From 314abb1deb0fa22784a44d7d0b4614615d8649ce Mon Sep 17 00:00:00 2001 From: Guillaume Smet Date: Thu, 12 Dec 2024 13:25:12 +0100 Subject: [PATCH] Sanitize remote URL in Info extension This is a follow-up of #44965. --- .../io/quarkus/info/deployment/GitUtil.java | 30 +++++++++++++++++++ .../info/deployment/InfoProcessor.java | 3 +- .../quarkus/info/deployment/GitUtilTest.java | 26 ++++++++++++++++ 3 files changed, 58 insertions(+), 1 deletion(-) create mode 100644 extensions/info/deployment/src/main/java/io/quarkus/info/deployment/GitUtil.java create mode 100644 extensions/info/deployment/src/test/java/io/quarkus/info/deployment/GitUtilTest.java diff --git a/extensions/info/deployment/src/main/java/io/quarkus/info/deployment/GitUtil.java b/extensions/info/deployment/src/main/java/io/quarkus/info/deployment/GitUtil.java new file mode 100644 index 0000000000000..e6aa16603a5a3 --- /dev/null +++ b/extensions/info/deployment/src/main/java/io/quarkus/info/deployment/GitUtil.java @@ -0,0 +1,30 @@ +package io.quarkus.info.deployment; + +class GitUtil { + + static String sanitizeRemoteUrl(String remoteUrl) { + if (remoteUrl == null || remoteUrl.isBlank()) { + return null; + } + + String sanitizedRemoteUrl = remoteUrl.trim(); + if (sanitizedRemoteUrl.startsWith("https://")) { + int atSign = sanitizedRemoteUrl.indexOf('@'); + if (atSign > 0) { + sanitizedRemoteUrl = "https://" + sanitizedRemoteUrl.substring(atSign + 1); + } + } else if (sanitizedRemoteUrl.startsWith("http://")) { + int atSign = sanitizedRemoteUrl.indexOf('@'); + if (atSign > 0) { + sanitizedRemoteUrl = "http://" + sanitizedRemoteUrl.substring(atSign + 1); + } + } else { + int atSign = sanitizedRemoteUrl.indexOf('@'); + if (atSign > 0) { + sanitizedRemoteUrl = sanitizedRemoteUrl.substring(atSign + 1); + } + } + + return sanitizedRemoteUrl; + } +} diff --git a/extensions/info/deployment/src/main/java/io/quarkus/info/deployment/InfoProcessor.java b/extensions/info/deployment/src/main/java/io/quarkus/info/deployment/InfoProcessor.java index 1cafa5308a418..27e76b1996431 100644 --- a/extensions/info/deployment/src/main/java/io/quarkus/info/deployment/InfoProcessor.java +++ b/extensions/info/deployment/src/main/java/io/quarkus/info/deployment/InfoProcessor.java @@ -112,7 +112,8 @@ void gitInfo(InfoBuildTimeConfig config, commit.put("id", id); - data.put("remote", git.getRepository().getConfig().getString("remote", "origin", "url")); + data.put("remote", + GitUtil.sanitizeRemoteUrl(git.getRepository().getConfig().getString("remote", "origin", "url"))); data.put("tags", getTags(git, latestCommit)); } diff --git a/extensions/info/deployment/src/test/java/io/quarkus/info/deployment/GitUtilTest.java b/extensions/info/deployment/src/test/java/io/quarkus/info/deployment/GitUtilTest.java new file mode 100644 index 0000000000000..bdab391a44ce8 --- /dev/null +++ b/extensions/info/deployment/src/test/java/io/quarkus/info/deployment/GitUtilTest.java @@ -0,0 +1,26 @@ +package io.quarkus.info.deployment; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertNull; + +import org.junit.jupiter.api.Test; + +public class GitUtilTest { + + @Test + public void testSanitizeRemoteUrl() { + assertNull(GitUtil.sanitizeRemoteUrl(null)); + assertNull(GitUtil.sanitizeRemoteUrl("")); + assertNull(GitUtil.sanitizeRemoteUrl(" ")); + assertEquals("github.com:gsmet/quarkusio.github.io.git", + GitUtil.sanitizeRemoteUrl("git@github.com:gsmet/quarkusio.github.io.git")); + assertEquals("github.com:gsmet/quarkusio.github.io.git", + GitUtil.sanitizeRemoteUrl(" git@github.com:gsmet/quarkusio.github.io.git ")); + assertEquals("https://github.com/gsmet/quarkusio.github.io.git", + GitUtil.sanitizeRemoteUrl("https://github.com/gsmet/quarkusio.github.io.git")); + assertEquals("https://github.com/gsmet/quarkusio.github.io.git", + GitUtil.sanitizeRemoteUrl("https://gsmet:password@github.com/gsmet/quarkusio.github.io.git")); + assertEquals("http://github.com/gsmet/quarkusio.github.io.git", + GitUtil.sanitizeRemoteUrl("http://gsmet:password@github.com/gsmet/quarkusio.github.io.git")); + } +}