Documentation
¶
Overview ¶
Package git provides Git repository operations for ToolHive.
This package implements a thin wrapper around the go-git library to enable cloning repositories, checking out specific branches/tags/commits, and retrieving file contents. It is used by both the Kubernetes operator (for MCPRegistry Git sources) and the CLI (for git-based skill installation).
Key Components:
Client Interface ¶
The Client interface defines the core Git operations:
- Clone: Clone repositories (public or authenticated)
- GetFileContent: Retrieve specific files from repositories
- Cleanup: Release in-memory repository resources
LimitedFs ¶
LimitedFs wraps a billy.Filesystem to enforce file count and total size limits, preventing resource exhaustion when cloning untrusted repositories.
Security Considerations ¶
This package is designed for use in environments where Git repositories may be untrusted. Resource limits are enforced via LimitedFs (10k files, 100MB). Callers are responsible for URL validation (SSRF prevention) and credential management.
Index ¶
- Variables
- type Client
- type ClientOption
- type CloneConfig
- type DefaultGitClient
- type LimitedFs
- func (*LimitedFs) Chroot(_ string) (billy.Filesystem, error)
- func (f *LimitedFs) Create(filename string) (billy.File, error)
- func (f *LimitedFs) Join(elem ...string) string
- func (f *LimitedFs) Lstat(filename string) (fs.FileInfo, error)
- func (f *LimitedFs) MkdirAll(filename string, perm fs.FileMode) error
- func (f *LimitedFs) Open(filename string) (billy.File, error)
- func (f *LimitedFs) OpenFile(filename string, flag int, perm fs.FileMode) (billy.File, error)
- func (f *LimitedFs) ReadDir(path string) ([]fs.FileInfo, error)
- func (f *LimitedFs) Readlink(link string) (string, error)
- func (f *LimitedFs) Remove(filename string) error
- func (f *LimitedFs) Rename(oldpath string, newpath string) error
- func (f *LimitedFs) Root() string
- func (f *LimitedFs) Stat(filename string) (fs.FileInfo, error)
- func (f *LimitedFs) Symlink(target string, link string) error
- func (f *LimitedFs) TempFile(dir string, prefix string) (billy.File, error)
- type RepositoryInfo
Constants ¶
This section is empty.
Variables ¶
var ErrInvalidCloneConfig = errors.New("invalid clone config: at most one of Branch, Tag, or Commit may be specified")
ErrInvalidCloneConfig is returned when CloneConfig has conflicting ref specifications.
var ErrInvalidFilePath = errors.New("invalid file path")
ErrInvalidFilePath is returned when a file path contains traversal or absolute components.
var ErrNilRepository = errors.New("repository is nil")
ErrNilRepository is returned when a nil repository is passed to an operation that requires one.
var ErrNotImplemented = errors.New("not implemented")
ErrNotImplemented is returned when a method is not implemented.
var ErrTooBig = errors.New("file too big")
ErrTooBig is returned when a file is too big.
var ErrTooManyFiles = errors.New("too many files")
ErrTooManyFiles is returned when there are too many files.
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client interface {
// Clone clones a repository with the given configuration
Clone(ctx context.Context, config *CloneConfig) (*RepositoryInfo, error)
// GetFileContent retrieves the content of a file from the repository
GetFileContent(repoInfo *RepositoryInfo, path string) ([]byte, error)
// Cleanup removes local repository directory
Cleanup(ctx context.Context, repoInfo *RepositoryInfo) error
}
Client defines the interface for Git operations
type ClientOption ¶
type ClientOption func(*DefaultGitClient)
ClientOption configures a DefaultGitClient.
func WithAuth ¶
func WithAuth(auth transport.AuthMethod) ClientOption
WithAuth sets the authentication method for git operations.
type CloneConfig ¶
type CloneConfig struct {
// URL is the repository URL to clone
URL string
// Branch is the specific branch to clone (optional)
Branch string
// Tag is the specific tag to clone (optional)
Tag string
// Commit is the specific commit to clone (optional)
Commit string
}
CloneConfig contains configuration for cloning a repository
type DefaultGitClient ¶
type DefaultGitClient struct {
// contains filtered or unexported fields
}
DefaultGitClient implements Client using go-git
func NewDefaultGitClient ¶
func NewDefaultGitClient(opts ...ClientOption) *DefaultGitClient
NewDefaultGitClient creates a new DefaultGitClient
func (*DefaultGitClient) Cleanup ¶
func (*DefaultGitClient) Cleanup(_ context.Context, repoInfo *RepositoryInfo) error
Cleanup removes local repository directory
func (*DefaultGitClient) Clone ¶
func (c *DefaultGitClient) Clone(ctx context.Context, config *CloneConfig) (*RepositoryInfo, error)
Clone clones a repository with the given configuration
func (*DefaultGitClient) GetFileContent ¶
func (*DefaultGitClient) GetFileContent(repoInfo *RepositoryInfo, path string) ([]byte, error)
GetFileContent retrieves the content of a file from the repository
type LimitedFs ¶
type LimitedFs struct {
Fs billy.Filesystem
MaxFiles int64
TotalFileSize int64
// contains filtered or unexported fields
}
LimitedFs provides a size-limited billy.Filesystem. This is a struct, there's no constructor here. Note that LimitedFs is not thread-safe.
func (*LimitedFs) Chroot ¶
func (*LimitedFs) Chroot(_ string) (billy.Filesystem, error)
Chroot implements billy.Filesystem.
type RepositoryInfo ¶
type RepositoryInfo struct {
// Repository is the go-git repository instance
Repository *git.Repository
// Branch is the current branch name
Branch string
// RemoteURL is the remote repository URL
RemoteURL string
// contains filtered or unexported fields
}
RepositoryInfo contains information about a Git repository
Source Files