ref(pkg/plugin): create clean path for extracting plugins

pull/3898/head
Michelle Noorali 7 years ago
parent 75682ed584
commit fed7e69c81

10
glide.lock generated

@ -1,5 +1,5 @@
hash: 6837936360d447b64aa7a09d3c89c18ac5540b009a57fc4d3227af299bf40268 hash: 4023a1644d60060fbf2fdbbe5b73cbb4b957eb686ce925640d102db2d1858676
updated: 2018-04-03T08:17:14.801847688-07:00 updated: 2018-04-14T11:27:34.604716498-04:00
imports: imports:
- name: cloud.google.com/go - name: cloud.google.com/go
version: 3b1ae45394a234c385be014e9a488f2bb6eef821 version: 3b1ae45394a234c385be014e9a488f2bb6eef821
@ -31,6 +31,8 @@ imports:
version: 71acacd42f85e5e82f70a55327789582a5200a90 version: 71acacd42f85e5e82f70a55327789582a5200a90
subpackages: subpackages:
- md2man - md2man
- name: github.com/cyphar/filepath-securejoin
version: 06bda8370f45268db985f7af15732444d94ed51c
- name: github.com/davecgh/go-spew - name: github.com/davecgh/go-spew
version: 782f4967f2dc4564575ca782fe2d04090b5faca8 version: 782f4967f2dc4564575ca782fe2d04090b5faca8
subpackages: subpackages:
@ -210,6 +212,8 @@ imports:
version: ca53cad383cad2479bbba7f7a1a05797ec1386e4 version: ca53cad383cad2479bbba7f7a1a05797ec1386e4
- name: github.com/peterbourgon/diskv - name: github.com/peterbourgon/diskv
version: 5f041e8faa004a95c88a202771f4cc3e991971e6 version: 5f041e8faa004a95c88a202771f4cc3e991971e6
- name: github.com/pkg/errors
version: 645ef00459ed84a119197bfb8d8205042c6df63d
- name: github.com/prometheus/client_golang - name: github.com/prometheus/client_golang
version: c5b7fccd204277076155f10851dad72b76a49317 version: c5b7fccd204277076155f10851dad72b76a49317
subpackages: subpackages:
@ -641,7 +645,7 @@ imports:
- pkg/util/proto - pkg/util/proto
- pkg/util/proto/validation - pkg/util/proto/validation
- name: k8s.io/kubernetes - name: k8s.io/kubernetes
version: a22f9fd34871d9dc9e5db2c02c713821d18ab2cd version: baab3992147260d47cb59b9c485a24fdeff2e457
subpackages: subpackages:
- pkg/api/events - pkg/api/events
- pkg/api/legacyscheme - pkg/api/legacyscheme

@ -57,6 +57,8 @@ import:
version: release-1.10 version: release-1.10
- package: k8s.io/apiserver - package: k8s.io/apiserver
version: release-1.10 version: release-1.10
- package: github.com/cyphar/filepath-securejoin
version: ^0.2.1
testImports: testImports:
- package: github.com/stretchr/testify - package: github.com/stretchr/testify

@ -21,14 +21,17 @@ import (
"compress/gzip" "compress/gzip"
"fmt" "fmt"
"io" "io"
"k8s.io/helm/pkg/getter"
"k8s.io/helm/pkg/helm/environment"
"k8s.io/helm/pkg/helm/helmpath"
"k8s.io/helm/pkg/plugin/cache"
"os" "os"
"path/filepath" "path/filepath"
"regexp" "regexp"
"strings" "strings"
fp "github.com/cyphar/filepath-securejoin"
"k8s.io/helm/pkg/getter"
"k8s.io/helm/pkg/helm/environment"
"k8s.io/helm/pkg/helm/helmpath"
"k8s.io/helm/pkg/plugin/cache"
) )
// HTTPInstaller installs plugins from an archive served by a web server. // HTTPInstaller installs plugins from an archive served by a web server.
@ -181,7 +184,10 @@ func (g *TarGzExtractor) Extract(buffer *bytes.Buffer, targetDir string) error {
return err return err
} }
path := filepath.Join(targetDir, header.Name) path, err := fp.SecureJoin(targetDir, header.Name)
if err != nil {
return err
}
switch header.Typeflag { switch header.Typeflag {
case tar.TypeDir: case tar.TypeDir:

@ -16,12 +16,15 @@ limitations under the License.
package installer // import "k8s.io/helm/pkg/plugin/installer" package installer // import "k8s.io/helm/pkg/plugin/installer"
import ( import (
"archive/tar"
"bytes" "bytes"
"compress/gzip"
"encoding/base64" "encoding/base64"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"k8s.io/helm/pkg/helm/helmpath" "k8s.io/helm/pkg/helm/helmpath"
"os" "os"
"path/filepath"
"testing" "testing"
) )
@ -187,3 +190,88 @@ func TestHTTPInstallerUpdate(t *testing.T) {
t.Error("update method not implemented for http installer") t.Error("update method not implemented for http installer")
} }
} }
func TestExtract(t *testing.T) {
//create a temp home
hh, err := ioutil.TempDir("", "helm-home-")
if err != nil {
t.Fatal(err)
}
defer os.RemoveAll(hh)
home := helmpath.Home(hh)
if err := os.MkdirAll(home.Plugins(), 0755); err != nil {
t.Fatalf("Could not create %s: %s", home.Plugins(), err)
}
cacheDir := filepath.Join(home.Cache(), "plugins", "plugin-key")
if err := os.MkdirAll(cacheDir, 0755); err != nil {
t.Fatalf("Could not create %s: %s", cacheDir, err)
}
//{"plugin.yaml", "plugin metadata up in here"},
//{"README.md", "so you know what's upp"},
//{"script.sh", "echo script"},
var tarbuf bytes.Buffer
tw := tar.NewWriter(&tarbuf)
var files = []struct {
Name, Body string
}{
{"../../plugin.yaml", "sneaky plugin metadata"},
{"README.md", "some text"},
}
for _, file := range files {
hdr := &tar.Header{
Name: file.Name,
Typeflag: tar.TypeReg,
Mode: 0600,
Size: int64(len(file.Body)),
}
if err := tw.WriteHeader(hdr); err != nil {
t.Fatal(err)
}
if _, err := tw.Write([]byte(file.Body)); err != nil {
t.Fatal(err)
}
}
if err := tw.Close(); err != nil {
t.Fatal(err)
}
var buf bytes.Buffer
gz := gzip.NewWriter(&buf)
if _, err := gz.Write(tarbuf.Bytes()); err != nil {
t.Fatal(err)
}
gz.Close()
source := "https://repo.localdomain/plugins/fake-plugin-0.0.1.tgz"
extr, err := NewExtractor(source)
if err != nil {
t.Fatal(err)
}
if err = extr.Extract(&buf, cacheDir); err != nil {
t.Errorf("Did not expect error but got error: %v", err)
}
pluginYAMLFullPath := filepath.Join(cacheDir, "plugin.yaml")
if _, err := os.Stat(pluginYAMLFullPath); err != nil {
if os.IsNotExist(err) {
t.Errorf("Expected %s to exist but doesn't", pluginYAMLFullPath)
} else {
t.Error(err)
}
}
readmeFullPath := filepath.Join(cacheDir, "README.md")
if _, err := os.Stat(readmeFullPath); err != nil {
if os.IsNotExist(err) {
t.Errorf("Expected %s to exist but doesn't", readmeFullPath)
} else {
t.Error(err)
}
}
}

Loading…
Cancel
Save