Skip to content

Commit

Permalink
Add payload validation for repository clone url
Browse files Browse the repository at this point in the history 
added payload validation for repository clone url
because clone url is crucial in a pipelinerun.

Signed-off-by: Zaki Shaikh <zashaikh@redhat.com>
  • Loading branch information
@zakisk @chmouel
zakisk authored and chmouel committed Nov 1, 2024
1 parent e2ea074 commit 7c3584b
Show file tree
Hide file tree
Showing 3 changed files with 103 additions and 0 deletions.
7 changes: 7 additions & 0 deletions pkg/provider/bitbucketserver/parse_payload.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,13 @@ func checkValidPayload(e *types.PullRequestEvent) error {
if e.PullRequest.FromRef.Repository.Links == nil || len(e.PullRequest.FromRef.Repository.Links.Self) == 0 {
return fmt.Errorf("bitbucket fromRef repository links are nil or empty")
}
if len(e.PullRequest.ToRef.Repository.Links.Clone) == 0 {
return fmt.Errorf("bitbucket toRef repository clone links are empty")
}
if len(e.PullRequest.FromRef.Repository.Links.Clone) == 0 {
return fmt.Errorf("bitbucket fromRef repository clone links are empty")
}

if e.Actor.ID == 0 {
return fmt.Errorf("bitbucket actor ID is zero")
}
Expand Down
95 changes: 95 additions & 0 deletions pkg/provider/bitbucketserver/parse_payload_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -347,6 +347,101 @@ func TestCheckValidPayload(t *testing.T) {
},
wantErrString: "bitbucket fromRef repository links are nil or empty",
},
{
name: "empty toRef repository clone links",
payloadEvent: types.PullRequestEvent{
PullRequest: bbv1.PullRequest{
ToRef: bbv1.PullRequestRef{
Repository: bbv1.Repository{
Links: &struct {
Clone []bbv1.CloneLink `json:"clone,omitempty"`
Self []bbv1.SelfLink `json:"self,omitempty"`
}{
Self: []bbv1.SelfLink{{Href: "http://example.com"}},
},
Name: "repo",
Project: &bbv1.Project{
Key: "PROJ",

Links: bbv1.Links{
Self: []bbv1.SelfLink{{Href: "http://example.com"}},
},
},
},
DisplayID: "main",
LatestCommit: "abcd",
},
FromRef: bbv1.PullRequestRef{
DisplayID: "feature",
LatestCommit: "abcd",
Repository: bbv1.Repository{
Project: &bbv1.Project{
Key: "PROJ",
Name: "repo",
},
Links: &struct {
Clone []bbv1.CloneLink `json:"clone,omitempty"`
Self []bbv1.SelfLink `json:"self,omitempty"`
}{
Self: []bbv1.SelfLink{{Href: "http://example.com"}},
},
Name: "dest",
},
},
ID: 1,
},
Actor: types.EventActor{},
},
wantErrString: "bitbucket toRef repository clone links are empty",
},
{
name: "empty fromRef repository clone links",
payloadEvent: types.PullRequestEvent{
PullRequest: bbv1.PullRequest{
ToRef: bbv1.PullRequestRef{
Repository: bbv1.Repository{
Links: &struct {
Clone []bbv1.CloneLink `json:"clone,omitempty"`
Self []bbv1.SelfLink `json:"self,omitempty"`
}{
Clone: []bbv1.CloneLink{{Href: "http://example.com"}},
Self: []bbv1.SelfLink{{Href: "http://example.com"}},
},
Name: "repo",
Project: &bbv1.Project{
Key: "PROJ",

Links: bbv1.Links{
Self: []bbv1.SelfLink{{Href: "http://example.com"}},
},
},
},
DisplayID: "main",
LatestCommit: "abcd",
},
FromRef: bbv1.PullRequestRef{
DisplayID: "feature",
LatestCommit: "abcd",
Repository: bbv1.Repository{
Project: &bbv1.Project{
Key: "PROJ",
Name: "repo",
},
Links: &struct {
Clone []bbv1.CloneLink `json:"clone,omitempty"`
Self []bbv1.SelfLink `json:"self,omitempty"`
}{
Self: []bbv1.SelfLink{{Href: "http://example.com"}},
},
Name: "dest",
},
},
ID: 1,
},
Actor: types.EventActor{},
},
wantErrString: "bitbucket fromRef repository clone links are empty",
},
{
name: "zero actor ID",
payloadEvent: types.PullRequestEvent{
Expand Down
1 change: 1 addition & 0 deletions pkg/provider/bitbucketserver/test/test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -285,6 +285,7 @@ func MakePREvent(event *info.Event, comment string) *types.PullRequestEvent {
Href: event.URL,
},
},
Clone: []bbv1.CloneLink{{Href: event.URL}},
},
},
DisplayID: "base",
Expand Down

0 comments on commit 7c3584b

Please sign in to comment.