From 83651385251ed203046d6d0171b2130566367a1a Mon Sep 17 00:00:00 2001
From: Daniel Maizel <daniel.maizel@codefresh.io>
Date: Mon, 20 Feb 2023 15:34:16 +0200
Subject: [PATCH] Validate that repo name is not empty (#426)

* make sure repo name is not empty

* create a util function to clean white spaces from slice

* install libssl-dev

* fix

* fix
---
 Dockerfile                 |  1 +
 go.mod                     |  2 +-
 go.sum                     |  3 ++-
 pkg/git/repository.go      |  7 +++++++
 pkg/git/repository_test.go | 11 +++++++++++
 pkg/util/util.go           | 11 +++++++++++
 pkg/util/util_test.go      | 29 +++++++++++++++++++++++++++++
 7 files changed, 62 insertions(+), 2 deletions(-)
 create mode 100644 pkg/util/util_test.go

diff --git a/Dockerfile b/Dockerfile
index a99b63ca..2bfc11e7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -13,6 +13,7 @@ RUN groupadd -g 999 autopilot && \
     chown autopilot:0 /home/autopilot && \
     chmod g=u /home/autopilot && \
     apt-get update -y && \
+    apt-get upgrade -y && \
     apt-get install -y git git-lfs tini gpg tzdata && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
diff --git a/go.mod b/go.mod
index 4864e078..1cda4a30 100644
--- a/go.mod
+++ b/go.mod
@@ -96,7 +96,7 @@ require (
 	github.com/go-openapi/validate v0.19.8 // indirect
 	github.com/go-redis/cache/v8 v8.4.2 // indirect
 	github.com/go-redis/redis/v8 v8.11.3 // indirect
-	github.com/go-stack/stack v1.8.0 // indirect
+	github.com/go-stack/stack v1.8.1 // indirect
 	github.com/go-telegram-bot-api/telegram-bot-api/v5 v5.4.0 // indirect
 	github.com/gobwas/glob v0.2.3 // indirect
 	github.com/gogits/go-gogs-client v0.0.0-20190616193657-5a05380e4bc2 // indirect
diff --git a/go.sum b/go.sum
index 3f14773a..ccb7c471 100644
--- a/go.sum
+++ b/go.sum
@@ -473,8 +473,9 @@ github.com/go-redis/redis/v8 v8.11.3 h1:GCjoYp8c+yQTJfc0n69iwSiHjvuAdruxl7elnZCx
 github.com/go-redis/redis/v8 v8.11.3/go.mod h1:xNJ9xDG09FsIPwh3bWdk+0oDWHbtF9rPN0F/oD9XeKc=
 github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
 github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
-github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
+github.com/go-stack/stack v1.8.1 h1:ntEHSVwIt7PNXNpgPmVfMrNhLtgjlmnZha2kOpuRiDw=
+github.com/go-stack/stack v1.8.1/go.mod h1:dcoOX6HbPZSZptuspn9bctJ+N/CnF5gGygcUP3XYfe4=
 github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
 github.com/go-telegram-bot-api/telegram-bot-api/v5 v5.4.0 h1:Mr3JcvBjQEhCN9wld6OHKHuHxWaoXTaQfYKmj7QwP18=
 github.com/go-telegram-bot-api/telegram-bot-api/v5 v5.4.0/go.mod h1:A2S0CWkNylc2phvKXWBBdD3K0iGnDBGbzRpISP2zBl8=
diff --git a/pkg/git/repository.go b/pkg/git/repository.go
index 0d4cecfe..e8a1cbb7 100644
--- a/pkg/git/repository.go
+++ b/pkg/git/repository.go
@@ -505,6 +505,13 @@ var createRepo = func(ctx context.Context, opts *CloneOptions) (defaultBranch st
 	}
 
 	_, orgRepo, _, _, _, _, _ := util.ParseGitUrl(opts.Repo)
+
+	// It depends on the provider, but org repo strucure should at least contain org and repo name
+	slc := util.CleanSliceWhiteSpaces(strings.Split(orgRepo, "/"))
+	if len(slc) < 2 {
+		return "", errors.New("repo name can't be empty")
+	}
+
 	return provider.CreateRepository(ctx, orgRepo)
 }
 
diff --git a/pkg/git/repository_test.go b/pkg/git/repository_test.go
index 76662618..29332180 100644
--- a/pkg/git/repository_test.go
+++ b/pkg/git/repository_test.go
@@ -1340,6 +1340,17 @@ func Test_createRepo(t *testing.T) {
 			},
 			want: "main",
 		},
+		"Should fail if repo name is empty": {
+			opts: &CloneOptions{
+				Repo:     "https://github.com/owner/",
+				Provider: "github",
+				Auth: Auth{
+					Username: "username",
+					Password: "password",
+				},
+			},
+			wantErr: "repo name can't be empty",
+		},
 	}
 
 	orgGetProvider := getProvider
diff --git a/pkg/util/util.go b/pkg/util/util.go
index 259f7cf5..99080da6 100644
--- a/pkg/util/util.go
+++ b/pkg/util/util.go
@@ -170,3 +170,14 @@ func StealFlags(cmd *cobra.Command, exceptFor []string) (*pflag.FlagSet, error)
 
 	return fs, nil
 }
+
+func CleanSliceWhiteSpaces(slc []string) []string {
+	var res []string
+	for i := range slc {
+		if strings.TrimSpace(slc[i]) != "" {
+			res = append(res, slc[i])
+		}
+	}
+	
+	return res
+}
diff --git a/pkg/util/util_test.go b/pkg/util/util_test.go
new file mode 100644
index 00000000..a176132f
--- /dev/null
+++ b/pkg/util/util_test.go
@@ -0,0 +1,29 @@
+package util
+
+import (
+	"reflect"
+	"testing"
+)
+
+func TestCleanSliceWhiteSpaces(t *testing.T) {
+	testcases := []struct {
+		input []string
+		expected []string
+	}{
+		{
+			input: []string{"org", "repo"},
+			expected: []string{"org", "repo"},
+		},
+		{
+			input: []string{"org", ""},
+			expected: []string{"org"},
+		},
+	}
+
+	for _, testcase := range testcases {
+		res := CleanSliceWhiteSpaces(testcase.input)
+		if !reflect.DeepEqual(res, testcase.expected) {
+			t.Errorf("slice expected to be %v, but got %v", testcase.expected, res)
+		}
+	}
+}