Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: change clone URL check for gitlab to account for possible subpath #5177

Open
wants to merge 11 commits into
base: main
Choose a base branch
from
Open

fix: change clone URL check for gitlab to account for possible subpath #5177

wants to merge 11 commits into from
+29 −2

Conversation

philslab-ninja
Copy link

what

This change allows GitLab URLs that include a subpath in the hostname while maintaining the security checks for repository path validation. The validation will pass as long as the full URL path ends with the expected repository path, which accommodates the case where ATLANTIS_GITLAB_HOSTNAME includes a path component.

why

In one of my projects github enterprise unfortunately was setup with a basepath (like git.acme.com/gitlab). Setting ATLANTIS_GITLAB_HOSTNAME to git.acme.com/gitlab results in an error like:

expected clone url to have path "/path/to/repo.git" but had "/gitlab/path/to/repo.git"

tests

  • I have tested my changes by building and using the application with the changed behaviour

references

closes #1450

@philslab-ninja philslab-ninja requested review from a team as code owners December 17, 2024 13:05
@philslab-ninja philslab-ninja requested review from GenPage, lukemassa and nitrocode and removed request for a team December 17, 2024 13:05
@github-actions github-actions bot added the go Pull requests that update Go code label Dec 17, 2024
@dosubot dosubot bot added bug Something isn't working provider/gitlab labels Dec 17, 2024
@jamengual jamengual added the waiting-on-review Waiting for a review from a maintainer label Dec 31, 2024
chenrui333
chenrui333 previously approved these changes Dec 31, 2024
View reviewed changes
Copy link
Member

@chenrui333 chenrui333 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

make sense, can you add a test for it?

@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Dec 31, 2024
@jamengual jamengual added waiting-on-response Waiting for a response from the user and removed waiting-on-review Waiting for a review from a maintainer labels Dec 31, 2024
@philslab-ninja
Copy link
Author

philslab-ninja commented Jan 17, 2025
edited
Loading

make sense, can you add a test for it?

Hi @chenrui333 - thanks for your review and apololgies for taking so long. I have now added a test for the new functionality

X-Guardian
X-Guardian requested changes Jan 25, 2025
View reviewed changes
server/events/models/models.go
if vcsHostType == Gitlab {
// For GitLab, we need to check if the path ends with our expected path
// This handles cases where GitLab is hosted at a subpath (e.g., acme.com/gitlab)
if !strings.HasSuffix(cloneURLParsed.Path, expClonePath) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is now not checking that the hostname is as expected, so needs adding as a second check. A test also needs adding for this scenario.

@dosubot dosubot bot removed the lgtm This PR has been approved by a maintainer label Jan 25, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@X-Guardian X-Guardian X-Guardian requested changes

@chenrui333 chenrui333 chenrui333 left review comments

@GenPage GenPage Awaiting requested review from GenPage GenPage is a code owner automatically assigned from runatlantis/maintainers

@lukemassa lukemassa Awaiting requested review from lukemassa lukemassa is a code owner automatically assigned from runatlantis/core-contributors

@nitrocode nitrocode Awaiting requested review from nitrocode nitrocode is a code owner automatically assigned from runatlantis/core-contributors

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
bug Something isn't working go Pull requests that update Go code provider/gitlab waiting-on-response Waiting for a response from the user
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Atlantis doesn't work when Gitlab is installed under a relative URL
4 participants
@philslab-ninja @chenrui333 @X-Guardian @jamengual