@ethicdevs/gitfoss | Show object: 5ee3aff0423dc07b569b07f8b87848185badb1ff ∙ GitFOSS
feat(ssh_command): yay, works
+ 9
- 8
packages/gitfoss-ssh-command/src/ssh-command.cr
@@ -17,11 +17,12 @@ require "./fetch"
 
 # ---------- Config ----------
 MAX_PACK_BYTES = 50 * 1024 * 1024  # 50 MiB
-CHUNK_SIZE = 64 * 1024             # 64 KiB
-OVERLAP = 4096                     # 4 KiB overlap
-MAX_MATCHES = 500
-LOG_FILE = "/var/log/gitfoss/git_ssh.log"
+CHUNK_SIZE     = 64 * 1024         # 64 KiB
+OVERLAP        = 4096              # 4 KiB overlap
+MAX_MATCHES    = 500               # maximum number of secrets to find in a pack
+LOG_FILE       = "/var/log/gitfoss/git_ssh.log"
 
+# regex patterns for secrets to scan for
 PATTERNS = [
   /AKIA[0-9A-Z]{16}/,
   /AIza[0-9A-Za-z\-_]{35}/,

...
@@ -30,7 +31,7 @@ PATTERNS = [
 ]
 
 # prefix
-SIDEBAND_PREFIX = "0008" + "\x02"
+SIDEBAND_PREFIX     = "0008" + "\x02"
 SIDEBAND_ERR_PREFIX = "0008" + "\x03"
 
 # ---------- Helpers ----------

...
@@ -252,7 +253,7 @@ write_to_file("mode: #{mode.to_s}\n")
 
 # For upload (fetch/pull), just exec the original command (auth already done).
 if mode == :upload
-  exec_replace(["/bin/sh", "-c", SSH_ORIGINAL_COMMAND.split(" ")[0]], repoDir)
+  exec_replace(["/bin/sh", "-c", SSH_ORIGINAL_COMMAND], repoDir.gsub("#{info[:org]}/#{info[:repo]}.git", ""))
 end
 
 # ---------- From here: mode == :receive (push) ----------

...
@@ -477,4 +478,4 @@ end
 
 FileUtils.rm_rf(tmpdir) rescue nil
 sideband_println("No secrets detected; allowing push")
-exec_replace(["/bin/sh", "-c", SSH_ORIGINAL_COMMAND])
+exec_replace(["/bin/sh", "-c", SSH_ORIGINAL_COMMAND], repoDir.gsub("#{info[:org]}/#{info[:repo]}.git", ""))

scripts/docker-build-scp-deploy.sh
@@ -54,7 +54,7 @@ function build_and_deploy() {
   }
   echo -e ""
   {
-  echo -e "[..] ssh ${remote_ssh_user}@${remote_ssh_host} -p ${remote_ssh_port}\"docker load -i ${docker_image_name}.tar\""
+  echo -e "[..] ssh ${remote_ssh_user}@${remote_ssh_host} -p ${remote_ssh_port} \"docker load -i ${docker_image_name}.tar\""
   ssh \
     ${remote_ssh_user}@${remote_ssh_host} -p ${remote_ssh_port} \
     "docker load -i ${remote_dest_path}/${docker_image_name}.tar"