Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(#19314, #15700): allow ssh/altssh subdomains in repo URLs to match webhook payload #21227

Open
wants to merge 16 commits into
base: master
Choose a base branch
from
Open

fix(#19314, #15700): allow ssh/altssh subdomains in repo URLs to match webhook payload #21227

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
671ed99
allow ssh/altssh subdomains in repo URLs to match webhook payload
mtbennett-godaddy Dec 17, 2024
750c0a9
Merge branch 'master' into fix-19314
mtbennett-godaddy Dec 17, 2024
71d126f
Merge branch 'master' of github.com:argoproj/argo-cd into fix-19314
mtbennett-godaddy Dec 19, 2024
5ed35ea
add affected app sets to recently merged test
mtbennett-godaddy Dec 19, 2024
2f46cc4
Merge branch 'fix-19314' of github.com:mtbennett-godaddy/argo-cd into…
mtbennett-godaddy Dec 19, 2024
453ad46
add tests
mtbennett-godaddy Dec 19, 2024
9678a96
Merge branch 'master' of github.com:argoproj/argo-cd into fix-19314
mtbennett-godaddy Dec 20, 2024
b5647ce
Merge branch 'master' of github.com:argoproj/argo-cd into fix-19314
mtbennett-godaddy Dec 20, 2024
1312173
Merge branch 'master' of github.com:argoproj/argo-cd into fix-19314
mtbennett-godaddy Dec 23, 2024
7ba7cb3
Merge branch 'master' of github.com:argoproj/argo-cd into fix-19314
mtbennett-godaddy Dec 30, 2024
c8c7abd
Merge branch 'master' of github.com:argoproj/argo-cd into fix-19314
mtbennett-godaddy Dec 30, 2024
5e7658c
more gitlab -> gitlab.com tweaks in test data
mtbennett-godaddy Dec 30, 2024
eb518a1
use word and digit character classes to simplify regexes a bit
mtbennett-godaddy Dec 30, 2024
5131354
Merge branch 'master' of github.com:argoproj/argo-cd into fix-19314
mtbennett-godaddy Dec 31, 2024
2b9d884
Merge branch 'master' of github.com:argoproj/argo-cd into fix-19314
mtbennett-godaddy Jan 2, 2025
a3c50a5
Merge branch 'master' of github.com:argoproj/argo-cd into fix-19314
mtbennett-godaddy Jan 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 12 additions & 12 deletions applicationset/webhook/testdata/gitlab-event.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,26 +16,26 @@
"id": 1,
"name": "project",
"description": "",
"web_url": "https://gitlab/group/name",
"web_url": "https://gitlab.com/group/name",
"avatar_url": null,
"git_ssh_url": "ssh://git@gitlab:2222/group/name.git",
"git_http_url": "https://gitlab/group/name.git",
"git_ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"git_http_url": "https://gitlab.com/group/name.git",
"namespace": "group",
"visibility_level": 1,
"path_with_namespace": "group/name",
"default_branch": "master",
"ci_config_path": null,
"homepage": "https://gitlab/group/name",
"url": "ssh://git@gitlab:2222/group/name.git",
"ssh_url": "ssh://git@gitlab:2222/group/name.git",
"http_url": "https://gitlab/group/name.git"
"homepage": "https://gitlab.com/group/name",
"url": "ssh://git@gitlab.com:2222/group/name.git",
"ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"http_url": "https://gitlab.com/group/name.git"
},
"commits": [
{
"id": "bb0748feaa336d841c251017e4e374c22d0c8a98",
"message": "Test commit message\n",
"timestamp": "2020-01-06T03:47:55Z",
"url": "https://gitlab/group/name/commit/bb0748feaa336d841c251017e4e374c22d0c8a98",
"url": "https://gitlab.com/group/name/commit/bb0748feaa336d841c251017e4e374c22d0c8a98",
"author": {
"name": "User",
"email": "[email protected]"
Expand All @@ -55,11 +55,11 @@
},
"repository": {
"name": "name",
"url": "ssh://git@gitlab:2222/group/name.git",
"url": "ssh://git@gitlab.com:2222/group/name.git",
"description": "",
"homepage": "https://gitlab/group/name",
"git_http_url": "https://gitlab/group/name.git",
"git_ssh_url": "ssh://git@gitlab:2222/group/name.git",
"homepage": "https://gitlab.com/group/name",
"git_http_url": "https://gitlab.com/group/name.git",
"git_ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
mtbennett-godaddy marked this conversation as resolved.
Show resolved Hide resolved
"visibility_level": 10
}
}
18 changes: 9 additions & 9 deletions applicationset/webhook/testdata/gitlab-merge-request-approval-event.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,25 +14,25 @@
"description": "",
"web_url": "https://gitlab.com/group/name",
"avatar_url": null,
"git_ssh_url": "ssh://git@gitlab:2222/group/name.git",
"git_ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"git_http_url": "https://gitlab.com/group/name.git",
"namespace": "group",
"visibility_level": 1,
"path_with_namespace": "group/name",
"default_branch": "master",
"ci_config_path": null,
"homepage": "https://gitlab.com/group/name",
"url": "ssh://git@gitlab:2222/group/name.git",
"ssh_url": "ssh://git@gitlab:2222/group/name.git",
"url": "ssh://git@gitlab.com:2222/group/name.git",
"ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"http_url": "https://gitlab.com/group/name.git"
},
"repository": {
"name": "name",
"url": "ssh://git@gitlab:2222/group/name.git",
"url": "ssh://git@gitlab.com:2222/group/name.git",
"description": "",
"homepage": "https://gitlab.com/group/name",
"git_http_url": "https://gitlab.com/group/name.git",
"git_ssh_url": "ssh://git@gitlab:2222/group/name.git",
"git_ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"visibility_level": 10
},
"object_attributes": {
Expand Down Expand Up @@ -60,31 +60,31 @@
"description": "Aut reprehenderit ut est.",
"web_url": "https://gitlab.com/group/name",
"avatar_url": null,
"git_ssh_url": "ssh://git@gitlab:2222/group/name.git",
"git_ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"git_http_url": "https://gitlab.com/group/name.git",
"namespace": "Awesome Space",
"visibility_level": 20,
"path_with_namespace": "group/name",
"default_branch": "master",
"homepage": "https://gitlab.com/group/name",
"url": "https://gitlab.com/group/name.git",
"ssh_url": "ssh://git@gitlab:2222/group/name.git",
"ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"http_url": "https://gitlab.com/group/name.git"
},
"target": {
"name": "Awesome Project",
"description": "Aut reprehenderit ut est.",
"web_url": "https://gitlab.com/group/name",
"avatar_url": null,
"git_ssh_url": "ssh://git@gitlab:2222/group/name.git",
"git_ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"git_http_url": "https://gitlab.com/group/name.git",
"namespace": "Awesome Space",
"visibility_level": 20,
"path_with_namespace": "group/name",
"default_branch": "master",
"homepage": "https://gitlab.com/group/name",
"url": "https://gitlab.com/group/name.git",
"ssh_url": "ssh://git@gitlab:2222/group/name.git",
"ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"http_url": "https://gitlab.com/group/name.git"
},
"last_commit": {
Expand Down
18 changes: 9 additions & 9 deletions applicationset/webhook/testdata/gitlab-merge-request-open-event.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,25 +14,25 @@
"description": "",
"web_url": "https://gitlab.com/group/name",
"avatar_url": null,
"git_ssh_url": "ssh://git@gitlab:2222/group/name.git",
"git_ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"git_http_url": "https://gitlab.com/group/name.git",
"namespace": "group",
"visibility_level": 1,
"path_with_namespace": "group/name",
"default_branch": "master",
"ci_config_path": null,
"homepage": "https://gitlab.com/group/name",
"url": "ssh://git@gitlab:2222/group/name.git",
"ssh_url": "ssh://git@gitlab:2222/group/name.git",
"url": "ssh://git@gitlab.com:2222/group/name.git",
"ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"http_url": "https://gitlab.com/group/name.git"
},
"repository": {
"name": "name",
"url": "ssh://git@gitlab:2222/group/name.git",
"url": "ssh://git@gitlab.com:2222/group/name.git",
"description": "",
"homepage": "https://gitlab.com/group/name",
"git_http_url": "https://gitlab.com/group/name.git",
"git_ssh_url": "ssh://git@gitlab:2222/group/name.git",
"git_ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"visibility_level": 10
},
"object_attributes": {
Expand Down Expand Up @@ -60,31 +60,31 @@
"description": "Aut reprehenderit ut est.",
"web_url": "https://gitlab.com/group/name",
"avatar_url": null,
"git_ssh_url": "ssh://git@gitlab:2222/group/name.git",
"git_ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"git_http_url": "https://gitlab.com/group/name.git",
"namespace": "Awesome Space",
"visibility_level": 20,
"path_with_namespace": "group/name",
"default_branch": "master",
"homepage": "https://gitlab.com/group/name",
"url": "https://gitlab.com/group/name.git",
"ssh_url": "ssh://git@gitlab:2222/group/name.git",
"ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"http_url": "https://gitlab.com/group/name.git"
},
"target": {
"name": "Awesome Project",
"description": "Aut reprehenderit ut est.",
"web_url": "https://gitlab.com/group/name",
"avatar_url": null,
"git_ssh_url": "ssh://git@gitlab:2222/group/name.git",
"git_ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"git_http_url": "https://gitlab.com/group/name.git",
"namespace": "Awesome Space",
"visibility_level": 20,
"path_with_namespace": "group/name",
"default_branch": "master",
"homepage": "https://gitlab.com/group/name",
"url": "https://gitlab.com/group/name.git",
"ssh_url": "ssh://git@gitlab:2222/group/name.git",
"ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"http_url": "https://gitlab.com/group/name.git"
},
"last_commit": {
Expand Down
16 changes: 2 additions & 14 deletions applicationset/webhook/webhook.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -217,13 +217,7 @@ func getGitGeneratorInfo(payload any) *gitGeneratorInfo {
}

log.Infof("Received push event repo: %s, revision: %s, touchedHead: %v", webURL, revision, touchedHead)
urlObj, err := url.Parse(webURL)
if err != nil {
log.Errorf("Failed to parse repoURL '%s'", webURL)
return nil
}
regexpStr := `(?i)(http://|https://|\w+@|ssh://(\w+@)?)` + urlObj.Hostname() + "(:[0-9]+|)[:/]" + urlObj.Path[1:] + "(\\.git)?$"
repoRegexp, err := regexp.Compile(regexpStr)
repoRegexp, err := webhook.GetWebUrlRegex(webURL)
if err != nil {
log.Errorf("Failed to compile regexp for repoURL '%s'", webURL)
return nil
Expand All @@ -245,13 +239,7 @@ func getPRGeneratorInfo(payload any) *prGeneratorInfo {
}

apiURL := payload.Repository.URL
urlObj, err := url.Parse(apiURL)
if err != nil {
log.Errorf("Failed to parse repoURL '%s'", apiURL)
return nil
}
regexpStr := `(?i)(http://|https://|\w+@|ssh://(\w+@)?)` + urlObj.Hostname() + "(:[0-9]+|)[:/]"
apiRegexp, err := regexp.Compile(regexpStr)
apiRegexp, err := webhook.GetApiUrlRegex(apiURL)
if err != nil {
log.Errorf("Failed to compile regexp for repoURL '%s'", apiURL)
return nil
Expand Down
20 changes: 12 additions & 8 deletions applicationset/webhook/webhook_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ func TestWebhookHandler(t *testing.T) {
headerKey: "X-GitHub-Event",
headerValue: "push",
payloadFile: "github-commit-event.json",
effectedAppSets: []string{"git-github", "matrix-git-github", "merge-git-github", "matrix-scm-git-github", "matrix-nested-git-github", "merge-nested-git-github", "plugin", "matrix-pull-request-github-plugin"},
effectedAppSets: []string{"git-github", "git-github-ssh", "git-github-alt-ssh", "matrix-git-github", "merge-git-github", "matrix-scm-git-github", "matrix-nested-git-github", "merge-nested-git-github", "plugin", "matrix-pull-request-github-plugin"},
expectedStatusCode: http.StatusOK,
expectedRefresh: true,
},
Expand All @@ -81,7 +81,7 @@ func TestWebhookHandler(t *testing.T) {
headerKey: "X-GitHub-Event",
headerValue: "push",
payloadFile: "github-commit-branch-event.json",
effectedAppSets: []string{"git-github", "plugin", "matrix-pull-request-github-plugin"},
effectedAppSets: []string{"git-github", "git-github-ssh", "git-github-alt-ssh", "plugin", "matrix-pull-request-github-plugin"},
expectedStatusCode: http.StatusOK,
expectedRefresh: true,
},
Expand All @@ -90,7 +90,7 @@ func TestWebhookHandler(t *testing.T) {
headerKey: "X-GitHub-Event",
headerValue: "ping",
payloadFile: "github-ping-event.json",
effectedAppSets: []string{"git-github", "plugin"},
effectedAppSets: []string{"git-github", "git-github-ssh", "git-github-alt-ssh", "plugin"},
expectedStatusCode: http.StatusOK,
expectedRefresh: false,
},
Expand All @@ -99,7 +99,7 @@ func TestWebhookHandler(t *testing.T) {
headerKey: "X-Gitlab-Event",
headerValue: "Push Hook",
payloadFile: "gitlab-event.json",
effectedAppSets: []string{"git-gitlab", "plugin", "matrix-pull-request-github-plugin"},
effectedAppSets: []string{"git-gitlab", "git-gitlab-ssh", "git-gitlab-alt-ssh", "plugin", "matrix-pull-request-github-plugin"},
expectedStatusCode: http.StatusOK,
expectedRefresh: true,
},
Expand All @@ -108,7 +108,7 @@ func TestWebhookHandler(t *testing.T) {
headerKey: "X-Gitlab-Event",
headerValue: "System Hook",
payloadFile: "gitlab-event.json",
effectedAppSets: []string{"git-gitlab", "plugin", "matrix-pull-request-github-plugin"},
effectedAppSets: []string{"git-gitlab", "git-gitlab-ssh", "git-gitlab-alt-ssh", "plugin", "matrix-pull-request-github-plugin"},
expectedStatusCode: http.StatusOK,
expectedRefresh: true,
},
Expand All @@ -117,7 +117,7 @@ func TestWebhookHandler(t *testing.T) {
headerKey: "X-Random-Event",
headerValue: "Push Hook",
payloadFile: "gitlab-event.json",
effectedAppSets: []string{"git-gitlab", "plugin"},
effectedAppSets: []string{"git-gitlab", "git-gitlab-ssh", "git-gitlab-alt-ssh", "plugin"},
expectedStatusCode: http.StatusBadRequest,
expectedRefresh: false,
},
Expand All @@ -126,7 +126,7 @@ func TestWebhookHandler(t *testing.T) {
headerKey: "X-Random-Event",
headerValue: "Push Hook",
payloadFile: "invalid-event.json",
effectedAppSets: []string{"git-gitlab", "plugin"},
effectedAppSets: []string{"git-gitlab", "git-gitlab-ssh", "git-gitlab-alt-ssh", "plugin"},
expectedStatusCode: http.StatusBadRequest,
expectedRefresh: false,
},
Expand Down Expand Up @@ -209,7 +209,11 @@ func TestWebhookHandler(t *testing.T) {
fc := fake.NewClientBuilder().WithScheme(scheme).WithObjects(
fakeAppWithGitGenerator("git-github", namespace, "https://github.com/org/repo"),
fakeAppWithGitGenerator("git-github-copy", namespace, "https://github.com/org/repo-copy"),
fakeAppWithGitGenerator("git-gitlab", namespace, "https://gitlab/group/name"),
fakeAppWithGitGenerator("git-github-ssh", namespace, "ssh://[email protected]/org/repo"),
fakeAppWithGitGenerator("git-github-alt-ssh", namespace, "ssh://[email protected]:443/org/repo"),
fakeAppWithGitGenerator("git-gitlab", namespace, "https://gitlab.com/group/name"),
fakeAppWithGitGenerator("git-gitlab-ssh", namespace, "ssh://[email protected]/group/name"),
fakeAppWithGitGenerator("git-gitlab-alt-ssh", namespace, "ssh://[email protected]:443/group/name"),
fakeAppWithGitGenerator("git-azure-devops", namespace, "https://dev.azure.com/fabrikam-fiber-inc/DefaultCollection/_git/Fabrikam-Fiber-Git"),
fakeAppWithGitGeneratorWithRevision("github-shorthand", namespace, "https://github.com/org/repo", "env/dev"),
fakeAppWithGithubPullRequestGenerator("pull-request-github", namespace, "CodErTOcat", "Hello-World"),
Expand Down
24 changes: 12 additions & 12 deletions util/webhook/testdata/gitlab-event.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,26 +16,26 @@
"id": 1,
"name": "project",
"description": "",
"web_url": "https://gitlab/group/name",
"web_url": "https://gitlab.com/group/name",
"avatar_url": null,
"git_ssh_url": "ssh://git@gitlab:2222/group/name.git",
"git_http_url": "https://gitlab/group/name.git",
"git_ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"git_http_url": "https://gitlab.com/group/name.git",
"namespace": "group",
"visibility_level": 1,
"path_with_namespace": "group/name",
"default_branch": "master",
"ci_config_path": null,
"homepage": "https://gitlab/group/name",
"url": "ssh://git@gitlab:2222/group/name.git",
"ssh_url": "ssh://git@gitlab:2222/group/name.git",
"http_url": "https://gitlab/group/name.git"
"homepage": "https://gitlab.com/group/name",
"url": "ssh://git@gitlab.com:2222/group/name.git",
"ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"http_url": "https://gitlab.com/group/name.git"
},
"commits": [
{
"id": "bb0748feaa336d841c251017e4e374c22d0c8a98",
"message": "Test commit message\n",
"timestamp": "2020-01-06T03:47:55Z",
"url": "https://gitlab/group/name/commit/bb0748feaa336d841c251017e4e374c22d0c8a98",
"url": "https://gitlab.com/group/name/commit/bb0748feaa336d841c251017e4e374c22d0c8a98",
"author": {
"name": "User",
"email": "[email protected]"
Expand All @@ -55,11 +55,11 @@
},
"repository": {
"name": "name",
"url": "ssh://git@gitlab:2222/group/name.git",
"url": "ssh://git@gitlab.com:2222/group/name.git",
"description": "",
"homepage": "https://gitlab/group/name",
"git_http_url": "https://gitlab/group/name.git",
"git_ssh_url": "ssh://git@gitlab:2222/group/name.git",
"homepage": "https://gitlab.com/group/name",
"git_http_url": "https://gitlab.com/group/name.git",
"git_ssh_url": "ssh://git@gitlab.com:2222/group/name.git",
"visibility_level": 10
}
}
Loading
Loading