This is an automated email from the ASF dual-hosted git repository.
benjobs pushed a commit to branch dev-2.1.3
in repository https://gitbox.apache.org/repos/asf/incubator-streampark.git
The following commit(s) were added to refs/heads/dev-2.1.3 by this push:
new 662a28055 [Improve] maven build args check improve
662a28055 is described below
commit 662a280555949631fe8fe70b89a63a346e084d5e
Author: benjobs <[email protected]>
AuthorDate: Sat Dec 23 21:26:13 2023 +0800
[Improve] maven build args check improve
---
.../streampark/console/core/entity/Project.java | 35 +++++++++++++++-------
1 file changed, 25 insertions(+), 10 deletions(-)
diff --git
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/entity/Project.java
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/entity/Project.java
index ae47d129a..658bb575f 100644
---
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/entity/Project.java
+++
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/entity/Project.java
@@ -46,6 +46,8 @@ import java.io.Serializable;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
import java.util.stream.Collectors;
@Slf4j
@@ -218,21 +220,21 @@ public class Project implements Serializable {
StringBuilder cmdBuffer = new StringBuilder(mvn).append(" clean package
-DskipTests ");
if (StringUtils.isNotBlank(this.buildArgs)) {
- List<String> dangerArgs = getDangerArgs(this.buildArgs);
- if (dangerArgs.isEmpty()) {
+ String dangerArgs = getDangerArgs(this.buildArgs);
+ if (dangerArgs == null) {
cmdBuffer.append(this.buildArgs.trim());
} else {
throw new IllegalArgumentException(
String.format(
- "Invalid maven argument, dangerous operation symbol detected:
%s, in your buildArgs: %s",
- dangerArgs.stream().collect(Collectors.joining(",")),
this.buildArgs));
+ "Invalid maven argument, dangerous args: %s, in your
buildArgs: %s",
+ dangerArgs, this.buildArgs));
}
}
String setting =
InternalConfigHolder.get(CommonConfig.MAVEN_SETTINGS_PATH());
if (StringUtils.isNotBlank(setting)) {
- List<String> dangerArgs = getDangerArgs(setting);
- if (dangerArgs.isEmpty()) {
+ String dangerArgs = getDangerArgs(setting);
+ if (dangerArgs == null) {
File file = new File(setting);
if (file.exists() && file.isFile()) {
cmdBuffer.append(" --settings ").append(setting);
@@ -243,14 +245,24 @@ public class Project implements Serializable {
} else {
throw new IllegalArgumentException(
String.format(
- "Invalid maven-setting file path, dangerous operation symbol
detected: %s, in your maven setting path: %s",
- dangerArgs.stream().collect(Collectors.joining(",")),
setting));
+ "Invalid maven-setting file path, dangerous args: %s, in your
maven setting path: %s",
+ dangerArgs, setting));
}
}
return cmdBuffer.toString();
}
- private List<String> getDangerArgs(String param) {
+ private String getDangerArgs(String param) {
+ Pattern pattern = Pattern.compile("(`.*?`)|(\\$\\((.*?)\\))");
+ Matcher matcher = pattern.matcher(param);
+ if (matcher.find()) {
+ String dangerArgs = matcher.group(1);
+ if (dangerArgs == null) {
+ dangerArgs = matcher.group(2);
+ }
+ return dangerArgs;
+ }
+
String[] args = param.split("\\s+");
List<String> dangerArgs = new ArrayList<>();
for (String arg : args) {
@@ -271,7 +283,10 @@ public class Project implements Serializable {
}
}
}
- return dangerArgs;
+ if (!dangerArgs.isEmpty()) {
+ return dangerArgs.stream().collect(Collectors.joining(","));
+ }
+ return null;
}
@JsonIgnore
