From cc088a7b64d8bf0fc827a5df619f875367b9fffa Mon Sep 17 00:00:00 2001 From: Lucas Di Pentima Date: Fri, 19 Feb 2021 12:48:32 -0300 Subject: [PATCH] 17295: Adds cluster ID validation on the config file. Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima --- lib/config/export_test.go | 2 +- lib/config/load.go | 22 ++++++++++++++++++++++ lib/config/load_test.go | 2 +- 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/lib/config/export_test.go b/lib/config/export_test.go index 7af117e385..f11b65f452 100644 --- a/lib/config/export_test.go +++ b/lib/config/export_test.go @@ -17,7 +17,7 @@ var _ = check.Suite(&ExportSuite{}) type ExportSuite struct{} func (s *ExportSuite) TestExport(c *check.C) { - confdata := strings.Replace(string(DefaultYAML), "SAMPLE", "testkey", -1) + confdata := strings.Replace(string(DefaultYAML), "SAMPLE", "12345", -1) cfg, err := testLoader(c, confdata, nil).Load() c.Assert(err, check.IsNil) cluster, err := cfg.GetCluster("xxxxx") diff --git a/lib/config/load.go b/lib/config/load.go index 7eb4039100..f682359379 100644 --- a/lib/config/load.go +++ b/lib/config/load.go @@ -270,7 +270,18 @@ func (ldr *Loader) Load() (*arvados.Config, error) { // Check for known mistakes for id, cc := range cfg.Clusters { + for remote, _ := range cc.RemoteClusters { + if remote == "*" || remote == "SAMPLE" { + continue + } + err = ldr.checkClusterID(fmt.Sprintf("Clusters.%s.RemoteClusters.%s", id, remote), remote, true) + if err != nil { + return nil, err + } + } for _, err = range []error{ + ldr.checkClusterID(fmt.Sprintf("Clusters.%s", id), id, false), + ldr.checkClusterID(fmt.Sprintf("Clusters.%s.Login.LoginCluster", id), cc.Login.LoginCluster, true), ldr.checkToken(fmt.Sprintf("Clusters.%s.ManagementToken", id), cc.ManagementToken), ldr.checkToken(fmt.Sprintf("Clusters.%s.SystemRootToken", id), cc.SystemRootToken), ldr.checkToken(fmt.Sprintf("Clusters.%s.Collections.BlobSigningKey", id), cc.Collections.BlobSigningKey), @@ -286,6 +297,17 @@ func (ldr *Loader) Load() (*arvados.Config, error) { return &cfg, nil } +var acceptableClusterIDRe = regexp.MustCompile(`^[a-z0-9]{5}$`) + +func (ldr *Loader) checkClusterID(label, clusterID string, emptyStringOk bool) error { + if emptyStringOk && clusterID == "" { + return nil + } else if !acceptableClusterIDRe.MatchString(clusterID) { + return fmt.Errorf("%s: cluster ID should be 5 alphanumeric characters", label) + } + return nil +} + var acceptableTokenRe = regexp.MustCompile(`^[a-zA-Z0-9]+$`) var acceptableTokenLength = 32 diff --git a/lib/config/load_test.go b/lib/config/load_test.go index 4cdebf62bc..91bd6a7439 100644 --- a/lib/config/load_test.go +++ b/lib/config/load_test.go @@ -351,7 +351,7 @@ Clusters: Proxy: true `, ` Clusters: - abcdef: + abcde: ManagementToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa SystemRootToken: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa Collections: -- 2.30.2