Skip to content

Commit 02da027

Browse files
mergify[bot]tanmoysrt
mergify[bot]
and
tanmoysrt
authored
fix: delete .git folder after cloning app's git repo (#1064) (#1065)
* fix: delete .git folder after cloning app's git repo * feat: log the error msg of .git folder deletion failure (cherry picked from commit 9103907) Co-authored-by: Tanmoy Sarkar <57363826+tanmoysrt@users.noreply.github.com>
1 parent 813c553 commit 02da027

File tree

1 file changed

+15
-5
lines changed

1 file changed

+15
-5
lines changed

swiftwave_service/worker/process_application_build_request.go

Lines changed: 15 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -4,16 +4,17 @@ import (
44
"context"
55
"encoding/json"
66
"errors"
7+
"log"
8+
"os"
9+
"path/filepath"
10+
711
"github.com/google/uuid"
812
containermanger "github.com/swiftwave-org/swiftwave/container_manager"
913
dockerconfiggenerator "github.com/swiftwave-org/swiftwave/docker_config_generator"
1014
gitmanager "github.com/swiftwave-org/swiftwave/git_manager"
1115
"github.com/swiftwave-org/swiftwave/pubsub"
1216
"github.com/swiftwave-org/swiftwave/swiftwave_service/core"
1317
"gorm.io/gorm"
14-
"log"
15-
"os"
16-
"path/filepath"
1718
)
1819

1920
func (m Manager) BuildApplication(request BuildApplicationRequest, ctx context.Context, cancelContext context.CancelFunc) error {
@@ -176,6 +177,15 @@ func (m Manager) buildApplicationForGit(deployment *core.Deployment, db gorm.DB,
176177
addPersistentDeploymentLog(dbWithoutTx, pubSubClient, deployment.ID, "Reason > "+err.Error()+"\n", true)
177178
return err
178179
}
180+
// delete .git folder after cloning
181+
// -- can be security risk for html based apps
182+
// -- if nginx is running inside container, that can expose the .git folder to public
183+
gitFolder := filepath.Join(tempDirectory, ".git")
184+
err = os.RemoveAll(gitFolder)
185+
if err != nil {
186+
addPersistentDeploymentLog(dbWithoutTx, pubSubClient, deployment.ID, "Failed to delete the .git folder of cloned repository\n", false)
187+
addPersistentDeploymentLog(dbWithoutTx, pubSubClient, deployment.ID, "Reason > "+err.Error()+"\n", false)
188+
}
179189
addPersistentDeploymentLog(dbWithoutTx, pubSubClient, deployment.ID, "Cloned git repository successfully\n", false)
180190
addPersistentDeploymentLog(dbWithoutTx, pubSubClient, deployment.ID, "Commit message > "+commitMessage+"\n", false)
181191
addPersistentDeploymentLog(dbWithoutTx, pubSubClient, deployment.ID, "Commit hash > "+commitHash+"\n", false)
@@ -196,7 +206,7 @@ func (m Manager) buildApplicationForGit(deployment *core.Deployment, db gorm.DB,
196206
if err != nil {
197207
return err
198208
}
199-
var buildArgsMap = make(map[string]string)
209+
buildArgsMap := make(map[string]string)
200210
for _, buildArg := range buildArgs {
201211
buildArgsMap[buildArg.Key] = buildArg.Value
202212
}
@@ -272,7 +282,7 @@ func (m Manager) buildApplicationForTarball(deployment *core.Deployment, db gorm
272282
if err != nil {
273283
return err
274284
}
275-
var buildArgsMap = make(map[string]string)
285+
buildArgsMap := make(map[string]string)
276286
for _, buildArg := range buildArgs {
277287
buildArgsMap[buildArg.Key] = buildArg.Value
278288
}

0 commit comments

Comments
 (0)