mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-18 11:30:55 +01:00
Write a basic SSH pull log for Git
Summary: Ref T11766. When users run `git pull` or similar, log the operation in the pull log. Test Plan: Performed SSH pulls, got a log in the database. Today, this event log is purely diagnostic and has no UI. Reviewers: chad Reviewed By: chad Maniphest Tasks: T11766 Differential Revision: https://secure.phabricator.com/D16738
This commit is contained in:
parent
c3644216bf
commit
272046ae77
3 changed files with 53 additions and 5 deletions
|
@ -19,8 +19,9 @@ final class DiffusionGitUploadPackSSHWorkflow extends DiffusionGitSSHWorkflow {
|
|||
$device = AlmanacKeys::getLiveDevice();
|
||||
|
||||
$skip_sync = $this->shouldSkipReadSynchronization();
|
||||
$is_proxy = $this->shouldProxy();
|
||||
|
||||
if ($this->shouldProxy()) {
|
||||
if ($is_proxy) {
|
||||
$command = $this->getProxyCommand();
|
||||
|
||||
if ($device) {
|
||||
|
@ -48,6 +49,8 @@ final class DiffusionGitUploadPackSSHWorkflow extends DiffusionGitSSHWorkflow {
|
|||
}
|
||||
$command = PhabricatorDaemon::sudoCommandAsDaemonUser($command);
|
||||
|
||||
$pull_event = $this->newPullEvent();
|
||||
|
||||
$future = id(new ExecFuture('%C', $command))
|
||||
->setEnv($this->getEnvironment());
|
||||
|
||||
|
@ -56,6 +59,26 @@ final class DiffusionGitUploadPackSSHWorkflow extends DiffusionGitSSHWorkflow {
|
|||
->setCommandChannelFromExecFuture($future)
|
||||
->execute();
|
||||
|
||||
if ($err) {
|
||||
$pull_event
|
||||
->setResultType('error')
|
||||
->setResultCode($err);
|
||||
} else {
|
||||
$pull_event
|
||||
->setResultType('pull')
|
||||
->setResultCode(0);
|
||||
}
|
||||
|
||||
// TODO: Currently, when proxying, we do not write a log on the proxy.
|
||||
// Perhaps we should write a "proxy log". This is not very useful for
|
||||
// statistics or auditing, but could be useful for diagnostics. Marking
|
||||
// the proxy logs as proxied (and recording devicePHID on all logs) would
|
||||
// make differentiating between these use cases easier.
|
||||
|
||||
if (!$is_proxy) {
|
||||
$pull_event->save();
|
||||
}
|
||||
|
||||
if (!$err) {
|
||||
$this->waitForGitClient();
|
||||
}
|
||||
|
|
|
@ -30,10 +30,8 @@ abstract class DiffusionSSHWorkflow extends PhabricatorSSHWorkflow {
|
|||
DiffusionCommitHookEngine::ENV_REMOTE_PROTOCOL => 'ssh',
|
||||
);
|
||||
|
||||
$ssh_client = getenv('SSH_CLIENT');
|
||||
if ($ssh_client) {
|
||||
// This has the format "<ip> <remote-port> <local-port>". Grab the IP.
|
||||
$remote_address = head(explode(' ', $ssh_client));
|
||||
$remote_address = $this->getSSHRemoteAddress();
|
||||
if ($remote_address !== null) {
|
||||
$env[DiffusionCommitHookEngine::ENV_REMOTE_ADDRESS] = $remote_address;
|
||||
}
|
||||
|
||||
|
@ -259,5 +257,17 @@ abstract class DiffusionSSHWorkflow extends PhabricatorSSHWorkflow {
|
|||
return false;
|
||||
}
|
||||
|
||||
protected function newPullEvent() {
|
||||
$viewer = $this->getViewer();
|
||||
$repository = $this->getRepository();
|
||||
$remote_address = $this->getSSHRemoteAddress();
|
||||
|
||||
return id(new PhabricatorRepositoryPullEvent())
|
||||
->setEpoch(PhabricatorTime::getNow())
|
||||
->setRemoteAddress($remote_address)
|
||||
->setRemoteProtocol('ssh')
|
||||
->setPullerPHID($viewer->getPHID())
|
||||
->setRepositoryPHID($repository->getPHID());
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -83,4 +83,19 @@ abstract class PhabricatorSSHWorkflow extends PhabricatorManagementWorkflow {
|
|||
return $this->originalArguments;
|
||||
}
|
||||
|
||||
public function getSSHRemoteAddress() {
|
||||
$ssh_client = getenv('SSH_CLIENT');
|
||||
if (!strlen($ssh_client)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
// TODO: When commands are proxied, the original remote address should
|
||||
// also be proxied.
|
||||
|
||||
// This has the format "<ip> <remote-port> <local-port>". Grab the IP.
|
||||
$remote_address = head(explode(' ', $ssh_client));
|
||||
|
||||
return $remote_address;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue