Checks remote source is compliant

Signed-off-by: gabriel-farache <gfarache@redhat.com>

internal/common/constants.go

@@ -65,6 +65,8 @@ var (
 	AuthServerClient gocloak.GoCloak
 	// ID_REGEXP is the regexp used to check if a Id is valid
 	ID_REGEXP = regexp.MustCompile("^[a-zA-Z0-9-_]+$")
+	// REMOTE_SOURCE_REGEXP is the regexp used to check if a remote source is valid
+	REMOTE_SOURCE_REGEXP = regexp.MustCompile(`^git\+(https|ssh)://[a-zA-Z0-9]+([\-\.]{1}[a-zA-Z0-9]+)*\.[a-zA-Z]{2,5}(:[0-9]{1,5})?(\/.*)?$`)
 	// INVALID_NAME_CHARS_REGEXP is the regexp used to replace invalid name characters with hyphen
 	INVALID_NAME_CHARS_REGEXP = regexp.MustCompile("[^a-z0-9-]")
 	// AUTHZ_HEADER is the authorization header

internal/common/utils.go

@@ -123,6 +123,11 @@ func IsValidId(id string) bool {
 	return ID_REGEXP.MatchString(id)
 }
 
+// IsRemoteSource returns true if the provided remoteSource is valid
+func IsRemoteSource(remoteSource string) bool {
+	return REMOTE_SOURCE_REGEXP.MatchString(remoteSource)
+}
+
 // IsStringPresent checks if a value is present in a slice
 func IsStringPresent(list []string, value string) bool {
 	for _, val := range list {

internal/move2kubeapi/handlers/plan.go

@@ -39,8 +39,13 @@ func HandleStartPlanning(w http.ResponseWriter, r *http.Request) {
 		sendErrorJSON(w, "invalid id", http.StatusBadRequest)
 		return
 	}
-	debugMode := r.URL.Query().Get(DEBUG_QUERY_PARAM) == "true"
 	remoteSource := r.URL.Query().Get(REMOTE_SOURCE_QUERY_PARAM)
+	if remoteSource != "" && !common.IsRemoteSource(remoteSource) {
+		logrus.Errorf("invalid remote source format; not matching regexp %s. Actual: %s", common.REMOTE_SOURCE_REGEXP, remoteSource)
+		sendErrorJSON(w, "invalid remote source format", http.StatusBadRequest)
+		return
+	}
+	debugMode := r.URL.Query().Get(DEBUG_QUERY_PARAM) == "true"
 	if err := m2kFS.StartPlanning(workspaceId, projectId, remoteSource, debugMode); err != nil {
 		logrus.Errorf("failed to start plan generation. Error: %q", err)
 		if _, ok := err.(types.ErrorDoesNotExist); ok {