Use git repo config to identify SyncSet

Using a constant for identifying sync sets means that if more than one fluxd is running in a cluster, they will garbage collect each other's resources. We want to be able to delimit which resources are _this_ fluxd's responsibility. Using the git config, including the branch and paths, means fluxd will only garbage collect files that are in the bit of the repo it is applying. That assumes no other fluxd is looking at (exactly) the same directories in the same git URL -- which is a fair assumption, since that would obviously be a bad config and cause problems, even without considering garbage collection.
fluxcd · Feb 26, 2019 · 93bccbf · 93bccbf
1 parent 145fabe
commit 93bccbf
Show file tree

Hide file tree

Showing 5 changed files with 71 additions and 6 deletions.
diff --git a/Gopkg.lock b/Gopkg.lock
diff --git a/daemon/loop.go b/daemon/loop.go
@@ -2,6 +2,8 @@ package daemon
 
 import (
 	"context"
+	"crypto/sha256"
+	"encoding/base64"
 	"fmt"
 	"strings"
 	"sync"
@@ -23,7 +25,6 @@ import (
 const (
 	// Timeout for git operations we're prepared to abandon
 	gitOpTimeout = 15 * time.Second
-	syncSetName  = "git"
 )
 
 type LoopVars struct {
@@ -162,6 +163,9 @@ func (d *Daemon) doSync(logger log.Logger, lastKnownSyncTagRev *string, warnedAb
 			fluxmetrics.LabelSuccess, fmt.Sprint(retErr == nil),
 		).Observe(time.Since(started).Seconds())
 	}()
+
+	syncSetName := makeSyncLabel(d.Repo.Origin(), d.GitConfig)
+
 	// We don't care how long this takes overall, only about not
 	// getting bogged down in certain operations, so use an
 	// undeadlined context in general.
@@ -450,3 +454,16 @@ func isUnknownRevision(err error) bool {
 		(strings.Contains(err.Error(), "unknown revision or path not in the working tree.") ||
 			strings.Contains(err.Error(), "bad revision"))
 }
+
+func makeSyncLabel(remote git.Remote, conf git.Config) string {
+	urlbit := remote.SafeURL()
+	pathshash := sha256.New()
+	pathshash.Write([]byte(urlbit))
+	pathshash.Write([]byte(conf.Branch))
+	for _, path := range conf.Paths {
+		pathshash.Write([]byte(path))
+	}
+	// the prefix is in part to make sure it's a valid (Kubernetes)
+	// label value -- a modest abstraction leak
+	return "git-" + base64.RawURLEncoding.EncodeToString(pathshash.Sum(nil))
+}
diff --git a/git/repo.go b/git/repo.go
@@ -44,11 +44,6 @@ const (
 	RepoReady    GitRepoStatus = "ready"        // has been written to, so ready to sync
 )
 
-// Remote points at a git repo somewhere.
-type Remote struct {
-	URL string // clone from here
-}
-
 type Repo struct {
 	// As supplied to constructor
 	origin   Remote

diff --git a/git/url.go b/git/url.go
@@ -0,0 +1,24 @@
+package git
+
+import (
+	"fmt"
+	"net/url"
+
+	"github.com/whilp/git-urls"
+)
+
+// Remote points at a git repo somewhere.
+type Remote struct {
+	URL string // clone from here
+}
+
+func (r Remote) SafeURL() string {
+	u, err := giturls.Parse(r.URL)
+	if err != nil {
+		return fmt.Sprintf("<unparseable: %s>", r.URL)
+	}
+	if u.User != nil {
+		u.User = url.User(u.User.Username())
+	}
+	return u.String()
+}
diff --git a/git/url_test.go b/git/url_test.go
@@ -0,0 +1,20 @@
+package git
+
+import (
+	"strings"
+	"testing"
+)
+
+func TestSafeURL(t *testing.T) {
+	const password = "abc123"
+	for _, url := range []string{
+		"git@github.com:weaveworks/flux",
+		"https://user@example.com:5050/repo.git",
+		"https://user:" + password + "@example.com:5050/repo.git",
+	} {
+		u := Remote{url}
+		if strings.Contains(u.SafeURL(), password) {
+			t.Errorf("Safe URL for %s contains password %q", url, password)
+		}
+	}
+}