Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / f5ffedb5f8b7d2039ded283c700edf39b13d94b9 / . / core / installer / soft / client.go
blob: 1c9366627241d5495e7beae152a4156f283869bf [file] [log] [blame]
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]1package soft
2
3import (
Giorgi Lekveishvilia1e77902023-11-06 14:48:27 +0400[diff] [blame]4 "errors"
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]5 "fmt"
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]6 "golang.org/x/crypto/ssh"
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]7 "log"
8 "net"
9 "os"
Giorgi Lekveishvili94cda9d2023-07-20 10:16:09 +0400[diff] [blame]10 "regexp"
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]11 "strings"
Giorgi Lekveishvili724885f2023-11-29 16:18:42 +0400[diff] [blame]12 "time"
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]13
Giorgi Lekveishvili724885f2023-11-29 16:18:42 +0400[diff] [blame]14 "github.com/cenkalti/backoff/v4"
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]15 "github.com/go-git/go-billy/v5/memfs"
16 "github.com/go-git/go-git/v5"
Giorgi Lekveishvilia1e77902023-11-06 14:48:27 +0400[diff] [blame]17 "github.com/go-git/go-git/v5/plumbing/transport"
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]18 gitssh "github.com/go-git/go-git/v5/plumbing/transport/ssh"
19 "github.com/go-git/go-git/v5/storage/memory"
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]20)
21
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]22var ErrorAlreadyExists = errors.New("already exists")
23
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]24type Client interface {
25 Address() string
26 Signer() ssh.Signer
27 GetPublicKeys() ([]string, error)
28 GetRepo(name string) (RepoIO, error)
29 GetRepoAddress(name string) string
30 AddRepository(name string) error
31 AddUser(name, pubKey string) error
32 AddPublicKey(user string, pubKey string) error
33 RemovePublicKey(user string, pubKey string) error
34 MakeUserAdmin(name string) error
35 AddReadWriteCollaborator(repo, user string) error
36 AddReadOnlyCollaborator(repo, user string) error
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]37 AddWebhook(repo, url string, opts ...string) error
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]38}
39
40type realClient struct {
41 addr string
42 signer ssh.Signer
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]43 log *log.Logger
44 pemBytes []byte
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]45}
46
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]47func NewClient(addr string, clientPrivateKey []byte, log *log.Logger) (Client, error) {
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]48 signer, err := ssh.ParsePrivateKey(clientPrivateKey)
49 if err != nil {
50 return nil, err
51 }
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]52 log.SetPrefix("SOFT-SERVE: ")
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]53 log.Printf("Created signer")
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]54 return &realClient{
Giorgi Lekveishvili94cda9d2023-07-20 10:16:09 +0400[diff] [blame]55 addr,
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]56 signer,
57 log,
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]58 clientPrivateKey,
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]59 }, nil
60}
61
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]62type ClientGetter interface {
63 Get(addr string, clientPrivateKey []byte, log *log.Logger) (Client, error)
64}
65
66type RealClientGetter struct{}
67
68func (c RealClientGetter) Get(addr string, clientPrivateKey []byte, log *log.Logger) (Client, error) {
69 var client Client
Giorgi Lekveishvili724885f2023-11-29 16:18:42 +0400[diff] [blame]70 err := backoff.RetryNotify(func() error {
71 var err error
72 client, err = NewClient(addr, clientPrivateKey, log)
73 if err != nil {
74 return err
75 }
Giorgi Lekveishvili106a9352023-12-04 11:20:11 +0400[diff] [blame]76 if _, err := client.GetPublicKeys(); err != nil {
Giorgi Lekveishvili724885f2023-11-29 16:18:42 +0400[diff] [blame]77 return err
78 }
79 return nil
80 }, backoff.NewConstantBackOff(5*time.Second), func(err error, _ time.Duration) {
81 log.Printf("Failed to create client: %s\n", err.Error())
82 })
83 return client, err
84}
85
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]86func (ss *realClient) Address() string {
87 return ss.addr
88}
89
90func (ss *realClient) Signer() ssh.Signer {
91 return ss.signer
92}
93
94func (ss *realClient) AddUser(name, pubKey string) error {
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]95 log.Printf("Adding user %s", name)
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]96 if err := ss.RunCommand("user", "create", name); err != nil {
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]97 return err
98 }
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]99 return ss.AddPublicKey(name, pubKey)
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]100}
101
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]102func (ss *realClient) MakeUserAdmin(name string) error {
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]103 log.Printf("Making user %s admin", name)
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]104 return ss.RunCommand("user", "set-admin", name, "true")
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]105}
106
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]107func (ss *realClient) AddPublicKey(user string, pubKey string) error {
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]108 log.Printf("Adding public key: %s %s\n", user, pubKey)
109 return ss.RunCommand("user", "add-pubkey", user, pubKey)
110}
111
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]112func (ss *realClient) RemovePublicKey(user string, pubKey string) error {
Giorgi Lekveishvili724885f2023-11-29 16:18:42 +0400[diff] [blame]113 log.Printf("Removing public key: %s %s\n", user, pubKey)
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]114 return ss.RunCommand("user", "remove-pubkey", user, pubKey)
115}
116
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]117func (ss *realClient) RunCommand(args ...string) error {
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]118 cmd := strings.Join(args, " ")
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]119 log.Printf("Running command %s", cmd)
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]120 client, err := ssh.Dial("tcp", ss.addr, ss.sshClientConfig())
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]121 if err != nil {
122 return err
123 }
Giorgi Lekveishvili724885f2023-11-29 16:18:42 +0400[diff] [blame]124 defer client.Close()
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]125 session, err := client.NewSession()
126 if err != nil {
127 return err
128 }
129 defer session.Close()
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]130 session.Stdout = os.Stdout
131 session.Stderr = os.Stderr
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]132 return session.Run(cmd)
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]133}
134
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]135func (ss *realClient) AddRepository(name string) error {
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]136 log.Printf("Adding repository %s", name)
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]137 if err := ss.RunCommand("repo", "info", name); err == nil {
138 return ErrorAlreadyExists
139 }
Giorgi Lekveishvili724885f2023-11-29 16:18:42 +0400[diff] [blame]140 return ss.RunCommand("repo", "create", name)
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]141}
142
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]143func (ss *realClient) AddReadWriteCollaborator(repo, user string) error {
Giorgi Lekveishvili724885f2023-11-29 16:18:42 +0400[diff] [blame]144 log.Printf("Adding read-write collaborator %s %s", repo, user)
145 return ss.RunCommand("repo", "collab", "add", repo, user, "read-write")
146}
147
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]148func (ss *realClient) AddReadOnlyCollaborator(repo, user string) error {
Giorgi Lekveishvili724885f2023-11-29 16:18:42 +0400[diff] [blame]149 log.Printf("Adding read-only collaborator %s %s", repo, user)
150 return ss.RunCommand("repo", "collab", "add", repo, user, "read-only")
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]151}
152
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]153func (ss *realClient) AddWebhook(repo, url string, opts ...string) error {
154 log.Printf("Adding webhook %s %s", repo, url)
155 return ss.RunCommand(append(
156 []string{"repo", "webhook", "create", repo, url},
157 opts...,
158 )...)
159}
160
Giorgi Lekveishvili94cda9d2023-07-20 10:16:09 +0400[diff] [blame]161type Repository struct {
162 *git.Repository
163 Addr RepositoryAddress
164}
165
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]166func (ss *realClient) GetRepo(name string) (RepoIO, error) {
167 r, err := CloneRepository(RepositoryAddress{ss.addr, name}, ss.signer)
168 if err != nil {
169 return nil, err
170 }
171 return NewRepoIO(r, ss.signer)
Giorgi Lekveishvili94cda9d2023-07-20 10:16:09 +0400[diff] [blame]172}
173
174type RepositoryAddress struct {
Giorgi Lekveishvili724885f2023-11-29 16:18:42 +0400[diff] [blame]175 Addr string
Giorgi Lekveishvili94cda9d2023-07-20 10:16:09 +0400[diff] [blame]176 Name string
177}
178
179func ParseRepositoryAddress(addr string) (RepositoryAddress, error) {
Giorgi Lekveishvilia1e77902023-11-06 14:48:27 +0400[diff] [blame]180 items := regexp.MustCompile(`ssh://(.*)/(.*)`).FindStringSubmatch(addr)
181 if len(items) != 3 {
Giorgi Lekveishvili94cda9d2023-07-20 10:16:09 +0400[diff] [blame]182 return RepositoryAddress{}, fmt.Errorf("Invalid address")
183 }
Giorgi Lekveishvili724885f2023-11-29 16:18:42 +0400[diff] [blame]184 return RepositoryAddress{items[1], items[2]}, nil
Giorgi Lekveishvili94cda9d2023-07-20 10:16:09 +0400[diff] [blame]185}
186
187func (r RepositoryAddress) FullAddress() string {
188 return fmt.Sprintf("ssh://%s/%s", r.Addr, r.Name)
189}
190
Giorgi Lekveishvili57dffb32023-08-07 15:45:43 +0400[diff] [blame]191func CloneRepository(addr RepositoryAddress, signer ssh.Signer) (*Repository, error) {
Giorgi Lekveishvili106a9352023-12-04 11:20:11 +0400[diff] [blame]192 fmt.Printf("Cloning repository: %s %s\n", addr.Addr, addr.Name)
Giorgi Lekveishvili94cda9d2023-07-20 10:16:09 +0400[diff] [blame]193 c, err := git.Clone(memory.NewStorage(), memfs.New(), &git.CloneOptions{
194 URL: addr.FullAddress(),
195 Auth: &gitssh.PublicKeys{
196 User: "git",
197 Signer: signer,
198 HostKeyCallbackHelper: gitssh.HostKeyCallbackHelper{
199 HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
200 // TODO(giolekva): verify server public key
201 fmt.Printf("--- %+v\n", ssh.MarshalAuthorizedKey(key))
202 return nil
203 },
204 },
205 },
Giorgi Lekveishvili87be4ae2023-06-11 23:41:09 +0400[diff] [blame]206 RemoteName: "origin",
Giorgi Lekveishvili3550b432023-06-09 19:37:51 +0400[diff] [blame]207 ReferenceName: "refs/heads/master",
giof5ffedb2024-06-19 14:14:43 +0400[diff] [blame^]208 SingleBranch: true,
Giorgi Lekveishvili3550b432023-06-09 19:37:51 +0400[diff] [blame]209 Depth: 1,
210 InsecureSkipTLS: true,
211 Progress: os.Stdout,
212 })
Giorgi Lekveishvilia1e77902023-11-06 14:48:27 +0400[diff] [blame]213 if err != nil && !errors.Is(err, transport.ErrEmptyRemoteRepository) {
Giorgi Lekveishvili94cda9d2023-07-20 10:16:09 +0400[diff] [blame]214 return nil, err
215 }
giof5ffedb2024-06-19 14:14:43 +0400[diff] [blame^]216 wt, err := c.Worktree()
217 if err != nil {
218 return nil, err
219 }
220 sb, err := wt.Submodules()
221 if err != nil {
222 return nil, err
223 }
224 if err := sb.Init(); err != nil {
225 return nil, err
226 }
227 if err := sb.Update(&git.SubmoduleUpdateOptions{
228 Depth: 1,
229 }); err != nil {
230 return nil, err
231 }
Giorgi Lekveishvili94cda9d2023-07-20 10:16:09 +0400[diff] [blame]232 return &Repository{
233 Repository: c,
234 Addr: addr,
235 }, nil
Giorgi Lekveishvili3550b432023-06-09 19:37:51 +0400[diff] [blame]236}
237
Giorgi Lekveishvili94cda9d2023-07-20 10:16:09 +0400[diff] [blame]238// TODO(giolekva): dead code
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]239func (ss *realClient) authSSH() gitssh.AuthMethod {
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]240 a, err := gitssh.NewPublicKeys("git", ss.pemBytes, "")
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]241 if err != nil {
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]242 panic(err)
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]243 }
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]244 a.HostKeyCallback = func(hostname string, remote net.Addr, key ssh.PublicKey) error {
245 // TODO(giolekva): verify server public key
246 ss.log.Printf("--- %+v\n", ssh.MarshalAuthorizedKey(key))
247 return nil
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]248 }
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]249 return a
250 // return &gitssh.PublicKeys{
251 // User: "git",
252 // Signer: ss.Signer,
253 // HostKeyCallbackHelper: gitssh.HostKeyCallbackHelper{
254 // HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
255 // // TODO(giolekva): verify server public key
256 // ss.log.Printf("--- %+v\n", ssh.MarshalAuthorizedKey(key))
257 // return nil
258 // },
259 // },
260 // }
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]261}
262
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]263func (ss *realClient) authGit() *gitssh.PublicKeys {
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]264 return &gitssh.PublicKeys{
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]265 User: "git",
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]266 Signer: ss.signer,
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]267 HostKeyCallbackHelper: gitssh.HostKeyCallbackHelper{
268 HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
269 // TODO(giolekva): verify server public key
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]270 ss.log.Printf("--- %+v\n", ssh.MarshalAuthorizedKey(key))
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]271 return nil
272 },
273 },
274 }
275}
276
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]277func (ss *realClient) GetPublicKeys() ([]string, error) {
Giorgi Lekveishvili106a9352023-12-04 11:20:11 +0400[diff] [blame]278 var ret []string
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]279 config := &ssh.ClientConfig{
280 Auth: []ssh.AuthMethod{
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]281 ssh.PublicKeys(ss.signer),
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]282 },
283 HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
Giorgi Lekveishvili106a9352023-12-04 11:20:11 +0400[diff] [blame]284 ret = append(ret, string(ssh.MarshalAuthorizedKey(key)))
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]285 return nil
286 },
287 }
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]288 client, err := ssh.Dial("tcp", ss.addr, config)
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]289 if err != nil {
290 return nil, err
291 }
Giorgi Lekveishvili724885f2023-11-29 16:18:42 +0400[diff] [blame]292 defer client.Close()
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]293 return ret, nil
294}
295
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]296func (ss *realClient) sshClientConfig() *ssh.ClientConfig {
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]297 return &ssh.ClientConfig{
298 Auth: []ssh.AuthMethod{
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]299 ssh.PublicKeys(ss.signer),
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]300 },
301 HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
302 // TODO(giolekva): verify server public key
303 // fmt.Printf("## %s || %s -- \n", serverPubKey, ssh.MarshalAuthorizedKey(key))
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]304 fmt.Printf("%s %s %s", hostname, remote, ssh.MarshalAuthorizedKey(key))
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]305 return nil
306 },
307 }
308}
309
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]310func (ss *realClient) GetRepoAddress(name string) string {
Giorgi Lekveishvili0ccd1482023-06-21 15:02:24 +0400[diff] [blame]311 return fmt.Sprintf("%s/%s", ss.addressGit(), name)
312}
313
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame]314func (ss *realClient) addressGit() string {
315 return fmt.Sprintf("ssh://%s", ss.addr)
giolekva8aa73e82022-07-09 11:34:39 +0400[diff] [blame]316}