github/kubescape
1
0
Fork 0
mirror of https://github.com/kubescape/kubescape.git synced 2026-02-14 09:59:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix: Prevent URLs from being treated as local file paths

Browse Source 
- Add URL detection (http:// and https://) in getScanningContext
- Prevent URLs from being joined with current working directory
- Add test cases for self-hosted GitLab URLs
- Ensure proper error handling when git clone fails

Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2025-12-11 09:08:12 +00:00
parent 5dee6d0e4f
commit 621ffd3ead
2 changed files with 23 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
core/cautils/scaninfo.go
View File

@@ -321,6 +321,9 @@ func (scanInfo *ScanInfo) getScanningContext(input string) ScanningContext {
return ContextCluster
}
// Check if input is a URL (http:// or https://)
isURL := strings.HasPrefix(input, "http://") || strings.HasPrefix(input, "https://")
// git url
if _, err := giturl.NewGitURL(input); err == nil {
if repo, err := CloneGitRepo(&input); err == nil {
@@ -331,6 +334,16 @@ func (scanInfo *ScanInfo) getScanningContext(input string) ScanningContext {
return ContextGitRemote
}
}
// If giturl.NewGitURL succeeded but cloning failed, the input is a git URL
// that couldn't be cloned. Don't treat it as a local path.
// The clone error was already logged by CloneGitRepo
return ContextDir // Return ContextDir to trigger "no files found" error with clear URL context
}
// If it looks like a URL but wasn't recognized as a git URL, still don't treat it as a local path
if isURL {
logger.L().Error("URL provided but not recognized as a valid git repository", helpers.String("url", input))
return ContextDir
}
if !filepath.IsAbs(input) { // parse path

10
core/cautils/scaninfo_test.go
View File

@@ -88,6 +88,16 @@ func TestGetScanningContext(t *testing.T) {
input: os.TempDir(),
want: ContextDir,
},
{
name: "self-hosted GitLab URL that can't be cloned",
input: "https://gitlab.private-domain.com/my-org/my-repo.git",
want: ContextDir, // Should return ContextDir when clone fails, not try to treat as local path
},
{
name: "http URL that can't be cloned",
input: "http://gitlab.example.com/org/repo",
want: ContextDir, // Should return ContextDir when clone fails, not try to treat as local path
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {