Run hook scripts directly from cache directory

Copying the hooks to temp is a problem if you run dotter with different users, as the file gets left behind and other users don't have permissions to overwrite it. It's also not really needed to copy the file to somewhere else, it can just be run to where it is anyway from the cache directory. It might be also a problem to create the hooks world readable at the temp-directory, where other users can read it, it might contain secrets that aren't expected to be written to outside of the home directory.
SuperCuber · Jul 26, 2023 · 285deb9 · 285deb9
1 parent ff2a32d
commit 285deb9
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 18 deletions.
diff --git a/src/actions.rs b/src/actions.rs
@@ -332,7 +332,7 @@ pub fn create_template(
                 &target.owner,
             )
             .context("create parent for target file")?;
-            perform_template_deploy(source, cache, target, fs, handlebars, variables)
+            perform_template_deploy(source, cache, Some(target), fs, handlebars, variables)
                 .context("perform template cache")?;
             Ok(true)
         }
@@ -349,7 +349,7 @@ pub fn create_template(
                 &target.owner,
             )
             .context("create parent for target file")?;
-            perform_template_deploy(source, cache, target, fs, handlebars, variables)
+            perform_template_deploy(source, cache, Some(target), fs, handlebars, variables)
                 .context("perform template cache")?;
             Ok(true)
         }
@@ -372,7 +372,7 @@ pub fn create_template(
                 &target.owner,
             )
             .context("create parent for target file")?;
-            perform_template_deploy(source, cache, target, fs, handlebars, variables)
+            perform_template_deploy(source, cache, Some(target), fs, handlebars, variables)
                 .context("perform template cache")?;
             Ok(true)
         }
@@ -486,7 +486,7 @@ pub fn update_template(
             );
             fs.set_owner(&target.target, &target.owner)
                 .context("set target file owner")?;
-            perform_template_deploy(source, cache, target, fs, handlebars, variables)
+            perform_template_deploy(source, cache, Some(target), fs, handlebars, variables)
                 .context("perform template cache")?;
             Ok(true)
         }
@@ -503,7 +503,7 @@ pub fn update_template(
                 &target.owner,
             )
             .context("create parent for target file")?;
-            perform_template_deploy(source, cache, target, fs, handlebars, variables)
+            perform_template_deploy(source, cache, Some(target), fs, handlebars, variables)
                 .context("perform template cache")?;
             Ok(true)
         }
@@ -529,7 +529,7 @@ pub fn update_template(
             );
             fs.remove_file(&target.target)
                 .context("remove target while forcing")?;
-            perform_template_deploy(source, cache, target, fs, handlebars, variables)
+            perform_template_deploy(source, cache, Some(target), fs, handlebars, variables)
                 .context("perform template cache")?;
             Ok(true)
         }
@@ -546,15 +546,18 @@ pub fn update_template(
 pub(crate) fn perform_template_deploy(
     source: &Path,
     cache: &Path,
-    target: &TemplateTarget,
+    target: Option<&TemplateTarget>,
     fs: &mut dyn Filesystem,
     handlebars: &Handlebars<'_>,
     variables: &Variables,
 ) -> Result<()> {
     let file_contents = fs
         .read_to_string(source)
         .context("read template source file")?;
-    let file_contents = target.apply_actions(file_contents);
+    let file_contents = match target {
+        Some(t) => t.apply_actions(file_contents),
+        None => file_contents,
+    };
     let rendered = handlebars
         .render_template(&file_contents, variables)
         .context("render template")?;
@@ -566,10 +569,12 @@ pub(crate) fn perform_template_deploy(
         .context("write rendered template to cache")?;
 
     // Target
-    fs.copy_file(cache, &target.target, &target.owner)
-        .context("copy template from cache to target")?;
-    fs.copy_permissions(source, &target.target, &target.owner)
-        .context("copy permissions from source to target")?;
+    if let Some(target) = target {
+        fs.copy_file(cache, &target.target, &target.owner)
+            .context("copy template from cache to target")?;
+        fs.copy_permissions(source, &target.target, &target.owner)
+            .context("copy permissions from source to target")?;
+    }
 
     Ok(())
 }
diff --git a/src/hooks.rs b/src/hooks.rs
@@ -5,6 +5,8 @@ use std::path::Path;
 use std::process::Child;
 use std::process::Command;
 
+use crate::filesystem::{Filesystem, RealFilesystem};
+
 pub(crate) fn run_hook(
     location: &Path,
     cache_dir: &Path,
@@ -17,25 +19,26 @@ pub(crate) fn run_hook(
     }
 
     let mut script_file = cache_dir.join(location);
-    let mut target = std::env::temp_dir().join("dotter_temp");
     if cfg!(windows) {
         script_file.set_extension("bat");
-        target.set_extension("bat");
     }
-    debug!("Rendering script {:?} -> {:?}", location, script_file);
 
+    debug!("Rendering script {:?} -> {:?}", location, script_file);
+    let mut fs = RealFilesystem::new(false);
     crate::actions::perform_template_deploy(
         location,
         &script_file,
-        &target.clone().into(),
-        &mut crate::filesystem::RealFilesystem::new(false),
+        None,
+        &mut fs,
         handlebars,
         variables,
     )
     .context("deploy script")?;
+    fs.copy_permissions(location, &script_file, &None)
+        .context("copy permissions from source to cache")?;
 
     debug!("Running script file");
-    let mut child = run_script_file(&target)?;
+    let mut child = run_script_file(&script_file)?;
 
     anyhow::ensure!(
         child.wait().context("wait for child shell")?.success(),