Add more checks in migration code (#21011)
When migrating add several more important sanity checks: * SHAs must be SHAs * Refs must be valid Refs * URLs must be reasonable Signed-off-by: Andrew Thornton <art27@cantab.net> Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <matti@mdranta.net>
This commit is contained in:
zeripath
GitHub
parent
93a610a819
commit
e6b3be4608
24 changed files with 714 additions and 302 deletions
|
|
@ -107,9 +107,24 @@ func NewCodebaseDownloader(ctx context.Context, projectURL *url.URL, project, re
|
|||
commitMap: make(map[string]string),
|
||||
}
|
||||
|
||||
log.Trace("Create Codebase downloader. BaseURL: %s Project: %s RepoName: %s", baseURL, project, repoName)
|
||||
return downloader
|
||||
}
|
||||
|
||||
// String implements Stringer
|
||||
func (d *CodebaseDownloader) String() string {
|
||||
return fmt.Sprintf("migration from codebase server %s %s/%s", d.baseURL, d.project, d.repoName)
|
||||
}
|
||||
|
||||
// ColorFormat provides a basic color format for a GogsDownloader
|
||||
func (d *CodebaseDownloader) ColorFormat(s fmt.State) {
|
||||
if d == nil {
|
||||
log.ColorFprintf(s, "<nil: CodebaseDownloader>")
|
||||
return
|
||||
}
|
||||
log.ColorFprintf(s, "migration from codebase server %s %s/%s", d.baseURL, d.project, d.repoName)
|
||||
}
|
||||
|
||||
// FormatCloneURL add authentication into remote URLs
|
||||
func (d *CodebaseDownloader) FormatCloneURL(opts base.MigrateOptions, remoteAddr string) (string, error) {
|
||||
return opts.CloneAddr, nil
|
||||
|
|
@ -451,8 +466,8 @@ func (d *CodebaseDownloader) GetPullRequests(page, perPage int) ([]*base.PullReq
|
|||
Value int64 `xml:",chardata"`
|
||||
Type string `xml:"type,attr"`
|
||||
} `xml:"id"`
|
||||
SourceRef string `xml:"source-ref"`
|
||||
TargetRef string `xml:"target-ref"`
|
||||
SourceRef string `xml:"source-ref"` // NOTE: from the documentation these are actually just branches NOT full refs
|
||||
TargetRef string `xml:"target-ref"` // NOTE: from the documentation these are actually just branches NOT full refs
|
||||
Subject string `xml:"subject"`
|
||||
Status string `xml:"status"`
|
||||
UserID struct {
|
||||
|
|
@ -564,6 +579,9 @@ func (d *CodebaseDownloader) GetPullRequests(page, perPage int) ([]*base.PullReq
|
|||
Comments: comments[1:],
|
||||
},
|
||||
})
|
||||
|
||||
// SECURITY: Ensure that the PR is safe
|
||||
_ = CheckAndEnsureSafePR(pullRequests[len(pullRequests)-1], d.baseURL.String(), d)
|
||||
}
|
||||
|
||||
return pullRequests, true, nil
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue