fix(repo-clone): stop leaking ADO PAT + tolerant Jira-key parser (#566)#565
fix(repo-clone): stop leaking ADO PAT + tolerant Jira-key parser (#566)#565IBondarenko-iwg wants to merge 5 commits into
Conversation
|
This PR is missing a linked issue reference. Please add one of the following to the PR description:
If this is a trivial change that doesn't need an issue, ask a maintainer to add the |
There was a problem hiding this comment.
Pull request overview
This PR hardens the repo-clone MCP tool in the start-from-jira workflow by preventing Azure DevOps PAT exposure during git clone, and by making Jira-key extraction more tolerant to real-world jira-context.md formatting drift.
Changes:
- Add
Get-RepoCloneJiraKeyto extract Jira keys from multiple table/header patterns (with a case-sensitive fallback). - Prevent ADO PAT leakage by using a host-scoped
http.extraHeaderviaGIT_CONFIG_*env vars instead of embedding credentials in the clone URL, with masking and env restore infinally. - Add local tests for Jira-key parsing and clone-completeness detection.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| content/workflows/start-from-jira/systems/mcp/tools/repo-clone/script.ps1 | Adds Jira-key parsing helper, strengthens “already cloned” detection, and switches ADO auth to header-based configuration to avoid PAT persistence/exposure. |
| content/workflows/start-from-jira/systems/mcp/tools/repo-clone/test.ps1 | Introduces helper-focused tests covering Jira-key parsing variants and the clone completeness guard behavior. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
carlospedreira
left a comment
There was a problem hiding this comment.
Leaving one inline review note on the Git config preservation edge case.
Linked issue
Closes #566
Refs #557
Summary of changes
content/workflows/start-from-jira/systems/mcp/tools/repo-clone/script.ps1:Bug 7 (security — PAT leak). The clone URL embedded the raw
AZURE_DEVOPS_PATin its userinfo (https://<PAT>@dev.azure.com/...), leaking it two ways: visible in the git process command line (Win32_Process.CommandLine) and persisted into the cloned repo's.git/configasremote.origin.url. Now authenticates with a host-scopedhttp.extraHeaderinjected via theGIT_CONFIG_*environment (git ≥ 2.31): credential-free clone URL, header lives only in a process env var for the single clone and is restored infinally, nothing written to.git/config.Bug 6 (Jira parse + clone guard). The Jira-key parser only matched a canonical
| Jira Key | KEY |row, but agents free-form the metadata table (Primary Jira Keys,Parent Epic, …), so the key stayed null and cloning threw "Run Phase 0 first" — killing the whole code-execution phase. NewGet-RepoCloneJiraKeytries the canonical row → label variants → H1 title → any key-shaped token (case-sensitive, soutf-8/sha-1aren't mistaken for keys). The "already cloned" guard only testedTest-Path, so a leftover empty gitlink dir reportedalready_clonedwith no source; newTest-RepoCloneCompleterequires a resolvable HEAD + ≥1 tracked file. An empty leftover is reclaimed; a non-empty incomplete clone returns anincomplete_cloneerror instead of being force-deleted.Hardening from self-review (pwsh-review): path-traversal guard on
repo/projectbefore the force-delete path,GIT_CONFIG_*save/restore, UTF-8 Basic-auth token.Known follow-up (out of scope): the NuGet section still sets the ADO PAT in a process env var for a later step — left as-is to avoid breaking restore; tracked for a later PR.
Testing notes
New
repo-clone/test.ps1(12 cases, run by Layer 2 /tests/Test-ToolLocal.ps1):Get-RepoCloneJiraKey: canonical row,Primary Jira Keys,Parent Epic, H1 fallback, null cases, lowercase-key +utf-8-token rejection.Test-RepoCloneComplete: missing path, empty dir, repo with no commit, populated repo.PARSE OK; PSScriptAnalyzer clean (only pre-existingPSAvoidGlobalVars). Manual PAT check after a clone:git -C <clone> config remote.origin.urlshows no PAT, and the PAT never appears in clone process args.Checklist