1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-18 11:30:55 +01:00

Write a basic SSH pull log for Git

Summary: Ref T11766. When users run `git pull` or similar, log the operation in the pull log.

Test Plan: Performed SSH pulls, got a log in the database. Today, this event log is purely diagnostic and has no UI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11766

Differential Revision: https://secure.phabricator.com/D16738
This commit is contained in:
epriestley 2016-10-20 09:47:47 -07:00
parent c3644216bf
commit 272046ae77
3 changed files with 53 additions and 5 deletions

View file

@ -19,8 +19,9 @@ final class DiffusionGitUploadPackSSHWorkflow extends DiffusionGitSSHWorkflow {
$device = AlmanacKeys::getLiveDevice();
$skip_sync = $this->shouldSkipReadSynchronization();
$is_proxy = $this->shouldProxy();
if ($this->shouldProxy()) {
if ($is_proxy) {
$command = $this->getProxyCommand();
if ($device) {
@ -48,6 +49,8 @@ final class DiffusionGitUploadPackSSHWorkflow extends DiffusionGitSSHWorkflow {
}
$command = PhabricatorDaemon::sudoCommandAsDaemonUser($command);
$pull_event = $this->newPullEvent();
$future = id(new ExecFuture('%C', $command))
->setEnv($this->getEnvironment());
@ -56,6 +59,26 @@ final class DiffusionGitUploadPackSSHWorkflow extends DiffusionGitSSHWorkflow {
->setCommandChannelFromExecFuture($future)
->execute();
if ($err) {
$pull_event
->setResultType('error')
->setResultCode($err);
} else {
$pull_event
->setResultType('pull')
->setResultCode(0);
}
// TODO: Currently, when proxying, we do not write a log on the proxy.
// Perhaps we should write a "proxy log". This is not very useful for
// statistics or auditing, but could be useful for diagnostics. Marking
// the proxy logs as proxied (and recording devicePHID on all logs) would
// make differentiating between these use cases easier.
if (!$is_proxy) {
$pull_event->save();
}
if (!$err) {
$this->waitForGitClient();
}

View file

@ -30,10 +30,8 @@ abstract class DiffusionSSHWorkflow extends PhabricatorSSHWorkflow {
DiffusionCommitHookEngine::ENV_REMOTE_PROTOCOL => 'ssh',
);
$ssh_client = getenv('SSH_CLIENT');
if ($ssh_client) {
// This has the format "<ip> <remote-port> <local-port>". Grab the IP.
$remote_address = head(explode(' ', $ssh_client));
$remote_address = $this->getSSHRemoteAddress();
if ($remote_address !== null) {
$env[DiffusionCommitHookEngine::ENV_REMOTE_ADDRESS] = $remote_address;
}
@ -259,5 +257,17 @@ abstract class DiffusionSSHWorkflow extends PhabricatorSSHWorkflow {
return false;
}
protected function newPullEvent() {
$viewer = $this->getViewer();
$repository = $this->getRepository();
$remote_address = $this->getSSHRemoteAddress();
return id(new PhabricatorRepositoryPullEvent())
->setEpoch(PhabricatorTime::getNow())
->setRemoteAddress($remote_address)
->setRemoteProtocol('ssh')
->setPullerPHID($viewer->getPHID())
->setRepositoryPHID($repository->getPHID());
}
}

View file

@ -83,4 +83,19 @@ abstract class PhabricatorSSHWorkflow extends PhabricatorManagementWorkflow {
return $this->originalArguments;
}
public function getSSHRemoteAddress() {
$ssh_client = getenv('SSH_CLIENT');
if (!strlen($ssh_client)) {
return null;
}
// TODO: When commands are proxied, the original remote address should
// also be proxied.
// This has the format "<ip> <remote-port> <local-port>". Grab the IP.
$remote_address = head(explode(' ', $ssh_client));
return $remote_address;
}
}