diff --git a/src/backend/common/common-artifact/artifact-api/src/main/kotlin/com/tencent/bkrepo/common/artifact/pojo/RepositoryType.kt b/src/backend/common/common-artifact/artifact-api/src/main/kotlin/com/tencent/bkrepo/common/artifact/pojo/RepositoryType.kt index 3fc73afd39..dd8aeae480 100644 --- a/src/backend/common/common-artifact/artifact-api/src/main/kotlin/com/tencent/bkrepo/common/artifact/pojo/RepositoryType.kt +++ b/src/backend/common/common-artifact/artifact-api/src/main/kotlin/com/tencent/bkrepo/common/artifact/pojo/RepositoryType.kt @@ -51,6 +51,7 @@ enum class RepositoryType { CONAN, LFS, DDC, + SVN, ; companion object { diff --git a/src/backend/common/common-security/src/main/kotlin/com/tencent/bkrepo/common/security/interceptor/devx/DevxProperties.kt b/src/backend/common/common-security/src/main/kotlin/com/tencent/bkrepo/common/security/interceptor/devx/DevxProperties.kt new file mode 100644 index 0000000000..7189933313 --- /dev/null +++ b/src/backend/common/common-security/src/main/kotlin/com/tencent/bkrepo/common/security/interceptor/devx/DevxProperties.kt @@ -0,0 +1,50 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.bkrepo.common.security.interceptor.devx + +/** + * 云研发配置 + * */ +data class DevxProperties( + /** + * 是否开启云研发相关配置 + * */ + var enabled: Boolean = false, + /** + * apigw app code + * */ + var appCode: String = "", + /** + * apigw app secret + * */ + var appSecret: String = "", + /** + * 查询云研发工作空间的URL + * */ + var workspaceUrl: String = "", +) diff --git a/src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/interceptor/devx/DevxSrcIpInterceptor.kt b/src/backend/common/common-security/src/main/kotlin/com/tencent/bkrepo/common/security/interceptor/devx/DevxSrcIpInterceptor.kt similarity index 59% rename from src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/interceptor/devx/DevxSrcIpInterceptor.kt rename to src/backend/common/common-security/src/main/kotlin/com/tencent/bkrepo/common/security/interceptor/devx/DevxSrcIpInterceptor.kt index 9ccb370775..a914b08db8 100644 --- a/src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/interceptor/devx/DevxSrcIpInterceptor.kt +++ b/src/backend/common/common-security/src/main/kotlin/com/tencent/bkrepo/common/security/interceptor/devx/DevxSrcIpInterceptor.kt @@ -1,30 +1,53 @@ -package com.tencent.bkrepo.git.interceptor.devx +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.bkrepo.common.security.interceptor.devx import com.google.common.cache.CacheBuilder import com.google.common.cache.CacheLoader import com.google.common.cache.LoadingCache import com.tencent.bkrepo.common.api.util.readJsonString import com.tencent.bkrepo.common.api.util.toJsonString -import com.tencent.bkrepo.common.artifact.repository.context.ArtifactContextHolder +import com.tencent.bkrepo.common.artifact.constant.PROJECT_ID import com.tencent.bkrepo.common.security.exception.PermissionException import com.tencent.bkrepo.common.service.util.HttpContextHolder -import com.tencent.bkrepo.git.config.GitProperties -import java.util.concurrent.TimeUnit -import javax.servlet.http.HttpServletRequest -import javax.servlet.http.HttpServletResponse import okhttp3.OkHttpClient import okhttp3.Request import org.slf4j.LoggerFactory -import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.servlet.HandlerInterceptor import org.springframework.web.servlet.HandlerMapping +import java.util.concurrent.TimeUnit +import javax.servlet.http.HttpServletRequest +import javax.servlet.http.HttpServletResponse /** * 云研发源ip拦截器,只允许项目的云桌面ip通过 * */ -class DevxSrcIpInterceptor : HandlerInterceptor { - @Autowired - lateinit var properties: GitProperties +class DevxSrcIpInterceptor(private val devxProperties: DevxProperties) : HandlerInterceptor { private val httpClient = OkHttpClient.Builder().build() private val projectIpsCache: LoadingCache> = CacheBuilder.newBuilder() .maximumSize(MAX_CACHE_PROJECT_SIZE) @@ -32,17 +55,20 @@ class DevxSrcIpInterceptor : HandlerInterceptor { .build(CacheLoader.from { key -> listIpFromProject(key) }) override fun preHandle(request: HttpServletRequest, response: HttpServletResponse, handler: Any): Boolean { - if (!properties.devx.enabled) { + if (!devxProperties.enabled) { return true } - request.getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE) ?: return false - val repo = ArtifactContextHolder.getRepoDetail()!! + + + val uriAttribute = request.getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE) ?: return false + require(uriAttribute is Map<*, *>) + val projectId = uriAttribute[PROJECT_ID].toString() val srcIp = HttpContextHolder.getClientAddress() - if (!inWhiteList(srcIp, repo.projectId)) { - logger.info("Illegal src ip[$srcIp] in project[${repo.projectId}].") + if (!inWhiteList(srcIp, projectId)) { + logger.info("Illegal src ip[$srcIp] in project[${projectId}].") throw PermissionException() } - logger.info("Allow ip[$srcIp] to access ${repo.projectId}.") + logger.info("Allow ip[$srcIp] to access ${projectId}.") return true } @@ -51,7 +77,6 @@ class DevxSrcIpInterceptor : HandlerInterceptor { } private fun listIpFromProject(projectId: String): Set { - val devxProperties = properties.devx val apiAuth = ApiAuth(devxProperties.appCode, devxProperties.appSecret) val token = apiAuth.toJsonString().replace(System.lineSeparator(), "") val workspaceUrl = devxProperties.workspaceUrl diff --git a/src/backend/common/common-service/src/main/kotlin/com/tencent/bkrepo/common/service/util/proxy/DefaultProxyCallHandler.kt b/src/backend/common/common-service/src/main/kotlin/com/tencent/bkrepo/common/service/util/proxy/DefaultProxyCallHandler.kt index 0383f8fa05..0eaf99464e 100644 --- a/src/backend/common/common-service/src/main/kotlin/com/tencent/bkrepo/common/service/util/proxy/DefaultProxyCallHandler.kt +++ b/src/backend/common/common-service/src/main/kotlin/com/tencent/bkrepo/common/service/util/proxy/DefaultProxyCallHandler.kt @@ -1,10 +1,19 @@ package com.tencent.bkrepo.common.service.util.proxy +import okhttp3.Request +import okhttp3.Response import javax.servlet.http.HttpServletRequest import javax.servlet.http.HttpServletResponse -import okhttp3.Response open class DefaultProxyCallHandler : ProxyCallHandler { + override fun before( + proxyRequest: HttpServletRequest, + proxyResponse: HttpServletResponse, + request: Request + ): Request { + return request + } + override fun after(proxyRequest: HttpServletRequest, proxyResponse: HttpServletResponse, response: Response) { // 转发状态码 proxyResponse.status = response.code diff --git a/src/backend/common/common-service/src/main/kotlin/com/tencent/bkrepo/common/service/util/proxy/HttpProxyUtil.kt b/src/backend/common/common-service/src/main/kotlin/com/tencent/bkrepo/common/service/util/proxy/HttpProxyUtil.kt index d91d45e2b6..9558352105 100644 --- a/src/backend/common/common-service/src/main/kotlin/com/tencent/bkrepo/common/service/util/proxy/HttpProxyUtil.kt +++ b/src/backend/common/common-service/src/main/kotlin/com/tencent/bkrepo/common/service/util/proxy/HttpProxyUtil.kt @@ -26,7 +26,11 @@ object HttpProxyUtil { prefix: String? = null, proxyCallHandler: ProxyCallHandler = defaultProxyCallHandler, ) { - val newUrl = "$targetUrl${proxyRequest.requestURI.removePrefix(prefix.orEmpty())}?${proxyRequest.queryString}" + val newUrl = if (proxyRequest.queryString.isNullOrEmpty()) { + "$targetUrl${proxyRequest.requestURI.removePrefix(prefix.orEmpty())}" + } else { + "$targetUrl${proxyRequest.requestURI.removePrefix(prefix.orEmpty())}?${proxyRequest.queryString}" + } val newRequest = Request.Builder() .url(newUrl) .apply { @@ -34,6 +38,7 @@ object HttpProxyUtil { } .method(proxyRequest.method, proxyRequest.body()) .build() + .let { proxyCallHandler.before(proxyRequest, proxyResponse, it) } val newResponse = client .newCall(newRequest) .execute() diff --git a/src/backend/common/common-service/src/main/kotlin/com/tencent/bkrepo/common/service/util/proxy/ProxyCallHandler.kt b/src/backend/common/common-service/src/main/kotlin/com/tencent/bkrepo/common/service/util/proxy/ProxyCallHandler.kt index b6867ff0ba..80826e58c1 100644 --- a/src/backend/common/common-service/src/main/kotlin/com/tencent/bkrepo/common/service/util/proxy/ProxyCallHandler.kt +++ b/src/backend/common/common-service/src/main/kotlin/com/tencent/bkrepo/common/service/util/proxy/ProxyCallHandler.kt @@ -1,9 +1,12 @@ package com.tencent.bkrepo.common.service.util.proxy +import okhttp3.Request +import okhttp3.Response import javax.servlet.http.HttpServletRequest import javax.servlet.http.HttpServletResponse -import okhttp3.Response interface ProxyCallHandler { + fun before(proxyRequest: HttpServletRequest, proxyResponse: HttpServletResponse, request: Request): Request + fun after(proxyRequest: HttpServletRequest, proxyResponse: HttpServletResponse, response: Response) } diff --git a/src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/config/GitProperties.kt b/src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/config/GitProperties.kt index ce89188f54..8264037fa3 100644 --- a/src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/config/GitProperties.kt +++ b/src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/config/GitProperties.kt @@ -1,7 +1,7 @@ package com.tencent.bkrepo.git.config import com.tencent.bkrepo.git.constant.HubType -import com.tencent.bkrepo.git.interceptor.devx.DevxProperties +import com.tencent.bkrepo.common.security.interceptor.devx.DevxProperties import org.springframework.boot.context.properties.ConfigurationProperties import org.springframework.boot.context.properties.NestedConfigurationProperty diff --git a/src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/config/GitWebConfig.kt b/src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/config/GitWebConfig.kt index 1ed8d970f5..77c7bf0f71 100644 --- a/src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/config/GitWebConfig.kt +++ b/src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/config/GitWebConfig.kt @@ -2,7 +2,7 @@ package com.tencent.bkrepo.git.config import com.tencent.bkrepo.git.artifact.GitRepoInterceptor import com.tencent.bkrepo.git.interceptor.ContextSettingInterceptor -import com.tencent.bkrepo.git.interceptor.devx.DevxSrcIpInterceptor +import com.tencent.bkrepo.common.security.interceptor.devx.DevxSrcIpInterceptor import com.tencent.bkrepo.git.interceptor.ProxyInterceptor import org.springframework.boot.context.properties.EnableConfigurationProperties import org.springframework.context.annotation.Bean @@ -13,7 +13,9 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer @Configuration @EnableConfigurationProperties(GitProperties::class) -class GitWebConfig : WebMvcConfigurer { +class GitWebConfig( + private val properties: GitProperties +) : WebMvcConfigurer { override fun addInterceptors(registry: InterceptorRegistry) { registry.addInterceptor(repoInterceptor()) @@ -25,7 +27,7 @@ class GitWebConfig : WebMvcConfigurer { registry.addInterceptor(ProxyInterceptor()) .addPathPatterns("/**") .order(Ordered.HIGHEST_PRECEDENCE + 1) - registry.addInterceptor(devxSrcIpInterceptor()) + registry.addInterceptor(devxSrcIpInterceptor(properties)) .addPathPatterns("/**") .order(Ordered.HIGHEST_PRECEDENCE) super.addInterceptors(registry) @@ -35,5 +37,5 @@ class GitWebConfig : WebMvcConfigurer { fun repoInterceptor() = GitRepoInterceptor() @Bean - fun devxSrcIpInterceptor() = DevxSrcIpInterceptor() + fun devxSrcIpInterceptor(properties: GitProperties) = DevxSrcIpInterceptor(properties.devx) } diff --git a/src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/interceptor/devx/DevxProperties.kt b/src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/interceptor/devx/DevxProperties.kt deleted file mode 100644 index 9b8c44e748..0000000000 --- a/src/backend/git/biz-git/src/main/kotlin/com/tencent/bkrepo/git/interceptor/devx/DevxProperties.kt +++ /dev/null @@ -1,23 +0,0 @@ -package com.tencent.bkrepo.git.interceptor.devx - -/** - * 云研发配置 - * */ -data class DevxProperties( - /** - * 是否开启云研发相关配置 - * */ - var enabled: Boolean = false, - /** - * apigw app code - * */ - var appCode: String = "", - /** - * apigw app secret - * */ - var appSecret: String = "", - /** - * 查询云研发工作空间的URL - * */ - var workspaceUrl: String = "", -) diff --git a/src/backend/settings.gradle.kts b/src/backend/settings.gradle.kts index 1073f560d9..9faf7be9ba 100644 --- a/src/backend/settings.gradle.kts +++ b/src/backend/settings.gradle.kts @@ -88,3 +88,4 @@ includeAll(":fs") includeAll(":config") includeAll(":lfs") includeAll(":ddc") +includeAll(":svn") diff --git a/src/backend/svn/api-svn/build.gradle.kts b/src/backend/svn/api-svn/build.gradle.kts new file mode 100644 index 0000000000..0ad777a25f --- /dev/null +++ b/src/backend/svn/api-svn/build.gradle.kts @@ -0,0 +1,27 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + diff --git a/src/backend/svn/biz-svn/build.gradle.kts b/src/backend/svn/biz-svn/build.gradle.kts new file mode 100644 index 0000000000..1bc28b9127 --- /dev/null +++ b/src/backend/svn/biz-svn/build.gradle.kts @@ -0,0 +1,34 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +dependencies { + api(project(":svn:api-svn")) + api(project(":common:common-service")) + implementation(project(":common:common-api")) + implementation(project(":common:common-artifact:artifact-service")) + implementation(project(":common:common-security")) +} diff --git a/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/UserProxyController.kt b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/UserProxyController.kt new file mode 100644 index 0000000000..8abcaf9390 --- /dev/null +++ b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/UserProxyController.kt @@ -0,0 +1,46 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.bkrepo.svn + +import com.tencent.bkrepo.common.api.exception.MethodNotAllowedException +import org.springframework.web.bind.annotation.PathVariable +import org.springframework.web.bind.annotation.RequestMapping +import org.springframework.web.bind.annotation.RestController + +@RestController +@RequestMapping("/{projectId}/{repoName}") +class UserProxyController { + + @RequestMapping("/**") + fun proxy( + @PathVariable projectId: String, + @PathVariable repoName: String, + ) { + throw MethodNotAllowedException() + } +} diff --git a/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/artifact/SvnArtifactConfigurer.kt b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/artifact/SvnArtifactConfigurer.kt new file mode 100644 index 0000000000..2bdd7fa0cb --- /dev/null +++ b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/artifact/SvnArtifactConfigurer.kt @@ -0,0 +1,49 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.bkrepo.svn.artifact + +import com.tencent.bkrepo.common.artifact.config.ArtifactConfigurerSupport +import com.tencent.bkrepo.common.artifact.pojo.RepositoryType +import com.tencent.bkrepo.common.security.http.core.HttpAuthSecurityCustomizer +import com.tencent.bkrepo.common.service.util.SpringContextUtils +import com.tencent.bkrepo.svn.artifact.repository.SvnLocalRepository +import com.tencent.bkrepo.svn.artifact.repository.SvnRemoteRepository +import com.tencent.bkrepo.svn.artifact.repository.SvnVirtualRepository +import org.springframework.stereotype.Component + +@Component +class SvnArtifactConfigurer : ArtifactConfigurerSupport() { + + override fun getRepositoryType() = RepositoryType.SVN + override fun getLocalRepository() = SpringContextUtils.getBean() + override fun getRemoteRepository() = SpringContextUtils.getBean() + override fun getVirtualRepository() = SpringContextUtils.getBean() + + override fun getAuthSecurityCustomizer() = + HttpAuthSecurityCustomizer { httpAuthSecurity -> httpAuthSecurity.withPrefix("/svn") } +} diff --git a/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/artifact/repository/SvnLocalRepository.kt b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/artifact/repository/SvnLocalRepository.kt new file mode 100644 index 0000000000..213f414a2c --- /dev/null +++ b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/artifact/repository/SvnLocalRepository.kt @@ -0,0 +1,32 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.bkrepo.svn.artifact.repository + +import com.tencent.bkrepo.common.artifact.repository.local.LocalRepository + +class SvnLocalRepository : LocalRepository() diff --git a/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/artifact/repository/SvnRemoteRepository.kt b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/artifact/repository/SvnRemoteRepository.kt new file mode 100644 index 0000000000..7537b14eea --- /dev/null +++ b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/artifact/repository/SvnRemoteRepository.kt @@ -0,0 +1,32 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.bkrepo.svn.artifact.repository + +import com.tencent.bkrepo.common.artifact.repository.remote.RemoteRepository + +class SvnRemoteRepository : RemoteRepository() diff --git a/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/artifact/repository/SvnVirtualRepository.kt b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/artifact/repository/SvnVirtualRepository.kt new file mode 100644 index 0000000000..13bb8eaaa7 --- /dev/null +++ b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/artifact/repository/SvnVirtualRepository.kt @@ -0,0 +1,32 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.bkrepo.svn.artifact.repository + +import com.tencent.bkrepo.common.artifact.repository.virtual.VirtualRepository + +class SvnVirtualRepository : VirtualRepository() diff --git a/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/config/SvnConfiguration.kt b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/config/SvnConfiguration.kt new file mode 100644 index 0000000000..44b3cd16da --- /dev/null +++ b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/config/SvnConfiguration.kt @@ -0,0 +1,53 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.bkrepo.svn.config + +import com.tencent.bkrepo.common.security.interceptor.devx.DevxSrcIpInterceptor +import com.tencent.bkrepo.svn.interceptor.ChangeAncestorProxyHandler +import com.tencent.bkrepo.svn.interceptor.ProxyInterceptor +import org.springframework.boot.context.properties.EnableConfigurationProperties +import org.springframework.context.annotation.Configuration +import org.springframework.core.Ordered +import org.springframework.web.servlet.config.annotation.InterceptorRegistry +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer + +@Configuration(proxyBeanMethods = false) +@EnableConfigurationProperties(SvnProperties::class) +class SvnConfiguration( + private val properties: SvnProperties, +) : WebMvcConfigurer { + override fun addInterceptors(registry: InterceptorRegistry) { + registry.addInterceptor(DevxSrcIpInterceptor(properties.devx)) + .addPathPatterns("/**") + .order(Ordered.HIGHEST_PRECEDENCE) + registry.addInterceptor(ProxyInterceptor(ChangeAncestorProxyHandler(properties))) + .addPathPatterns("/**") + .order(Ordered.HIGHEST_PRECEDENCE + 1) + super.addInterceptors(registry) + } +} diff --git a/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/config/SvnProperties.kt b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/config/SvnProperties.kt new file mode 100644 index 0000000000..bc1049d851 --- /dev/null +++ b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/config/SvnProperties.kt @@ -0,0 +1,43 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.bkrepo.svn.config + +import com.tencent.bkrepo.common.security.interceptor.devx.DevxProperties +import org.springframework.boot.context.properties.ConfigurationProperties +import org.springframework.boot.context.properties.NestedConfigurationProperty + +@ConfigurationProperties("svn") +data class SvnProperties( + /** + * 仓库前缀,在使用SVN Proxy类型的仓库时需要配置 + * 比如SVN客户端访问http://bkrepo.exmaple.com/svn/projectId/repoName,此时需要配置repoPrefix为/svn + */ + var repoPrefix: String = "", + @NestedConfigurationProperty + var devx: DevxProperties = DevxProperties() +) diff --git a/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/interceptor/ChangeAncestorProxyHandler.kt b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/interceptor/ChangeAncestorProxyHandler.kt new file mode 100644 index 0000000000..4070c88ee2 --- /dev/null +++ b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/interceptor/ChangeAncestorProxyHandler.kt @@ -0,0 +1,190 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.bkrepo.svn.interceptor + +import com.tencent.bkrepo.common.api.constant.HttpHeaders +import com.tencent.bkrepo.common.api.constant.ensurePrefix +import com.tencent.bkrepo.common.service.util.proxy.DefaultProxyCallHandler +import com.tencent.bkrepo.common.service.util.proxy.HttpProxyUtil.headers +import com.tencent.bkrepo.svn.config.SvnProperties +import okhttp3.MediaType.Companion.toMediaType +import okhttp3.Request +import okhttp3.RequestBody +import okhttp3.Response +import org.slf4j.LoggerFactory +import javax.servlet.http.HttpServletRequest +import javax.servlet.http.HttpServletResponse + +/** + * 制品库的SVN仓库路径前缀为/{projectId}/{repoName},与代理的仓库可能不一致,需要调整请求与响应中的前缀 + */ +class ChangeAncestorProxyHandler(private val svnProperties: SvnProperties) : DefaultProxyCallHandler() { + override fun before( + proxyRequest: HttpServletRequest, + proxyResponse: HttpServletResponse, + request: Request + ): Request { + val oldPrefix = if (svnProperties.repoPrefix.isEmpty()){ + prefix(proxyRequest.servletPath) + } else { + svnProperties.repoPrefix + prefix(proxyRequest.servletPath) + } + val newPrefix = prefix(request.url.encodedPath) + if (oldPrefix.isNullOrEmpty() || newPrefix.isNullOrEmpty()) { + logger.warn("prefix not found: oldPrefix[$oldPrefix], newPrefix[$newPrefix]") + return request + } + + val builder = request.newBuilder() + proxyRequest.headers().forEach { (k, v) -> + if (k in requestHeaders) { + val newHeaderValue = newPrefix + v.substringAfter(oldPrefix) + builder.header(k, newHeaderValue) + } + } + + if (proxyRequest.contentType?.startsWith("text/xml") == true) { + val oldBody = proxyRequest.inputStream.readBytes().toString(Charsets.UTF_8) + val newBody = oldBody + .replace(ELEMENT_PATH_PREFIX + oldPrefix, ELEMENT_PATH_PREFIX + newPrefix) + .replace(ELEMENT_HREF_PREFIX + oldPrefix, ELEMENT_HREF_PREFIX + newPrefix) + builder.method(proxyRequest.method, RequestBody.create("text/xml".toMediaType(), newBody)) + } + + return builder.build() + } + + override fun after(proxyRequest: HttpServletRequest, proxyResponse: HttpServletResponse, response: Response) { + if (!response.isSuccessful) { + return super.after(proxyRequest, proxyResponse, response) + } + + val oldPrefix = prefix(response.request.url.encodedPath) + val newPrefix = if (svnProperties.repoPrefix.isEmpty()){ + prefix(proxyRequest.servletPath) + } else { + svnProperties.repoPrefix + prefix(proxyRequest.servletPath) + } + if (oldPrefix.isNullOrEmpty() || newPrefix.isNullOrEmpty()) { + return super.after(proxyRequest, proxyResponse, response) + } + + // 转发状态码 + proxyResponse.status = response.code + + // 转发头 + response.headers.forEach { (key, value) -> + if (key in responseHeaders) { + val newHeaderValue = newPrefix + value.substringAfter(oldPrefix) + proxyResponse.setHeader(key, newHeaderValue) + } else { + proxyResponse.addHeader(key, value) + } + } + + // 转发body + if (response.header(HttpHeaders.CONTENT_TYPE)?.startsWith("text/xml") == true) { + // 替换XML中的href标签中的路径前缀 + val oldBody = response.body!!.string() + val newBody = + oldBody.replace(ELEMENT_HREF_PREFIX + oldPrefix, ELEMENT_HREF_PREFIX + newPrefix) + proxyResponse.writer.write(newBody) + proxyResponse.setHeader(HttpHeaders.CONTENT_LENGTH, newBody.length.toString()) + } else { + response.body?.byteStream()?.use { + it.copyTo(proxyResponse.outputStream) + } + } + } + + /** + * 获取/{projectId}/{repoName}前缀 + * + * /a/b/c -> /a/b + * /a/b -> /a/b + * /a -> null + * a/b/c -> /a/b + */ + private fun prefix(path: String): String? { + var thirdSlashIndex = -1 + var slashCount = if (path[0] != '/') { + 1 + } else { + 0 + } + + for ((index, c) in path.withIndex()) { + if (c == '/') { + slashCount++ + } + if (slashCount == 3) { + thirdSlashIndex = index + break + } + } + + val prefix = when (slashCount) { + 2 -> path + 3 -> path.substring(0, thirdSlashIndex) + else -> null + } + + return prefix?.ensurePrefix("/")?.removeSuffix("/") + } + + companion object { + private val logger = LoggerFactory.getLogger(ChangeAncestorProxyHandler::class.java) + private const val HEADER_SVN_DELTA_BASE = "X-SVN-VR-Base" + + private const val HEADER_SVN_ROOT_URI = "SVN-Repository-Root" + private const val HEADER_SVN_ME_RESOURCE = "SVN-Me-Resource" + private const val HEADER_SVN_REV_STUB = "SVN-Rev-Stub" + private const val HEADER_SVN_REV_ROOT_STUB = "SVN-Rev-Root-Stub" + private const val HEADER_SVN_TXN_STUB = "SVN-Txn-Stub" + private const val HEADER_SVN_TXN_ROOT_STUB = "SVN-Txn-Root-Stub" + private const val HEADER_SVN_VTXN_STUB = "SVN-VTxn-Stub" + private const val HEADER_SVN_VTXN_ROOT_STUB = "SVN-VTxn-Root-Stub" + + val requestHeaders = arrayOf(HEADER_SVN_DELTA_BASE) + val responseHeaders = arrayOf( + HEADER_SVN_DELTA_BASE, + HEADER_SVN_ROOT_URI, + HEADER_SVN_ME_RESOURCE, + HEADER_SVN_REV_STUB, + HEADER_SVN_REV_ROOT_STUB, + HEADER_SVN_TXN_STUB, + HEADER_SVN_TXN_ROOT_STUB, + HEADER_SVN_VTXN_STUB, + HEADER_SVN_VTXN_ROOT_STUB, + ) + + // xml element + private const val ELEMENT_HREF_PREFIX = "href>" + private const val ELEMENT_PATH_PREFIX = "path>" + } +} diff --git a/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/interceptor/ProxyInterceptor.kt b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/interceptor/ProxyInterceptor.kt new file mode 100644 index 0000000000..16b7ff494a --- /dev/null +++ b/src/backend/svn/biz-svn/src/main/kotlin/com/tencent/bkrepo/svn/interceptor/ProxyInterceptor.kt @@ -0,0 +1,66 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.bkrepo.svn.interceptor + +import com.tencent.bkrepo.common.artifact.pojo.RepositoryCategory +import com.tencent.bkrepo.common.artifact.pojo.configuration.proxy.ProxyConfiguration +import com.tencent.bkrepo.common.artifact.repository.context.ArtifactContextHolder +import com.tencent.bkrepo.common.service.util.HttpContextHolder +import com.tencent.bkrepo.common.service.util.proxy.HttpProxyUtil +import com.tencent.bkrepo.common.service.util.proxy.ProxyCallHandler +import org.springframework.web.servlet.HandlerInterceptor +import javax.servlet.http.HttpServletRequest +import javax.servlet.http.HttpServletResponse + +class ProxyInterceptor(private val proxyHandler: ProxyCallHandler) : HandlerInterceptor { + override fun preHandle(request: HttpServletRequest, response: HttpServletResponse, handler: Any): Boolean { + val paths = request.servletPath.split("/") + if (paths.size <= 2) { + return false + } + val projectId = paths[1] + val repoName = paths[2] + val repo = ArtifactContextHolder.getRepoDetail(ArtifactContextHolder.RepositoryId(projectId, repoName)) + // 只有PROXY类型的仓库才进行拦截 + if (repo.category != RepositoryCategory.PROXY) { + return true + } + + val configuration = repo.configuration as ProxyConfiguration + val proxyUrl = configuration.proxy.url + val prefix = "/${repo.projectId}/${repo.name}" + HttpProxyUtil.proxy( + HttpContextHolder.getRequest(), + HttpContextHolder.getResponse(), + proxyUrl, + prefix, + proxyHandler + ) + return false + } +} diff --git a/src/backend/svn/boot-svn/build.gradle.kts b/src/backend/svn/boot-svn/build.gradle.kts new file mode 100644 index 0000000000..14d887eb32 --- /dev/null +++ b/src/backend/svn/boot-svn/build.gradle.kts @@ -0,0 +1,30 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +dependencies { + implementation(project(":svn:biz-svn")) +} diff --git a/src/backend/svn/boot-svn/src/main/kotlin/com/tencent/bkrepo/svn/SvnApplication.kt b/src/backend/svn/boot-svn/src/main/kotlin/com/tencent/bkrepo/svn/SvnApplication.kt new file mode 100644 index 0000000000..556a7250a5 --- /dev/null +++ b/src/backend/svn/boot-svn/src/main/kotlin/com/tencent/bkrepo/svn/SvnApplication.kt @@ -0,0 +1,38 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.bkrepo.svn + +import com.tencent.bkrepo.common.service.condition.MicroService +import org.springframework.boot.runApplication + +@MicroService +class SvnApplication + +fun main(args: Array) { + runApplication(*args) +} diff --git a/src/backend/svn/boot-svn/src/main/resources/bootstrap.yml b/src/backend/svn/boot-svn/src/main/resources/bootstrap.yml new file mode 100644 index 0000000000..99c6de57fb --- /dev/null +++ b/src/backend/svn/boot-svn/src/main/resources/bootstrap.yml @@ -0,0 +1,3 @@ +spring.application.name: svn +server.port: 25818 + diff --git a/src/backend/svn/build.gradle.kts b/src/backend/svn/build.gradle.kts new file mode 100644 index 0000000000..0ad777a25f --- /dev/null +++ b/src/backend/svn/build.gradle.kts @@ -0,0 +1,27 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2023 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +