From 2ac16002a7a80608aa0dec95651ed343798191fe Mon Sep 17 00:00:00 2001 From: Tingluo Huang Date: Mon, 2 Nov 2020 14:09:29 -0500 Subject: [PATCH] raise error for set-env, block set node_options. (#784) * raise error for set-env, block set node_options. * feedback. --- src/Runner.Worker/ActionCommandManager.cs | 39 ++++++++++++++++++----- 1 file changed, 31 insertions(+), 8 deletions(-) diff --git a/src/Runner.Worker/ActionCommandManager.cs b/src/Runner.Worker/ActionCommandManager.cs index 0cd99e57b..4205d1d01 100644 --- a/src/Runner.Worker/ActionCommandManager.cs +++ b/src/Runner.Worker/ActionCommandManager.cs @@ -186,7 +186,7 @@ namespace GitHub.Runner.Worker { var configurationStore = HostContext.GetService(); var isHostedServer = configurationStore.GetSettings().IsHostedServer; - + var allowUnsecureCommands = false; bool.TryParse(Environment.GetEnvironmentVariable(Constants.Variables.Actions.AllowUnsupportedCommands), out allowUnsecureCommands); @@ -209,9 +209,9 @@ namespace GitHub.Runner.Worker else if (!allowUnsecureCommands) { // Log Telemetry and let user know they shouldn't do this - var issue = new Issue() - { - Type = IssueType.Warning, + var issue = new Issue() + { + Type = IssueType.Error, Message = String.Format(Constants.Runner.UnsupportedCommandMessage, this.Command) }; issue.Data[Constants.Runner.InternalTelemetryIssueDataKey] = Constants.Runner.UnsupportedCommand; @@ -223,6 +223,24 @@ namespace GitHub.Runner.Worker throw new Exception("Required field 'name' is missing in ##[set-env] command."); } + + foreach (var blocked in _setEnvBlockList) + { + if (string.Equals(blocked, envName, StringComparison.OrdinalIgnoreCase)) + { + // Log Telemetry and let user know they shouldn't do this + var issue = new Issue() + { + Type = IssueType.Error, + Message = $"Can't update {blocked} environment variable using ::set-env:: command." + }; + issue.Data[Constants.Runner.InternalTelemetryIssueDataKey] = $"{Constants.Runner.UnsupportedCommand}_{envName}"; + context.AddIssue(issue); + + return; + } + } + context.Global.EnvironmentVariables[envName] = command.Data; context.SetEnvContext(envName, command.Data); context.Debug($"{envName}='{command.Data}'"); @@ -232,6 +250,11 @@ namespace GitHub.Runner.Worker { public const String Name = "name"; } + + private string[] _setEnvBlockList = + { + "NODE_OPTIONS" + }; } public sealed class SetOutputCommandExtension : RunnerService, IActionCommandExtension @@ -319,7 +342,7 @@ namespace GitHub.Runner.Worker { var configurationStore = HostContext.GetService(); var isHostedServer = configurationStore.GetSettings().IsHostedServer; - + var allowUnsecureCommands = false; bool.TryParse(Environment.GetEnvironmentVariable(Constants.Variables.Actions.AllowUnsupportedCommands), out allowUnsecureCommands); @@ -342,9 +365,9 @@ namespace GitHub.Runner.Worker else if (!allowUnsecureCommands) { // Log Telemetry and let user know they shouldn't do this - var issue = new Issue() - { - Type = IssueType.Warning, + var issue = new Issue() + { + Type = IssueType.Error, Message = String.Format(Constants.Runner.UnsupportedCommandMessage, this.Command) }; issue.Data[Constants.Runner.InternalTelemetryIssueDataKey] = Constants.Runner.UnsupportedCommand;