fix: Try writing file in /tmp

codacy · Jul 1, 2024 · 4105c78 · 4105c78
1 parent a221580
commit 4105c78
Show file tree

Hide file tree

Showing 2 changed files with 54 additions and 3 deletions.
diff --git a/internal/tool/golang.go b/internal/tool/golang.go
@@ -2,21 +2,32 @@ package tool
 
 import (
 	"bufio"
+	"io"
 	"os"
 	"path/filepath"
 	"strings"
 
 	"github.com/samber/lo"
 )
 
-func patchGoModFilesForStdlib(dir string, files []string) {
+func patchGoModFilesForStdlib(srcDir string, files []string) string {
+	// Copy the files to a temporary directory because /src is read-only
+	dstDir := "/tmp/src"
+	if err := CopyFiles(files, srcDir, dstDir); err != nil {
+		return srcDir
+	}
+
+	// Find and patch the go.mod files
 	lo.ForEach(files, func(file string, _ int) {
 		if strings.HasSuffix(file, "go.mod") {
-			patchGoModFileForStdlib(filepath.Join(dir, file))
+			patchGoModFileForStdlib(filepath.Join(dstDir, file))
 		}
 	})
+
+	return dstDir
 }
 
+// Find lines in go.mod files that specify the Go version and replace them with a require statement for the stdlib module.
 func patchGoModFileForStdlib(filename string) {
 	tempFilename := filename + ".tmp"
 
@@ -75,3 +86,43 @@ func patchGoModFileForStdlib(filename string) {
 		return
 	}
 }
+
+// CopyFiles copies specific files from the source directory to the destination directory.
+func CopyFiles(files []string, srcDir string, dstDir string) error {
+	for _, file := range files {
+		srcPath := filepath.Join(srcDir, file)
+		dstPath := filepath.Join(dstDir, file)
+
+		// Ensure the destination directory exists
+		if err := os.MkdirAll(filepath.Dir(dstPath), os.ModePerm); err != nil {
+			return err
+		}
+
+		// Copy the file
+		if err := CopyFile(srcPath, dstPath); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// CopyFile copies a single file from src to dst.
+func CopyFile(src, dst string) error {
+	sourceFile, err := os.Open(src)
+	if err != nil {
+		return err
+	}
+	defer sourceFile.Close()
+
+	destinationFile, err := os.Create(dst)
+	if err != nil {
+		return err
+	}
+	defer destinationFile.Close()
+
+	if _, err := io.Copy(destinationFile, sourceFile); err != nil {
+		return err
+	}
+
+	return nil
+}
diff --git a/internal/tool/tool.go b/internal/tool/tool.go
@@ -82,7 +82,7 @@ func (t codacyTrivy) runVulnerabilityScanning(ctx context.Context, toolExecution
 	// Workaround for detecting vulnerabilities in the Go standard library.
 	// Mimics the behavior of govulncheck by replacing the go version directive with a require statement for stdlib. https://go.dev/blog/govulncheck
 	// This is only supported by Trivy for Go binaries. https://github.com/aquasecurity/trivy/issues/4133
-	patchGoModFilesForStdlib(toolExecution.SourceDir, *toolExecution.Files)
+	toolExecution.SourceDir = patchGoModFilesForStdlib(toolExecution.SourceDir, *toolExecution.Files)
 
 	config := flag.Options{
 		GlobalOptions: flag.GlobalOptions{