aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristopher Baines <mail@cbaines.net>2019-05-30 08:30:46 +0100
committerChristopher Baines <mail@cbaines.net>2019-05-30 08:33:03 +0100
commitcbae44c758e367441a045a5c9b6e82e1b095d8a1 (patch)
tree6f42548cf0479716e1abcc6b0d54197fb2c72974
parentb4d832455870f251350b305397cfd7efc037e66f (diff)
downloadgovuk-mini-environment-admin-cbae44c758e367441a045a5c9b6e82e1b095d8a1.tar
govuk-mini-environment-admin-cbae44c758e367441a045a5c9b6e82e1b095d8a1.tar.gz
Add some checking for valid store paths
-rw-r--r--app/jobs/govuk_guix/fetch_revision_job.rb4
-rw-r--r--app/services/govuk_guix/update_gcroots_directory.rb11
2 files changed, 15 insertions, 0 deletions
diff --git a/app/jobs/govuk_guix/fetch_revision_job.rb b/app/jobs/govuk_guix/fetch_revision_job.rb
index 7b1acdf..0265c6e 100644
--- a/app/jobs/govuk_guix/fetch_revision_job.rb
+++ b/app/jobs/govuk_guix/fetch_revision_job.rb
@@ -53,6 +53,10 @@ class GovukGuix::FetchRevisionJob < Que::Job
store_path = output.last.strip
logger.debug(self.class) { "store_path: #{store_path}" }
+ unless Guix.valid_store_path? store_path
+ raise "Invalid store path: #{store_path}"
+ end
+
backend.add_in_use_store_path(store_path) if backend
GovukGuix::Revision.transaction do
diff --git a/app/services/govuk_guix/update_gcroots_directory.rb b/app/services/govuk_guix/update_gcroots_directory.rb
index 97fe703..7f70da6 100644
--- a/app/services/govuk_guix/update_gcroots_directory.rb
+++ b/app/services/govuk_guix/update_gcroots_directory.rb
@@ -24,6 +24,11 @@ module GovukGuix::UpdateGcrootsDirectory
DIRECTORY = '/var/guix/gcroots/govuk-mini-environment-admin'
def self.set_in_use_store_paths(store_paths, options = {})
+ store_paths.each do |store_path|
+ raise "Invalid store path #{store_path}" \
+ unless Guix.valid_store_path?(store_path)
+ end
+
current_store_paths = list_store_paths(options)
(current_store_paths - store_paths).each do |store_path|
@@ -36,6 +41,9 @@ module GovukGuix::UpdateGcrootsDirectory
end
def self.add_store_path(store_path, options = {})
+ raise "Invalid store path #{store_path}" \
+ unless Guix.valid_store_path?(store_path)
+
run_command(
'ln', '-s',
store_path,
@@ -45,6 +53,9 @@ module GovukGuix::UpdateGcrootsDirectory
end
def self.remove_store_path(store_path, options = {})
+ raise "Invalid store path #{store_path}" \
+ unless Guix.valid_store_path?(store_path)
+
run_command(
'rm', File.join(DIRECTORY, store_path['/gnu/store/'.length..-1]),
run_remotely_on_host: options[:run_remotely_on_host]