f47e8211fb
* feat(mcp): add workspace root validation to prevent path traversal - Add workspaceRoot field to Service for restricting file operations - Add WithWorkspaceRoot() option for configuring the workspace directory - Add validatePath() helper to check paths are within workspace - Apply validation to all file operation handlers - Default to current working directory for security - Add comprehensive tests for path validation Closes #82 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor: move CLI commands from pkg/ to internal/cmd/ - Move 18 CLI command packages to internal/cmd/ (not externally importable) - Keep 16 library packages in pkg/ (externally importable) - Update all import paths throughout codebase - Cleaner separation between CLI logic and reusable libraries CLI commands moved: ai, ci, dev, docs, doctor, gitcmd, go, monitor, php, pkgcmd, qa, sdk, security, setup, test, updater, vm, workspace Libraries remaining: agentic, build, cache, cli, container, devops, errors, framework, git, i18n, io, log, mcp, process, release, repos Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor(mcp): use pkg/io Medium for sandboxed file operations Replace manual path validation with pkg/io.Medium for all file operations. This delegates security (path traversal, symlink bypass) to the sandboxed local.Medium implementation. Changes: - Add io.NewSandboxed() for creating sandboxed Medium instances - Refactor MCP Service to use io.Medium instead of direct os.* calls - Remove validatePath and resolvePathWithSymlinks functions - Update tests to verify Medium-based behaviour Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: correct import path and workflow references - Fix pkg/io/io.go import from core-gui to core - Update CI workflows to use internal/cmd/updater path Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(security): address CodeRabbit review issues for path validation - pkg/io/local: add symlink resolution and boundary-aware containment - Reject absolute paths in sandboxed Medium - Use filepath.EvalSymlinks to prevent symlink bypass attacks - Fix prefix check to prevent /tmp/root matching /tmp/root2 - pkg/mcp: fix resolvePath to validate and return errors - Changed resolvePath from (string) to (string, error) - Update deleteFile, renameFile, listDirectory, fileExists to handle errors - Changed New() to return (*Service, error) instead of *Service - Properly propagate option errors instead of silently discarding - pkg/io: wrap errors with E() helper for consistent context - Copy() and MockMedium.Read() now use coreerr.E() - tests: rename to use _Good/_Bad/_Ugly suffixes per coding guidelines - Fix hardcoded /tmp in TestPath to use t.TempDir() - Add TestResolvePath_Bad_SymlinkTraversal test Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * style: fix gofmt formatting Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * style: fix gofmt formatting across all files Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
307 lines
8.1 KiB
Go
307 lines
8.1 KiB
Go
package dev
|
|
|
|
import (
|
|
"os"
|
|
"path/filepath"
|
|
"sort"
|
|
"strings"
|
|
|
|
"github.com/host-uk/core/pkg/cli"
|
|
"github.com/host-uk/core/pkg/i18n"
|
|
)
|
|
|
|
// Workflow command flags
|
|
var (
|
|
workflowRegistryPath string
|
|
workflowDryRun bool
|
|
)
|
|
|
|
// addWorkflowCommands adds the 'workflow' subcommand and its subcommands.
|
|
func addWorkflowCommands(parent *cli.Command) {
|
|
workflowCmd := &cli.Command{
|
|
Use: "workflow",
|
|
Short: i18n.T("cmd.dev.workflow.short"),
|
|
Long: i18n.T("cmd.dev.workflow.long"),
|
|
}
|
|
|
|
// Shared flags
|
|
workflowCmd.PersistentFlags().StringVar(&workflowRegistryPath, "registry", "", i18n.T("common.flag.registry"))
|
|
|
|
// Subcommands
|
|
addWorkflowListCommand(workflowCmd)
|
|
addWorkflowSyncCommand(workflowCmd)
|
|
|
|
parent.AddCommand(workflowCmd)
|
|
}
|
|
|
|
// addWorkflowListCommand adds the 'workflow list' subcommand.
|
|
func addWorkflowListCommand(parent *cli.Command) {
|
|
listCmd := &cli.Command{
|
|
Use: "list",
|
|
Short: i18n.T("cmd.dev.workflow.list.short"),
|
|
Long: i18n.T("cmd.dev.workflow.list.long"),
|
|
RunE: func(cmd *cli.Command, args []string) error {
|
|
return runWorkflowList(workflowRegistryPath)
|
|
},
|
|
}
|
|
|
|
parent.AddCommand(listCmd)
|
|
}
|
|
|
|
// addWorkflowSyncCommand adds the 'workflow sync' subcommand.
|
|
func addWorkflowSyncCommand(parent *cli.Command) {
|
|
syncCmd := &cli.Command{
|
|
Use: "sync <workflow>",
|
|
Short: i18n.T("cmd.dev.workflow.sync.short"),
|
|
Long: i18n.T("cmd.dev.workflow.sync.long"),
|
|
Args: cli.ExactArgs(1),
|
|
RunE: func(cmd *cli.Command, args []string) error {
|
|
return runWorkflowSync(workflowRegistryPath, args[0], workflowDryRun)
|
|
},
|
|
}
|
|
|
|
syncCmd.Flags().BoolVar(&workflowDryRun, "dry-run", false, i18n.T("cmd.dev.workflow.sync.flag.dry_run"))
|
|
|
|
parent.AddCommand(syncCmd)
|
|
}
|
|
|
|
// runWorkflowList shows a table of repos vs workflows.
|
|
func runWorkflowList(registryPath string) error {
|
|
reg, registryDir, err := loadRegistryWithConfig(registryPath)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
repoList := reg.List()
|
|
if len(repoList) == 0 {
|
|
cli.Text(i18n.T("cmd.dev.no_git_repos"))
|
|
return nil
|
|
}
|
|
|
|
// Sort repos by name for consistent output
|
|
sort.Slice(repoList, func(i, j int) bool {
|
|
return repoList[i].Name < repoList[j].Name
|
|
})
|
|
|
|
// Collect all unique workflow files across all repos
|
|
workflowSet := make(map[string]bool)
|
|
repoWorkflows := make(map[string]map[string]bool)
|
|
|
|
for _, repo := range repoList {
|
|
workflows := findWorkflows(repo.Path)
|
|
repoWorkflows[repo.Name] = make(map[string]bool)
|
|
for _, wf := range workflows {
|
|
workflowSet[wf] = true
|
|
repoWorkflows[repo.Name][wf] = true
|
|
}
|
|
}
|
|
|
|
// Sort workflow names
|
|
var workflowNames []string
|
|
for wf := range workflowSet {
|
|
workflowNames = append(workflowNames, wf)
|
|
}
|
|
sort.Strings(workflowNames)
|
|
|
|
if len(workflowNames) == 0 {
|
|
cli.Text(i18n.T("cmd.dev.workflow.no_workflows"))
|
|
return nil
|
|
}
|
|
|
|
// Check for template workflows in the registry directory
|
|
templateWorkflows := findWorkflows(filepath.Join(registryDir, ".github", "workflow-templates"))
|
|
if len(templateWorkflows) == 0 {
|
|
// Also check .github/workflows in the devops repo itself
|
|
templateWorkflows = findWorkflows(filepath.Join(registryDir, ".github", "workflows"))
|
|
}
|
|
templateSet := make(map[string]bool)
|
|
for _, wf := range templateWorkflows {
|
|
templateSet[wf] = true
|
|
}
|
|
|
|
// Build table
|
|
headers := []string{i18n.T("cmd.dev.workflow.header.repo")}
|
|
headers = append(headers, workflowNames...)
|
|
table := cli.NewTable(headers...)
|
|
|
|
for _, repo := range repoList {
|
|
row := []string{repo.Name}
|
|
for _, wf := range workflowNames {
|
|
if repoWorkflows[repo.Name][wf] {
|
|
row = append(row, successStyle.Render(cli.Glyph(":check:")))
|
|
} else {
|
|
row = append(row, errorStyle.Render(cli.Glyph(":cross:")))
|
|
}
|
|
}
|
|
table.AddRow(row...)
|
|
}
|
|
|
|
cli.Blank()
|
|
table.Render()
|
|
|
|
return nil
|
|
}
|
|
|
|
// runWorkflowSync copies a workflow template to all repos.
|
|
func runWorkflowSync(registryPath string, workflowFile string, dryRun bool) error {
|
|
reg, registryDir, err := loadRegistryWithConfig(registryPath)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Find the template workflow
|
|
templatePath := findTemplateWorkflow(registryDir, workflowFile)
|
|
if templatePath == "" {
|
|
return cli.Err("%s", i18n.T("cmd.dev.workflow.template_not_found", map[string]interface{}{"File": workflowFile}))
|
|
}
|
|
|
|
// Read template content
|
|
templateContent, err := os.ReadFile(templatePath)
|
|
if err != nil {
|
|
return cli.Wrap(err, i18n.T("cmd.dev.workflow.read_template_error"))
|
|
}
|
|
|
|
repoList := reg.List()
|
|
if len(repoList) == 0 {
|
|
cli.Text(i18n.T("cmd.dev.no_git_repos"))
|
|
return nil
|
|
}
|
|
|
|
// Sort repos by name for consistent output
|
|
sort.Slice(repoList, func(i, j int) bool {
|
|
return repoList[i].Name < repoList[j].Name
|
|
})
|
|
|
|
if dryRun {
|
|
cli.Text(i18n.T("cmd.dev.workflow.dry_run_mode"))
|
|
cli.Blank()
|
|
}
|
|
|
|
var synced, skipped, failed int
|
|
|
|
for _, repo := range repoList {
|
|
if !repo.IsGitRepo() {
|
|
skipped++
|
|
continue
|
|
}
|
|
|
|
destDir := filepath.Join(repo.Path, ".github", "workflows")
|
|
destPath := filepath.Join(destDir, workflowFile)
|
|
|
|
// Check if workflow already exists and is identical
|
|
if existingContent, err := os.ReadFile(destPath); err == nil {
|
|
if string(existingContent) == string(templateContent) {
|
|
cli.Print(" %s %s %s\n",
|
|
dimStyle.Render("-"),
|
|
repoNameStyle.Render(repo.Name),
|
|
dimStyle.Render(i18n.T("cmd.dev.workflow.up_to_date")))
|
|
skipped++
|
|
continue
|
|
}
|
|
}
|
|
|
|
if dryRun {
|
|
cli.Print(" %s %s %s\n",
|
|
warningStyle.Render("*"),
|
|
repoNameStyle.Render(repo.Name),
|
|
i18n.T("cmd.dev.workflow.would_sync"))
|
|
synced++
|
|
continue
|
|
}
|
|
|
|
// Create .github/workflows directory if needed
|
|
if err := os.MkdirAll(destDir, 0755); err != nil {
|
|
cli.Print(" %s %s %s\n",
|
|
errorStyle.Render(cli.Glyph(":cross:")),
|
|
repoNameStyle.Render(repo.Name),
|
|
err.Error())
|
|
failed++
|
|
continue
|
|
}
|
|
|
|
// Write workflow file
|
|
if err := os.WriteFile(destPath, templateContent, 0644); err != nil {
|
|
cli.Print(" %s %s %s\n",
|
|
errorStyle.Render(cli.Glyph(":cross:")),
|
|
repoNameStyle.Render(repo.Name),
|
|
err.Error())
|
|
failed++
|
|
continue
|
|
}
|
|
|
|
cli.Print(" %s %s %s\n",
|
|
successStyle.Render(cli.Glyph(":check:")),
|
|
repoNameStyle.Render(repo.Name),
|
|
i18n.T("cmd.dev.workflow.synced"))
|
|
synced++
|
|
}
|
|
|
|
cli.Blank()
|
|
|
|
// Summary
|
|
if dryRun {
|
|
cli.Print("%s %s\n",
|
|
i18n.T("cmd.dev.workflow.would_sync_count", map[string]interface{}{"Count": synced}),
|
|
dimStyle.Render(i18n.T("cmd.dev.workflow.skipped_count", map[string]interface{}{"Count": skipped})))
|
|
cli.Text(i18n.T("cmd.dev.workflow.run_without_dry_run"))
|
|
} else {
|
|
cli.Print("%s %s\n",
|
|
successStyle.Render(i18n.T("cmd.dev.workflow.synced_count", map[string]interface{}{"Count": synced})),
|
|
dimStyle.Render(i18n.T("cmd.dev.workflow.skipped_count", map[string]interface{}{"Count": skipped})))
|
|
if failed > 0 {
|
|
cli.Print("%s\n", errorStyle.Render(i18n.T("cmd.dev.workflow.failed_count", map[string]interface{}{"Count": failed})))
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// findWorkflows returns a list of workflow file names in a directory.
|
|
func findWorkflows(dir string) []string {
|
|
workflowsDir := filepath.Join(dir, ".github", "workflows")
|
|
// If dir already ends with workflows path, use it directly
|
|
if strings.HasSuffix(dir, "workflows") || strings.HasSuffix(dir, "workflow-templates") {
|
|
workflowsDir = dir
|
|
}
|
|
|
|
entries, err := os.ReadDir(workflowsDir)
|
|
if err != nil {
|
|
return nil
|
|
}
|
|
|
|
var workflows []string
|
|
for _, entry := range entries {
|
|
if entry.IsDir() {
|
|
continue
|
|
}
|
|
name := entry.Name()
|
|
if strings.HasSuffix(name, ".yml") || strings.HasSuffix(name, ".yaml") {
|
|
workflows = append(workflows, name)
|
|
}
|
|
}
|
|
|
|
return workflows
|
|
}
|
|
|
|
// findTemplateWorkflow finds a workflow template file in common locations.
|
|
func findTemplateWorkflow(registryDir, workflowFile string) string {
|
|
// Ensure .yml extension
|
|
if !strings.HasSuffix(workflowFile, ".yml") && !strings.HasSuffix(workflowFile, ".yaml") {
|
|
workflowFile = workflowFile + ".yml"
|
|
}
|
|
|
|
// Check common template locations
|
|
candidates := []string{
|
|
filepath.Join(registryDir, ".github", "workflow-templates", workflowFile),
|
|
filepath.Join(registryDir, ".github", "workflows", workflowFile),
|
|
filepath.Join(registryDir, "workflow-templates", workflowFile),
|
|
}
|
|
|
|
for _, candidate := range candidates {
|
|
if _, err := os.Stat(candidate); err == nil {
|
|
return candidate
|
|
}
|
|
}
|
|
|
|
return ""
|
|
}
|