search

xebialabs-community / xlr-bitbucket-plugin

XL Release plugin to work with stash and bitbucket cloud
MIT License
3 stars 11 forks source link

Bitbucket wipe out whole XLR home #27

Open gsajwan opened 4 years ago

gsajwan commented 4 years ago

We have disabled the option that caused the problem scenario for now. The issue is caused by the “Download Code” option in the bitbucket plugin that we got. Happened specifically when a user-specified “ ./ “ as the download path.

The plugin code has the following :

    self.logger.warn( " Now downloading code in download folder : %s" % variables['downloadPath'] )
    command = CmdLine()
    script = '''
        cd %s
        wget --user %s --password %s  -O code.zip %s
        unzip code.zip
        rm -rf *.zip
        foldername=`ls -d */`
        mv -f $foldername* `pwd`
        rm -rf $foldername

Can this be fixed or updated to avoid consequences in the future? Thanks

gsajwan commented 4 years ago

Here are logs 👍 Below is the pertinent log of what happened :

Archive: code.zip --2020-06-26 08:23:01-- http://globalrepository.mclocal.int/stash/XLR/xlr-playground/get/master.ziphttp://globalrepository.mclocal.int/stash/XLR/xlr-playground/get/master.zip Resolving globalrepository.mclocal.int (globalrepository.mclocal.int)... 10.154.23.3, 10.154.23.3 Connecting to globalrepository.mclocal.int (globalrepository.mclocal.int)|10.154.23.3|:80... connected. HTTP request sent, awaiting response... 404 2020-06-26 08:23:01 ERROR 404: (no description). End-of-central-directory signature not found. Either this file is not a zipfile, or it constitutes one disk of a multi-part archive. In the latter case the central directory and zipfile comment will be found on the last disk(s) of this archive. unzip: cannot find zipfile directory in one of code.zip or code.zip.zip, and cannot find code.zip.ZIP, period. mv: ‘bin/’ and ‘/sys_apps_01/xlrelease/xl-release-server/bin’ are the same file mv: ‘conf/’ and ‘/sys_apps_01/xlrelease/xl-release-server/conf’ are the same file mv: ‘doc/’ and ‘/sys_apps_01/xlrelease/xl-release-server/doc’ are the same file mv: ‘ext/’ and ‘/sys_apps_01/xlrelease/xl-release-server/ext’ are the same file mv: ‘hotfix/’ and ‘/sys_apps_01/xlrelease/xl-release-server/hotfix’ are the same file mv: ‘lib/’ and ‘/sys_apps_01/xlrelease/xl-release-server/lib’ are the same file mv: ‘log/’ and ‘/sys_apps_01/xlrelease/xl-release-server/log’ are the same file mv: ‘plugins/’ and ‘/sys_apps_01/xlrelease/xl-release-server/plugins’ are the same file mv: ‘reports/’ and ‘/sys_apps_01/xlrelease/xl-release-server/reports’ are the same file mv: ‘serviceWrapper/’ and ‘/sys_apps_01/xlrelease/xl-release-server/serviceWrapper’ are the same file