From 9063994a12444a9f657406443edd6f2a297521ee Mon Sep 17 00:00:00 2001
From: petruki <31597636+petruki@users.noreply.github.com>
Date: Tue, 3 Sep 2024 19:28:51 -0700
Subject: [PATCH] Patches vulnerabilities introduced by goproxy[C] and env
 settings[L]

---
 .env.test                    | 1 +
 .github/workflows/master.yml | 1 +
 go.mod                       | 2 ++
 go.sum                       | 4 ++--
 src/core/git.go              | 3 ++-
 src/core/git_test.go         | 2 +-
 6 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/.env.test b/.env.test
index 4c1c75d..352effe 100644
--- a/.env.test
+++ b/.env.test
@@ -7,6 +7,7 @@ SWITCHER_API_JWT_SECRET=[YOUR_JWT_SECRET]
 
 # Only for testing purposes. Values are loaded from accounts
 API_DOMAIN_ID=
+GIT_USER=
 GIT_TOKEN=
 GIT_TOKEN_READ_ONLY=
 GIT_REPO_URL=https://github.com/switcherapi/switcher-gitops-fixture
diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml
index d976df5..c38e292 100644
--- a/.github/workflows/master.yml
+++ b/.github/workflows/master.yml
@@ -40,6 +40,7 @@ jobs:
         SWITCHER_API_JWT_SECRET: ${{ secrets.SWITCHER_API_JWT_SECRET }}
         API_DOMAIN_ID: ${{ secrets.API_DOMAIN_ID }}
         GIT_TOKEN: ${{ secrets.GIT_TOKEN }}
+        GIT_USER: ${{ secrets.GIT_USER }}
         GIT_TOKEN_READ_ONLY: ${{ secrets.GIT_TOKEN_READ_ONLY }}
         GIT_REPO_URL: ${{ secrets.GIT_REPO_URL }}
         GIT_BRANCH: ${{ secrets.GIT_BRANCH }}
diff --git a/go.mod b/go.mod
index 8d089e5..cc4cd1e 100644
--- a/go.mod
+++ b/go.mod
@@ -49,3 +49,5 @@ require (
 	go.mongodb.org/mongo-driver v1.16.0
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
+
+replace github.com/elazarl/goproxy => github.com/elazarl/goproxy v0.0.0-20240726154733-8b0c20506380
diff --git a/go.sum b/go.sum
index d185012..960f3d5 100644
--- a/go.sum
+++ b/go.sum
@@ -18,8 +18,8 @@ github.com/cyphar/filepath-securejoin v0.2.5/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxG
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a h1:mATvB/9r/3gvcejNsXKSkQ6lcIaNec2nyfOdlTBR2lU=
-github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM=
+github.com/elazarl/goproxy v0.0.0-20240726154733-8b0c20506380 h1:1NyRx2f4W4WBRyg0Kys0ZbaNmDDzZ2R/C7DTi+bbsJ0=
+github.com/elazarl/goproxy v0.0.0-20240726154733-8b0c20506380/go.mod h1:thX175TtLTzLj3p7N/Q9IiKZ7NF+p72cvL91emV0hzo=
 github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc=
 github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ=
 github.com/gliderlabs/ssh v0.3.7 h1:iV3Bqi942d9huXnzEF2Mt+CY9gLu8DNM4Obd+8bODRE=
diff --git a/src/core/git.go b/src/core/git.go
index a394ead..95f27f7 100644
--- a/src/core/git.go
+++ b/src/core/git.go
@@ -10,6 +10,7 @@ import (
 	"github.com/go-git/go-git/v5/plumbing/object"
 	"github.com/go-git/go-git/v5/plumbing/transport/http"
 	"github.com/go-git/go-git/v5/storage/memory"
+	"github.com/switcherapi/switcher-gitops/src/config"
 	"github.com/switcherapi/switcher-gitops/src/model"
 )
 
@@ -139,7 +140,7 @@ func (g *GitService) getRepository(fs billy.Filesystem) (*git.Repository, error)
 
 func (g *GitService) getAuth() *http.BasicAuth {
 	return &http.BasicAuth{
-		Username: "git-user",
+		Username: config.GetEnv("GIT_USER"),
 		Password: g.Token,
 	}
 }
diff --git a/src/core/git_test.go b/src/core/git_test.go
index 139329f..864564e 100644
--- a/src/core/git_test.go
+++ b/src/core/git_test.go
@@ -177,7 +177,7 @@ func deleteBranch(branchName string) {
 
 func getAuth() *http.BasicAuth {
 	return &http.BasicAuth{
-		Username: "git-user",
+		Username: appConfig.GetEnv("GIT_USER"),
 		Password: appConfig.GetEnv("GIT_TOKEN"),
 	}
 }