(incubator-streampark) branch k8s updated: [Improve] maven build args check improvement

Sat, 23 Dec 2023 05:21:59 -0800 

This is an automated email from the ASF dual-hosted git repository.

benjobs pushed a commit to branch k8s
in repository https://gitbox.apache.org/repos/asf/incubator-streampark.git


The following commit(s) were added to refs/heads/k8s by this push:
     new cfb9cd0fb [Improve] maven build args check improvement
cfb9cd0fb is described below

commit cfb9cd0fb6ffe7bc692d0dcd9d90dabe26fcaffd
Author: benjobs <[email protected]>
AuthorDate: Sat Dec 23 21:21:42 2023 +0800

    [Improve] maven build args check improvement
---
 .../streampark/console/core/entity/Project.java    | 37 +++++++++++++++-------
 1 file changed, 26 insertions(+), 11 deletions(-)

diff --git 
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/entity/Project.java
 
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/entity/Project.java
index 882d94f19..3ccbdac92 100644
--- 
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/entity/Project.java
+++ 
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/entity/Project.java
@@ -46,6 +46,8 @@ import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 import java.util.stream.Collectors;
 
 @Slf4j
@@ -210,39 +212,49 @@ public class Project implements Serializable {
     StringBuilder cmdBuffer = new StringBuilder(mvn).append(" clean package 
-DskipTests ");
 
     if (StringUtils.isNotBlank(this.buildArgs)) {
-      List<String> dangerArgs = getDangerArgs(this.buildArgs);
-      if (dangerArgs.isEmpty()) {
+      String dangerArgs = getDangerArgs(this.buildArgs);
+      if (dangerArgs == null) {
         cmdBuffer.append(this.buildArgs.trim());
       } else {
         throw new IllegalArgumentException(
             String.format(
-                "Invalid build args, dangerous operation symbol detected: %s, 
in your buildArgs: %s",
-                dangerArgs.stream().collect(Collectors.joining(",")), 
this.buildArgs));
+                "Invalid maven argument, dangerous args: %s, in your 
buildArgs: %s",
+                dangerArgs, this.buildArgs));
       }
     }
 
     String setting = 
InternalConfigHolder.get(CommonConfig.MAVEN_SETTINGS_PATH());
     if (StringUtils.isNotBlank(setting)) {
-      List<String> dangerArgs = getDangerArgs(setting);
-      if (dangerArgs.isEmpty()) {
+      String dangerArgs = getDangerArgs(setting);
+      if (dangerArgs == null) {
         File file = new File(setting);
         if (file.exists() && file.isFile()) {
           cmdBuffer.append(" --settings ").append(setting);
         } else {
           throw new IllegalArgumentException(
-              String.format("Invalid maven setting path, %s no exists or not 
file", setting));
+              String.format("Invalid maven-setting file path, %s no exists or 
not file", setting));
         }
       } else {
         throw new IllegalArgumentException(
             String.format(
-                "Invalid maven setting path, dangerous operation symbol 
detected: %s, in your maven setting path: %s",
-                dangerArgs.stream().collect(Collectors.joining(",")), 
setting));
+                "Invalid maven-setting file path, dangerous args: %s, in your 
maven setting path: %s",
+                dangerArgs, setting));
       }
     }
     return cmdBuffer.toString();
   }
 
-  private List<String> getDangerArgs(String param) {
+  private String getDangerArgs(String param) {
+    Pattern pattern = Pattern.compile("(`.*?`)|(\\$\\((.*?)\\))");
+    Matcher matcher = pattern.matcher(param);
+    if (matcher.find()) {
+      String dangerArgs = matcher.group(1);
+      if (dangerArgs == null) {
+        dangerArgs = matcher.group(2);
+      }
+      return dangerArgs;
+    }
+
     String[] args = param.split("\\s+");
     List<String> dangerArgs = new ArrayList<>();
     for (String arg : args) {
@@ -263,7 +275,10 @@ public class Project implements Serializable {
         }
       }
     }
-    return dangerArgs;
+    if (!dangerArgs.isEmpty()) {
+      return dangerArgs.stream().collect(Collectors.joining(","));
+    }
+    return null;
   }
 
   @JsonIgnore

Reply via email to