fix: add a git cli version

Workaround for: rust-lang/git2-rs#1057
ctron · Jun 6, 2024 · 33f29ac · 33f29ac
1 parent 2573b01
commit 33f29ac
Show file tree

Hide file tree

Showing 9 changed files with 339 additions and 195 deletions.
diff --git a/.github/scripts/Containerfile b/.github/scripts/Containerfile
@@ -11,6 +11,7 @@ RUN mkdir /stage
 # install zlib and cleanup
 
 RUN dnf install --installroot /stage --setop install_weak_deps=false --nodocs -y zlib openssl
+RUN dnf install --installroot /stage --setop install_weak_deps=false --nodocs -y git # as long as we need the CLI version
 RUN dnf clean all --installroot /stage
 
 # prepare our binary

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -46,6 +46,7 @@ cyclonedx-bom = "0.6.1"
 env_logger = "0.11.0"
 futures = "0.3.30"
 futures-util = "0.3"
+garage-door = "0.1.0"
 git2 = { version = "0.18.3", features = ["ssh"] }
 hex = "0.4.3"
 hide = "0.1.5"
@@ -110,8 +111,7 @@ uuid = "1.7.0"
 walkdir = "2.5"
 walker-common = "0.8.0"
 walker-extras = "0.8.0"
-
-garage-door = "0.1.0"
+xshell = "0.2"
 
 trustify-auth = { path = "common/auth", features = ["actix", "swagger"] }
 trustify-common = { path = "common" }

diff --git a/modules/importer/Cargo.toml b/modules/importer/Cargo.toml
@@ -16,7 +16,7 @@ anyhow = { workspace = true }
 csaf = { workspace = true }
 csaf-walker = { workspace = true, features = ["crypto-openssl", "csaf"] }
 cve = { workspace = true }
-git2 = { workspace = true }
+git2 = { workspace = true, optional = true }
 hex = { workspace = true }
 humantime-serde = { workspace = true }
 log = { workspace = true }
@@ -42,6 +42,7 @@ utoipa = { workspace = true, features = ["actix_extras", "time", "url"] }
 uuid = { workspace = true, features = ["v4"] }
 walkdir = { workspace = true }
 walker-common = { workspace = true }
+xshell = { workspace = true }
 
 [dev-dependencies]
 test-log = { workspace = true, features = ["log", "trace"] }

diff --git a/modules/importer/src/server/common/walker/git/cli.rs b/modules/importer/src/server/common/walker/git/cli.rs
@@ -0,0 +1,107 @@
+use super::{Continuation, Error, GitWalker, Handler, WorkingDirectory};
+use std::{collections::HashSet, fs, path::Path};
+use tracing::instrument;
+use xshell::{cmd, Shell};
+
+impl<H, T> GitWalker<H, T>
+where
+    H: Handler,
+    T: WorkingDirectory + Send + 'static,
+{
+    /// Sync version, as all git functions are sync
+    #[instrument(skip(self), ret)]
+    pub(super) fn run_sync(mut self) -> Result<Continuation, Error> {
+        log::debug!("Starting run for: {}", self.source);
+
+        let working_dir = self
+            .working_dir
+            .create()
+            .map_err(|err| Error::WorkingDir(Box::new(err)))?;
+
+        let path = working_dir.as_ref();
+        fs::create_dir_all(path).map_err(|err| Error::WorkingDir(Box::new(err)))?;
+
+        log::info!("Cloning {} into {}", self.source, path.display());
+
+        let source = &self.source;
+
+        let sh = Shell::new()?;
+        sh.change_dir(&path);
+
+        if path.join(".git").exists() {
+            cmd!(sh, "git pull").run()?;
+        } else {
+            cmd!(sh, "git clone {source} .").run()?;
+        }
+
+        log::debug!("Repository cloned or updated");
+
+        // discover files between "then" and now
+
+        let changes = match &self.continuation.0 {
+            Some(commit) => {
+                log::info!("Continuing from: {commit}");
+
+                let files = cmd!(sh, "git diff --name-only {commit} HEAD")
+                    .read()?
+                    .lines()
+                    .filter_map(|path| {
+                        let path = Path::new(&path);
+
+                        match &self.path {
+                            // files are relative to the base dir
+                            Some(base) => match path.strip_prefix(base) {
+                                Ok(path) => Some(path.to_path_buf()),
+                                Err(..) => None,
+                            },
+                            // files are relative to the repo
+                            None => Some(path.to_path_buf()),
+                        }
+                    })
+                    .collect::<HashSet<_>>();
+
+                log::info!("Detected {} changed files", files.len());
+
+                Some(files)
+            }
+            _ => {
+                log::debug!("Ingesting all files");
+                None
+            }
+        };
+
+        // discover and process files
+
+        self.walk(&path, &changes)?;
+
+        let commit = cmd!(sh, "git rev-parse HEAD").read()?;
+
+        log::info!("Most recent commit: {commit}");
+
+        // only drop when we are done, as this might delete the working directory
+
+        drop(working_dir);
+
+        // return result
+
+        Ok(Continuation(Some(commit.to_string())))
+    }
+}
+
+#[cfg(test)]
+pub(crate) mod test {
+    use super::super::Continuation;
+    use std::path::Path;
+    use xshell::{cmd, Shell};
+
+    /// reset a git repository to the spec and return the commit as continuation
+    pub(crate) fn git_reset(path: &Path, spec: &str) -> anyhow::Result<Continuation> {
+        let sh = Shell::new()?;
+        sh.change_dir(path);
+
+        cmd!(sh, "git reset --hard {spec}").run()?;
+        let commit = cmd!(sh, "git rev-parse HEAD").read()?;
+
+        Ok(Continuation(Some(commit)))
+    }
+}