diff --git a/src/main/java/io/jenkins/infra/repository_permissions_updater/github_team_sync/YAMLTeamLoader.java b/src/main/java/io/jenkins/infra/repository_permissions_updater/github_team_sync/YAMLTeamLoader.java deleted file mode 100644 index fe09ec1843..0000000000 --- a/src/main/java/io/jenkins/infra/repository_permissions_updater/github_team_sync/YAMLTeamLoader.java +++ /dev/null @@ -1,79 +0,0 @@ -package io.jenkins.infra.repository_permissions_updater.github_team_sync; - -import org.yaml.snakeyaml.Yaml; - -import java.io.FileInputStream; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.util.HashSet; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class YamlTeamLoader { - private static final Logger logger = LoggerFactory.getLogger(YamlTeamLoader.class); - - public static GithubTeamDefinition loadTeam(String filePath) { - Path resolvedPath = resolveFilePath(filePath); - Map teamConfig = loadYamlConfiguration(resolvedPath); - return parseTeamDefinition(teamConfig); - } - - private static Path resolveFilePath(String filePath) { - Path basePath = Paths.get("permissions").toAbsolutePath().normalize(); - // Remove the prefix for GitHub actions - if (filePath.startsWith("permissions/")) { - filePath = filePath.substring("permissions/".length()); - } - Path resolvedPath = basePath.resolve(filePath).normalize(); - - if (!resolvedPath.startsWith(basePath)) { - throw new SecurityException("Attempted path traversal out of allowed directory"); - } - if (!resolvedPath.toString().endsWith(".yml")) { - throw new SecurityException("Invalid file type"); - } - if (!Files.exists(resolvedPath)) { - throw new RuntimeException("File does not exist: " + resolvedPath); - } - return resolvedPath; - } - - private static Map loadYamlConfiguration(Path path) { - try (FileInputStream inputStream = new FileInputStream(path.toFile())) { - Yaml yaml = new Yaml(); - return yaml.load(inputStream); - } catch (Exception e) { - logger.error("Failed to load YAML configuration: {}", path, e); - throw new RuntimeException("Failed to load YAML configuration: " + path, e); - } - } - - private static GithubTeamDefinition parseTeamDefinition(Map teamConfig) { - String repoPath = (String) teamConfig.getOrDefault("github", ""); - String teamName = (String) teamConfig.get("github_team"); - - // Check if the team name is not provided or empty, then use the repo name - if (teamName == null || teamName.trim().isEmpty()) { - teamName = extractDefaultTeamName(repoPath); - } - - Set developers = extractDevelopers(teamConfig); - return new GithubTeamDefinition(repoPath, teamName, developers); - } - - private static String extractDefaultTeamName(String repoPath) { - // Repository path format: org/repo - String[] parts = repoPath.split("/"); - return parts.length > 1 ? parts[parts.length - 1] : ""; - } - - private static Set extractDevelopers(Map teamConfig) { - List devsList = (List) teamConfig.getOrDefault("developers", new HashSet<>()); - return new HashSet<>(devsList); - } -}