Skip to content

Commit

Permalink
Reduce file permission
Browse files Browse the repository at this point in the history
As suggested by @pjbgf

Co-authored-by: Paulo Gomes <[email protected]>

Co-authored-by: Paulo Gomes <[email protected]>
Signed-off-by: Peter Gundel <[email protected]>
  • Loading branch information
peterfication and pjbgf committed Apr 13, 2022
1 parent 0949d0a commit 90d2291
Show file tree
Hide file tree
Showing 9 changed files with 35 additions and 35 deletions.
4 changes: 2 additions & 2 deletions controllers/storage.go
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ func (s Storage) SetHostname(URL string) string {
// MkdirAll calls os.MkdirAll for the given v1beta1.Artifact base dir.
func (s *Storage) MkdirAll(artifact sourcev1.Artifact) error {
dir := filepath.Dir(s.LocalPath(artifact))
return os.MkdirAll(dir, 0o777)
return os.MkdirAll(dir, 0o770)
}

// RemoveAll calls os.RemoveAll for the given v1beta1.Artifact base dir.
Expand Down Expand Up @@ -432,7 +432,7 @@ func (s *Storage) Archive(artifact *sourcev1.Artifact, dir string, filter Archiv
return err
}

if err := os.Chmod(tmpName, 0o644); err != nil {
if err := os.Chmod(tmpName, 0o640); err != nil {
return err
}

Expand Down
12 changes: 6 additions & 6 deletions controllers/storage_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ func TestStorage_Archive(t *testing.T) {
}
for name, b := range files {
absPath := filepath.Join(dir, name)
if err = os.MkdirAll(filepath.Dir(absPath), 0o755); err != nil {
if err = os.MkdirAll(filepath.Dir(absPath), 0o750); err != nil {
return
}
f, err := os.Create(absPath)
Expand Down Expand Up @@ -316,7 +316,7 @@ func TestStorageRemoveAllButCurrent(t *testing.T) {

// Create artifact dir and artifacts.
artifactDir := path.Join(dir, "foo", "bar")
g.Expect(os.MkdirAll(artifactDir, 0o755)).NotTo(HaveOccurred())
g.Expect(os.MkdirAll(artifactDir, 0o750)).NotTo(HaveOccurred())
current := []string{
path.Join(artifactDir, "artifact1.tar.gz"),
}
Expand Down Expand Up @@ -378,7 +378,7 @@ func TestStorageRemoveAll(t *testing.T) {
}

if tt.createArtifactPath {
g.Expect(os.MkdirAll(path.Join(dir, tt.artifactPath), 0o755)).ToNot(HaveOccurred())
g.Expect(os.MkdirAll(path.Join(dir, tt.artifactPath), 0o750)).ToNot(HaveOccurred())
}

deleted, err := s.RemoveAll(artifact)
Expand Down Expand Up @@ -412,7 +412,7 @@ func TestStorageCopyFromPath(t *testing.T) {
}
t.Cleanup(cleanupStoragePath(dir))
absPath = filepath.Join(dir, file.Name)
if err = os.MkdirAll(filepath.Dir(absPath), 0o755); err != nil {
if err = os.MkdirAll(filepath.Dir(absPath), 0o750); err != nil {
return
}
f, err := os.Create(absPath)
Expand Down Expand Up @@ -591,7 +591,7 @@ func TestStorage_getGarbageFiles(t *testing.T) {
artifact := sourcev1.Artifact{
Path: tt.artifactPaths[len(tt.artifactPaths)-1],
}
g.Expect(os.MkdirAll(path.Join(dir, artifactFolder), 0o755)).ToNot(HaveOccurred())
g.Expect(os.MkdirAll(path.Join(dir, artifactFolder), 0o750)).ToNot(HaveOccurred())
for _, artifactPath := range tt.artifactPaths {
f, err := os.Create(path.Join(dir, artifactPath))
g.Expect(err).ToNot(HaveOccurred())
Expand Down Expand Up @@ -667,7 +667,7 @@ func TestStorage_GarbageCollect(t *testing.T) {
artifact := sourcev1.Artifact{
Path: tt.artifactPaths[len(tt.artifactPaths)-1],
}
g.Expect(os.MkdirAll(path.Join(dir, artifactFolder), 0o755)).ToNot(HaveOccurred())
g.Expect(os.MkdirAll(path.Join(dir, artifactFolder), 0o750)).ToNot(HaveOccurred())
for i, artifactPath := range tt.artifactPaths {
f, err := os.Create(path.Join(dir, artifactPath))
g.Expect(err).ToNot(HaveOccurred())
Expand Down
36 changes: 18 additions & 18 deletions internal/fs/fs_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,12 +42,12 @@ func TestRenameWithFallback(t *testing.T) {
}

srcpath = filepath.Join(dir, "a")
if err = os.MkdirAll(srcpath, 0o777); err != nil {
if err = os.MkdirAll(srcpath, 0o770); err != nil {
t.Fatal(err)
}

dstpath := filepath.Join(dir, "b")
if err = os.MkdirAll(dstpath, 0o777); err != nil {
if err = os.MkdirAll(dstpath, 0o770); err != nil {
t.Fatal(err)
}

Expand All @@ -64,7 +64,7 @@ func TestCopyDir(t *testing.T) {
defer os.RemoveAll(dir)

srcdir := filepath.Join(dir, "src")
if err := os.MkdirAll(srcdir, 0o755); err != nil {
if err := os.MkdirAll(srcdir, 0o750); err != nil {
t.Fatal(err)
}

Expand All @@ -81,7 +81,7 @@ func TestCopyDir(t *testing.T) {
for i, file := range files {
fn := filepath.Join(srcdir, file.path)
dn := filepath.Dir(fn)
if err = os.MkdirAll(dn, 0o755); err != nil {
if err = os.MkdirAll(dn, 0o750); err != nil {
t.Fatal(err)
}

Expand Down Expand Up @@ -151,7 +151,7 @@ func TestCopyDirFail_SrcInaccessible(t *testing.T) {

cleanup := setupInaccessibleDir(t, func(dir string) error {
srcdir = filepath.Join(dir, "src")
return os.MkdirAll(srcdir, 0o755)
return os.MkdirAll(srcdir, 0o750)
})
defer cleanup()

Expand Down Expand Up @@ -184,7 +184,7 @@ func TestCopyDirFail_DstInaccessible(t *testing.T) {
defer os.RemoveAll(dir)

srcdir = filepath.Join(dir, "src")
if err = os.MkdirAll(srcdir, 0o755); err != nil {
if err = os.MkdirAll(srcdir, 0o750); err != nil {
t.Fatal(err)
}

Expand Down Expand Up @@ -235,12 +235,12 @@ func TestCopyDirFail_DstExists(t *testing.T) {
defer os.RemoveAll(dir)

srcdir = filepath.Join(dir, "src")
if err = os.MkdirAll(srcdir, 0o755); err != nil {
if err = os.MkdirAll(srcdir, 0o750); err != nil {
t.Fatal(err)
}

dstdir = filepath.Join(dir, "dst")
if err = os.MkdirAll(dstdir, 0o755); err != nil {
if err = os.MkdirAll(dstdir, 0o750); err != nil {
t.Fatal(err)
}

Expand Down Expand Up @@ -273,7 +273,7 @@ func TestCopyDirFailOpen(t *testing.T) {
defer os.RemoveAll(dir)

srcdir = filepath.Join(dir, "src")
if err = os.MkdirAll(srcdir, 0o755); err != nil {
if err = os.MkdirAll(srcdir, 0o750); err != nil {
t.Fatal(err)
}

Expand All @@ -285,7 +285,7 @@ func TestCopyDirFailOpen(t *testing.T) {
srcf.Close()

// setup source file so that it cannot be read
if err = os.Chmod(srcfn, 0o222); err != nil {
if err = os.Chmod(srcfn, 0o220); err != nil {
t.Fatal(err)
}

Expand Down Expand Up @@ -419,11 +419,11 @@ func TestCopyFileLongFilePath(t *testing.T) {
}

fullPath := filepath.Join(dir, dirName, string(os.PathSeparator))
if err := os.MkdirAll(fullPath, 0o755); err != nil && !os.IsExist(err) {
if err := os.MkdirAll(fullPath, 0o750); err != nil && !os.IsExist(err) {
t.Fatalf("%+v", fmt.Errorf("unable to create temp directory: %s", fullPath))
}

err = os.WriteFile(fullPath+"src", []byte(nil), 0o644)
err = os.WriteFile(fullPath+"src", []byte(nil), 0o640)
if err != nil {
t.Fatalf("%+v", err)
}
Expand Down Expand Up @@ -460,7 +460,7 @@ func TestCopyFileFail(t *testing.T) {

cleanup := setupInaccessibleDir(t, func(dir string) error {
dstdir = filepath.Join(dir, "dir")
return os.Mkdir(dstdir, 0o777)
return os.Mkdir(dstdir, 0o770)
})
defer cleanup()

Expand Down Expand Up @@ -493,15 +493,15 @@ func setupInaccessibleDir(t *testing.T, op func(dir string) error) func() {
subdir := filepath.Join(dir, "dir")

cleanup := func() {
if err := os.Chmod(subdir, 0o777); err != nil {
if err := os.Chmod(subdir, 0o770); err != nil {
t.Error(err)
}
if err := os.RemoveAll(dir); err != nil {
t.Error(err)
}
}

if err := os.Mkdir(subdir, 0o777); err != nil {
if err := os.Mkdir(subdir, 0o770); err != nil {
cleanup()
t.Fatal(err)
return nil
Expand All @@ -513,7 +513,7 @@ func setupInaccessibleDir(t *testing.T, op func(dir string) error) func() {
return nil
}

if err := os.Chmod(subdir, 0o666); err != nil {
if err := os.Chmod(subdir, 0o660); err != nil {
cleanup()
t.Fatal(err)
return nil
Expand All @@ -532,7 +532,7 @@ func TestIsDir(t *testing.T) {

cleanup := setupInaccessibleDir(t, func(dir string) error {
dn = filepath.Join(dir, "dir")
return os.Mkdir(dn, 0o777)
return os.Mkdir(dn, 0o770)
})
defer cleanup()

Expand Down Expand Up @@ -575,7 +575,7 @@ func TestIsSymlink(t *testing.T) {
defer os.RemoveAll(dir)

dirPath := filepath.Join(dir, "directory")
if err = os.MkdirAll(dirPath, 0o777); err != nil {
if err = os.MkdirAll(dirPath, 0o770); err != nil {
t.Fatal(err)
}

Expand Down
4 changes: 2 additions & 2 deletions internal/helm/chart/builder_local_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -201,7 +201,7 @@ fullnameOverride: "full-foo-name-override"`),
// Write value file in the base dir.
for _, f := range tt.valuesFiles {
vPath := filepath.Join(localRef.WorkDir, f.Name)
g.Expect(os.WriteFile(vPath, f.Data, 0o644)).ToNot(HaveOccurred())
g.Expect(os.WriteFile(vPath, f.Data, 0o640)).ToNot(HaveOccurred())
}

// Write chart dependencies in the base dir.
Expand Down Expand Up @@ -336,7 +336,7 @@ func Test_mergeFileValues(t *testing.T) {
defer os.RemoveAll(baseDir)

for _, f := range tt.files {
g.Expect(os.WriteFile(filepath.Join(baseDir, f.Name), f.Data, 0o644)).To(Succeed())
g.Expect(os.WriteFile(filepath.Join(baseDir, f.Name), f.Data, 0o640)).To(Succeed())
}

got, err := mergeFileValues(baseDir, tt.paths)
Expand Down
4 changes: 2 additions & 2 deletions internal/helm/chart/metadata_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,7 @@ func TestLoadChartMetadataFromDir(t *testing.T) {
copy.Copy("../testdata/charts/helmchart", tmpDir)
bigRequirementsFile := filepath.Join(tmpDir, "requirements.yaml")
data := make([]byte, helm.MaxChartFileSize+10)
g.Expect(os.WriteFile(bigRequirementsFile, data, 0o644)).ToNot(HaveOccurred())
g.Expect(os.WriteFile(bigRequirementsFile, data, 0o640)).ToNot(HaveOccurred())

tests := []struct {
name string
Expand Down Expand Up @@ -205,7 +205,7 @@ func TestLoadChartMetadataFromArchive(t *testing.T) {
defer os.RemoveAll(tmpDir)
bigArchiveFile := filepath.Join(tmpDir, "chart.tgz")
data := make([]byte, helm.MaxChartSize+10)
g.Expect(os.WriteFile(bigArchiveFile, data, 0o644)).ToNot(HaveOccurred())
g.Expect(os.WriteFile(bigArchiveFile, data, 0o640)).ToNot(HaveOccurred())

tests := []struct {
name string
Expand Down
2 changes: 1 addition & 1 deletion internal/helm/repository/chart_repository_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -363,7 +363,7 @@ func TestChartRepository_LoadIndexFromFile(t *testing.T) {
defer os.RemoveAll(tmpDir)
bigIndexFile := filepath.Join(tmpDir, "index.yaml")
data := make([]byte, helm.MaxIndexSize+10)
g.Expect(os.WriteFile(bigIndexFile, data, 0o644)).ToNot(HaveOccurred())
g.Expect(os.WriteFile(bigIndexFile, data, 0o640)).ToNot(HaveOccurred())

tests := []struct {
name string
Expand Down
2 changes: 1 addition & 1 deletion main.go
Original file line number Diff line number Diff line change
Expand Up @@ -299,7 +299,7 @@ func mustInitStorage(path string, storageAdvAddr string, artifactRetentionTTL ti
if path == "" {
p, _ := os.Getwd()
path = filepath.Join(p, "bin")
os.MkdirAll(path, 0o777)
os.MkdirAll(path, 0o770)
}

storage, err := controllers.NewStorage(path, storageAdvAddr, artifactRetentionTTL, artifactRetentionRecords)
Expand Down
4 changes: 2 additions & 2 deletions pkg/sourceignore/sourceignore_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -209,10 +209,10 @@ func TestLoadExcludePatterns(t *testing.T) {
"a/b/.sourceignore": "subdir.txt",
}
for n, c := range files {
if err = os.MkdirAll(filepath.Join(tmpDir, filepath.Dir(n)), 0o755); err != nil {
if err = os.MkdirAll(filepath.Join(tmpDir, filepath.Dir(n)), 0o750); err != nil {
t.Fatal(err)
}
if err = os.WriteFile(filepath.Join(tmpDir, n), []byte(c), 0o644); err != nil {
if err = os.WriteFile(filepath.Join(tmpDir, n), []byte(c), 0o640); err != nil {
t.Fatal(err)
}
}
Expand Down
2 changes: 1 addition & 1 deletion tests/fuzz/gitrepository_fuzzer.go
Original file line number Diff line number Diff line change
Expand Up @@ -494,7 +494,7 @@ func createRandomFiles(f *fuzz.ConsumeFuzzer, fs billy.Filesystem, wt *git.Workt
return errors.New("Dir contains '..'")
}

err = fs.MkdirAll(dirPath, 0o777)
err = fs.MkdirAll(dirPath, 0o770)
if err != nil {
return errors.New("Could not create the subDir")
}
Expand Down

0 comments on commit 90d2291

Please sign in to comment.