Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix issues reported by static analysis #1357

Merged
merged 2 commits into from
Aug 14, 2024
Merged

Fix issues reported by static analysis #1357

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d4e70a7
Fix issues reported by static analysis
Danielius1922 Aug 14, 2024
e360303
fixup! Fix issues reported by static analysis
Danielius1922 Aug 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 4 additions & 3 deletions Dockerfile.test
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
FROM ubuntu:22.04 AS hub-test
RUN apt-get update \
&& DEBIAN_FRONTEND="noninteractive" apt-get install -y --no-install-recommends build-essential ca-certificates curl git make patch sudo \
&& DEBIAN_FRONTEND="noninteractive" apt-get install -y --no-install-recommends \
build-essential ca-certificates curl git make patch sudo \
&& apt-get clean \
&& curl -sSL https://get.docker.com/ | sh
&& curl --proto "=https" -sSL https://get.docker.com/ | sh
WORKDIR /
# apt: ca-certificates git make sudo
RUN git clone https://github.com/udhos/update-golang.git \
&& cd update-golang \
Expand All @@ -20,7 +22,6 @@ WORKDIR /usr/local/go
# apt: patch
RUN ( patch -p1 < "$GOPATH/src/github.com/plgd-dev/hub/tools/docker/patches/shrink_tls_conn.patch" )


WORKDIR $GOPATH/src/github.com/plgd-dev/hub

# RUN go mod tidy
Expand Down
128 changes: 99 additions & 29 deletions bundle/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1
FROM golang:1.22.3-alpine AS build
RUN apk add --no-cache curl git build-base
RUN apk add --no-cache build-base curl git
WORKDIR $GOPATH/src/github.com/plgd-dev/hub
COPY go.mod go.sum ./
RUN go mod download
Expand All @@ -21,109 +21,181 @@
ARG service=coap-gateway
WORKDIR $root_directory/$service
RUN go build \
-ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X \
github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$service" \
./cmd/service

#grpc-gateway
ARG service=grpc-gateway
WORKDIR $root_directory/$service
RUN go build \
-ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION \
-X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$service" \
./cmd/service

#http-gateway
ARG service=http-gateway
WORKDIR $root_directory/$service
RUN go build \
-ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION \
-X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$service" \
./cmd/service

#resource-directory
ARG service=resource-directory
WORKDIR $root_directory/$service
RUN go build \
-ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION \
-X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$service" \
./cmd/service

#resource-aggregate
ARG service=resource-aggregate
WORKDIR $root_directory/$service
RUN go build \
-ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION \
-X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$service" \
./cmd/service

#identity-store
ARG service=identity-store
WORKDIR $root_directory/$service
RUN go build \
-ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION \
-X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$service" \
./cmd/service

#certificate-authority
ARG service=certificate-authority
WORKDIR $root_directory/$service
RUN go build \
-ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION \
-X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$service" \
./cmd/service

#oauth-server
ARG service=oauth-server
WORKDIR $root_directory/test/$service
RUN go build \
-ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION \
-X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$service" \
./cmd/service

#oauth-server
ARG service=m2m-oauth-server
WORKDIR $root_directory/$service
RUN go build \
-ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION \
-X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$service" \
./cmd/service

#cloud2cloud-gateway
ARG service=cloud2cloud-gateway
WORKDIR $root_directory/$service
RUN go build \
-ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION \
-X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$service" \
./cmd/service

#cloud2cloud-connector
ARG service=cloud2cloud-connector
WORKDIR $root_directory/$service
RUN go build \
-ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION \
-X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$service" \
./cmd/service

#cert-tool
ARG tool=cert-tool
WORKDIR $root_directory/tools/$tool
RUN go build \
-ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION \
-X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$tool" \
./

#snippet-service
ARG service=snippet-service
WORKDIR $root_directory/$service
RUN go build -ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
RUN go build \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION \
-X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$service" \
./cmd/service

#grpc-reflection
ARG service=grpc-reflection
WORKDIR $root_directory/tools/$service
RUN go build -ldflags "-linkmode external -extldflags -static -X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE -X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT -X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE -X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION -X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
RUN go build \
-ldflags "-linkmode external -extldflags -static \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitDate=$COMMIT_DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.CommitHash=$SHORT_COMMIT \
-X github.com/plgd-dev/hub/v2/pkg/build.BuildDate=$DATE \
-X github.com/plgd-dev/hub/v2/pkg/build.Version=$VERSION \
-X github.com/plgd-dev/hub/v2/pkg/build.ReleaseURL=$RELEASE_URL" \
-o "/go/bin/$service" \
./cmd/service

Expand All @@ -138,28 +210,26 @@
*) echo >&2 "error: unsupported architecture: $apkArch"; exit 1 ;; \
esac; \
curl -L https://github.com/nats-io/nats-server/releases/download/v2.3.1/nats-server-v2.3.1-linux-${ARCH}.zip -o ./nats-server.zip ; \
curl -L https://github.com/nats-io/natscli/releases/download/0.0.24/nats-0.0.24-linux-${ARCH}.zip -o ./nats.zip
RUN mkdir -p ./nats-server
RUN unzip ./nats-server.zip -d ./nats-server
RUN cp ./nats-server/*/nats-server /go/bin/nats-server

RUN mkdir -p ./nats
RUN unzip ./nats.zip -d ./nats
RUN cp ./nats/*/nats /go/bin/nats
curl -L https://github.com/nats-io/natscli/releases/download/0.0.24/nats-0.0.24-linux-${ARCH}.zip -o ./nats.zip \
&& mkdir -p ./nats-server \
&& unzip ./nats-server.zip -d ./nats-server \
&& cp ./nats-server/*/nats-server /go/bin/nats-server \
&& mkdir -p ./nats \
&& unzip ./nats.zip -d ./nats \
&& cp ./nats/*/nats /go/bin/nats

FROM ubuntu:22.04 AS service
# iproute2 -> ip utility in run.sh
# netcat -> nc utility in run.sh
# nginx -> nginx server in run.sh
# openssl -> openssl utility in run.sh
RUN apt update \
&& apt-get install -y --no-install-recommends ca-certificates gnupg iproute2 netcat nginx openssl wget curl sudo coreutils \
&& apt-get clean
# yq utility in run.sh
RUN wget https://github.com/mikefarah/yq/releases/download/v4.44.2/yq_linux_$(dpkg --print-architecture) -O /usr/bin/yq && chmod +x /usr/bin/yq
RUN wget -qO - https://pgp.mongodb.com/server-6.0.asc | gpg --dearmor -o /etc/apt/trusted.gpg.d/mongodb-6.0.gpg
RUN echo "deb [ arch=$(dpkg --print-architecture) ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/6.0 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-6.0.list
RUN apt update \
&& apt-get install -y --no-install-recommends ca-certificates coreutils curl gnupg iproute2 netcat nginx openssl sudo \
&& curl -L --proto "=https" https://github.com/mikefarah/yq/releases/download/v4.44.2/yq_linux_$(dpkg --print-architecture) -o /usr/bin/yq && chmod +x /usr/bin/yq \
&& curl -L --proto "=https" https://pgp.mongodb.com/server-6.0.asc | gpg --dearmor -o /etc/apt/trusted.gpg.d/mongodb-6.0.gpg \
&& echo "deb [ arch=$(dpkg --print-architecture) ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/6.0 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-6.0.list \
&& apt update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends mongodb-org mongodb-org-server \
&& apt-get clean

Expand Down Expand Up @@ -220,7 +290,7 @@
ENV OPEN_TELEMETRY_EXPORTER_ENABLED=false
ENV OPEN_TELEMETRY_EXPORTER_ADDRESS="localhost:4317"
ENV OPEN_TELEMETRY_EXPORTER_CERT_FILE="/certs/otel/cert.crt"
ENV OPEN_TELEMETRY_EXPORTER_KEY_FILE="/certs/otel/cert.key"

Check warning on line 293 in bundle/Dockerfile

View workflow job for this annotation

GitHub Actions / build-and-publish-image-www (bundle, bundle, bundle/Dockerfile) / build-and-publish-with-cfg

Sensitive data should not be used in the ARG or ENV commands 

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "OPEN_TELEMETRY_EXPORTER_KEY_FILE")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
ENV OPEN_TELEMETRY_EXPORTER_CA_POOL="/certs/otel/rootca.crt"

# global - certificates generated by cert-tool
Expand Down Expand Up @@ -266,6 +336,6 @@
ENV DEVICE_PROVIDER=plgd
ENV DEVICE_OAUTH_SCOPES="offline_access"
ENV OWNER_CLAIM="sub"
ENV MOCK_OAUTH_SERVER_ACCESS_TOKEN_LIFETIME="0s"

Check warning on line 339 in bundle/Dockerfile

View workflow job for this annotation

GitHub Actions / build-and-publish-image-www (bundle, bundle, bundle/Dockerfile) / build-and-publish-with-cfg

Sensitive data should not be used in the ARG or ENV commands 

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "MOCK_OAUTH_SERVER_ACCESS_TOKEN_LIFETIME")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/

ENTRYPOINT ["/usr/local/bin/run.sh"]
2 changes: 1 addition & 1 deletion charts/plgd-hub/templates/certs/default/ca-issuer.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ metadata:
{{- end }}
spec:
{{- if or (and .Values.certmanager.default.ca.issuerRef.name (ne ( .Values.certmanager.default.ca.issuerRef.name | toString) ( .Values.certmanager.default.ca.issuer.name | toString)))
(and .Values.certmanager.default.ca.issuerRef.kind (ne ( .Values.certmanager.default.ca.issuerRef.kind | toString) (.Values.certmanager.default.ca.issuer.kind | toString)))}}
(and .Values.certmanager.default.ca.issuerRef.kind (ne ( .Values.certmanager.default.ca.issuerRef.kind | toString) (.Values.certmanager.default.ca.issuer.kind | toString))) }}
ca:
secretName: {{ .Values.certmanager.default.ca.secret.name }}
{{- else }}
Expand Down
2 changes: 1 addition & 1 deletion charts/plgd-hub/templates/certs/default/root-ca.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
commonName: {{ .Values.certmanager.default.ca.commonName }}
secretName: {{ .Values.certmanager.default.ca.secret.name }}
privateKey:
algorithm: {{ .Values.certmanager.default.cert.key.algorithm}}
algorithm: {{ .Values.certmanager.default.cert.key.algorithm }}
size: {{ .Values.certmanager.default.cert.key.size }}
usages:
- "signing"
Expand Down
8 changes: 4 additions & 4 deletions charts/plgd-hub/templates/certs/storage/scylla-crt.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,10 @@ spec:
- "{{ $.Release.Name }}-scylla-client.{{ $.Release.Namespace }}.svc.{{ $.Values.cluster.dns }}"
{{- $rack := . }}
{{- range $i := until (int .members) }}
- {{$.Release.Name}}-scylla-{{$.Values.scylla.datacenter}}-{{ $rack.name }}-{{$i}}
- {{$.Release.Name}}-scylla-{{$.Values.scylla.datacenter}}-{{ $rack.name }}-{{$i}}.{{$.Release.Namespace}}.svc.{{ $.Values.cluster.dns }}
- "*.{{$.Release.Name}}-scylla-{{$.Values.scylla.datacenter}}-{{ $rack.name }}-{{$i}}"
- "*.{{$.Release.Name}}-scylla-{{$.Values.scylla.datacenter}}-{{ $rack.name }}-{{$i}}.{{$.Release.Namespace}}.svc.{{ $.Values.cluster.dns }}"
- {{ $.Release.Name }}-scylla-{{ $.Values.scylla.datacenter }}-{{ $rack.name }}-{{ $i }}
- {{ $.Release.Name }}-scylla-{{ $.Values.scylla.datacenter }}-{{ $rack.name }}-{{ $i }}.{{ $.Release.Namespace }}.svc.{{ $.Values.cluster.dns }}
- "*.{{ $.Release.Name }}-scylla-{{ $.Values.scylla.datacenter }}-{{ $rack.name }}-{{ $i }}"
- "*.{{ $.Release.Name }}-scylla-{{ $.Values.scylla.datacenter }}-{{ $rack.name }}-{{ $i }}.{{ $.Release.Namespace }}.svc.{{ $.Values.cluster.dns }}"
{{- end }}
duration: {{ $.Values.certmanager.storage.cert.duration | default $.Values.certmanager.internal.cert.duration | default $.Values.certmanager.default.cert.duration }}
renewBefore: {{ $.Values.certmanager.storage.cert.renewBefore | default $.Values.certmanager.internal.cert.renewBefore | default $.Values.certmanager.default.cert.renewBefore }}
Expand Down
2 changes: 1 addition & 1 deletion charts/plgd-hub/templates/mongodb-standby-tool/config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ data:
# List of the MongoDB members in the replica set which are used as hidden and secondary members
members:
{{- range $standbyTool.replicaSet.standby.members }}
- {{printf "%s" . }}
- {{ printf "%s" . }}
{{- end }}
# Set the delay for syncing the standby members with the secondary/primary members
delays: {{ $standbyTool.replicaSet.standby.delays }}
Expand Down
2 changes: 1 addition & 1 deletion grpc-gateway/client/maintenance.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ func (c *Client) updateMaintenanceResource(
}
}()
str := http.StatusText(resp.LastHTTPError)
return status.Errorf(httpCoreToGrpc(resp.LastHTTPError), str)
return status.Errorf(httpCoreToGrpc(resp.LastHTTPError), "%s", str)
}
return it.Err
}
Loading
Loading