Iteration on parseHostSpec refactor

[KnVerey]

@annasong20 this iterates on your great work in #4932. I find this code difficult to wrap my head around without diving in and working with it (hopefully we're now fixing that step by step!). Feel free to review this PR or to cherry-pick my commit onto your branch (in which case we can continue on #4932), whatever is easier for you. I have more ideas for RepoSpec, but I'll make follow-up PRs for them. This attempts to keep the same scope as your PR (additional test cases aside).

Functional changes:

• Emit a deprecation warning when we strip the git:: prefix. This prefix originally signalled (to go-getter) that the git protocol should be used rather than whatever would be used by default based on the rest of the URL. However, Kustomize has been stripping it unconditionally since v2.0. So Kustomize has long since not being doing what the user intended.
• Drop support for the gh: prefix. We were unable to find any basis for this (it is not part of the protocol, nor any other standard), nor any usage at all in public Kustomization files. We believe it may have been targeting someone's custom gitconfig shorthand syntax.

Part of #4866
Fixes #4847

/cc @annasong20 @natasha41575

[k8s-ci-robot]

@KnVerey: This PR has multiple commits, and the default merge method is: merge.
You can request commits to be squashed using the label: tide/merge-method-squash

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: KnVerey

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [KnVerey]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[natasha41575]

I think it is not always immediately obvious how n is changing throughout this code, so some communication that parts of n are being removed as we parse through it may be helpful. Wydt about renaming this to trimUsername (and renaming the above parseScheme to trimScheme)?

[KnVerey]

I like that a lot!

[KnVerey]

Looking through the existing occurrences of Trim[Thing] in this file, I think we have three operations we can distinguish:

• TrimThing(input string)(rest string) (or TrimThing(input string)(rest string, trimmed bool)) -- "trim" is used for this in stdlib functions too, like strings.TrimPrefix, which also removes a known quantity and returns the result (not the thing being trimmed)
• ParseThing(input string)(thing string) -- returns the target without reference to the remainder of the input
• ??Thing(input string)(thing string, rest string) <-- this case. Since "trim" usually removes the thing in question without returning it, I'm leaning towards a third verb here. I'm thinking "extract" but I'm not set on it.

[natasha41575]

Extract sgtm!

[KnVerey]

One changed code path is that gh: could previously end up here, so gh:github.com/org/repo/foo would get normalized... but that's non-sensical based on Anna's comment that gh: is assumed to be a gitconfig shorthand that gets swapped for the github URL, right? (same with file://, which is definitely non-sensical)

[annasong20]

I wrote that comment to the best of my knowledge. I couldn't find any official documentation for gh: on the internet, other than Github CLI. I also tried looking at code history to no avail. The only sites it popped up on denoted a .gitconfig shorthand: https://gist.github.com/lauhakari/a48a94b60dc66f6c84e2#file-gitconfig-L143

[KnVerey]

Oh, I see. What a mystery! I tried looking at the original PR too, and it doesn't help much... but it definitely shows the "url" is expected to look like gh:org/repo. So I think it is reasonable to consider gh:github.com non-sensical.

Alternatively, maybe we can remove support for this. Your research indicates this is not a standard, and we do not have it documented anywhere. Furthermore, I don't see ANY usage of it in public Kustomizations on Github: https://github.com/search?q=%22gh%22+filename%3AKustomization.yaml&type=Code&ref=advsearch&l=&l=.

[annasong20]

Would be down to remove it.

[KnVerey]

Done

[annasong20]

The code paths are so easy to read! Please feel free to ignore the nits.

[annasong20]

There's a small chance that the url will contain ://, but not to denote the scheme. According to RFC 3986, uri paths can contain :. The // could be delimit the path inside the repo or maybe it's an empty path segment.

[KnVerey]

Hmm, that's a good point. This was previously handled by gating all the path parsing blocks on having already parsed a recognized scheme. I'll try validating the username+scheme combo ahead of this function so that it won't need this weird check.

[annasong20]

Should we change this to scheme == "" && username != ""?

1. If scheme is ssh:// and username is gitUsername, we'd be wrongly passing true.
2. If we decide to allow other usernames, we'd be wrongly passing false.

nit: Maybe we could define an isSCP variable in extractHost? Then, we could pass it to functions like normalizedGithubHost, findPathSeparator, and validHostSpecParsed. This would help limit references to gitUsername in helper functions for when we generalize allowed usernames.

[annasong20]

nit: Could we change this comment to a non-github example since github urls would have been already been returned by the normalizedGithubHost code path?

[annasong20]

Concern for future PR: I find normalizeGitHostSpec hard to reason about because it checks for target strings out of context (with strings.Contains). For example, the repo url ssh://[email protected]:443/YOUR-USERNAME/YOUR-REPOSITORY.git with the following use case: https://docs.github.com/en/authentication/troubleshooting-ssh/using-ssh-over-the-https-port

would be normalized to [email protected]:YOUR-USERNAME/YOUR-REPOSITORY.git, which might come as a surprise to the user.

Maybe we could reuse some of the logic in the existing extractHost to replace the call to normalizeGitHostSpec in parseGitURL.

At the very least, I'm glad we no longer use this function in extractHost.

[KnVerey]

Yeah, my next PR is getting rid of this entirely in favour of handling all host parsing with extractHost! That's a great example of changed behaviour in this PR though, and I added it as a test.

[KnVerey]

Running this on master shows that the current result is even worse than you thought. Here's what passes there:

		{
			name:      "complex github ssh url from docs",
			input:     "ssh://[email protected]:443/YOUR-USERNAME/YOUR-REPOSITORY.git",
			cloneSpec: "ssh://[email protected]",
			absPath:   notCloned.String(),
			repoSpec: RepoSpec{
				Host:      "ssh://git@",
				OrgRepo:   "ssh",
				Path:      "",
				GitSuffix: ".git",
			},
		},

Totally mangled clonespec!

[annasong20]

Future PR: Maybe we could check that delimiters like .git are succeeded by a /: https://github.com/kubernetes-sigs/kustomize/blob/master/api/internal/git/repospec.go#L136? I believe this test case reveals that we're looking for such delimiters out of context.

[KnVerey]

These two cases have slightly different parsing results on master. Basically a slash moves. But the clonespec stays the same, and git will reject it anyway, so I don't think this matters a ton.

		{
			name:      "unsupported protocol after username",
			input:     "git@scp://github.com/org/repo.git//path",
			cloneSpec: "git@scp://github.com/org/repo.git",
			absPath:   notCloned.Join("path"),
			repoSpec: RepoSpec{
				Host:      "git@scp:/",
				OrgRepo:   "/github.com/org/repo",
				Path:      "/path",
				GitSuffix: ".git",
			},
		},
		{
			name:      "supported protocol after username",
			input:     "git@ssh://github.com/org/repo.git//path",
			cloneSpec: "git@ssh://github.com/org/repo.git",
			absPath:   notCloned.Join("path"),
			repoSpec: RepoSpec{
				Host:      "git@ssh:/",
				OrgRepo:   "/github.com/org/repo",
				Path:      "/path",
				GitSuffix: ".git",
			},
		},

[annasong20]

Not request for change: This test case made me ponder the prioritization of delimiters in parseGitURL. Currently, we always prioritize .git over //. Given that we advertise // as the repo path delimiter, we could alternatively look for .git, only if it isn't preceded by //. Otherwise, we could also document the .git delimiter more clearly in https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md.

Regardless, this'd be work for a future PR.

[KnVerey]

Yes, my next PR is tackling parseGitURL, so I'll consider this then.

[KnVerey]

Note that all three of these would be accepted on master, so the errors here are a behaviour change. I'm not 100% sure about this yet; will ponder more before we merge.

[annasong20]

If it helps, I believe file git urls are technically allowed to have @ in their repo paths.

[KnVerey]

Good point. I updated the code and tests to allow it. As commented elsewhere, I also decided against this validation more generally.

[KnVerey]

Thank you for the excellent feedback @annasong20 . I've made some moderate changes in response. PTAL.

[KnVerey]

Idea: we could deprecate this behaviour by printing a warning here now. It's probably not harmful, but technically speaking, the user is requesting that the git protocol be forced, and we're not doing it.

[annasong20]

I like this idea!

[KnVerey]

Updated

[annasong20]

Really just 1 request for change. Sorry I didn't catch it the 1st round.

Everything else looks great!

[annasong20]

Can we return -1 as the index otherwise? SCP-like urls don't accept / as a separator even if there isn't a : (not preceded by a /). git fetch will fail for such a case.

The error message here: https://github.com/kubernetes-sigs/kustomize/pull/4954/files#diff-2a7284bc651dfb0465d49f2270ed590fce191d14bba769751e4d16d9184a198cR97 should be url lacks host.

This change will require some accompanying changes in extractHost for github.com/path/to/repo.git to pass.

[KnVerey]

When thinking about this and the question of whether to throw an error on http(s)+username, I came back to this question: what is the point of all this parsing code? In the end, we have a URL that we're going to pass to git, and it will throw an error. Why don't we always let it do its job?

I wasn't here for the original authorship, but my answer would be: because we support some invalid formats (e.g. the git:: prefix we strip, github URLs we "fix") and the URLs we are given ultimately point to a Kustomization root, whereas git needs the repo root. So the point is to identify the repo root, i.e the clonespec, and to fix any oddities we specifically allow for historical reasons.

That led me to conclude that we should only throw errors in this code when the anomaly prevents us from achieving those two goals. When we are able to parse the intended clone spec (valid or not), we should do so, and let git throw the error (if any).

With that in mind, I think it is clear that the http(s)+username case should be allowed to fall through to git, and I've restored that behaviour. I think that is also true for the case you're highlighting here: we've found a schemeless, non-Github url that starts with a username and is missing the colon that should delimit the host. The following test passes on master, and currently on this branch:

		{
			name:      "non-github_scp incorrectly using slash (invalid but currently passed through to git)",
			input:     "[email protected]/company/project.git//path?ref=branch",
			cloneSpec: "[email protected]/company/project.git",
			absPath:   notCloned.Join("path"),
			repoSpec: RepoSpec{
				Host:         "[email protected]/",
				RepoPath:     "company/project",
				KustRootPath: "/path",
				Ref:          "branch",
				GitSuffix:    ".git",
			},
		},

I think we should continue to let it pass though.

After reading the above, do you agree? Are there other cases to consider around SCP-like with missing colons?

[annasong20]

Yes, this makes sense! Thank you for writing such a great explanation!

[annasong20]

I initially hoped looking for : before / would decrease our chances of mistaking a relative local file path that contains an @ in the first directory for a repo url, but I realized that users can prefix such file paths with . to look like ./path.

[KnVerey]

True, and also the "a relative local file path that contains an @ in the first directory" scenario is likely vanishingly rare, so I'm not too worried.

[annasong20]

Thanks for removing this!

[annasong20]

If it helps, I believe file git urls are technically allowed to have @ in their repo paths.

[annasong20]

Can we move this into TestNewRepoSpecFromUrl_Smoke? This test originally checked that extractHost failed on not being able to find a host delimiter because : is behind a /. Now that we use / as the delimiter instead, this test no longer makes sense.

If we still want to document the behavior that we only detect :s not preceded by /, the TestNewRepoSpecFromUrl_Smoke test would look something like this:

		{
			name:      "colon behind slash not scp delimiter",
			input:     "[email protected]/user:name/YOUR-REPOSITORY.git",
			cloneSpec: "[email protected]",
			absPath:   notCloned.String(),
			repoSpec: RepoSpec{
				Host:      "[email protected]/",
				OrgRepo:   "user:name/YOUR-REPOSITORY",
				Path:      "",
				GitSuffix: ".git",
			},
		},

[KnVerey]

Agreed, that's much better! Updated.

[annasong20]

/lgtm

This is awesome, @KnVerey!

[KnVerey]

🎉 thank you for the diligent reviews @annasong20 !