file, mode, 0o600) do |file| + open(auth_file, mode, 0o600) do |file| file.chmod(0o600) yield file end diff --git a/lib/gitlab_lfs_authentication.rb b/lib/gitlab_lfs_authentication.rb index ff917bc..ccd6d69 100644 --- a/lib/gitlab_lfs_authentication.rb +++ b/lib/gitlab_lfs_authentication.rb @@ -13,7 +13,7 @@ class GitlabLfsAuthentication def self.build_from_json(json) values = JSON.parse(json) new(values['username'], values['lfs_token'], values['repository_http_path']) - rescue StandardError + rescue nil end diff --git a/lib/gitlab_logger.rb b/lib/gitlab_logger.rb index edb8b05..67f6030 100644 --- a/lib/gitlab_logger.rb +++ b/lib/gitlab_logger.rb @@ -7,14 +7,15 @@ require_relative 'gitlab_config' def convert_log_level(log_level) Logger.const_get(log_level.upcase) rescue NameError - warn "WARNING: Unrecognized log level #{log_level.inspect}. Falling back to INFO." + $stderr.puts "WARNING: Unrecognized log level #{log_level.inspect}." + $stderr.puts "WARNING: Falling back to INFO." Logger::INFO end class GitlabLogger # Emulate the quoting logic of logrus # https://github.com/sirupsen/logrus/blob/v1.0.5/text_formatter.go#L143-L156 - SHOULD_QUOTE = /[^a-zA-Z0-9\-._\/@^+]/.freeze + SHOULD_QUOTE = /[^a-zA-Z0-9\-._\/@^+]/ LEVELS = { Logger::INFO => 'info'.freeze, diff --git a/lib/gitlab_net.rb b/lib/gitlab_net.rb index 1c2954c..cae3bdb 100644 --- a/lib/gitlab_net.rb +++ b/lib/gitlab_net.rb @@ -1,5 +1,3 @@ -# frozen_string_literal: true - require 'net/http' require 'openssl' require 'json' @@ -13,7 +11,7 @@ class GitlabNet # rubocop:disable Metrics/ClassLength include HTTPHelper CHECK_TIMEOUT = 5 - API_INACCESSIBLE_MESSAGE = 'API is not accessible' + API_INACCESSIBLE_MESSAGE = 'API is not accessible'.freeze def check_access(cmd, gl_repository, repo, who, changes, protocol, env: {}) changes = changes.join("\n") unless changes.is_a?(String) @@ -78,8 +76,8 @@ class GitlabNet # rubocop:disable Metrics/ClassLength def merge_request_urls(gl_repository, repo_path, changes) changes = changes.join("\n") unless changes.is_a?(String) changes = changes.encode('UTF-8', 'ASCII', invalid: :replace, replace: '') - url = "#{internal_api_endpoint}/merge_request_urls?project=#{uri_escape(repo_path)}&changes=#{uri_escape(changes)}" - url += "&gl_repository=#{uri_escape(gl_repository)}" if gl_repository + url = "#{internal_api_endpoint}/merge_request_urls?project=#{URI.escape(repo_path)}&changes=#{URI.escape(changes)}" + url += "&gl_repository=#{URI.escape(gl_repository)}" if gl_repository resp = get(url) if resp.code == '200' @@ -87,7 +85,7 @@ class GitlabNet # rubocop:disable Metrics/ClassLength else [] end - rescue StandardError + rescue [] end @@ -96,9 +94,9 @@ class GitlabNet # rubocop:disable Metrics/ClassLength end def authorized_key(key) - resp = get("#{internal_api_endpoint}/authorized_keys?key=#{URI.escape(key, '+/=')}") # rubocop:disable Lint/UriEscapeUnescape + resp = get("#{internal_api_endpoint}/authorized_keys?key=#{URI.escape(key, '+/=')}") JSON.parse(resp.body) if resp.code == "200" - rescue StandardError + rescue nil end @@ -108,7 +106,7 @@ class GitlabNet # rubocop:disable Metrics/ClassLength resp = post("#{internal_api_endpoint}/two_factor_recovery_codes", id_sym => id) JSON.parse(resp.body) if resp.code == '200' - rescue StandardError + rescue {} end @@ -117,7 +115,7 @@ class GitlabNet # rubocop:disable Metrics/ClassLength resp = post("#{internal_api_endpoint}/notify_post_receive", params) resp.code == '200' - rescue StandardError + rescue false end @@ -145,15 +143,11 @@ class GitlabNet # rubocop:disable Metrics/ClassLength def self.parse_who(who) if who.start_with?("key-") value = who.gsub("key-", "") - raise ArgumentError, "who='#{who}' is invalid!" unless value =~ /\A[0-9]+\z/ - [:key_id, 'key_id', value] elsif who.start_with?("user-") value = who.gsub("user-", "") - raise ArgumentError, "who='#{who}' is invalid!" unless value =~ /\A[0-9]+\z/ - [:user_id, 'user_id', value] elsif who.start_with?("username-") [:username, 'username', who.gsub("username-", "")] @@ -167,8 +161,4 @@ class GitlabNet # rubocop:disable Metrics/ClassLength def sanitize_path(repo) repo.delete("'") end - - def uri_escape(str) - URI.escape(str) # rubocop:disable Lint/UriEscapeUnescape - end end diff --git a/lib/gitlab_post_receive.rb b/lib/gitlab_post_receive.rb index 4d2482b..cb9931d 100644 --- a/lib/gitlab_post_receive.rb +++ b/lib/gitlab_post_receive.rb @@ -25,7 +25,6 @@ class GitlabPostReceive end return false unless response - print_broadcast_message(response['broadcast_message']) if response['broadcast_message'] print_merge_request_links(response['merge_request_urls']) if response['merge_request_urls'] puts response['redirected_message'] if response['redirected_message'] @@ -44,7 +43,6 @@ class GitlabPostReceive def print_merge_request_links(merge_request_urls) return if merge_request_urls.empty? - puts merge_request_urls.each { |mr| print_merge_request_link(mr) } end diff --git a/lib/gitlab_shell.rb b/lib/gitlab_shell.rb index 87da693..6ad67c1 100644 --- a/lib/gitlab_shell.rb +++ b/lib/gitlab_shell.rb @@ -81,23 +81,23 @@ class GitlabShell # rubocop:disable Metrics/ClassLength true rescue GitlabNet::ApiUnreachableError - warn "GitLab: Failed to authorize your Git request: internal API unreachable" + $stderr.puts "GitLab: Failed to authorize your Git request: internal API unreachable" false rescue AccessDeniedError => ex $logger.warn('Access denied', command: origin_cmd, user: log_username) - warn "GitLab: #{ex.message}" + $stderr.puts "GitLab: #{ex.message}" false rescue DisallowedCommandError $logger.warn('Denied disallowed command', command: origin_cmd, user: log_username) - warn "GitLab: Disallowed command" + $stderr.puts "GitLab: Disallowed command" false rescue InvalidRepositoryPathError - warn "GitLab: Invalid repository path" + $stderr.puts "GitLab: Invalid repository path" false rescue Action::Custom::BaseError => ex $logger.warn('Custom action error', exception: ex.class, message: ex.message, command: origin_cmd, user: log_username) - warn ex.message + $stderr.puts ex.message false end @@ -121,7 +121,6 @@ class GitlabShell # rubocop:disable Metrics/ClassLength case @command when GIT_LFS_AUTHENTICATE_COMMAND raise DisallowedCommandError unless args.count >= 2 - @repo_name = args[1] case args[2] when 'download' @@ -133,7 +132,6 @@ class GitlabShell # rubocop:disable Metrics/ClassLength end else raise DisallowedCommandError unless args.count == 2 - @repo_name = args.last end @@ -203,7 +201,7 @@ class GitlabShell # rubocop:disable Metrics/ClassLength begin if defined?(@who) @user = api.discover(@who) - @gl_id = "user-#{@user['id']}" if @user&.key?('id') + @gl_id = "user-#{@user['id']}" if @user && @user.key?('id') else @user = api.discover(@gl_id) end diff --git a/lib/http_helper.rb b/lib/http_helper.rb index f6001ea..c66df53 100644 --- a/lib/http_helper.rb +++ b/lib/http_helper.rb @@ -74,7 +74,7 @@ module HTTPHelper begin start_time = Time.new response = http.start { http.request(request) } - rescue StandardError => e + rescue => e $logger.warn('Failed to connect', method: method.to_s.upcase, url: url, error: e) raise GitlabNet::ApiUnreachableError ensure diff --git a/lib/httpunix.rb b/lib/httpunix.rb index 230db46..7d00f71 100644 --- a/lib/httpunix.rb +++ b/lib/httpunix.rb @@ -12,14 +12,13 @@ module URI def hostname # decode %XX from path to file v = host - URI.decode(v) # rubocop:disable Lint/UriEscapeUnescape + URI.decode(v) end # port is not allowed in URI DEFAULT_PORT = nil - def set_port(value) - return value unless value - + def set_port(v) + return v unless v raise InvalidURIError, "http+unix:// cannot contain port" end end |