blob: 293fcc4b4f0914fc6673c913cc81ac764aba2ba3 [file] [log] [blame]
// Copyright 2011 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build go1.16
// +build go1.16
package legacydash
import (
"context"
"crypto/hmac"
"crypto/md5"
"encoding/json"
"errors"
"fmt"
"log"
"net/http"
"strconv"
"strings"
"unicode/utf8"
"cloud.google.com/go/datastore"
)
const (
commitsPerPage = 30
builderVersion = 1 // must match x/build/cmd/coordinator/dash.go's value
)
// resultHandler records a build result.
// It reads a JSON-encoded Result value from the request body,
// creates a new Result entity, and creates or updates the relevant Commit entity.
// If the Log field is not empty, resultHandler creates a new Log entity
// and updates the LogHash field before putting the Commit entity.
func resultHandler(r *http.Request) (interface{}, error) {
if r.Method != "POST" {
return nil, errBadMethod(r.Method)
}
v, _ := strconv.Atoi(r.FormValue("version"))
if v != builderVersion {
return nil, fmt.Errorf("rejecting POST from builder; need version %v instead of %v",
builderVersion, v)
}
ctx := r.Context()
res := new(Result)
defer r.Body.Close()
if err := json.NewDecoder(r.Body).Decode(res); err != nil {
return nil, fmt.Errorf("decoding Body: %v", err)
}
if err := res.Valid(); err != nil {
return nil, fmt.Errorf("validating Result: %v", err)
}
// store the Log text if supplied
if len(res.Log) > 0 {
hash, err := PutLog(ctx, res.Log)
if err != nil {
return nil, fmt.Errorf("putting Log: %v", err)
}
res.LogHash = hash
}
tx := func(tx *datastore.Transaction) error {
if _, err := getOrMakePackageInTx(ctx, tx, res.PackagePath); err != nil {
return fmt.Errorf("GetPackage: %v", err)
}
// put Result
if _, err := tx.Put(res.Key(), res); err != nil {
return fmt.Errorf("putting Result: %v", err)
}
// add Result to Commit
com := &Commit{PackagePath: res.PackagePath, Hash: res.Hash}
if err := com.AddResult(tx, res); err != nil {
return fmt.Errorf("AddResult: %v", err)
}
return nil
}
_, err := datastoreClient.RunInTransaction(ctx, tx)
return nil, err
}
// logHandler displays log text for a given hash.
// It handles paths like "/log/hash".
func logHandler(w http.ResponseWriter, r *http.Request) {
c := r.Context()
hash := r.URL.Path[strings.LastIndex(r.URL.Path, "/")+1:]
key := dsKey("Log", hash, nil)
l := new(Log)
if err := datastoreClient.Get(c, key, l); err != nil {
if err == datastore.ErrNoSuchEntity {
// Fall back to default namespace;
// maybe this was on the old dashboard.
key.Namespace = ""
err = datastoreClient.Get(c, key, l)
}
if err != nil {
log.Printf("Error: %v", err)
http.Error(w, "Error: "+err.Error(), http.StatusInternalServerError)
return
}
}
b, err := l.Text()
if err != nil {
log.Printf("Error: %v", err)
http.Error(w, "Error: "+err.Error(), http.StatusInternalServerError)
return
}
w.Header().Set("Content-type", "text/plain; charset=utf-8")
w.Write(b)
}
// clearResultsHandler purge a single build failure from the dashboard.
// It currently only supports the main Go repo.
func clearResultsHandler(r *http.Request) (interface{}, error) {
if r.Method != "POST" {
return nil, errBadMethod(r.Method)
}
builder := r.FormValue("builder")
hash := r.FormValue("hash")
if builder == "" {
return nil, errors.New("missing 'builder'")
}
if hash == "" {
return nil, errors.New("missing 'hash'")
}
ctx := r.Context()
_, err := datastoreClient.RunInTransaction(ctx, func(tx *datastore.Transaction) error {
c := &Commit{
PackagePath: "", // TODO(adg): support clearing sub-repos
Hash: hash,
}
err := tx.Get(c.Key(), c)
err = filterDatastoreError(err)
if err == datastore.ErrNoSuchEntity {
// Doesn't exist, so no build to clear.
return nil
}
if err != nil {
return err
}
r := c.Result(builder, "")
if r == nil {
// No result, so nothing to clear.
return nil
}
c.RemoveResult(r)
_, err = tx.Put(c.Key(), c)
if err != nil {
return err
}
return tx.Delete(r.Key())
})
return nil, err
}
type dashHandler func(*http.Request) (interface{}, error)
type dashResponse struct {
Response interface{}
Error string
}
// errBadMethod is returned by a dashHandler when
// the request has an unsuitable method.
type errBadMethod string
func (e errBadMethod) Error() string {
return "bad method: " + string(e)
}
func builderKeyRevoked(builder string) bool {
switch builder {
case "plan9-amd64-mischief":
// Broken and unmaintained for months.
// It's polluting the dashboard.
return true
case "linux-arm-onlinenet":
// Requested to be revoked by Dave Cheney.
// The machine is in a fail+report loop
// and can't be accessed. Revoke it for now.
return true
}
return false
}
// AuthHandler wraps a http.HandlerFunc with a handler that validates the
// supplied key and builder query parameters.
func AuthHandler(h dashHandler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
c := r.Context()
// Put the URL Query values into r.Form to avoid parsing the
// request body when calling r.FormValue.
r.Form = r.URL.Query()
var err error
var resp interface{}
// Validate key query parameter for POST requests only.
key := r.FormValue("key")
builder := r.FormValue("builder")
if r.Method == "POST" && !validKey(c, key, builder) {
err = fmt.Errorf("invalid key %q for builder %q", key, builder)
}
// Call the original HandlerFunc and return the response.
if err == nil {
resp, err = h(r)
}
// Write JSON response.
dashResp := &dashResponse{Response: resp}
if err != nil {
log.Printf("%v", err)
dashResp.Error = err.Error()
}
w.Header().Set("Content-Type", "application/json")
if err = json.NewEncoder(w).Encode(dashResp); err != nil {
log.Printf("encoding response: %v", err)
}
})
}
// validHash reports whether hash looks like a valid git commit hash.
func validHash(hash string) bool {
// TODO: correctly validate a hash: check that it's exactly 40
// lowercase hex digits. But this is what we historically did:
return hash != ""
}
func validKey(c context.Context, key, builder string) bool {
if isMasterKey(c, key) {
return true
}
if builderKeyRevoked(builder) {
return false
}
return key == builderKey(c, builder)
}
func isMasterKey(ctx context.Context, k string) bool {
return k == masterKey
}
func builderKey(ctx context.Context, builder string) string {
h := hmac.New(md5.New, []byte(masterKey))
h.Write([]byte(builder))
return fmt.Sprintf("%x", h.Sum(nil))
}
// limitStringLength essentially does return s[:max],
// but it ensures that we dot not split UTF-8 rune in half.
// Otherwise appengine python scripts will break badly.
func limitStringLength(s string, max int) string {
if len(s) <= max {
return s
}
for {
s = s[:max]
r, size := utf8.DecodeLastRuneInString(s)
if r != utf8.RuneError || size != 1 {
return s
}
max--
}
}