From 29d910b3eeaad0b9d376ca993c946adebba657a5 Mon Sep 17 00:00:00 2001 From: Sean McGinnis Date: Fri, 18 Jun 2021 10:02:21 -0500 Subject: [PATCH] Remove lint exclude for file and directory permissions This removes the linting exclusion for warning about directories being created with too open of permissions. We had a few instances of a directory being created with 755 and some file creation permissions dropped to 0600. These do not appear to be needed. Golangci-lint exclusion for the warning is now removed. Signed-off-by: Sean McGinnis --- .golangci.yml | 1 - cmd/clusterctl/client/repository/repository_local_test.go | 2 +- test/e2e/cluster_upgrade.go | 2 +- test/e2e/clusterctl_upgrade.go | 4 ++-- test/e2e/k8s_conformance.go | 2 +- test/e2e/kcp_adoption.go | 2 +- test/e2e/kcp_upgrade.go | 2 +- test/e2e/md_scale.go | 2 +- test/e2e/md_upgrades.go | 2 +- test/e2e/mhc_remediations.go | 2 +- test/e2e/node_drain_timeout.go | 2 +- test/e2e/quick_start.go | 2 +- test/e2e/self_hosted.go | 2 +- test/framework/alltypes_helpers.go | 4 ++-- test/framework/clusterctl/client.go | 2 +- test/framework/clusterctl/clusterctl_helpers.go | 4 ++-- test/framework/clusterctl/logger/log_file.go | 2 +- test/framework/clusterctl/repository.go | 6 +++--- test/framework/deployment_helpers.go | 4 ++-- test/framework/namespace_helpers.go | 6 +++--- 20 files changed, 27 insertions(+), 28 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index 1e4ed5af5380..fa04655bb18d 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -74,7 +74,6 @@ issues: # The following are being worked on to remove their exclusion. This list should be reduced or go away all together over time. # If it is decided they will not be addressed they should be moved above this comment. - Subprocess launch(ed with variable|ing should be audited) - - (Expect directory permissions to be 0750 or less|Expect file permissions to be 0600 or less) - (G104|G307) exclude-rules: - linters: diff --git a/cmd/clusterctl/client/repository/repository_local_test.go b/cmd/clusterctl/client/repository/repository_local_test.go index 42c4e90a1cf1..fe46662cd1af 100644 --- a/cmd/clusterctl/client/repository/repository_local_test.go +++ b/cmd/clusterctl/client/repository/repository_local_test.go @@ -137,7 +137,7 @@ func createLocalTestProviderFile(t *testing.T, tmpDir, path, msg string) string dst := filepath.Join(tmpDir, path) // Create all directories in the standard layout - g.Expect(os.MkdirAll(filepath.Dir(dst), 0755)).To(Succeed()) + g.Expect(os.MkdirAll(filepath.Dir(dst), 0750)).To(Succeed()) g.Expect(os.WriteFile(dst, []byte(msg), 0600)).To(Succeed()) return dst diff --git a/test/e2e/cluster_upgrade.go b/test/e2e/cluster_upgrade.go index 4cb6101e0df1..8fca5bf751e8 100644 --- a/test/e2e/cluster_upgrade.go +++ b/test/e2e/cluster_upgrade.go @@ -63,7 +63,7 @@ func ClusterUpgradeConformanceSpec(ctx context.Context, inputGetter func() Clust Expect(input.E2EConfig).ToNot(BeNil(), "Invalid argument. input.E2EConfig can't be nil when calling %s spec", specName) Expect(input.ClusterctlConfigPath).To(BeAnExistingFile(), "Invalid argument. input.ClusterctlConfigPath must be an existing file when calling %s spec", specName) Expect(input.BootstrapClusterProxy).ToNot(BeNil(), "Invalid argument. input.BootstrapClusterProxy can't be nil when calling %s spec", specName) - Expect(os.MkdirAll(input.ArtifactFolder, 0755)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) + Expect(os.MkdirAll(input.ArtifactFolder, 0750)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) Expect(input.E2EConfig.Variables).To(HaveKey(KubernetesVersionUpgradeFrom)) Expect(input.E2EConfig.Variables).To(HaveKey(KubernetesVersionUpgradeTo)) diff --git a/test/e2e/clusterctl_upgrade.go b/test/e2e/clusterctl_upgrade.go index 9204b11636fa..572998c2368d 100644 --- a/test/e2e/clusterctl_upgrade.go +++ b/test/e2e/clusterctl_upgrade.go @@ -83,7 +83,7 @@ func ClusterctlUpgradeSpec(ctx context.Context, inputGetter func() ClusterctlUpg Expect(input.E2EConfig.Variables).To(HaveKey(initWithBinaryVariableName), "Invalid argument. %s variable must be defined when calling %s spec", initWithBinaryVariableName, specName) Expect(input.E2EConfig.Variables[initWithBinaryVariableName]).ToNot(BeEmpty(), "Invalid argument. %s variable can't be empty when calling %s spec", initWithBinaryVariableName, specName) Expect(input.E2EConfig.Variables).To(HaveKey(KubernetesVersion)) - Expect(os.MkdirAll(input.ArtifactFolder, 0755)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) + Expect(os.MkdirAll(input.ArtifactFolder, 0750)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) // Setup a Namespace where to host objects for this spec and create a watcher for the namespace events. managementClusterNamespace, managementClusterCancelWatches = setupSpecNamespace(ctx, specName, input.BootstrapClusterProxy, input.ArtifactFolder) @@ -141,7 +141,7 @@ func ClusterctlUpgradeSpec(ctx context.Context, inputGetter func() ClusterctlUpg clusterctlBinaryPath := downloadToTmpFile(clusterctlBinaryURL) defer os.Remove(clusterctlBinaryPath) // clean up - err := os.Chmod(clusterctlBinaryPath, 0744) + err := os.Chmod(clusterctlBinaryPath, 0744) //nolint:gosec Expect(err).ToNot(HaveOccurred(), "failed to chmod temporary file") By("Initializing the workload cluster with older versions of providers") diff --git a/test/e2e/k8s_conformance.go b/test/e2e/k8s_conformance.go index 251bcc029f1c..8ff0772fd184 100644 --- a/test/e2e/k8s_conformance.go +++ b/test/e2e/k8s_conformance.go @@ -63,7 +63,7 @@ func K8SConformanceSpec(ctx context.Context, inputGetter func() K8SConformanceSp Expect(input.E2EConfig).ToNot(BeNil(), "Invalid argument. input.E2EConfig can't be nil when calling %s spec", specName) Expect(input.ClusterctlConfigPath).To(BeAnExistingFile(), "Invalid argument. input.ClusterctlConfigPath must be an existing file when calling %s spec", specName) Expect(input.BootstrapClusterProxy).ToNot(BeNil(), "Invalid argument. input.BootstrapClusterProxy can't be nil when calling %s spec", specName) - Expect(os.MkdirAll(input.ArtifactFolder, 0755)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) + Expect(os.MkdirAll(input.ArtifactFolder, 0750)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) Expect(input.E2EConfig.Variables).To(HaveKey(KubernetesVersion)) Expect(input.E2EConfig.Variables).To(HaveKey(kubetestConfigurationVariable), "% spec requires a %s variable to be defined in the config file", specName, kubetestConfigurationVariable) diff --git a/test/e2e/kcp_adoption.go b/test/e2e/kcp_adoption.go index 21a537ccfc5f..3b85f594a9e0 100644 --- a/test/e2e/kcp_adoption.go +++ b/test/e2e/kcp_adoption.go @@ -75,7 +75,7 @@ func KCPAdoptionSpec(ctx context.Context, inputGetter func() KCPAdoptionSpecInpu Expect(input.E2EConfig).ToNot(BeNil(), "Invalid argument. input.E2EConfig can't be nil when calling %s spec", specName) Expect(input.ClusterctlConfigPath).To(BeAnExistingFile(), "Invalid argument. input.ClusterctlConfigPath must be an existing file when calling %s spec", specName) Expect(input.BootstrapClusterProxy).ToNot(BeNil(), "Invalid argument. input.BootstrapClusterProxy can't be nil when calling %s spec", specName) - Expect(os.MkdirAll(input.ArtifactFolder, 0755)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) + Expect(os.MkdirAll(input.ArtifactFolder, 0750)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) Expect(input.E2EConfig.Variables).To(HaveKey(KubernetesVersion)) // Setup a Namespace where to host objects for this spec and create a watcher for the namespace events. diff --git a/test/e2e/kcp_upgrade.go b/test/e2e/kcp_upgrade.go index 3a8645860e24..594df7a25c89 100644 --- a/test/e2e/kcp_upgrade.go +++ b/test/e2e/kcp_upgrade.go @@ -60,7 +60,7 @@ func KCPUpgradeSpec(ctx context.Context, inputGetter func() KCPUpgradeSpecInput) Expect(input.E2EConfig).ToNot(BeNil(), "Invalid argument. input.E2EConfig can't be nil when calling %s spec", specName) Expect(input.ClusterctlConfigPath).To(BeAnExistingFile(), "Invalid argument. input.ClusterctlConfigPath must be an existing file when calling %s spec", specName) Expect(input.BootstrapClusterProxy).ToNot(BeNil(), "Invalid argument. input.BootstrapClusterProxy can't be nil when calling %s spec", specName) - Expect(os.MkdirAll(input.ArtifactFolder, 0755)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) + Expect(os.MkdirAll(input.ArtifactFolder, 0750)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) Expect(input.ControlPlaneMachineCount).ToNot(BeZero()) Expect(input.E2EConfig.Variables).To(HaveKey(KubernetesVersionUpgradeTo)) Expect(input.E2EConfig.Variables).To(HaveKey(KubernetesVersionUpgradeFrom)) diff --git a/test/e2e/md_scale.go b/test/e2e/md_scale.go index 2aa529009afc..f6d9850b1ce9 100644 --- a/test/e2e/md_scale.go +++ b/test/e2e/md_scale.go @@ -57,7 +57,7 @@ func MachineDeploymentScaleSpec(ctx context.Context, inputGetter func() MachineD Expect(input.E2EConfig).ToNot(BeNil(), "Invalid argument. input.E2EConfig can't be nil when calling %s spec", specName) Expect(input.ClusterctlConfigPath).To(BeAnExistingFile(), "Invalid argument. input.ClusterctlConfigPath must be an existing file when calling %s spec", specName) Expect(input.BootstrapClusterProxy).ToNot(BeNil(), "Invalid argument. input.BootstrapClusterProxy can't be nil when calling %s spec", specName) - Expect(os.MkdirAll(input.ArtifactFolder, 0755)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) + Expect(os.MkdirAll(input.ArtifactFolder, 0750)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) Expect(input.E2EConfig.Variables).To(HaveKey(KubernetesVersion)) Expect(input.E2EConfig.Variables).To(HaveValidVersion(input.E2EConfig.GetVariable(KubernetesVersion))) diff --git a/test/e2e/md_upgrades.go b/test/e2e/md_upgrades.go index b256403254b4..58b10ce8a712 100644 --- a/test/e2e/md_upgrades.go +++ b/test/e2e/md_upgrades.go @@ -58,7 +58,7 @@ func MachineDeploymentUpgradesSpec(ctx context.Context, inputGetter func() Machi Expect(input.E2EConfig).ToNot(BeNil(), "Invalid argument. input.E2EConfig can't be nil when calling %s spec", specName) Expect(input.ClusterctlConfigPath).To(BeAnExistingFile(), "Invalid argument. input.ClusterctlConfigPath must be an existing file when calling %s spec", specName) Expect(input.BootstrapClusterProxy).ToNot(BeNil(), "Invalid argument. input.BootstrapClusterProxy can't be nil when calling %s spec", specName) - Expect(os.MkdirAll(input.ArtifactFolder, 0755)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) + Expect(os.MkdirAll(input.ArtifactFolder, 0750)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) Expect(input.E2EConfig.Variables).To(HaveKey(KubernetesVersion)) Expect(input.E2EConfig.Variables).To(HaveValidVersion(input.E2EConfig.GetVariable(KubernetesVersion))) Expect(input.E2EConfig.Variables).To(HaveKey(KubernetesVersionUpgradeFrom)) diff --git a/test/e2e/mhc_remediations.go b/test/e2e/mhc_remediations.go index c35859a02f4d..481d90f36118 100644 --- a/test/e2e/mhc_remediations.go +++ b/test/e2e/mhc_remediations.go @@ -58,7 +58,7 @@ func MachineRemediationSpec(ctx context.Context, inputGetter func() MachineRemed Expect(input.E2EConfig).ToNot(BeNil(), "Invalid argument. input.E2EConfig can't be nil when calling %s spec", specName) Expect(input.ClusterctlConfigPath).To(BeAnExistingFile(), "Invalid argument. input.ClusterctlConfigPath must be an existing file when calling %s spec", specName) Expect(input.BootstrapClusterProxy).ToNot(BeNil(), "Invalid argument. input.BootstrapClusterProxy can't be nil when calling %s spec", specName) - Expect(os.MkdirAll(input.ArtifactFolder, 0755)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) + Expect(os.MkdirAll(input.ArtifactFolder, 0750)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) Expect(input.E2EConfig.Variables).To(HaveKey(KubernetesVersion)) // Setup a Namespace where to host objects for this spec and create a watcher for the namespace events. diff --git a/test/e2e/node_drain_timeout.go b/test/e2e/node_drain_timeout.go index ad5068202ae3..f811ca5c84a4 100644 --- a/test/e2e/node_drain_timeout.go +++ b/test/e2e/node_drain_timeout.go @@ -63,7 +63,7 @@ func NodeDrainTimeoutSpec(ctx context.Context, inputGetter func() NodeDrainTimeo Expect(input.E2EConfig).ToNot(BeNil(), "Invalid argument. input.E2EConfig can't be nil when calling %s spec", specName) Expect(input.ClusterctlConfigPath).To(BeAnExistingFile(), "Invalid argument. input.ClusterctlConfigPath must be an existing file when calling %s spec", specName) Expect(input.BootstrapClusterProxy).ToNot(BeNil(), "Invalid argument. input.BootstrapClusterProxy can't be nil when calling %s spec", specName) - Expect(os.MkdirAll(input.ArtifactFolder, 0755)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) + Expect(os.MkdirAll(input.ArtifactFolder, 0750)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) Expect(input.E2EConfig.GetIntervals(specName, "wait-deployment-available")).ToNot(BeNil()) diff --git a/test/e2e/quick_start.go b/test/e2e/quick_start.go index e2e65ad7228c..f09f409604ec 100644 --- a/test/e2e/quick_start.go +++ b/test/e2e/quick_start.go @@ -60,7 +60,7 @@ func QuickStartSpec(ctx context.Context, inputGetter func() QuickStartSpecInput) Expect(input.E2EConfig).ToNot(BeNil(), "Invalid argument. input.E2EConfig can't be nil when calling %s spec", specName) Expect(input.ClusterctlConfigPath).To(BeAnExistingFile(), "Invalid argument. input.ClusterctlConfigPath must be an existing file when calling %s spec", specName) Expect(input.BootstrapClusterProxy).ToNot(BeNil(), "Invalid argument. input.BootstrapClusterProxy can't be nil when calling %s spec", specName) - Expect(os.MkdirAll(input.ArtifactFolder, 0755)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) + Expect(os.MkdirAll(input.ArtifactFolder, 0750)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) Expect(input.E2EConfig.Variables).To(HaveKey(KubernetesVersion)) diff --git a/test/e2e/self_hosted.go b/test/e2e/self_hosted.go index 32e9572383f6..bd356e35e8fa 100644 --- a/test/e2e/self_hosted.go +++ b/test/e2e/self_hosted.go @@ -66,7 +66,7 @@ func SelfHostedSpec(ctx context.Context, inputGetter func() SelfHostedSpecInput) Expect(input.E2EConfig).ToNot(BeNil(), "Invalid argument. input.E2EConfig can't be nil when calling %s spec", specName) Expect(input.ClusterctlConfigPath).To(BeAnExistingFile(), "Invalid argument. input.ClusterctlConfigPath must be an existing file when calling %s spec", specName) Expect(input.BootstrapClusterProxy).ToNot(BeNil(), "Invalid argument. input.BootstrapClusterProxy can't be nil when calling %s spec", specName) - Expect(os.MkdirAll(input.ArtifactFolder, 0755)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) + Expect(os.MkdirAll(input.ArtifactFolder, 0750)).To(Succeed(), "Invalid argument. input.ArtifactFolder can't be created for %s spec", specName) Expect(input.E2EConfig.Variables).To(HaveKey(KubernetesVersion)) // Setup a Namespace where to host objects for this spec and create a watcher for the namespace events. diff --git a/test/framework/alltypes_helpers.go b/test/framework/alltypes_helpers.go index 7832ca928c61..c62c2c74e12e 100644 --- a/test/framework/alltypes_helpers.go +++ b/test/framework/alltypes_helpers.go @@ -139,9 +139,9 @@ func dumpObject(resource runtime.Object, logPath string) { name := metaObj.GetName() resourceFilePath := filepath.Clean(path.Join(logPath, namespace, kind, name+".yaml")) - Expect(os.MkdirAll(filepath.Dir(resourceFilePath), 0755)).To(Succeed(), "Failed to create folder %s", filepath.Dir(resourceFilePath)) + Expect(os.MkdirAll(filepath.Dir(resourceFilePath), 0750)).To(Succeed(), "Failed to create folder %s", filepath.Dir(resourceFilePath)) - f, err := os.OpenFile(resourceFilePath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) + f, err := os.OpenFile(resourceFilePath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0600) Expect(err).ToNot(HaveOccurred(), "Failed to open %s", resourceFilePath) defer f.Close() diff --git a/test/framework/clusterctl/client.go b/test/framework/clusterctl/client.go index 6a528de001ef..2255d6f0e8fe 100644 --- a/test/framework/clusterctl/client.go +++ b/test/framework/clusterctl/client.go @@ -236,7 +236,7 @@ func Move(ctx context.Context, input MoveInput) { Expect(input.ClusterctlConfigPath).To(BeAnExistingFile(), "Invalid argument. input.ClusterctlConfigPath must be an existing file when calling Move") Expect(input.FromKubeconfigPath).To(BeAnExistingFile(), "Invalid argument. input.FromKubeconfigPath must be an existing file when calling Move") Expect(input.ToKubeconfigPath).To(BeAnExistingFile(), "Invalid argument. input.ToKubeconfigPath must be an existing file when calling Move") - Expect(os.MkdirAll(input.LogFolder, 0755)).To(Succeed(), "Invalid argument. input.LogFolder can't be created for Move") + Expect(os.MkdirAll(input.LogFolder, 0750)).To(Succeed(), "Invalid argument. input.LogFolder can't be created for Move") By("Moving workload clusters") diff --git a/test/framework/clusterctl/clusterctl_helpers.go b/test/framework/clusterctl/clusterctl_helpers.go index bb3167deac2a..055892dd967c 100644 --- a/test/framework/clusterctl/clusterctl_helpers.go +++ b/test/framework/clusterctl/clusterctl_helpers.go @@ -52,7 +52,7 @@ func InitManagementClusterAndWatchControllerLogs(ctx context.Context, input Init Expect(input.ClusterProxy).ToNot(BeNil(), "Invalid argument. input.ClusterProxy can't be nil when calling InitManagementClusterAndWatchControllerLogs") Expect(input.ClusterctlConfigPath).To(BeAnExistingFile(), "Invalid argument. input.ClusterctlConfigPath must be an existing file when calling InitManagementClusterAndWatchControllerLogs") Expect(input.InfrastructureProviders).ToNot(BeEmpty(), "Invalid argument. input.InfrastructureProviders can't be empty when calling InitManagementClusterAndWatchControllerLogs") - Expect(os.MkdirAll(input.LogFolder, 0755)).To(Succeed(), "Invalid argument. input.LogFolder can't be created for InitManagementClusterAndWatchControllerLogs") + Expect(os.MkdirAll(input.LogFolder, 0750)).To(Succeed(), "Invalid argument. input.LogFolder can't be created for InitManagementClusterAndWatchControllerLogs") if input.CoreProvider == "" { input.CoreProvider = config.ClusterAPIProviderName @@ -135,7 +135,7 @@ func UpgradeManagementClusterAndWait(ctx context.Context, input UpgradeManagemen Expect(input.ClusterProxy).ToNot(BeNil(), "Invalid argument. input.ClusterProxy can't be nil when calling UpgradeManagementClusterAndWait") Expect(input.ClusterctlConfigPath).To(BeAnExistingFile(), "Invalid argument. input.ClusterctlConfigPath must be an existing file when calling UpgradeManagementClusterAndWait") Expect(input.Contract).ToNot(BeEmpty(), "Invalid argument. input.Contract can't be empty when calling UpgradeManagementClusterAndWait") - Expect(os.MkdirAll(input.LogFolder, 0755)).To(Succeed(), "Invalid argument. input.LogFolder can't be created for UpgradeManagementClusterAndWait") + Expect(os.MkdirAll(input.LogFolder, 0750)).To(Succeed(), "Invalid argument. input.LogFolder can't be created for UpgradeManagementClusterAndWait") Upgrade(ctx, UpgradeInput{ ClusterctlConfigPath: input.ClusterctlConfigPath, diff --git a/test/framework/clusterctl/logger/log_file.go b/test/framework/clusterctl/logger/log_file.go index b7c9db138077..94d20506607a 100644 --- a/test/framework/clusterctl/logger/log_file.go +++ b/test/framework/clusterctl/logger/log_file.go @@ -35,7 +35,7 @@ type CreateLogFileInput struct { func CreateLogFile(input CreateLogFileInput) *LogFile { filePath := filepath.Join(input.LogFolder, input.Name) - Expect(os.MkdirAll(filepath.Dir(filePath), 0755)).To(Succeed(), "Failed to create log folder %s", filepath.Dir(filePath)) + Expect(os.MkdirAll(filepath.Dir(filePath), 0750)).To(Succeed(), "Failed to create log folder %s", filepath.Dir(filePath)) f, err := os.Create(filePath) Expect(err).ToNot(HaveOccurred(), "Failed to create log file %s", filePath) diff --git a/test/framework/clusterctl/repository.go b/test/framework/clusterctl/repository.go index 35f0b8034bb3..8cd4a3d40a57 100644 --- a/test/framework/clusterctl/repository.go +++ b/test/framework/clusterctl/repository.go @@ -78,7 +78,7 @@ func (i *CreateRepositoryInput) RegisterClusterResourceSetConfigMapTransformatio // to a clusterctl config file to be used for working with such repository. func CreateRepository(ctx context.Context, input CreateRepositoryInput) string { Expect(input.E2EConfig).ToNot(BeNil(), "Invalid argument. input.E2EConfig can't be nil when calling CreateRepository") - Expect(os.MkdirAll(input.RepositoryFolder, 0755)).To(Succeed(), "Failed to create the clusterctl local repository folder %s", input.RepositoryFolder) + Expect(os.MkdirAll(input.RepositoryFolder, 0750)).To(Succeed(), "Failed to create the clusterctl local repository folder %s", input.RepositoryFolder) providers := []providerConfig{} for _, provider := range input.E2EConfig.Providers { @@ -89,7 +89,7 @@ func CreateRepository(ctx context.Context, input CreateRepositoryInput) string { Expect(err).ToNot(HaveOccurred(), "Failed to generate the manifest for %q / %q", providerLabel, version.Name) sourcePath := filepath.Join(input.RepositoryFolder, providerLabel, version.Name) - Expect(os.MkdirAll(sourcePath, 0755)).To(Succeed(), "Failed to create the clusterctl local repository folder for %q / %q", providerLabel, version.Name) + Expect(os.MkdirAll(sourcePath, 0750)).To(Succeed(), "Failed to create the clusterctl local repository folder for %q / %q", providerLabel, version.Name) filePath := filepath.Join(sourcePath, "components.yaml") Expect(os.WriteFile(filePath, manifest, 0600)).To(Succeed(), "Failed to write manifest in the clusterctl local repository for %q / %q", providerLabel, version.Name) @@ -119,7 +119,7 @@ func CreateRepository(ctx context.Context, input CreateRepositoryInput) string { // set this path to an empty file under the repository path, so test can run in isolation without user's overrides kicking in overridePath := filepath.Join(input.RepositoryFolder, "overrides") - Expect(os.MkdirAll(overridePath, 0755)).To(Succeed(), "Failed to create the clusterctl overrides folder %q", overridePath) + Expect(os.MkdirAll(overridePath, 0750)).To(Succeed(), "Failed to create the clusterctl overrides folder %q", overridePath) // creates a clusterctl config file to be used for working with such repository clusterctlConfigFile := &clusterctlConfig{ diff --git a/test/framework/deployment_helpers.go b/test/framework/deployment_helpers.go index ad03b903be21..d36d4a63942f 100644 --- a/test/framework/deployment_helpers.go +++ b/test/framework/deployment_helpers.go @@ -121,9 +121,9 @@ func WatchDeploymentLogs(ctx context.Context, input WatchDeploymentLogsInput) { defer GinkgoRecover() logFile := filepath.Clean(path.Join(input.LogPath, input.Deployment.Name, pod.Name, container.Name+".log")) - Expect(os.MkdirAll(filepath.Dir(logFile), 0755)).To(Succeed()) + Expect(os.MkdirAll(filepath.Dir(logFile), 0750)).To(Succeed()) - f, err := os.OpenFile(logFile, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) + f, err := os.OpenFile(logFile, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0600) Expect(err).NotTo(HaveOccurred()) defer f.Close() diff --git a/test/framework/namespace_helpers.go b/test/framework/namespace_helpers.go index 118854c8aac6..43018ee5da07 100644 --- a/test/framework/namespace_helpers.go +++ b/test/framework/namespace_helpers.go @@ -130,9 +130,9 @@ func WatchNamespaceEvents(ctx context.Context, input WatchNamespaceEventsInput) Expect(input.Name).NotTo(BeEmpty(), "input.Name is required for WatchNamespaceEvents") logFile := filepath.Clean(path.Join(input.LogFolder, "resources", input.Name, "events.log")) - Expect(os.MkdirAll(filepath.Dir(logFile), 0755)).To(Succeed()) + Expect(os.MkdirAll(filepath.Dir(logFile), 0750)).To(Succeed()) - f, err := os.OpenFile(logFile, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) + f, err := os.OpenFile(logFile, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0600) Expect(err).NotTo(HaveOccurred()) defer f.Close() @@ -177,7 +177,7 @@ func CreateNamespaceAndWatchEvents(ctx context.Context, input CreateNamespaceAnd Expect(input.Creator).ToNot(BeNil(), "Invalid argument. input.Creator can't be nil when calling CreateNamespaceAndWatchEvents") Expect(input.ClientSet).ToNot(BeNil(), "Invalid argument. input.ClientSet can't be nil when calling ClientSet") Expect(input.Name).ToNot(BeEmpty(), "Invalid argument. input.Name can't be empty when calling ClientSet") - Expect(os.MkdirAll(input.LogFolder, 0755)).To(Succeed(), "Invalid argument. input.LogFolder can't be created in CreateNamespaceAndWatchEvents") + Expect(os.MkdirAll(input.LogFolder, 0750)).To(Succeed(), "Invalid argument. input.LogFolder can't be created in CreateNamespaceAndWatchEvents") namespace := CreateNamespace(ctx, CreateNamespaceInput{Creator: input.Creator, Name: input.Name}, "40s", "10s") Expect(namespace).ToNot(BeNil(), "Failed to create namespace %q", input.Name)