2019-02-15 15:39:39 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
# Gitaly note: JV: no RPC's here.
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
module Gitlab
|
|
|
|
module Git
|
2020-04-22 19:07:51 +05:30
|
|
|
# Ephemeral (per request) storage for environment variables that some
|
|
|
|
# Git commands need during internal API calls made from the Git
|
|
|
|
# pre-receive push hook.
|
2017-08-17 22:00:37 +05:30
|
|
|
#
|
2020-04-22 19:07:51 +05:30
|
|
|
# See
|
|
|
|
# https://gitlab.com/gitlab-org/gitaly/-/blob/master/doc/object_quarantine.md#gitlab-and-git-object-quarantine
|
|
|
|
# for more information.
|
2017-08-17 22:00:37 +05:30
|
|
|
#
|
|
|
|
# This class is thread-safe via RequestStore.
|
2018-05-09 12:01:36 +05:30
|
|
|
class HookEnv
|
2018-03-17 18:26:18 +05:30
|
|
|
WHITELISTED_VARIABLES = %w[
|
|
|
|
GIT_OBJECT_DIRECTORY_RELATIVE
|
|
|
|
GIT_ALTERNATE_OBJECT_DIRECTORIES_RELATIVE
|
2017-08-17 22:00:37 +05:30
|
|
|
].freeze
|
|
|
|
|
2018-05-09 12:01:36 +05:30
|
|
|
def self.set(gl_repository, env)
|
2018-12-05 23:21:45 +05:30
|
|
|
return unless Gitlab::SafeRequestStore.active?
|
2017-08-17 22:00:37 +05:30
|
|
|
|
2018-05-09 12:01:36 +05:30
|
|
|
raise "missing gl_repository" if gl_repository.blank?
|
|
|
|
|
2018-12-05 23:21:45 +05:30
|
|
|
Gitlab::SafeRequestStore[:gitlab_git_env] ||= {}
|
|
|
|
Gitlab::SafeRequestStore[:gitlab_git_env][gl_repository] = whitelist_git_env(env)
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
2018-05-09 12:01:36 +05:30
|
|
|
def self.all(gl_repository)
|
2018-12-05 23:21:45 +05:30
|
|
|
return {} unless Gitlab::SafeRequestStore.active?
|
2017-08-17 22:00:37 +05:30
|
|
|
|
2018-12-05 23:21:45 +05:30
|
|
|
h = Gitlab::SafeRequestStore.fetch(:gitlab_git_env) { {} }
|
2018-05-09 12:01:36 +05:30
|
|
|
h.fetch(gl_repository, {})
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
2018-05-09 12:01:36 +05:30
|
|
|
def self.to_env_hash(gl_repository)
|
2018-03-17 18:26:18 +05:30
|
|
|
env = {}
|
|
|
|
|
2018-05-09 12:01:36 +05:30
|
|
|
all(gl_repository).compact.each do |key, value|
|
2018-03-17 18:26:18 +05:30
|
|
|
value = value.join(File::PATH_SEPARATOR) if value.is_a?(Array)
|
|
|
|
env[key.to_s] = value
|
|
|
|
end
|
|
|
|
|
|
|
|
env
|
|
|
|
end
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
def self.whitelist_git_env(env)
|
2018-03-17 18:26:18 +05:30
|
|
|
env.select { |key, _| WHITELISTED_VARIABLES.include?(key.to_s) }.with_indifferent_access
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|