feat(cli): add archive command for cross-host data transport (#610)

* feat(cli): add archive command for cross-host data transport * fix(archive): correct flat-layout path and entry-count wording * refactor(archive): rename BuildArchive to WriteArchive
2026-06-10 20:07:46 +02:00 · 2026-06-07 15:58:33 +08:00
parent f1219e49ab
commit cd0b2daaf3
11 changed files with 543 additions and 15 deletions
@@ -3,9 +3,12 @@ package fileutil
 import (
 	"archive/zip"
 	"bytes"
+	"errors"
 	"fmt"
+	"io"
 	"os"
 	"path/filepath"
+	"strings"
 )

 // FileExists checks if the file exists in the provided path.
@@ -88,3 +91,102 @@ func writeFile(buffer *bytes.Buffer, filename string) error {

 	return nil
 }
+
+// ZipDir writes every file under srcDir into a new zip at zipPath, preserving the relative directory
+// layout with forward-slash entry names. Unlike CompressDir it neither flattens names nor deletes the
+// source — it is the producer side of cross-host archive transport.
+func ZipDir(zipPath, srcDir string) error {
+	out, err := os.Create(zipPath)
+	if err != nil {
+		return fmt.Errorf("create %s: %w", zipPath, err)
+	}
+	defer func() { _ = out.Close() }()
+
+	zw := zip.NewWriter(out)
+	walkErr := filepath.WalkDir(srcDir, func(p string, d os.DirEntry, walkErr error) error {
+		if walkErr != nil {
+			return walkErr
+		}
+		if d.IsDir() {
+			return nil
+		}
+		rel, err := filepath.Rel(srcDir, p)
+		if err != nil {
+			return err
+		}
+		w, err := zw.Create(filepath.ToSlash(rel))
+		if err != nil {
+			return err
+		}
+		src, err := os.Open(p) //nolint:gosec // G122: staging tree is created and populated by us
+		if err != nil {
+			return err
+		}
+		defer func() { _ = src.Close() }()
+		_, err = io.Copy(w, src)
+		return err
+	})
+	if walkErr != nil {
+		_ = zw.Close()
+		return fmt.Errorf("zip %s: %w", srcDir, walkErr)
+	}
+	if err := zw.Close(); err != nil {
+		return fmt.Errorf("close zip %s: %w", zipPath, err)
+	}
+	return nil
+}
+
+// Unzip extracts zipPath into destDir, rejecting any entry whose path would escape destDir (Zip-Slip)
+// since a transported archive is not fully trusted.
+func Unzip(zipPath, destDir string) error {
+	r, err := zip.OpenReader(zipPath)
+	if err != nil {
+		return fmt.Errorf("open zip %s: %w", zipPath, err)
+	}
+	defer func() { _ = r.Close() }()
+
+	root := filepath.Clean(destDir)
+	for _, f := range r.File {
+		target := filepath.Join(root, filepath.FromSlash(f.Name))
+		if target != root && !strings.HasPrefix(target, root+string(os.PathSeparator)) {
+			return fmt.Errorf("zip entry %q escapes destination", f.Name)
+		}
+		if f.FileInfo().IsDir() {
+			if err := os.MkdirAll(target, 0o755); err != nil {
+				return err
+			}
+			continue
+		}
+		if err := os.MkdirAll(filepath.Dir(target), 0o755); err != nil {
+			return err
+		}
+		if err := writeZipEntry(f, target); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func writeZipEntry(f *zip.File, target string) error {
+	rc, err := f.Open()
+	if err != nil {
+		return err
+	}
+	defer func() { _ = rc.Close() }()
+
+	out, err := os.OpenFile(target, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0o600)
+	if err != nil {
+		return err
+	}
+	defer func() { _ = out.Close() }()
+
+	for {
+		_, err := io.CopyN(out, rc, 1<<20)
+		if errors.Is(err, io.EOF) {
+			return nil
+		}
+		if err != nil {
+			return err
+		}
+	}
+}