fix: avoid warnings with new gosec

Signed-off-by: Phil Adams <phil_adams@us.ibm.com>

v5/core/base_service.go

@@ -433,7 +433,7 @@ func (service *BaseService) Request(req *http.Request, result interface{}) (deta
 		if httpResponse.Body != nil {
 			var readErr error
 
-			defer httpResponse.Body.Close()
+			defer httpResponse.Body.Close() // #nosec G307
 			responseBody, readErr = io.ReadAll(httpResponse.Body)
 			if readErr != nil {
 				err = fmt.Errorf(ERRORMSG_READ_RESPONSE_BODY, readErr.Error())
@@ -480,7 +480,7 @@ func (service *BaseService) Request(req *http.Request, result interface{}) (deta
 		} else {
 
 			// First, read the response body into a byte array.
-			defer httpResponse.Body.Close()
+			defer httpResponse.Body.Close() // #nosec G307
 			responseBody, readErr := io.ReadAll(httpResponse.Body)
 			if readErr != nil {
 				err = fmt.Errorf(ERRORMSG_READ_RESPONSE_BODY, readErr.Error())

v5/core/container_authenticator.go

@@ -471,7 +471,7 @@ func (authenticator *ContainerAuthenticator) RequestToken() (*IamTokenServerResp
 	// Good response, so unmarshal the response body into an IamTokenServerResponse instance.
 	tokenResponse := &IamTokenServerResponse{}
 	_ = json.NewDecoder(resp.Body).Decode(tokenResponse)
-	defer resp.Body.Close()
+	defer resp.Body.Close() // #nosec G307
 
 	return tokenResponse, nil
 }

v5/core/cp4d_authenticator.go

@@ -356,7 +356,7 @@ func (authenticator *CloudPakForDataAuthenticator) requestToken() (tokenResponse
 
 	tokenResponse = &cp4dTokenServerResponse{}
 	err = json.NewDecoder(resp.Body).Decode(tokenResponse)
-	defer resp.Body.Close()
+	defer resp.Body.Close() // #nosec G307
 	if err != nil {
 		err = fmt.Errorf(ERRORMSG_UNMARSHAL_AUTH_RESPONSE, err.Error())
 		tokenResponse = nil

v5/core/iam_authenticator.go

@@ -490,7 +490,7 @@ func (authenticator *IamAuthenticator) RequestToken() (*IamTokenServerResponse,
 
 	tokenResponse := &IamTokenServerResponse{}
 	_ = json.NewDecoder(resp.Body).Decode(tokenResponse)
-	defer resp.Body.Close()
+	defer resp.Body.Close() // #nosec G307
 	return tokenResponse, nil
 }
 

v5/core/request_builder.go

@@ -368,7 +368,7 @@ func (requestBuilder *RequestBuilder) createMultipartFormRequestBody() (bodyRead
 	formWriter := multipart.NewWriter(bodyWriter)
 
 	go func() {
-		defer bodyWriter.Close()
+		defer bodyWriter.Close() // #nosec G307
 
 		// Create a form part from each entry found in the request body's Form map.
 		// Note: each entry will actually be a slice of values, and we'll create a separate
@@ -385,7 +385,7 @@ func (requestBuilder *RequestBuilder) createMultipartFormRequestBody() (bodyRead
 
 				// If the part's content is a ReadCloser, we'll need to close it when we're done.
 				if stream, ok := formPart.contents.(io.ReadCloser); ok {
-					defer stream.Close()
+					defer stream.Close() // #nosec G307
 				} else if stream, ok := formPart.contents.(*io.ReadCloser); ok {
 					defer (*stream).Close()
 				}

v5/core/vpc_instance_authenticator.go

@@ -402,7 +402,7 @@ func (authenticator *VpcInstanceAuthenticator) retrieveIamAccessToken(
 	// Good response, so unmarshal the response body into a vpcTokenResponse instance.
 	tokenResponse := &vpcTokenResponse{}
 	_ = json.NewDecoder(resp.Body).Decode(tokenResponse)
-	defer resp.Body.Close()
+	defer resp.Body.Close() // #nosec G307
 
 	// Finally, convert the vpcTokenResponse instance into an IamTokenServerResponse to maintain
 	// consistency with other IAM-based authenticators.
@@ -499,7 +499,7 @@ func (authenticator *VpcInstanceAuthenticator) retrieveInstanceIdentityToken() (
 	// and retrieve the instance identity token value.
 	operationResponse := &vpcTokenResponse{}
 	_ = json.NewDecoder(resp.Body).Decode(operationResponse)
-	defer resp.Body.Close()
+	defer resp.Body.Close() // #nosec G307
 
 	// The instance identity token is returned in the "access_token" field of the response object.
 	instanceIdentityToken = *operationResponse.AccessToken