•  
     
    story #28845 have an hidden command executing custom command to determine if the reference should have been rejected
Summary
Git administrator
have an hidden command executing custom command to determine if the reference should have been rejected

later on Git administrators can deploy custom code to validate incoming references as a pre-receive hook

This is a first step towards the execution of untrusted code provided by the users as described in this blogpost.

  • an hidden command is created tuleap git:pre-receive-analyze, this command expects the same input than Git pre-receive hook
  • when this command is called with the appropriate arguments, it either exit without any output with the exit code 0 if everything is expected or with a message and an exit code 1 if the objects should have been rejected
  • to verify if the objects are "valid", custom code provided as a WASM module is called
  • there is no way to upload a WASM module at this time, the files must be put at a specific path on the filesystem
Empty
Empty
Status
SCM/Git
Done
Development
  • [ ] Does it involves User Interface? 
  • [ ] Are there any mockups?
  • [ ] Are permissions checked?
  • [ ] Does it need Javascript development?
  • [ ] Does it need a forge upgrade bucket?
  • [ ] Does it need to execute things in system events?
  • [ ] Does it impact project creation (templates)?
  • [ ] Is it exploratory?
  • we do not expect the WASM module to do some direct interactions with the Git repository (no I/O at this point), Tuleap will give per-processed information to the WASM modules, it could be something like this:
{
    "refname": "<given_refname>",
    "objects": [
        {"type": "<type of object as given by git cat-file -t <ref>>", "content": "<content of the object as given by git cat-file <type> <ref>>"},
        ...
    ]
}
  • when everything if fine the WASM module should return
{"rejection_message": null}
  • when rejecting something the WASM module should return
{"rejection_message": "some string explaining why this should be rejected"}
  • WASM modules needs to be put under /var/lib/tuleap/wasm/git/pre-receive-<repository_id>.wasm to be found
  • parts of the infrastructure loading and executing WASM code must be put in the Tuleap core (i.e. under src/common/), parts specific to Git must be put in the Git plugin
Details
#28845
Thomas Gerbet (tgerbet)
2023-02-17 10:28
2022-09-20 11:48
28707

References
Referencing story #28845

Follow-ups