Skip to content

Commit

Permalink
fix: gosec lint issues for the pkg (#444)
Browse files Browse the repository at this point in the history 
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
  • Loading branch information
@naveensrinivasan
naveensrinivasan committed Feb 21, 2024
1 parent 740354d commit ce4f799
Show file tree
Hide file tree
Showing 5 changed files with 11 additions and 13 deletions.
6 changes: 4 additions & 2 deletions src/pkg/bundle/common.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -280,7 +280,8 @@ func validateOverrides(pkg types.Package, zarfYAML zarfTypes.ZarfPackage) error
var foundComponent *zarfTypes.ZarfComponent
for _, component := range zarfYAML.Components {
if component.Name == componentName {
foundComponent = &component
componentCopy := component // Create a copy of the component
foundComponent = &componentCopy
break
}
}
Expand All @@ -292,7 +293,8 @@ func validateOverrides(pkg types.Package, zarfYAML zarfTypes.ZarfPackage) error
var foundChart *zarfTypes.ZarfChart
for _, chart := range foundComponent.Charts {
if chart.Name == chartName {
foundChart = &chart
chartCopy := chart // Create a copy of the chart
foundChart = &chartCopy
break
}
}
Expand Down
5 changes: 3 additions & 2 deletions src/pkg/bundle/deploy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -289,11 +289,12 @@ func (b *Bundle) loadChartOverrides(pkg types.Package) (ZarfOverrideMap, error)
// Loop through each package component's charts and process overrides
for componentName, component := range pkg.Overrides {
for chartName, chart := range component {
err := b.processOverrideValues(&overrideMap, &chart.Values, componentName, chartName)
chartCopy := chart // Create a copy of the chart
err := b.processOverrideValues(&overrideMap, &chartCopy.Values, componentName, chartName)
if err != nil {
return nil, err
}
err = b.processOverrideVariables(&overrideMap, pkg.Name, &chart.Variables, componentName, chartName)
err = b.processOverrideVariables(&overrideMap, pkg.Name, &chartCopy.Variables, componentName, chartName)
if err != nil {
return nil, err
}
Expand Down
7 changes: 1 addition & 6 deletions src/pkg/bundler/fetcher/local.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,12 +68,7 @@ func (f *localFetcher) GetPkgMetadata() (zarfTypes.ZarfPackage, error) {
if err != nil {
return zarfTypes.ZarfPackage{}, err
}
defer func(path string) {
err := os.RemoveAll(path)
if err != nil {

}
}(tmpDir)
defer os.RemoveAll(tmpDir) //nolint:errcheck

zarfTarball, err := os.Open(f.cfg.Bundle.Packages[f.cfg.PkgIter].Path)
if err != nil {
Expand Down
4 changes: 2 additions & 2 deletions src/pkg/sources/remote.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,7 @@ func (r *RemoteBundle) LoadPackageMetadata(dst *layout.PackagePaths, _ bool, _ b
if err = goyaml.Unmarshal(zarfYAMLBytes, &zarfYAML); err != nil {
return err
}
err = zarfUtils.WriteYaml(filepath.Join(dst.Base, config.ZarfYAML), zarfYAML, 0644)
err = zarfUtils.WriteYaml(filepath.Join(dst.Base, config.ZarfYAML), zarfYAML, 0600)
if err != nil {
return err
}
Expand All @@ -124,7 +124,7 @@ func (r *RemoteBundle) LoadPackageMetadata(dst *layout.PackagePaths, _ bool, _ b
if err != nil {
return err
}
err = os.WriteFile(filepath.Join(dst.Base, config.ChecksumsTxt), checksumBytes, 0644)
err = os.WriteFile(filepath.Join(dst.Base, config.ChecksumsTxt), checksumBytes, 0600)
if err != nil {
return err
}
Expand Down
2 changes: 1 addition & 1 deletion src/pkg/utils/sbom.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ func SBOMExtractor(dst string, SBOMArtifactPathMap map[string]string) func(ctx c
}
path := filepath.Join(dst, config.BundleSBOM, f.NameInArchive)
// todo: handle collisions? especially for zarf-component SBOM files?
err = os.WriteFile(path, buffer, 0644)
err = os.WriteFile(path, buffer, 0600)
if err != nil {
return err
}
Expand Down

0 comments on commit ce4f799

Please sign in to comment.