Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update validator to check for cache only for specific TEST_SUIT_ID #70

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Update validator to check for cache only for specific TEST_SUIT_ID #70

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
868b6d9
Update validator to check for cache only for specific TEST_SUIT_ID
EdwinPhilip Mar 11, 2024
f1eb6aa
update cache_files_list to list file only for specific test_suit_id
EdwinPhilip Mar 11, 2024
1a03fcd
update cache_files_list prefix to address lint issue
EdwinPhilip Mar 11, 2024
1bc105b
Update lib/rspec_tracer/remote_cache/validator.rb
EdwinPhilip Mar 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion lib/rspec_tracer/remote_cache/aws.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ class AwsError < StandardError; end
def initialize
@s3_bucket, @s3_path = setup_s3
@aws_cli = RSpecTracer.use_local_aws ? 'awslocal' : 'aws'
@use_test_suite_id_cache = ENV['USE_TEST_SUITE_ID_CACHE'] == 'true'
@test_suite_id = ENV['TEST_SUITE_ID'] if @use_test_suite_id_cache
end

def branch_refs?(branch_name)
Expand Down Expand Up @@ -60,7 +62,11 @@ def upload_branch_refs(branch_name, file_name)
end

def cache_files_list(ref)
prefix = "s3://#{@s3_bucket}/#{@s3_path}/#{ref}/"
if @use_test_suite_id_cache && !@test_suite_id.nil?
prefix = "s3://#{@s3_bucket}/#{@s3_path}/#{ref}/#{@test_suite_id}/"
else
prefix = "s3://#{@s3_bucket}/#{@s3_path}/#{ref}/"
end
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The modification to the cache_files_list method to dynamically construct the prefix based on the presence of @use_test_suite_id_cache and @test_suite_id is a logical extension of the introduced instance variables. This change supports the PR's goal of enhancing cache utilization efficiency by enabling targeted cache validation. However, it's important to consider the security implications of dynamically constructing paths for AWS S3 operations.

The use of dynamic paths in AWS S3 operations, as seen in the cache_files_list method, raises concerns about potential code injection vulnerabilities. The static analysis hints suggest auditing the input to system calls to prevent code injection vulnerabilities. It's advisable to sanitize or validate any user-supplied input that could influence the constructed paths or commands.

- `#{@aws_cli} s3 ls #{prefix} --recursive`.chomp.split("\n")
+ sanitized_prefix = sanitize_prefix(prefix)
+ `#{@aws_cli} s3 ls #{sanitized_prefix} --recursive`.chomp.split("\n")

Consider implementing a method sanitize_prefix that ensures the prefix variable does not contain any malicious content before it's used in the system call.

Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation.

Suggested change
if @use_test_suite_id_cache && !@test_suite_id.nil?
prefix = "s3://#{@s3_bucket}/#{@s3_path}/#{ref}/#{@test_suite_id}/"
else
prefix = "s3://#{@s3_bucket}/#{@s3_path}/#{ref}/"
end
if @use_test_suite_id_cache && !@test_suite_id.nil?
prefix = "s3://#{@s3_bucket}/#{@s3_path}/#{ref}/#{@test_suite_id}/"
else
prefix = "s3://#{@s3_bucket}/#{@s3_path}/#{ref}/"
end
+ sanitized_prefix = sanitize_prefix(prefix)
+ `#{@aws_cli} s3 ls #{sanitized_prefix} --recursive`.chomp.split("\n")


`#{@aws_cli} s3 ls #{prefix} --recursive`.chomp.split("\n")
end
Expand Down
40 changes: 31 additions & 9 deletions lib/rspec_tracer/remote_cache/validator.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,25 +8,24 @@ class Validator
def initialize
@test_suite_id = ENV['TEST_SUITE_ID']
@test_suites = ENV['TEST_SUITES']
@use_test_suite_id_cache = ENV['USE_TEST_SUITE_ID_CACHE']
EdwinPhilip marked this conversation as resolved.
Show resolved Hide resolved

if @test_suite_id.nil? ^ @test_suites.nil?
raise(
ValidationError,
'Both the enviornment variables TEST_SUITE_ID and TEST_SUITES are not set'
'Both the environment variables TEST_SUITE_ID and TEST_SUITES are not set'
)
end

setup
end

def valid?(ref, cache_files)
last_run_regex = Regexp.new(format(@last_run_files_regex, ref: ref))

return false if cache_files.count { |file| file.match?(last_run_regex) } != @last_run_files_count

cache_regex = Regexp.new(format(@cached_files_regex, ref: ref))

cache_files.count { |file| file.match?(cache_regex) } == @cached_files_count
if @use_test_suite_id_cache
test_suite_id_specific_validation(ref, cache_files)
else
general_validation(ref, cache_files)
end
end

private
Expand All @@ -36,7 +35,7 @@ def setup
@last_run_files_count = 1
@last_run_files_regex = '/%<ref>s/last_run.json$'
@cached_files_count = CACHE_FILES_PER_TEST_SUITE
@cached_files_regex = '/%<ref>s/[0-9a-f]{32}/.+.json'
@cached_files_regex = '/%<ref>s/[0-9a-f]{32}/.+.json$'
else
@test_suites = @test_suites.to_i
@test_suites_regex = (1..@test_suites).to_a.join('|')
Expand All @@ -47,6 +46,29 @@ def setup
@cached_files_regex = "/%<ref>s/(#{@test_suites_regex})/[0-9a-f]{32}/.+.json$"
end
end

def general_validation(ref, cache_files)
last_run_regex = Regexp.new(format(@last_run_files_regex, ref: ref))

return false if cache_files.count { |file| file.match?(last_run_regex) } != @last_run_files_count

cache_regex = Regexp.new(format(@cached_files_regex, ref: ref))

cache_files.count { |file| file.match?(cache_regex) } == @cached_files_count
end

def test_suite_id_specific_validation(ref, cache_files)
# Here, we ensure that the regex is dynamically adjusted for the specific test suite
# Adjusting for specific test_suite_id in the regex patterns
last_run_regex = Regexp.new("/#{ref}/#{@test_suite_id}/last_run.json$")
cache_regex = Regexp.new("/#{ref}/#{@test_suite_id}/[0-9a-f]{32}/.+.json$")

# Validate presence of the last run file for the specific test suite
return false unless cache_files.any? { |file| file.match?(last_run_regex) }

# Check if any cache files for the specific test suite are present
cache_files.any? { |file| file.match?(cache_regex) }
end
end
end
end
Loading