Page MenuHomePhabricator

D16738.id40305.diff
No OneTemporary

D16738.id40305.diff

diff --git a/src/applications/diffusion/ssh/DiffusionGitUploadPackSSHWorkflow.php b/src/applications/diffusion/ssh/DiffusionGitUploadPackSSHWorkflow.php
--- a/src/applications/diffusion/ssh/DiffusionGitUploadPackSSHWorkflow.php
+++ b/src/applications/diffusion/ssh/DiffusionGitUploadPackSSHWorkflow.php
@@ -19,8 +19,9 @@
$device = AlmanacKeys::getLiveDevice();
$skip_sync = $this->shouldSkipReadSynchronization();
+ $is_proxy = $this->shouldProxy();
- if ($this->shouldProxy()) {
+ if ($is_proxy) {
$command = $this->getProxyCommand();
if ($device) {
@@ -48,6 +49,8 @@
}
$command = PhabricatorDaemon::sudoCommandAsDaemonUser($command);
+ $pull_event = $this->newPullEvent();
+
$future = id(new ExecFuture('%C', $command))
->setEnv($this->getEnvironment());
@@ -56,6 +59,26 @@
->setCommandChannelFromExecFuture($future)
->execute();
+ if ($err) {
+ $pull_event
+ ->setResultType('error')
+ ->setResultCode($err);
+ } else {
+ $pull_event
+ ->setResultType('pull')
+ ->setResultCode(0);
+ }
+
+ // TODO: Currently, when proxying, we do not write a log on the proxy.
+ // Perhaps we should write a "proxy log". This is not very useful for
+ // statistics or auditing, but could be useful for diagnostics. Marking
+ // the proxy logs as proxied (and recording devicePHID on all logs) would
+ // make differentiating between these use cases easier.
+
+ if (!$is_proxy) {
+ $pull_event->save();
+ }
+
if (!$err) {
$this->waitForGitClient();
}
diff --git a/src/applications/diffusion/ssh/DiffusionSSHWorkflow.php b/src/applications/diffusion/ssh/DiffusionSSHWorkflow.php
--- a/src/applications/diffusion/ssh/DiffusionSSHWorkflow.php
+++ b/src/applications/diffusion/ssh/DiffusionSSHWorkflow.php
@@ -30,10 +30,8 @@
DiffusionCommitHookEngine::ENV_REMOTE_PROTOCOL => 'ssh',
);
- $ssh_client = getenv('SSH_CLIENT');
- if ($ssh_client) {
- // This has the format "<ip> <remote-port> <local-port>". Grab the IP.
- $remote_address = head(explode(' ', $ssh_client));
+ $remote_address = $this->getSSHRemoteAddress();
+ if ($remote_address !== null) {
$env[DiffusionCommitHookEngine::ENV_REMOTE_ADDRESS] = $remote_address;
}
@@ -259,5 +257,17 @@
return false;
}
+ protected function newPullEvent() {
+ $viewer = $this->getViewer();
+ $repository = $this->getRepository();
+ $remote_address = $this->getSSHRemoteAddress();
+
+ return id(new PhabricatorRepositoryPullEvent())
+ ->setEpoch(PhabricatorTime::getNow())
+ ->setRemoteAddress($remote_address)
+ ->setRemoteProtocol('ssh')
+ ->setPullerPHID($viewer->getPHID())
+ ->setRepositoryPHID($repository->getPHID());
+ }
}
diff --git a/src/infrastructure/ssh/PhabricatorSSHWorkflow.php b/src/infrastructure/ssh/PhabricatorSSHWorkflow.php
--- a/src/infrastructure/ssh/PhabricatorSSHWorkflow.php
+++ b/src/infrastructure/ssh/PhabricatorSSHWorkflow.php
@@ -83,4 +83,19 @@
return $this->originalArguments;
}
+ public function getSSHRemoteAddress() {
+ $ssh_client = getenv('SSH_CLIENT');
+ if (!strlen($ssh_client)) {
+ return null;
+ }
+
+ // TODO: When commands are proxied, the original remote address should
+ // also be proxied.
+
+ // This has the format "<ip> <remote-port> <local-port>". Grab the IP.
+ $remote_address = head(explode(' ', $ssh_client));
+
+ return $remote_address;
+ }
+
}

File Metadata

Mime Type
text/plain
Expires
Mon, Nov 11, 7:26 PM (6 d, 17 h ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6732304
Default Alt Text
D16738.id40305.diff (3 KB)

Event Timeline