From 09c2c86d59c8fa81353778eb6ddb8171509e67dc Mon Sep 17 00:00:00 2001 From: Patrice Ferlet Date: Sun, 6 Jul 2025 11:39:19 +0200 Subject: [PATCH] fix(permission): globalize and fixes Permission alert frop OpenGrep is wrong, as the directory must use 0755. To make things working and to ease futur changes, I set the default permission in a constant. --- generator/chart.go | 4 ++-- generator/converter.go | 5 ++--- generator/secret_test.go | 4 +++- generator/utils_test.go | 5 +++-- generator/volume_test.go | 9 +++++---- utils/utils.go | 3 +++ 6 files changed, 18 insertions(+), 12 deletions(-) diff --git a/generator/chart.go b/generator/chart.go index 93ff1b0..c0ff207 100644 --- a/generator/chart.go +++ b/generator/chart.go @@ -95,7 +95,7 @@ func (chart *HelmChart) SaveTemplates(templateDir string) { } servicename := template.Servicename - if err := os.MkdirAll(filepath.Join(templateDir, servicename), 0o600); err != nil { + if err := os.MkdirAll(filepath.Join(templateDir, servicename), utils.DirectoryPermission); err != nil { fmt.Println(utils.IconFailure, err) os.Exit(1) } @@ -103,7 +103,7 @@ func (chart *HelmChart) SaveTemplates(templateDir string) { // if the name is a path, create the directory if strings.Contains(name, string(filepath.Separator)) { name = filepath.Join(templateDir, name) - err := os.MkdirAll(filepath.Dir(name), 0o600) + err := os.MkdirAll(filepath.Dir(name), utils.DirectoryPermission) if err != nil { fmt.Println(utils.IconFailure, err) os.Exit(1) diff --git a/generator/converter.go b/generator/converter.go index 45b90bb..ccd6442 100644 --- a/generator/converter.go +++ b/generator/converter.go @@ -173,9 +173,8 @@ func Convert(config ConvertOptions, dockerComposeFile ...string) error { os.RemoveAll(config.OutputDir) // create the chart directory - if err := os.MkdirAll(templateDir, 0o600); err != nil { - fmt.Println(utils.IconFailure, err) - os.Exit(1) + if err := os.MkdirAll(templateDir, utils.DirectoryPermission); err != nil { + return err } // add icon from the command line diff --git a/generator/secret_test.go b/generator/secret_test.go index fdefdaf..62dae1f 100644 --- a/generator/secret_test.go +++ b/generator/secret_test.go @@ -82,7 +82,9 @@ services: AppVersion: appVersion, ChartVersion: chartVersion, } - Convert(convertOptions, "compose.yml") + if err := Convert(convertOptions, "compose.yml"); err != nil { + t.Fatalf("Failed to convert compose file: %s", err) + } c, err := os.ReadFile("chart/values.yaml") if err != nil { t.Fatal(err) diff --git a/generator/utils_test.go b/generator/utils_test.go index b08b1fd..f6a92f6 100644 --- a/generator/utils_test.go +++ b/generator/utils_test.go @@ -3,6 +3,7 @@ package generator import ( "fmt" "katenary/generator/labels" + "katenary/utils" "os" "path/filepath" "testing" @@ -25,7 +26,7 @@ services: } composeFile := filepath.Join(tmpDir, "compose.yaml") - os.MkdirAll(tmpDir, 0755) + os.MkdirAll(tmpDir, utils.DirectoryPermission) if err := os.WriteFile(composeFile, []byte(composeFileContent), 0644); err != nil { t.Log(err) } @@ -73,7 +74,7 @@ services: } composeFile := filepath.Join(tmpDir, "compose.yaml") - os.MkdirAll(tmpDir, 0755) + os.MkdirAll(tmpDir, utils.DirectoryPermission) if err := os.WriteFile(composeFile, []byte(composeFileContent), 0644); err != nil { t.Log(err) } diff --git a/generator/volume_test.go b/generator/volume_test.go index 39acd1e..5fdb636 100644 --- a/generator/volume_test.go +++ b/generator/volume_test.go @@ -6,6 +6,7 @@ import ( "image/color" "image/png" "katenary/generator/labels" + "katenary/utils" "log" "os" "path/filepath" @@ -68,7 +69,7 @@ services: // create a static directory with an index.html file staticDir := tmpDir + "/static" - os.Mkdir(staticDir, 0o755) + os.Mkdir(staticDir, utils.DirectoryPermission) indexFile, err := os.Create(staticDir + "/index.html") if err != nil { t.Errorf("Failed to create index.html: %s", err) @@ -128,7 +129,7 @@ services: // create a static directory with an index.html file staticDir := tmpDir + "/static" - os.Mkdir(staticDir, 0o755) + os.Mkdir(staticDir, utils.DirectoryPermission) indexFile, err := os.Create(staticDir + "/index.html") if err != nil { t.Errorf("Failed to create index.html: %s", err) @@ -174,7 +175,7 @@ services: log.Println(tmpDir) defer teardown(tmpDir) - os.Mkdir(filepath.Join(tmpDir, "images"), 0o755) + os.Mkdir(filepath.Join(tmpDir, "images"), utils.DirectoryPermission) // create a png image pngFile := tmpDir + "/images/foo.png" @@ -244,7 +245,7 @@ services: log.Println(tmpDir) defer teardown(tmpDir) - os.Mkdir(filepath.Join(tmpDir, "images"), 0o755) + os.Mkdir(filepath.Join(tmpDir, "images"), utils.DirectoryPermission) // create a png image pngFile := tmpDir + "/images/foo.png" diff --git a/utils/utils.go b/utils/utils.go index 6ebd5ab..459893c 100644 --- a/utils/utils.go +++ b/utils/utils.go @@ -14,6 +14,9 @@ import ( corev1 "k8s.io/api/core/v1" ) +// Default values for permissions apply to created directories. +const DirectoryPermission = 0o755 + // TplName returns the name of the kubernetes resource as a template string. // It is used in the templates and defined in _helper.tpl file. func TplName(serviceName, appname string, suffix ...string) string {