ebb0a9b939
A recent git security update disabled the file transport by default, see https://github.blog/2022-10-18-git-security-vulnerabilities-announced/#cve-2022-39253 We can pick an upstream patch which needed to be rebased unfortunately, so we can't fetch it directly from GitHub.
51 lines
2 KiB
Diff
51 lines
2 KiB
Diff
commit e9219b88de5ed37af337ee2d2e71e7ec7c0aad1b
|
|
Author: Robbert van Ginkel <rvanginkel@buf.build>
|
|
Date: Thu Oct 20 16:43:28 2022 -0400
|
|
|
|
Fix git unit test by using fake git server rather than file:// (#1518)
|
|
|
|
More recent versions of git fix a CVE by disabling some usage of the
|
|
`file://` transport, see
|
|
https://github.blog/2022-10-18-git-security-vulnerabilities-announced/#cve-2022-39253.
|
|
We were using this transport in tests.
|
|
|
|
Instead, use https://git-scm.com/docs/git-http-backend to serve up this
|
|
repository locally so we don't have to use the file protocol. This
|
|
should be a more accurate tests, since we mostly expect submodules to
|
|
come from servers.
|
|
|
|
diff --git a/private/pkg/git/git_test.go b/private/pkg/git/git_test.go
|
|
index 7b77b6cd..7132054e 100644
|
|
--- a/private/pkg/git/git_test.go
|
|
+++ b/private/pkg/git/git_test.go
|
|
@@ -17,6 +17,8 @@ package git
|
|
import (
|
|
"context"
|
|
"errors"
|
|
+ "net/http/cgi"
|
|
+ "net/http/httptest"
|
|
"os"
|
|
"os/exec"
|
|
"path/filepath"
|
|
@@ -213,6 +215,21 @@ func createGitDirs(
|
|
runCommand(ctx, t, container, runner, "git", "-C", submodulePath, "add", "test.proto")
|
|
runCommand(ctx, t, container, runner, "git", "-C", submodulePath, "commit", "-m", "commit 0")
|
|
|
|
+ gitExecPath, err := command.RunStdout(ctx, container, runner, "git", "--exec-path")
|
|
+ require.NoError(t, err)
|
|
+ t.Log(filepath.Join(string(gitExecPath), "git-http-backend"))
|
|
+ // https://git-scm.com/docs/git-http-backend#_description
|
|
+ f, err := os.Create(filepath.Join(submodulePath, ".git", "git-daemon-export-ok"))
|
|
+ require.NoError(t, err)
|
|
+ require.NoError(t, f.Close())
|
|
+ server := httptest.NewServer(&cgi.Handler{
|
|
+ Path: filepath.Join(strings.TrimSpace(string(gitExecPath)), "git-http-backend"),
|
|
+ Dir: submodulePath,
|
|
+ Env: []string{"GIT_PROJECT_ROOT=" + submodulePath},
|
|
+ })
|
|
+ t.Cleanup(server.Close)
|
|
+ submodulePath = server.URL
|
|
+
|
|
originPath := filepath.Join(tmpDir, "origin")
|
|
require.NoError(t, os.MkdirAll(originPath, 0777))
|
|
runCommand(ctx, t, container, runner, "git", "-C", originPath, "init")
|