mirror of
https://github.com/kubescape/kubescape.git
synced 2026-04-15 06:58:11 +00:00
b4bdf4d860
* fixed flaky loop(cautils): loadpolicy getter We should not inject pointers to the variable iterated over by the "range" operator. Signed-off-by: Frédéric BIDON <fredbi@yahoo.com> * fixed more flaky pointers in loops (registryadaptors, opaprocessor) Signed-off-by: Frédéric BIDON <fredbi@yahoo.com> * fixed more flaky pointers in loops (resultshandling) Signed-off-by: Frédéric BIDON <fredbi@yahoo.com> * enabled golangci linter in CI Signed-off-by: Frédéric BIDON <fredbi@yahoo.com> * fixed linting issues with minimal linters config Signed-off-by: Frédéric BIDON <fredbi@yahoo.com> * bump go version to 1.19 * English and typos * Support AKS parser (#994) * support GKE parser * update go mod * support GKE parser * update go mod * update k8s-interface pkg * Added KS desgin.drawio * revert k8s.io to v0.25.3 * ran go mod tidy * update sign-up url * [wip] Adding CreateAccount support * revert to docs URL * update opa-utils pkg * Print attack tree (optional, with argument) (#997) * Print attack tree with the argument Signed-off-by: Frédéric BIDON <fredbi@yahoo.com> Co-authored-by: Frédéric BIDON <frederic@oneconcern.com> Co-authored-by: Frédéric BIDON <fredbi@yahoo.com> Co-authored-by: Oshrat Nir <45561829+Oshratn@users.noreply.github.com> Co-authored-by: Amir Malka <amirm@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>
99 lines
2.6 KiB
Go
99 lines
2.6 KiB
Go
package resourcehandler
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
nethttp "net/http"
|
|
"os"
|
|
|
|
"github.com/go-git/go-git/v5"
|
|
"github.com/go-git/go-git/v5/plumbing"
|
|
"github.com/go-git/go-git/v5/plumbing/transport"
|
|
"github.com/go-git/go-git/v5/plumbing/transport/http"
|
|
giturl "github.com/kubescape/go-git-url"
|
|
)
|
|
|
|
// To Check if the given repository is Public(No Authentication needed), send a HTTP GET request to the URL
|
|
// If response code is 200, the repository is Public.
|
|
func isGitRepoPublic(u string) bool {
|
|
resp, err := nethttp.Get(u) //nolint:gosec
|
|
if err != nil {
|
|
return false
|
|
}
|
|
|
|
// if the status code is 200, our get request is successful.
|
|
// It only happens when the repository is public.
|
|
if resp.StatusCode == 200 {
|
|
return true
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
// Check if the GITHUB_TOKEN is present
|
|
func isGitTokenPresent(gitURL giturl.IGitAPI) bool {
|
|
if token := gitURL.GetToken(); token == "" {
|
|
return false
|
|
}
|
|
return true
|
|
}
|
|
|
|
// Get the error message according to the provider
|
|
func getProviderError(gitURL giturl.IGitAPI) error {
|
|
switch gitURL.GetProvider(){
|
|
case "github":
|
|
return fmt.Errorf("%w", errors.New("GITHUB_TOKEN is not present"))
|
|
case "gitlab":
|
|
return fmt.Errorf("%w", errors.New("GITLAB_TOKEN is not present"))
|
|
}
|
|
return fmt.Errorf("%w", errors.New("unable to find the host name"))
|
|
}
|
|
|
|
// cloneRepo clones a repository to a local temporary directory and returns the directory
|
|
func cloneRepo(gitURL giturl.IGitAPI) (string, error) {
|
|
|
|
// Create temp directory
|
|
tmpDir, err := os.MkdirTemp("", "")
|
|
if err != nil {
|
|
return "", fmt.Errorf("failed to create temporary directory: %w", err)
|
|
}
|
|
|
|
// Get the URL to clone
|
|
cloneURL := gitURL.GetHttpCloneURL()
|
|
|
|
isGitRepoPublic := isGitRepoPublic(cloneURL)
|
|
|
|
// Declare the authentication variable required for cloneOptions
|
|
var auth transport.AuthMethod
|
|
|
|
if isGitRepoPublic {
|
|
// No authentication needed if repository is public
|
|
auth = nil
|
|
} else {
|
|
|
|
// Return Error if the AUTH_TOKEN is not present
|
|
if isGitTokenPresent := isGitTokenPresent(gitURL); !isGitTokenPresent {
|
|
return "", getProviderError(gitURL)
|
|
}
|
|
auth = &http.BasicAuth{
|
|
Username: "anything Except Empty String",
|
|
Password: gitURL.GetToken(),
|
|
}
|
|
}
|
|
|
|
// Clone option
|
|
cloneOpts := git.CloneOptions{URL: cloneURL, Auth: auth}
|
|
if gitURL.GetBranchName() != "" {
|
|
cloneOpts.ReferenceName = plumbing.NewBranchReferenceName(gitURL.GetBranchName())
|
|
cloneOpts.SingleBranch = true
|
|
}
|
|
|
|
// Actual clone
|
|
_, err = git.PlainClone(tmpDir, false, &cloneOpts)
|
|
if err != nil {
|
|
return "", fmt.Errorf("failed to clone %s. %w", gitURL.GetRepoName(), err)
|
|
}
|
|
|
|
return tmpDir, nil
|
|
}
|