Skip to content

Commit

Permalink
fix: delete .git folder after cloning app's git repo (#1064)
Browse files Browse the repository at this point in the history
* fix: delete .git folder after cloning app's git repo

* feat: log the error msg of .git folder deletion failure
  • Loading branch information
tanmoysrt authored Oct 25, 2024
1 parent 4eb194f commit 9103907
Showing 1 changed file with 15 additions and 5 deletions.
20 changes: 15 additions & 5 deletions swiftwave_service/worker/process_application_build_request.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,16 +4,17 @@ import (
"context"
"encoding/json"
"errors"
"log"
"os"
"path/filepath"

"github.com/google/uuid"
containermanger "github.com/swiftwave-org/swiftwave/container_manager"
dockerconfiggenerator "github.com/swiftwave-org/swiftwave/docker_config_generator"
gitmanager "github.com/swiftwave-org/swiftwave/git_manager"
"github.com/swiftwave-org/swiftwave/pubsub"
"github.com/swiftwave-org/swiftwave/swiftwave_service/core"
"gorm.io/gorm"
"log"
"os"
"path/filepath"
)

func (m Manager) BuildApplication(request BuildApplicationRequest, ctx context.Context, cancelContext context.CancelFunc) error {
Expand Down Expand Up @@ -176,6 +177,15 @@ func (m Manager) buildApplicationForGit(deployment *core.Deployment, db gorm.DB,
addPersistentDeploymentLog(dbWithoutTx, pubSubClient, deployment.ID, "Reason > "+err.Error()+"\n", true)
return err
}
// delete .git folder after cloning
// -- can be security risk for html based apps
// -- if nginx is running inside container, that can expose the .git folder to public
gitFolder := filepath.Join(tempDirectory, ".git")
err = os.RemoveAll(gitFolder)
if err != nil {
addPersistentDeploymentLog(dbWithoutTx, pubSubClient, deployment.ID, "Failed to delete the .git folder of cloned repository\n", false)
addPersistentDeploymentLog(dbWithoutTx, pubSubClient, deployment.ID, "Reason > "+err.Error()+"\n", false)
}
addPersistentDeploymentLog(dbWithoutTx, pubSubClient, deployment.ID, "Cloned git repository successfully\n", false)
addPersistentDeploymentLog(dbWithoutTx, pubSubClient, deployment.ID, "Commit message > "+commitMessage+"\n", false)
addPersistentDeploymentLog(dbWithoutTx, pubSubClient, deployment.ID, "Commit hash > "+commitHash+"\n", false)
Expand All @@ -196,7 +206,7 @@ func (m Manager) buildApplicationForGit(deployment *core.Deployment, db gorm.DB,
if err != nil {
return err
}
var buildArgsMap = make(map[string]string)
buildArgsMap := make(map[string]string)
for _, buildArg := range buildArgs {
buildArgsMap[buildArg.Key] = buildArg.Value
}
Expand Down Expand Up @@ -272,7 +282,7 @@ func (m Manager) buildApplicationForTarball(deployment *core.Deployment, db gorm
if err != nil {
return err
}
var buildArgsMap = make(map[string]string)
buildArgsMap := make(map[string]string)
for _, buildArg := range buildArgs {
buildArgsMap[buildArg.Key] = buildArg.Value
}
Expand Down

0 comments on commit 9103907

Please sign in to comment.