2023-07-22 00:59:45 +01:00
|
|
|
package upload
|
|
|
|
|
|
|
|
import (
|
|
|
|
"archive/tar"
|
|
|
|
"compress/gzip"
|
2024-08-16 16:48:50 +01:00
|
|
|
"context"
|
2025-01-05 18:41:38 +00:00
|
|
|
"crypto/subtle"
|
|
|
|
"errors"
|
2023-07-22 00:59:45 +01:00
|
|
|
"fmt"
|
2024-08-16 16:48:50 +01:00
|
|
|
"github.com/1f349/bluebell/database"
|
2025-01-08 22:31:57 +00:00
|
|
|
"github.com/1f349/bluebell/hook"
|
2025-01-19 00:24:37 +00:00
|
|
|
"github.com/1f349/bluebell/logger"
|
2025-01-08 00:59:27 +00:00
|
|
|
"github.com/1f349/bluebell/validation"
|
2025-01-07 23:54:12 +00:00
|
|
|
"github.com/1f349/syncmap"
|
2024-08-16 16:48:50 +01:00
|
|
|
"github.com/dustin/go-humanize"
|
2023-07-22 00:59:45 +01:00
|
|
|
"github.com/julienschmidt/httprouter"
|
|
|
|
"github.com/spf13/afero"
|
|
|
|
"io"
|
2023-08-21 00:27:54 +01:00
|
|
|
"io/fs"
|
2023-07-22 00:59:45 +01:00
|
|
|
"net/http"
|
|
|
|
"path/filepath"
|
2025-01-05 18:41:38 +00:00
|
|
|
"slices"
|
2024-08-16 16:48:50 +01:00
|
|
|
"strings"
|
2025-01-07 23:54:12 +00:00
|
|
|
"sync"
|
2025-01-08 17:58:56 +00:00
|
|
|
"time"
|
2023-07-22 00:59:45 +01:00
|
|
|
)
|
|
|
|
|
2025-01-05 18:41:38 +00:00
|
|
|
var indexBranches = []string{
|
|
|
|
"main",
|
|
|
|
"master",
|
|
|
|
}
|
|
|
|
|
2025-01-08 17:52:23 +00:00
|
|
|
type uploadQueries interface {
|
2024-08-16 16:48:50 +01:00
|
|
|
GetSiteByDomain(ctx context.Context, domain string) (database.Site, error)
|
2025-01-08 17:58:56 +00:00
|
|
|
AddBranch(ctx context.Context, arg database.AddBranchParams) error
|
|
|
|
UpdateBranch(ctx context.Context, arg database.UpdateBranchParams) error
|
2023-07-22 00:59:45 +01:00
|
|
|
}
|
|
|
|
|
2025-01-08 22:31:57 +00:00
|
|
|
func New(storage afero.Fs, db uploadQueries, hook *hook.Hook) *Handler {
|
|
|
|
return &Handler{storageFs: storage, db: db, postHook: hook}
|
2024-08-16 16:48:50 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
const maxFileSize = 1 * humanize.GiByte
|
|
|
|
|
2023-07-22 00:59:45 +01:00
|
|
|
type Handler struct {
|
|
|
|
storageFs afero.Fs
|
2025-01-08 17:52:23 +00:00
|
|
|
db uploadQueries
|
2025-01-07 23:54:12 +00:00
|
|
|
mu syncmap.Map[string, *sync.Mutex]
|
2025-01-08 22:31:57 +00:00
|
|
|
postHook *hook.Hook
|
2023-07-22 00:59:45 +01:00
|
|
|
}
|
|
|
|
|
2025-01-05 18:41:38 +00:00
|
|
|
func (h *Handler) Handle(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {
|
|
|
|
site := params.ByName("site")
|
|
|
|
branch := params.ByName("branch")
|
2023-08-21 00:27:54 +01:00
|
|
|
|
2025-01-05 18:41:38 +00:00
|
|
|
siteConf, err := h.db.GetSiteByDomain(req.Context(), site)
|
2024-08-16 16:48:50 +01:00
|
|
|
if err != nil {
|
|
|
|
http.Error(rw, "", http.StatusNotFound)
|
2023-08-21 00:27:54 +01:00
|
|
|
return
|
|
|
|
}
|
2025-01-05 18:41:38 +00:00
|
|
|
token, ok := strings.CutPrefix(req.Header.Get("Authorization"), "Bearer ")
|
|
|
|
if !ok || subtle.ConstantTimeCompare([]byte(token), []byte(siteConf.Token)) == 0 {
|
2023-08-21 00:27:54 +01:00
|
|
|
http.Error(rw, "403 Forbidden", http.StatusForbidden)
|
|
|
|
return
|
|
|
|
}
|
2023-07-22 00:59:45 +01:00
|
|
|
|
|
|
|
fileData, fileHeader, err := req.FormFile("upload")
|
|
|
|
if err != nil {
|
|
|
|
http.Error(rw, "Missing file upload", http.StatusBadRequest)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2025-01-07 21:34:47 +00:00
|
|
|
// if file is bigger than maxFileSize
|
2024-08-16 16:48:50 +01:00
|
|
|
if fileHeader.Size > maxFileSize {
|
2025-01-05 18:41:38 +00:00
|
|
|
http.Error(rw, "File too big", http.StatusInsufficientStorage)
|
2023-07-22 00:59:45 +01:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
err = h.extractTarGzUpload(fileData, site, branch)
|
|
|
|
if err != nil {
|
|
|
|
http.Error(rw, fmt.Sprintf("Invalid upload: %s", err), http.StatusBadRequest)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
rw.WriteHeader(http.StatusAccepted)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (h *Handler) extractTarGzUpload(fileData io.Reader, site, branch string) error {
|
2025-01-08 00:59:27 +00:00
|
|
|
if !validation.IsValidSite(site) {
|
2025-01-07 23:51:31 +00:00
|
|
|
return fmt.Errorf("invalid site name: %s", site)
|
|
|
|
}
|
2025-01-08 00:59:27 +00:00
|
|
|
if !validation.IsValidBranch(branch) {
|
2025-01-07 23:51:31 +00:00
|
|
|
return fmt.Errorf("invalid branch name: %s", branch)
|
|
|
|
}
|
2025-01-05 18:41:38 +00:00
|
|
|
if slices.Contains(indexBranches, branch) {
|
|
|
|
branch = ""
|
|
|
|
}
|
2025-01-07 23:51:31 +00:00
|
|
|
|
|
|
|
_, err := h.db.GetSiteByDomain(context.Background(), site)
|
|
|
|
if err != nil {
|
2025-01-19 00:24:37 +00:00
|
|
|
return userSafeErrorf("invalid site: %w", err)
|
2025-01-07 23:51:31 +00:00
|
|
|
}
|
|
|
|
|
2025-01-07 23:54:12 +00:00
|
|
|
key := site + "@" + branch
|
|
|
|
|
|
|
|
// ensure upload mutex is locked
|
|
|
|
actual, _ := h.mu.LoadOrStore(key, new(sync.Mutex))
|
|
|
|
actual.Lock()
|
|
|
|
defer func() {
|
|
|
|
// The mutex is no longer used so delete it here to safe memory in a "lots of
|
|
|
|
// sites" configuration. Delete should happen first to prevent another upload
|
|
|
|
// reusing the mutex.
|
|
|
|
h.mu.Delete(key)
|
|
|
|
actual.Unlock()
|
|
|
|
}()
|
|
|
|
|
2025-01-05 18:41:38 +00:00
|
|
|
siteBranchPath := filepath.Join(site, "@"+branch)
|
2025-01-07 21:26:22 +00:00
|
|
|
siteBranchOldPath := filepath.Join(site, "old@"+branch)
|
2025-01-08 18:35:07 +00:00
|
|
|
siteBranchWorkPath := filepath.Join(site, "work@"+branch)
|
2025-01-05 18:41:38 +00:00
|
|
|
|
2025-01-07 21:18:37 +00:00
|
|
|
// try the new "old@[...]" and old "@[...].old" paths
|
2025-01-07 23:51:31 +00:00
|
|
|
err = h.storageFs.RemoveAll(siteBranchPath + ".old")
|
2025-01-05 18:41:38 +00:00
|
|
|
if err != nil && !errors.Is(err, fs.ErrNotExist) {
|
2025-01-19 00:24:37 +00:00
|
|
|
return userSafeErrorf("failed to remove old site branch %s: %w", siteBranchPath, err)
|
2025-01-05 18:41:38 +00:00
|
|
|
}
|
2025-01-07 21:26:22 +00:00
|
|
|
err = h.storageFs.RemoveAll(siteBranchOldPath)
|
2025-01-07 21:18:37 +00:00
|
|
|
if err != nil && !errors.Is(err, fs.ErrNotExist) {
|
2025-01-19 00:24:37 +00:00
|
|
|
return userSafeErrorf("failed to remove old site branch %s: %w", siteBranchPath, err)
|
2025-01-07 21:18:37 +00:00
|
|
|
}
|
2025-01-05 18:41:38 +00:00
|
|
|
|
2025-01-08 18:35:07 +00:00
|
|
|
err = h.storageFs.MkdirAll(siteBranchWorkPath, fs.ModePerm)
|
2023-08-21 00:27:54 +01:00
|
|
|
if err != nil {
|
2025-01-19 00:24:37 +00:00
|
|
|
return userSafeErrorf("failed to make site directory: %w", err)
|
2023-08-21 00:27:54 +01:00
|
|
|
}
|
2025-01-08 18:35:07 +00:00
|
|
|
branchFs := afero.NewBasePathFs(h.storageFs, siteBranchWorkPath)
|
2023-07-22 00:59:45 +01:00
|
|
|
|
|
|
|
// decompress gzip wrapper
|
|
|
|
gzipReader, err := gzip.NewReader(fileData)
|
|
|
|
if err != nil {
|
2025-01-19 00:24:37 +00:00
|
|
|
return userSafeErrorf("invalid gzip file: %w", err)
|
2023-07-22 00:59:45 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// parse tar encoding
|
|
|
|
tarReader := tar.NewReader(gzipReader)
|
|
|
|
for {
|
|
|
|
next, err := tarReader.Next()
|
|
|
|
if err == io.EOF {
|
2023-08-21 00:27:54 +01:00
|
|
|
// finished reading tar, exit now
|
2023-07-22 00:59:45 +01:00
|
|
|
break
|
|
|
|
}
|
|
|
|
if err != nil {
|
2025-01-19 00:24:37 +00:00
|
|
|
return userSafeErrorf("invalid tar archive: %w", err)
|
2023-07-22 00:59:45 +01:00
|
|
|
}
|
|
|
|
|
2023-08-21 00:27:54 +01:00
|
|
|
err = branchFs.MkdirAll(filepath.Dir(next.Name), fs.ModePerm)
|
2023-07-22 00:59:45 +01:00
|
|
|
if err != nil {
|
2025-01-19 00:24:37 +00:00
|
|
|
return userSafeErrorf("failed to make directory tree: %w", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if next.FileInfo().IsDir() {
|
|
|
|
continue
|
2023-07-22 00:59:45 +01:00
|
|
|
}
|
|
|
|
|
2023-08-21 00:27:54 +01:00
|
|
|
create, err := branchFs.Create(next.Name)
|
2023-07-22 00:59:45 +01:00
|
|
|
if err != nil {
|
2025-01-19 00:24:37 +00:00
|
|
|
return userSafeErrorf("failed to create output file: '%s': %w", next.Name, err)
|
2023-07-22 00:59:45 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
_, err = io.Copy(create, tarReader)
|
|
|
|
if err != nil {
|
2025-01-19 00:24:37 +00:00
|
|
|
return userSafeErrorf("failed to copy from archive to output file: '%s': %w", next.Name, err)
|
2023-07-22 00:59:45 +01:00
|
|
|
}
|
|
|
|
}
|
2025-01-08 17:58:56 +00:00
|
|
|
|
2025-01-08 22:31:57 +00:00
|
|
|
// call the post hook script
|
|
|
|
err = h.postHook.Run(site, branch)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2025-01-08 18:35:07 +00:00
|
|
|
// TODO(melon): I would love to use unix.Renameat2 but due to afero this will not work
|
|
|
|
|
|
|
|
err = h.storageFs.Rename(siteBranchPath, siteBranchOldPath)
|
|
|
|
if err != nil && !errors.Is(err, fs.ErrNotExist) {
|
2025-01-19 00:24:37 +00:00
|
|
|
return userSafeErrorf("failed to save an old copy of the site: %w", err)
|
2025-01-08 18:35:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
err = h.storageFs.Rename(siteBranchWorkPath, siteBranchPath)
|
|
|
|
if err != nil && !errors.Is(err, fs.ErrNotExist) {
|
2025-01-19 00:24:37 +00:00
|
|
|
return userSafeErrorf("failed to save an old copy of the site: %w", err)
|
2025-01-08 18:35:07 +00:00
|
|
|
}
|
|
|
|
|
2025-01-08 17:58:56 +00:00
|
|
|
n := time.Now().UTC()
|
|
|
|
|
|
|
|
err = h.db.AddBranch(context.Background(), database.AddBranchParams{
|
2025-01-08 19:58:17 +00:00
|
|
|
Branch: "@" + branch,
|
2025-01-08 17:58:56 +00:00
|
|
|
Domain: site,
|
|
|
|
LastUpdate: n,
|
|
|
|
Enable: true,
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
return h.db.UpdateBranch(context.Background(), database.UpdateBranchParams{
|
2025-01-08 19:58:17 +00:00
|
|
|
Branch: "@" + branch,
|
2025-01-08 17:58:56 +00:00
|
|
|
Domain: site,
|
|
|
|
LastUpdate: n,
|
|
|
|
})
|
|
|
|
}
|
2023-07-22 00:59:45 +01:00
|
|
|
return nil
|
|
|
|
}
|
2025-01-19 00:24:37 +00:00
|
|
|
|
|
|
|
func userSafeErrorf(format string, args ...any) error {
|
|
|
|
logger.Logger.Helper()
|
|
|
|
logger.Logger.Error(fmt.Errorf(format, args))
|
|
|
|
|
|
|
|
for i := range args {
|
|
|
|
if _, ok := args[i].(error); ok {
|
|
|
|
args[i] = "[Internal Server Error]"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return fmt.Errorf(format, args)
|
|
|
|
}
|