From ace3643f99cb166c3859505763ca2cce163f197c Mon Sep 17 00:00:00 2001 From: Nikolay Edigaryev Date: Fri, 16 Aug 2024 12:37:13 +0400 Subject: [PATCH 1/2] binaryfetcher: atomically rename binary file when fetch succeeds Otherwise an empty file will be created on errors like HTTP 403 and cached, which will prevent future VMs from running. --- internal/binaryfetcher/binaryfetcher.go | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/internal/binaryfetcher/binaryfetcher.go b/internal/binaryfetcher/binaryfetcher.go index 640c170..96bb911 100644 --- a/internal/binaryfetcher/binaryfetcher.go +++ b/internal/binaryfetcher/binaryfetcher.go @@ -24,23 +24,36 @@ func GetOrFetch(ctx context.Context, fetchFunc FetchFunc, binaryName string, exe // Run the user-provided function to fetch the binary file // if not available in the cache - binaryFile, err := os.Create(binaryPath) + binaryFile, err := os.CreateTemp("", "vetu-binary-file-*") if err != nil { return "", err } - defer binaryFile.Close() if err := fetchFunc(ctx, binaryFile); err != nil { + _ = binaryFile.Close() + _ = os.Remove(binaryFile.Name()) + return "", err } // Make the binary executable if requested if executable { if err := binaryFile.Chmod(0755); err != nil { + _ = binaryFile.Close() + _ = os.Remove(binaryFile.Name()) + return "", err } } + if err := binaryFile.Close(); err != nil { + return "", err + } + + if err := os.Rename(binaryFile.Name(), binaryPath); err != nil { + return "", err + } + return binaryPath, nil } From e60d6d25dfbf9dcaf02c68388593f8a29027299a Mon Sep 17 00:00:00 2001 From: Nikolay Edigaryev Date: Fri, 16 Aug 2024 12:40:14 +0400 Subject: [PATCH 2/2] Fix linter errors --- internal/filelock/filelock_test.go | 2 +- internal/pidlock/pidlock_test.go | 2 +- internal/sparseio/sparseio_test.go | 1 - 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/internal/filelock/filelock_test.go b/internal/filelock/filelock_test.go index 2af4eaa..464fcdb 100644 --- a/internal/filelock/filelock_test.go +++ b/internal/filelock/filelock_test.go @@ -24,7 +24,7 @@ func TestMain(m *testing.M) { } else if lockPath, ok := os.LookupEnv(envTestHelperTrylockShared); ok { testHelperTrylockShared(lockPath) } else { - m.Run() + os.Exit(m.Run()) } } diff --git a/internal/pidlock/pidlock_test.go b/internal/pidlock/pidlock_test.go index c5718e9..f196292 100644 --- a/internal/pidlock/pidlock_test.go +++ b/internal/pidlock/pidlock_test.go @@ -25,7 +25,7 @@ func TestMain(m *testing.M) { } else if lockPath, ok := os.LookupEnv(envTestHelperPid); ok { testHelperPid(lockPath) } else { - m.Run() + os.Exit(m.Run()) } } diff --git a/internal/sparseio/sparseio_test.go b/internal/sparseio/sparseio_test.go index 973c162..5fc7af7 100644 --- a/internal/sparseio/sparseio_test.go +++ b/internal/sparseio/sparseio_test.go @@ -40,7 +40,6 @@ func TestCopyRandomized(t *testing.T) { // Randomize the contents of some chunks if rand.Intn(2) == 1 { - //nolint:staticcheck // what's the alternative to the deprecated rand.Read() anyways? _, err = rand.Read(chunk) require.NoError(t, err) }