gitdata.ai/gitks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(server): replace custom remote clients with macro-based implementation

Browse Source 
- Replaced manual remote client functions with remote_client! macro for archive, blame, branch, commit, and diff services
- Simplified remote client creation logic using declarative macro approach
- Maintained same functionality while reducing code duplication across services

security(bare): enhance path traversal protection with comprehensive validation

- Added early relative_path validation to prevent path traversal attacks
- Implemented unified path validation to avoid TOCTOU race conditions
- Enhanced canonicalization checks for both existing and non-existent paths
- Added detailed logging for path traversal detection attempts

feat(cache): migrate from CLruCache to Moka with TTL and invalidation support

- Replaced clru dependency with moka for improved caching capabilities
- Added 300-second time-to-live for cache entries
- Implemented repository-specific cache invalidation mechanism
- Enhanced cache operations with thread-safe async support

refactor(commit): improve security validation for commit operations

- Added ref name validation to prevent command injection in cherry_pick_commit
- Implemented revision validation for commit selectors
- Added comprehensive input validation for create_commit parameters
- Enhanced file path validation to prevent traversal
This commit is contained in:
zhenyi
2026-06-08 09:43:57 +08:00
parent 8c95eb230d
commit d243dce027
60 changed files with 1746 additions and 561 deletions
Download Patch File Download Diff File Expand all files Collapse all files
actor/handler.rs
+109 -44
View File
@@ -1,9 +1,11 @@
use std::collections::HashMap;
use crate::actor::message::{
GitNodeMessage, NodeHealth, ROLE_PRIMARY, ROLE_REPLICA, RefUpdateEvent, RouteDecision,
};
use crate::server::GitksService;
use async_trait::async_trait;
use ractor::pg;
use ractor::{Actor, ActorProcessingErr, ActorRef, SupervisionEvent};
use crate::actor::message::{GitNodeMessage, NodeHealth, RefUpdateEvent, RouteDecision, ROLE_PRIMARY, ROLE_REPLICA};
use crate::server::GitksService;
use std::collections::HashMap;
#[derive(Clone)]
pub struct GitNodeActor {
@@ -50,7 +52,11 @@ impl Actor for GitNodeActor {
) -> Result<Self::State, ActorProcessingErr> {
let actor_name = format!("git_node_{}", args.storage_name);
pg::join("gitks_nodes".to_string(), vec![myself.get_cell()]);
pg::join_scoped(args.storage_name.clone(), "node".to_string(), vec![myself.get_cell()]);
pg::join_scoped(
args.storage_name.clone(),
"node".to_string(),
vec![myself.get_cell()],
);
tracing::info!(storage_name = %args.storage_name, actor_name = %actor_name, grpc_addr = %args.grpc_addr, "GitNodeActor started");
Ok(GitNodeState {
storage_name: args.storage_name,
@@ -90,43 +96,60 @@ impl Actor for GitNodeActor {
}
GitNodeMessage::RefUpdated(event) => {
if let Some(entry) = state.repos.get(&event.relative_path) {
if entry.role == ROLE_REPLICA {
let local_path = self.service.repo_prefix.join(&event.relative_path);
crate::actor::sync::sync_from_primary(event, local_path).await;
}
if let Some(entry) = state.repos.get(&event.relative_path)
&& entry.role == ROLE_REPLICA
{
let local_path = self.service.repo_prefix.join(&event.relative_path);
crate::actor::sync::sync_from_primary(event, local_path).await;
}
}
GitNodeMessage::FindPrimary(header, reply) => {
let entry = state.repos.get(&header.relative_path);
let is_primary = entry.is_some_and(|e| e.role == ROLE_PRIMARY);
reply.send(build_decision(state, &header, is_primary, entry.map(|e| e.role.as_str()))).ok();
reply
.send(build_decision(
state,
&header,
is_primary,
entry.map(|e| e.role.as_str()),
))
.ok();
}
GitNodeMessage::FindReplica(header, reply) => {
let entry = state.repos.get(&header.relative_path);
let has = entry.is_some();
reply.send(build_decision(state, &header, has, entry.map(|e| e.role.as_str()))).ok();
reply
.send(build_decision(
state,
&header,
has,
entry.map(|e| e.role.as_str()),
))
.ok();
}
GitNodeMessage::ListRepositoryPaths(reply) => {
let paths: Vec<String> = state.repos.keys().cloned().collect();
reply.send(paths.join("\n")).ok();
}
GitNodeMessage::RepositoryExists(header, reply) => {
reply.send(state.repos.contains_key(&header.relative_path)).ok();
reply
.send(state.repos.contains_key(&header.relative_path))
.ok();
}
GitNodeMessage::GetNodeHealth(reply) => {
reply.send(NodeHealth {
storage_name: state.storage_name.clone(),
repo_count: state.repos.len() as u64,
healthy: true,
version: self.version.clone(),
}).ok();
reply
.send(NodeHealth {
storage_name: state.storage_name.clone(),
repo_count: state.repos.len() as u64,
healthy: true,
version: self.version.clone(),
})
.ok();
}
}
Ok(())
@@ -139,14 +162,18 @@ impl Actor for GitNodeActor {
_state: &mut Self::State,
) -> Result<(), ActorProcessingErr> {
match evt {
SupervisionEvent::ActorStarted(who) => tracing::debug!(actor = ?who.get_id(), "child started"),
SupervisionEvent::ActorStarted(who) => {
tracing::debug!(actor = ?who.get_id(), "child started")
}
SupervisionEvent::ActorTerminated(who, _, reason) => {
tracing::warn!(actor = ?who.get_id(), reason = ?reason, "child terminated")
}
SupervisionEvent::ActorFailed(who, panic_msg) => {
tracing::error!(actor = ?who.get_id(), msg = %panic_msg, "child panicked")
}
SupervisionEvent::ProcessGroupChanged(group) => tracing::info!(group = ?group, "PG membership changed"),
SupervisionEvent::ProcessGroupChanged(group) => {
tracing::info!(group = ?group, "PG membership changed")
}
_ => {}
}
Ok(())
@@ -162,48 +189,83 @@ impl Actor for GitNodeActor {
}
}
fn build_decision(state: &GitNodeState, header: &crate::pb::RepositoryHeader, found: bool, role: Option<&str>) -> RouteDecision {
fn build_decision(
state: &GitNodeState,
header: &crate::pb::RepositoryHeader,
found: bool,
role: Option<&str>,
) -> RouteDecision {
RouteDecision {
found,
storage_name: if found { state.storage_name.clone() } else { String::new() },
storage_name: if found {
state.storage_name.clone()
} else {
String::new()
},
relative_path: header.relative_path.clone(),
actor_name: if found { state.actor_name.clone() } else { String::new() },
grpc_addr: if found { state.grpc_addr.clone() } else { String::new() },
actor_name: if found {
state.actor_name.clone()
} else {
String::new()
},
grpc_addr: if found {
state.grpc_addr.clone()
} else {
String::new()
},
role: role.unwrap_or("").to_string(),
}
}
fn register_repo(myself: &ActorRef<GitNodeMessage>, state: &mut GitNodeState, relative_path: String) {
fn register_repo(
myself: &ActorRef<GitNodeMessage>,
state: &mut GitNodeState,
relative_path: String,
) {
if state.repos.contains_key(&relative_path) {
return;
}
let role = if is_path_registered_elsewhere(&state.storage_name, &relative_path) {
// Determine role based on cluster state
// For simplicity and correctness, we use a conservative approach:
// If there are other nodes in the cluster, register as replica initially.
// The route_repository logic will determine the actual primary at query time.
let members = ractor::pg::get_members(&"gitks_nodes".to_string());
let my_cell = myself.get_cell();
let other_nodes_exist = members.iter().any(|m| m != &my_cell);
let role = if other_nodes_exist {
// Conservative: assume another node might be primary
// The actual primary will be determined by route_repository query
ROLE_REPLICA.to_string()
} else {
// We're the only node, so we're primary
ROLE_PRIMARY.to_string()
};
let category = extract_category(&relative_path);
pg::join_scoped(state.storage_name.clone(), category.to_string(), vec![myself.get_cell()]);
state.repos.insert(relative_path.clone(), RepoEntry {
role: role.clone(),
last_commit: String::new(),
});
pg::join_scoped(
state.storage_name.clone(),
category.to_string(),
vec![myself.get_cell()],
);
state.repos.insert(
relative_path.clone(),
RepoEntry {
role: role.clone(),
last_commit: String::new(),
},
);
tracing::info!(
storage_name = %state.storage_name,
category = %category,
relative_path = %relative_path,
actor_name = %state.actor_name,
role = %role,
"repository route registered"
"repository route registered (role will be refined at query time)"
);
}
fn is_path_registered_elsewhere(_storage_name: &str, _relative_path: &str) -> bool {
false
}
fn extract_category(relative_path: &str) -> &str {
relative_path.split('/').next().unwrap_or("root")
}
@@ -217,8 +279,12 @@ pub async fn start_node_actor(
let (actor_ref, handle) = Actor::spawn(
Some(format!("git_node_{storage_name}")),
actor,
GitNodeArgs { storage_name, grpc_addr },
).await?;
GitNodeArgs {
storage_name,
grpc_addr,
},
)
.await?;
actor_ref.cast(GitNodeMessage::ScanAndRegister).ok();
Ok((actor_ref, handle))
}
@@ -239,13 +305,12 @@ pub fn list_all_groups() -> Vec<String> {
pg::which_groups()
}
pub fn broadcast_ref_update(
_node_actor: &ActorRef<GitNodeMessage>,
event: RefUpdateEvent,
) {
pub fn broadcast_ref_update(_node_actor: &ActorRef<GitNodeMessage>, event: RefUpdateEvent) {
let members = ractor::pg::get_members(&"gitks_nodes".to_string());
for member in members {
let actor_ref: ActorRef<GitNodeMessage> = member.into();
actor_ref.cast(GitNodeMessage::RefUpdated(event.clone())).ok();
actor_ref
.cast(GitNodeMessage::RefUpdated(event.clone()))
.ok();
}
}