Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use devspaces-dashboard.openshift-devspaces.svc to get devfile yaml #23366

Merged
merged 5 commits into from
Feb 27, 2025
Merged

Use devspaces-dashboard.openshift-devspaces.svc to get devfile yaml #23366

merged 5 commits into from
Feb 27, 2025

Conversation

dmytro-ndp
Copy link
Contributor

@dmytro-ndp dmytro-ndp commented Feb 26, 2025
edited
Loading

What does this PR do?

Fixes devfile API tests on airgap cluster.

Screenshot/screencast of this PR

What issues does this PR fix or reference?

https://issues.redhat.com/browse/CRW-8247

How to test this PR?

PR Checklist

As the author of this Pull Request I made sure that:

Reviewers

Reviewers, please comment how you tested the PR when approving it.

@dmytro-ndp
fix: handle devfile retrieval for disconnected clusters in DevfilesHe…
138af3c 
…lper
@dmytro-ndp
Log command
63df3ee 
Signed-off-by: Dmytro Nochevnov <dnochevn@redhat.com>
@dmytro-ndp
fix curl from https
880b008 
Signed-off-by: Dmytro Nochevnov <dnochevn@redhat.com>
@dmytro-ndp
Use devspaces-dashboard.openshift-devspaces.svc to get devfile yaml
45ad9a5 
Signed-off-by: Dmytro Nochevnov <dnochevn@redhat.com>
@dmytro-ndp
Clean up
913315c 
Signed-off-by: Dmytro Nochevnov <dnochevn@redhat.com>
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 26, 2025
View reviewed changes
tests/e2e/utils/DevfilesHelper.ts
);
return `http://${serviceClusterIp}:${servicePort}${devfileSampleURIPrefix}`;

return `http://devspaces-dashboard.openshift-devspaces.svc:8080${devfileSampleURIPrefix}`;

Check warning

Code scanning / CodeQL

Unsafe shell command constructed from library input Medium test

This string concatenation which depends on
library input
Loading
is later used in a
shell command
Loading
.
This string concatenation which depends on
library input
Loading
is later used in a
shell command
Loading
.
This string concatenation which depends on
library input
Loading
is later used in a
shell command
Loading
.

Copilot Autofix AI 6 days ago

To fix the problem, we should avoid passing untrusted input directly to the shell. Instead, we can use the child_process.execFile method, which takes an array of arguments and does not invoke the shell, thus avoiding interpretation of special characters. If the command must be interpreted by a shell, we can use the shell-quote library to escape any special characters in the input.

  1. Replace the use of child_process.exec with child_process.execFile where possible.
  2. For commands that require shell interpretation, use the shell-quote library to escape the input.
Suggested changeset 2
tests/e2e/utils/DevfilesHelper.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/tests/e2e/utils/DevfilesHelper.ts b/tests/e2e/utils/DevfilesHelper.ts
--- a/tests/e2e/utils/DevfilesHelper.ts
+++ b/tests/e2e/utils/DevfilesHelper.ts
@@ -35,4 +35,6 @@
 		const clusterURL: string = this.getInternalClusterURLToDevFile(devFileName);
+		const shellQuote = require('shell-quote');
+		const escapedClusterURL = shellQuote.quote([clusterURL]);
 		this.getShellExecutor().executeCommand(
-			`oc exec -i ${podName} -n  ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- sh -c 'curl -o /tmp/${devFileName}-devfile.yaml ${clusterURL}'`
+			`oc exec -i ${podName} -n  ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- sh -c 'curl -o /tmp/${devFileName}-devfile.yaml ${escapedClusterURL}'`
 		);
@@ -40,3 +42,3 @@
 			.executeArbitraryShellScript(
-				`oc exec -i ${podName} -n  ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- cat /tmp/${devFileName}-devfile.yaml`
+				`oc exec -i ${podName} -n  ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- cat /tmp/${shellQuote.quote([devFileName])}-devfile.yaml`
 			)
EOF
@@ -35,4 +35,6 @@
const clusterURL: string = this.getInternalClusterURLToDevFile(devFileName);
const shellQuote = require('shell-quote');
const escapedClusterURL = shellQuote.quote([clusterURL]);
this.getShellExecutor().executeCommand(
`oc exec -i ${podName} -n ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- sh -c 'curl -o /tmp/${devFileName}-devfile.yaml ${clusterURL}'`
`oc exec -i ${podName} -n ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- sh -c 'curl -o /tmp/${devFileName}-devfile.yaml ${escapedClusterURL}'`
);
@@ -40,3 +42,3 @@
.executeArbitraryShellScript(
`oc exec -i ${podName} -n ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- cat /tmp/${devFileName}-devfile.yaml`
`oc exec -i ${podName} -n ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- cat /tmp/${shellQuote.quote([devFileName])}-devfile.yaml`
)
tests/e2e/package.json
Outside changed files

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/tests/e2e/package.json b/tests/e2e/package.json
--- a/tests/e2e/package.json
+++ b/tests/e2e/package.json
@@ -68,3 +68,4 @@
 		"inversify": "6.0.1",
-		"reflect-metadata": "0.1.13"
+		"reflect-metadata": "0.1.13",
+		"shell-quote": "^1.8.2"
 	},
EOF
@@ -68,3 +68,4 @@
"inversify": "6.0.1",
"reflect-metadata": "0.1.13"
"reflect-metadata": "0.1.13",
"shell-quote": "^1.8.2"
},
This fix introduces these dependencies
Package Version Security advisories
shell-quote (npm) 1.8.2 None
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
@dmytro-ndp dmytro-ndp merged commit 43d3fdd into main Feb 27, 2025
5 checks passed
@dmytro-ndp dmytro-ndp deleted the CRW-8247 branch February 27, 2025 08:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@artaleks9 artaleks9 artaleks9 approved these changes

@SkorikSergey SkorikSergey SkorikSergey approved these changes

@musienko-maxim musienko-maxim Awaiting requested review from musienko-maxim musienko-maxim is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dmytro-ndp @artaleks9 @SkorikSergey