Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(security): filter git auth information #1474

Merged
merged 1 commit into from
Aug 11, 2020
Merged

fix(security): filter git auth information #1474

merged 1 commit into from
Aug 11, 2020

Conversation

zhujian7
Copy link
Collaborator

@zhujian7 zhujian7 commented Aug 9, 2020

What this PR does / why we need it:

Add your description

Which issue(s) this PR is related to (optional, link to 3rd issue(s)):

Fixes #

Reference to #

Special notes for your reviewer:

/cc @hyy0322 @supereagle @bbbmj @qianlei90 @muzi502

Release note:

NONE

@caicloud-bot caicloud-bot added release-note-none Denotes a PR that doesn't merit a release note. caicloud-cla: yes Indicates the PR's author has not signed the Caicloud CLA. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Aug 9, 2020
qianlei90
qianlei90 reviewed Aug 9, 2020
View reviewed changes
build/resolver/git/entrypoint.sh Outdated
Comment on lines 227 to 228
git remote remove origin
git remote add origin "${NO_AUTH_SCM_URL}"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

这两个命令可以用 git remote set-url origin ${NO_AUTH_SCM_URL} 代替吗?

@hyy0322
Copy link
Contributor

hyy0322 commented Aug 9, 2020

LGTM

bbbmj
bbbmj reviewed Aug 9, 2020
View reviewed changes
build/resolver/git/entrypoint.sh Outdated
@@ -223,7 +223,10 @@ pull() {
fi
fi

cd $WORKDIR/data
# filter sensitive information
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what's the difference with this command? Can you add more annotation to explain what it changed and why it comes out?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PTAL

@zhujian7
Copy link
Collaborator Author

/retest

supereagle
supereagle approved these changes Aug 11, 2020
View reviewed changes
Copy link
Member

@supereagle supereagle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@caicloud-bot caicloud-bot added the lgtm Indicates that a PR is ready to be merged. label Aug 11, 2020
@caicloud-bot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: supereagle

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@caicloud-bot caicloud-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Aug 11, 2020
@caicloud-bot caicloud-bot merged commit e039aab into caicloud:master Aug 11, 2020
bbbmj
bbbmj reviewed Aug 11, 2020
View reviewed changes
build/resolver/git/entrypoint.sh
@@ -223,7 +223,11 @@ pull() {
fi
fi

cd $WORKDIR/data
# filter sensitive information, otherwise users executing commands like 'git remote get-url origin'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@zhujian7
Copy link
Collaborator Author

/cherrypick cps-2.8

@zhujian7
Copy link
Collaborator Author

/cherrypick cps-2.10

@caicloud-bot caicloud-bot mentioned this pull request Aug 11, 2020
Merged
@caicloud-bot
Copy link
Collaborator

@zhujian7: new pull request created: #1476

In response to this:

/cherrypick cps-2.8

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@caicloud-bot caicloud-bot mentioned this pull request Aug 11, 2020
Merged
@caicloud-bot
Copy link
Collaborator

@zhujian7: new pull request created: #1478

In response to this:

/cherrypick cps-2.10

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qianlei90 qianlei90 qianlei90 left review comments

@bbbmj bbbmj bbbmj left review comments

@supereagle supereagle supereagle approved these changes

@hyy0322 hyy0322 Awaiting requested review from hyy0322

@muzi502 muzi502 Awaiting requested review from muzi502

Assignees

@supereagle supereagle

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. caicloud-cla: yes Indicates the PR's author has not signed the Caicloud CLA. lgtm Indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@zhujian7 @hyy0322 @caicloud-bot @supereagle @qianlei90 @bbbmj