diff --git a/build_test.go b/build_test.go index e698c83..aeb9da3 100644 --- a/build_test.go +++ b/build_test.go @@ -108,7 +108,7 @@ test-key = "test-value" err = buildpackTOML.Execute(&b, map[string]string{"APIVersion": "0.6"}) Expect(err).ToNot(HaveOccurred()) - Expect(ioutil.WriteFile(filepath.Join(buildpackPath, "buildpack.toml"), b.Bytes(), 0644)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(buildpackPath, "buildpack.toml"), b.Bytes(), 0600)).To(Succeed()) f, err := ioutil.TempFile("", "build-buildpackplan-path") Expect(err).NotTo(HaveOccurred()) @@ -124,7 +124,7 @@ version = "test-version" [entries.metadata] test-key = "test-value" `), - 0644), + 0600), ).To(Succeed()) commandPath = filepath.Join("bin", "build") @@ -145,7 +145,7 @@ test-key = "test-value" [metadata] test-key = "test-value" `), - 0644), + 0600), ).To(Succeed()) platformPath, err = ioutil.TempDir("", "build-platform-path") @@ -153,10 +153,10 @@ test-key = "test-value" Expect(os.MkdirAll(filepath.Join(platformPath, "bindings", "alpha"), 0755)).To(Succeed()) Expect(ioutil.WriteFile(filepath.Join(platformPath, "bindings", "alpha", "test-secret-key"), - []byte("test-secret-value"), 0644)).To(Succeed()) + []byte("test-secret-value"), 0600)).To(Succeed()) Expect(os.MkdirAll(filepath.Join(platformPath, "env"), 0755)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(platformPath, "env", "TEST_ENV"), []byte("test-value"), 0644)). + Expect(ioutil.WriteFile(filepath.Join(platformPath, "env", "TEST_ENV"), []byte("test-value"), 0600)). To(Succeed()) tomlWriter = &mocks.TOMLWriter{} @@ -192,7 +192,7 @@ id = "test-id" name = "test-name" version = "1.1.1" `), - 0644), + 0600), ).To(Succeed()) }) @@ -404,7 +404,7 @@ version = "1.1.1" err := buildpackTOML.Execute(&b, map[string]string{"APIVersion": "0.5"}) Expect(err).ToNot(HaveOccurred()) - Expect(ioutil.WriteFile(filepath.Join(buildpackPath, "buildpack.toml"), b.Bytes(), 0644)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(buildpackPath, "buildpack.toml"), b.Bytes(), 0600)).To(Succeed()) layer := libcnb.Layer{ Name: "test-name", @@ -561,9 +561,9 @@ version = "1.1.1" }) it("removes stale layers", func() { - Expect(ioutil.WriteFile(filepath.Join(layersPath, "alpha.toml"), []byte(""), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(layersPath, "bravo.toml"), []byte(""), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(layersPath, "store.toml"), []byte(""), 0644)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(layersPath, "alpha.toml"), []byte(""), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(layersPath, "bravo.toml"), []byte(""), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(layersPath, "store.toml"), []byte(""), 0600)).To(Succeed()) layer := libcnb.Layer{Name: "alpha"} layerContributor.On("Contribute", mock.Anything).Return(layer, nil) diff --git a/detect_test.go b/detect_test.go index 1bb5ad3..805ad35 100644 --- a/detect_test.go +++ b/detect_test.go @@ -86,7 +86,7 @@ mixins = ["test-name"] [metadata] test-key = "test-value" `), - 0644), + 0600), ).To(Succeed()) f, err := ioutil.TempFile("", "detect-buildplan-path") @@ -108,10 +108,10 @@ test-key = "test-value" Expect(os.MkdirAll(filepath.Join(platformPath, "bindings", "alpha"), 0755)).To(Succeed()) Expect(ioutil.WriteFile(filepath.Join(platformPath, "bindings", "alpha", "test-secret-key"), - []byte("test-secret-value"), 0644)).To(Succeed()) + []byte("test-secret-value"), 0600)).To(Succeed()) Expect(os.MkdirAll(filepath.Join(platformPath, "env"), 0755)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(platformPath, "env", "TEST_ENV"), []byte("test-value"), 0644)). + Expect(ioutil.WriteFile(filepath.Join(platformPath, "env", "TEST_ENV"), []byte("test-value"), 0600)). To(Succeed()) tomlWriter = &mocks.TOMLWriter{} @@ -146,7 +146,7 @@ id = "test-id" name = "test-name" version = "1.1.1" `), - 0644), + 0600), ).To(Succeed()) }) diff --git a/environment_test.go b/environment_test.go index c4e719d..982217a 100644 --- a/environment_test.go +++ b/environment_test.go @@ -140,5 +140,4 @@ func testEnvironment(t *testing.T, context spec.G, it spec.S) { filepath.Join("test-process", "TEST_NAME.prepend"): "test-value", })) }) - } diff --git a/formatter_test.go b/formatter_test.go index 98a7e6f..b110164 100644 --- a/formatter_test.go +++ b/formatter_test.go @@ -115,7 +115,5 @@ func testFormatter(t *testing.T, context spec.G, it spec.S) { Expect(libcnb.PlatformFormatter(plat).String()).To(Equal("Platform contents: [. test-file]")) }) - }) - } diff --git a/internal/config_map_test.go b/internal/config_map_test.go index 456e561..2dc1bf6 100644 --- a/internal/config_map_test.go +++ b/internal/config_map_test.go @@ -55,7 +55,7 @@ func testConfigMap(t *testing.T, context spec.G, it spec.S) { }) it("loads the ConfigMap from a directory", func() { - Expect(ioutil.WriteFile(filepath.Join(path, "test-key"), []byte("test-value"), 0644)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "test-key"), []byte("test-value"), 0600)).To(Succeed()) cm, err := internal.NewConfigMapFromPath(path) Expect(err).NotTo(HaveOccurred()) @@ -69,7 +69,7 @@ func testConfigMap(t *testing.T, context spec.G, it spec.S) { Expect(ioutil.WriteFile( filepath.Join(path, ".hidden", "test-key"), []byte("test-value"), - 0644, + 0600, )).To(Succeed()) Expect(os.Symlink( filepath.Join(".hidden", "test-key"), @@ -82,7 +82,7 @@ func testConfigMap(t *testing.T, context spec.G, it spec.S) { }) it("ignores hidden files", func() { - Expect(ioutil.WriteFile(filepath.Join(path, ".hidden-key"), []byte("hidden-value"), 0644)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, ".hidden-key"), []byte("hidden-value"), 0600)).To(Succeed()) cm, err := internal.NewConfigMapFromPath(path) Expect(err).NotTo(HaveOccurred()) diff --git a/internal/environment_writer.go b/internal/environment_writer.go index 024d0c3..be464b1 100644 --- a/internal/environment_writer.go +++ b/internal/environment_writer.go @@ -38,6 +38,7 @@ func (w EnvironmentWriter) Write(path string, environment map[string]string) err for key, value := range environment { f := filepath.Join(path, key) + // #nosec if err := ioutil.WriteFile(f, []byte(value), 0644); err != nil { return fmt.Errorf("unable to write file %s\n%w", f, err) } diff --git a/internal/environment_writer_test.go b/internal/environment_writer_test.go index 0fbf857..e5ebb1d 100644 --- a/internal/environment_writer_test.go +++ b/internal/environment_writer_test.go @@ -41,8 +41,6 @@ func testEnvironmentWriter(t *testing.T, context spec.G, it spec.S) { path, err = ioutil.TempDir("", "environment-writer") Expect(err).NotTo(HaveOccurred()) Expect(os.RemoveAll(path)).To(Succeed()) - - writer = internal.EnvironmentWriter{} }) it.After(func() { diff --git a/layer_test.go b/layer_test.go index f768a14..5b15ee2 100644 --- a/layer_test.go +++ b/layer_test.go @@ -82,7 +82,6 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { }) context("Layers", func() { - it.Before(func() { var err error path, err = ioutil.TempDir("", "layers") @@ -121,7 +120,7 @@ build = false [metadata] test-key = "test-value" `), - 0644), + 0600), ).To(Succeed()) l, err := layers.Layer("test-name") @@ -143,7 +142,7 @@ build = false [metadata] test-key = "test-value" `), - 0644), + 0600), ).To(Succeed()) l, err := layers.Layer("test-name") @@ -166,7 +165,7 @@ cache = false [metadata] test-key = "test-value" `), - 0644), + 0600), ).To(Succeed()) l, err := layers.Layer("test-name") diff --git a/main_test.go b/main_test.go index ef7e764..606f561 100644 --- a/main_test.go +++ b/main_test.go @@ -86,7 +86,7 @@ mixins = ["test-name"] [metadata] test-key = "test-value" `), - 0644), + 0600), ).To(Succeed()) f, err := ioutil.TempFile("", "main-buildpackplan-path") @@ -103,7 +103,7 @@ version = "test-version" [entries.metadata] test-key = "test-value" `), - 0644), + 0600), ).To(Succeed()) f, err = ioutil.TempFile("", "main-buildplan-path") @@ -129,7 +129,7 @@ test-key = "test-value" [metadata] test-key = "test-value" `), - 0644), + 0600), ).To(Succeed()) platformPath, err = ioutil.TempDir("", "main-platform-path") @@ -139,17 +139,17 @@ test-key = "test-value" Expect(ioutil.WriteFile( filepath.Join(platformPath, "bindings", "alpha", "metadata", "test-metadata-key"), []byte("test-metadata-value"), - 0644, + 0600, )).To(Succeed()) Expect(os.MkdirAll(filepath.Join(platformPath, "bindings", "alpha", "secret"), 0755)).To(Succeed()) Expect(ioutil.WriteFile( filepath.Join(platformPath, "bindings", "alpha", "secret", "test-secret-key"), []byte("test-secret-value"), - 0644, + 0600, )).To(Succeed()) Expect(os.MkdirAll(filepath.Join(platformPath, "env"), 0755)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(platformPath, "env", "TEST_ENV"), []byte("test-value"), 0644)). + Expect(ioutil.WriteFile(filepath.Join(platformPath, "env", "TEST_ENV"), []byte("test-value"), 0600)). To(Succeed()) tomlWriter = &mocks.TOMLWriter{} @@ -239,5 +239,4 @@ test-key = "test-value" Expect(exitHandler.Calls[0].Arguments.Get(0)).To(MatchError("unsupported command test-command")) }) - } diff --git a/platform.go b/platform.go index 2a732a6..1913eee 100644 --- a/platform.go +++ b/platform.go @@ -41,11 +41,10 @@ const ( // See the Service Binding Specification for Kubernetes for more details - https://k8s-service-bindings.github.io/spec/ EnvServiceBindings = "SERVICE_BINDING_ROOT" - // EnvCNBBindings is the name of the environment variable that contains the path to the CNB bindings directory. The CNB - // bindings spec will eventually by deprecated in favor of the Service Binding Specification for Kubernetes - - // https://github.com/buildpacks/rfcs/blob/main/text/0055-deprecate-service-bindings.md. - // + // EnvCNBBindings is the name of the environment variable that contains the path to the CNB bindings directory. // See the CNB bindings extension spec for more details - https://github.com/buildpacks/spec/blob/main/extensions/bindings.md + // Deprecated: Use the Service Binding Specification for Kubernetes instead - + // https://github.com/buildpacks/rfcs/blob/main/text/0055-deprecate-service-bindings.md. EnvCNBBindings = "CNB_BINDINGS" ) @@ -115,7 +114,7 @@ func NewBindingFromPath(path string) (Binding, error) { func (b Binding) String() string { var s []string - for k, _ := range b.Secret { + for k := range b.Secret { s = append(s, k) } sort.Strings(s) diff --git a/platform_test.go b/platform_test.go index b2f3ce3..4c4fcf8 100644 --- a/platform_test.go +++ b/platform_test.go @@ -48,25 +48,24 @@ func testPlatform(t *testing.T, context spec.G, it spec.S) { }) context("CNB Bindings", func() { - it.Before(func() { Expect(os.MkdirAll(filepath.Join(path, "alpha", "metadata"), 0755)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "metadata", "kind"), []byte("test-kind"), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "metadata", "provider"), []byte("test-provider"), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "metadata", "test-metadata-key"), []byte("test-metadata-value"), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "metadata", "test-metadata-key-trimmed"), []byte(" test-metadata-value-trimmed \n"), 0644)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "metadata", "kind"), []byte("test-kind"), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "metadata", "provider"), []byte("test-provider"), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "metadata", "test-metadata-key"), []byte("test-metadata-value"), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "metadata", "test-metadata-key-trimmed"), []byte(" test-metadata-value-trimmed \n"), 0600)).To(Succeed()) Expect(os.MkdirAll(filepath.Join(path, "alpha", "secret"), 0755)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "secret", "test-secret-key"), []byte("test-secret-value"), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "secret", "test-secret-key-trimmed"), []byte(" test-secret-value-trimmed \n"), 0644)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "secret", "test-secret-key"), []byte("test-secret-value"), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "secret", "test-secret-key-trimmed"), []byte(" test-secret-value-trimmed \n"), 0600)).To(Succeed()) Expect(os.MkdirAll(filepath.Join(path, "bravo", "metadata"), 0755)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "metadata", "kind"), []byte("test-kind"), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "metadata", "provider"), []byte("test-provider"), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "metadata", "test-metadata-key"), []byte("test-metadata-value"), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "metadata", "test-metadata-key-trimmed"), []byte(" test-metadata-value-trimmed \n"), 0644)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "metadata", "kind"), []byte("test-kind"), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "metadata", "provider"), []byte("test-provider"), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "metadata", "test-metadata-key"), []byte("test-metadata-value"), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "metadata", "test-metadata-key-trimmed"), []byte(" test-metadata-value-trimmed \n"), 0600)).To(Succeed()) Expect(os.MkdirAll(filepath.Join(path, "bravo", "secret"), 0755)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "secret", "test-secret-key"), []byte("test-secret-value"), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "secret", "test-secret-key-trimmed"), []byte(" test-secret-value-trimmed \n"), 0644)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "secret", "test-secret-key"), []byte("test-secret-value"), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "secret", "test-secret-key-trimmed"), []byte(" test-secret-value-trimmed \n"), 0600)).To(Succeed()) }) context("Binding", func() { @@ -196,17 +195,16 @@ func testPlatform(t *testing.T, context spec.G, it spec.S) { }) context("Kubernetes Service Bindings", func() { - it.Before(func() { Expect(os.MkdirAll(filepath.Join(path, "alpha"), 0755)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "type"), []byte("test-type"), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "provider"), []byte("test-provider"), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "test-secret-key"), []byte("test-secret-value"), 0644)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "type"), []byte("test-type"), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "provider"), []byte("test-provider"), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "alpha", "test-secret-key"), []byte("test-secret-value"), 0600)).To(Succeed()) Expect(os.MkdirAll(filepath.Join(path, "bravo"), 0755)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "type"), []byte("test-type"), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "provider"), []byte("test-provider"), 0644)).To(Succeed()) - Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "test-secret-key"), []byte("test-secret-value"), 0644)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "type"), []byte("test-type"), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "provider"), []byte("test-provider"), 0600)).To(Succeed()) + Expect(ioutil.WriteFile(filepath.Join(path, "bravo", "test-secret-key"), []byte("test-secret-value"), 0600)).To(Succeed()) }) context("Binding", func() { @@ -393,9 +391,7 @@ func testPlatform(t *testing.T, context spec.G, it spec.S) { Expect(libcnb.NewBindingsForBuild("does-not-exist")).To(Equal(libcnb.Bindings{})) }) }) - }) }) }) - } diff --git a/poet/logger.go b/poet/logger.go index 51e6f67..3799b0a 100644 --- a/poet/logger.go +++ b/poet/logger.go @@ -126,7 +126,7 @@ func (Logger) print(writer io.Writer, a ...interface{}) { s := fmt.Sprint(a...) if !strings.HasSuffix(s, "\n") { - s = s + "\n" + s += "\n" } _, _ = fmt.Fprint(writer, s) @@ -134,7 +134,7 @@ func (Logger) print(writer io.Writer, a ...interface{}) { func (Logger) printf(writer io.Writer, format string, a ...interface{}) { if !strings.HasSuffix(format, "\n") { - format = format + "\n" + format += "\n" } _, _ = fmt.Fprintf(writer, format, a...)