From 8dbe6da36b138c42cbd27e8f37b08aafe9524675 Mon Sep 17 00:00:00 2001
From: Bryan Brancotte <bryan.brancotte@pasteur.fr>
Date: Tue, 5 Mar 2024 14:45:28 +0100
Subject: [PATCH] protection against relative path and not hdf5 filename

---
 .gitlab-ci.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index bbfc9a05..9bee7ae2 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -320,6 +320,12 @@ upload-from-fex-to-prod:
         echo "File to remove: $HDF5_FILENAME"; 
       fi
     - mkdir removed
+    - >
+      if [[ "$HDF5_FILENAME" =~ ^[^/]+\.hdf5$ ]]; then 
+        echo "Valid filename: $HDF5_FILENAME"; 
+      else
+        echo "HDF5_FILENAME invalide (HDF5_FILENAME=$HDF5_FILENAME), please provide an hdf5 file in /data";  
+      fi
     - kubectl cp sidekick:/data/$HDF5_FILENAME ./removed_file/$HDF5_FILENAME
     - kubectl exec sidekick -- rm -f /data/$HDF5_FILENAME
     - kubectl delete -f chart/sidekick.yaml --force
-- 
GitLab