Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use devspaces-dashboard.openshift-devspaces.svc to get devfile yaml #23366

Merged
merged 5 commits into from
Feb 27, 2025
Merged

Use devspaces-dashboard.openshift-devspaces.svc to get devfile yaml #23366

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
138af3c
fix: handle devfile retrieval for disconnected clusters in DevfilesHe…
dmytro-ndp Feb 24, 2025
63df3ee
Log command
dmytro-ndp Feb 26, 2025
880b008
fix curl from https
dmytro-ndp Feb 26, 2025
45ad9a5
Use devspaces-dashboard.openshift-devspaces.svc to get devfile yaml
dmytro-ndp Feb 26, 2025
913315c
Clean up
dmytro-ndp Feb 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 2 additions & 9 deletions tests/e2e/utils/DevfilesHelper.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,15 +21,8 @@
export class DevfilesHelper {
public getInternalClusterURLToDevFile(devFileName: string): string {
const devfileSampleURIPrefix: string = `/dashboard/api/airgap-sample/devfile/download?id=${devFileName}`;
let serviceClusterIp: string = '';
let servicePort: string = '';
serviceClusterIp = this.getShellExecutor().executeArbitraryShellScript(
`oc get svc devspaces-dashboard -n ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -o=jsonpath='{.spec.clusterIP}'`
);
servicePort = this.getShellExecutor().executeArbitraryShellScript(
`oc get svc devspaces-dashboard -n ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -o=jsonpath='{.spec.ports[*].port}'`
);
return `http://${serviceClusterIp}:${servicePort}${devfileSampleURIPrefix}`;

return `http://devspaces-dashboard.openshift-devspaces.svc:8080${devfileSampleURIPrefix}`;

Check warning

Code scanning / CodeQL

Unsafe shell command constructed from library input Medium test

This string concatenation which depends on
library input
Loading
is later used in a
shell command
Loading
.
This string concatenation which depends on
library input
Loading
is later used in a
shell command
Loading
.
This string concatenation which depends on
library input
Loading
is later used in a
shell command
Loading
.

Copilot Autofix AI 6 days ago

To fix the problem, we should avoid passing untrusted input directly to the shell. Instead, we can use the child_process.execFile method, which takes an array of arguments and does not invoke the shell, thus avoiding interpretation of special characters. If the command must be interpreted by a shell, we can use the shell-quote library to escape any special characters in the input.

  1. Replace the use of child_process.exec with child_process.execFile where possible.
  2. For commands that require shell interpretation, use the shell-quote library to escape the input.
Suggested changeset 2
tests/e2e/utils/DevfilesHelper.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/tests/e2e/utils/DevfilesHelper.ts b/tests/e2e/utils/DevfilesHelper.ts
--- a/tests/e2e/utils/DevfilesHelper.ts
+++ b/tests/e2e/utils/DevfilesHelper.ts
@@ -35,4 +35,6 @@
 		const clusterURL: string = this.getInternalClusterURLToDevFile(devFileName);
+		const shellQuote = require('shell-quote');
+		const escapedClusterURL = shellQuote.quote([clusterURL]);
 		this.getShellExecutor().executeCommand(
-			`oc exec -i ${podName} -n  ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- sh -c 'curl -o /tmp/${devFileName}-devfile.yaml ${clusterURL}'`
+			`oc exec -i ${podName} -n  ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- sh -c 'curl -o /tmp/${devFileName}-devfile.yaml ${escapedClusterURL}'`
 		);
@@ -40,3 +42,3 @@
 			.executeArbitraryShellScript(
-				`oc exec -i ${podName} -n  ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- cat /tmp/${devFileName}-devfile.yaml`
+				`oc exec -i ${podName} -n  ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- cat /tmp/${shellQuote.quote([devFileName])}-devfile.yaml`
 			)
EOF
@@ -35,4 +35,6 @@
const clusterURL: string = this.getInternalClusterURLToDevFile(devFileName);
const shellQuote = require('shell-quote');
const escapedClusterURL = shellQuote.quote([clusterURL]);
this.getShellExecutor().executeCommand(
`oc exec -i ${podName} -n ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- sh -c 'curl -o /tmp/${devFileName}-devfile.yaml ${clusterURL}'`
`oc exec -i ${podName} -n ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- sh -c 'curl -o /tmp/${devFileName}-devfile.yaml ${escapedClusterURL}'`
);
@@ -40,3 +42,3 @@
.executeArbitraryShellScript(
`oc exec -i ${podName} -n ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- cat /tmp/${devFileName}-devfile.yaml`
`oc exec -i ${podName} -n ${BASE_TEST_CONSTANTS.TS_PLATFORM}-${BASE_TEST_CONSTANTS.TESTING_APPLICATION_NAME()} -c ${containerName} -- cat /tmp/${shellQuote.quote([devFileName])}-devfile.yaml`
)
tests/e2e/package.json
Outside changed files

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/tests/e2e/package.json b/tests/e2e/package.json
--- a/tests/e2e/package.json
+++ b/tests/e2e/package.json
@@ -68,3 +68,4 @@
 		"inversify": "6.0.1",
-		"reflect-metadata": "0.1.13"
+		"reflect-metadata": "0.1.13",
+		"shell-quote": "^1.8.2"
 	},
EOF
@@ -68,3 +68,4 @@
"inversify": "6.0.1",
"reflect-metadata": "0.1.13"
"reflect-metadata": "0.1.13",
"shell-quote": "^1.8.2"
},
This fix introduces these dependencies
Package Version Security advisories
shell-quote (npm) 1.8.2 None
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
}

/**
Expand Down