diff options
| author | Stan Hu <stanhu@gmail.com> | 2020-07-19 23:24:32 -0700 |
|---|---|---|
| committer | Stan Hu <stanhu@gmail.com> | 2020-07-20 13:15:49 -0700 |
| commit | 7d62bbc3dd92f1e73b3e2a199f6b6b613d5821d9 (patch) | |
| tree | 66d67385aff9007652167ed53cfac848de3e0b3a | |
| parent | b3f6fcdb77a3d047ce8b02e9a0faf32e5a244c92 (diff) | |
| download | gitlab-shell-7d62bbc3dd92f1e73b3e2a199f6b6b613d5821d9.tar.gz | |
Log remote IP for executed commandssh-log-remote-ip
Admins may want to know what client IP originated the request. This
commit adds a `remote_ip` field to the log that extracts the IP address
from the `SSH_CONNECTION` environment variable.
Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/199
| -rw-r--r-- | internal/command/receivepack/gitalycall_test.go | 7 | ||||
| -rw-r--r-- | internal/handler/exec.go | 2 |
2 files changed, 8 insertions, 1 deletions
diff --git a/internal/command/receivepack/gitalycall_test.go b/internal/command/receivepack/gitalycall_test.go index 0cfbf5c..e93860a 100644 --- a/internal/command/receivepack/gitalycall_test.go +++ b/internal/command/receivepack/gitalycall_test.go @@ -24,6 +24,10 @@ func TestReceivePack(t *testing.T) { url, cleanup := testserver.StartHttpServer(t, requests) defer cleanup() + envCleanup, err := testhelper.Setenv("SSH_CONNECTION", "127.0.0.1 0") + require.NoError(t, err) + defer envCleanup() + output := &bytes.Buffer{} input := &bytes.Buffer{} @@ -38,7 +42,7 @@ func TestReceivePack(t *testing.T) { hook := testhelper.SetupLogger() - err := cmd.Execute() + err = cmd.Execute() require.NoError(t, err) require.Equal(t, "ReceivePack: "+userId+" "+repo, output.String()) @@ -49,4 +53,5 @@ func TestReceivePack(t *testing.T) { require.Equal(t, logrus.InfoLevel, entries[1].Level) require.Contains(t, entries[1].Message, "executing git command") require.Contains(t, entries[1].Message, "command=git-receive-pack") + require.Contains(t, entries[1].Message, "remote_ip=127.0.0.1") } diff --git a/internal/handler/exec.go b/internal/handler/exec.go index d6e06aa..060b709 100644 --- a/internal/handler/exec.go +++ b/internal/handler/exec.go @@ -14,6 +14,7 @@ import ( "gitlab.com/gitlab-org/gitlab-shell/internal/config" "gitlab.com/gitlab-org/gitlab-shell/internal/executable" "gitlab.com/gitlab-org/gitlab-shell/internal/gitlabnet/accessverifier" + "gitlab.com/gitlab-org/gitlab-shell/internal/sshenv" grpccorrelation "gitlab.com/gitlab-org/labkit/correlation/grpc" "gitlab.com/gitlab-org/labkit/tracing" "google.golang.org/grpc" @@ -64,6 +65,7 @@ func (gc *GitalyCommand) LogExecution(repository *pb.Repository, response *acces "user_id": response.UserId, "username": response.Username, "git_protocol": protocol, + "remote_ip": sshenv.LocalAddr(), } log.WithFields(fields).Info("executing git command") |