Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix Watchtower interval (should be 1 hour) #56

Merged
merged 3 commits into from
Mar 29, 2018
Merged

Fix Watchtower interval (should be 1 hour) #56

merged 3 commits into from
Mar 29, 2018

Conversation

dborkan
Copy link
Contributor

@dborkan dborkan commented Mar 29, 2018

Fix Watchtower interval (should be 1 hour). Tested:

  • In the server manager with DigitalOcean and default SB_IMAGE: watchtower uses interval of 3600 seconds
  • In the server manager with DigitalOcean and an overridden SB_IMAGE: watchtower uses interval of 60 seconds
  • Manual install script with no overrides, watchtower uses interval of 3600 seconds

@dborkan dborkan requested a review from trevj March 29, 2018 19:42
@googlebot
Copy link

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and have the pull request author add another comment and the bot will run again. If the bot doesn't comment, it means it doesn't think anything has changed.

fortuna
fortuna requested changes Mar 29, 2018
View reviewed changes
src/server_manager/web_app/digitalocean_server.ts Outdated
@@ -424,7 +424,8 @@ function getInstallScript(
const sanitizezedAccessToken = sanitizeDigitaloceanToken(accessToken);
return '#!/bin/bash -eu\n' +
`export DO_ACCESS_TOKEN=${sanitizezedAccessToken}\n` +
(image ? `export SB_IMAGE=${image}\n` : '') +
// Set watchtower to 30 second refresh rate when overriding image.
(image ? `export SB_IMAGE=${image}\nexport WATCHTOWER_REFRESH_SECONDS=30\n` : '') +
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Those variables need to be escaped, otherwise we are subjected to command injection.
Same below. (didn't we have a shellEscape function here?)

We should at least add a TODO

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are you worried about some case besides a user injecting commands into their own server creation?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll add a TODO, but this actually came up in the past and we didn't address it because we weren't convinced of the threat model (it seems like users who start the electron app via the command line could inject commands into their own script, but we haven't seen any way for an outside attacker to inject commands). In any case I agree it's a bit of a code smell

src/server_manager/web_app/digitalocean_server.ts Outdated
@@ -424,7 +424,8 @@ function getInstallScript(
const sanitizezedAccessToken = sanitizeDigitaloceanToken(accessToken);
return '#!/bin/bash -eu\n' +
`export DO_ACCESS_TOKEN=${sanitizezedAccessToken}\n` +
(image ? `export SB_IMAGE=${image}\n` : '') +
// Set watchtower to 30 second refresh rate when overriding image.
(image ? `export SB_IMAGE=${image}\nexport WATCHTOWER_REFRESH_SECONDS=30\n` : '') +
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please make the refresh seconds a parameter for getInstallScript, rather than derived from another parameter

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's more explicit, so it's safer. Otherwise we might trigger the 30 seconds again by mistake

@dborkan
Copy link
Contributor Author

dborkan commented Mar 29, 2018

PTAL, I've added the TODO and am now passing in watchtowerRefreshSeconds to getInstallScript. Now the code to override the refresh rate to 30 seconds is in the createServer method. If we really want to be explicit with this variable we could pass it in all the way from the command line, but I think that would be overkill for a somewhat rushed fix

fortuna
fortuna approved these changes Mar 29, 2018
View reviewed changes
Copy link
Collaborator

@fortuna fortuna left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@dborkan dborkan merged commit 440b550 into master Mar 29, 2018
@dborkan dborkan deleted the dborkan-update-interval branch March 29, 2018 21:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@trevj trevj trevj approved these changes

@fortuna fortuna fortuna approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@dborkan @googlebot @fortuna @trevj