diff --git a/api/types/capability.go b/api/types/capability.go index 476c6b875..83ad057f4 100644 --- a/api/types/capability.go +++ b/api/types/capability.go @@ -208,7 +208,7 @@ var CapabilityCmpOptions = []cmp.Option{ case int: vb = float64(valb) case float64: - vb = float64(valb) + vb = valb } return va == vb } diff --git a/cmd/core/main.go b/cmd/core/main.go index 2c8cbe19d..b5bf12be2 100644 --- a/cmd/core/main.go +++ b/cmd/core/main.go @@ -209,14 +209,18 @@ func waitWebhookSecretVolume(certDir string, timeout, interval time.Duration) er int64(time.Since(start).Seconds()), int64(timeout.Seconds()))) if _, err := os.Stat(certDir); !os.IsNotExist(err) { ready := func() bool { - f, _ := os.Open(certDir) + f, err := os.Open(filepath.Clean(certDir)) + if err != nil { + return false + } + // nolint defer f.Close() // check if dir is empty if _, err := f.Readdir(1); err == io.EOF { return false } // check if secret files are empty - err := filepath.Walk(certDir, func(path string, info os.FileInfo, err error) error { + err = filepath.Walk(certDir, func(path string, info os.FileInfo, err error) error { // even Cert dir is created, cert files are still empty for a while if info.Size() == 0 { return errors.New("secret is not ready") diff --git a/pkg/appfile/appfile.go b/pkg/appfile/appfile.go index 943cac3e2..3f7fc3b42 100644 --- a/pkg/appfile/appfile.go +++ b/pkg/appfile/appfile.go @@ -3,6 +3,7 @@ package appfile import ( "errors" "io/ioutil" + "path/filepath" "time" "github.com/crossplane/crossplane-runtime/apis/core/v1alpha1" @@ -45,7 +46,7 @@ func Load() (*AppFile, error) { } func LoadFromFile(filename string) (*AppFile, error) { - b, err := ioutil.ReadFile(filename) + b, err := ioutil.ReadFile(filepath.Clean(filename)) if err != nil { return nil, err } diff --git a/pkg/appfile/build.go b/pkg/appfile/build.go index a2d3c98db..e1bdf33d5 100644 --- a/pkg/appfile/build.go +++ b/pkg/appfile/build.go @@ -45,6 +45,8 @@ func asyncLog(reader io.ReadCloser, stream cmdutil.IOStreams) { } func (b *Build) BuildImage(io cmdutil.IOStreams, image string) error { + //nolint:gosec + // TODO(hongchaodeng): remove this dependency by using go lib cmd := exec.Command("docker", "build", "-t", image, "-f", b.Docker.File, b.Docker.Context) stdout, err := cmd.StdoutPipe() if err != nil { @@ -73,6 +75,7 @@ func (b *Build) pushImage(io cmdutil.IOStreams, image string) error { io.Infof("pushing image (%s)...\n", image) switch { case b.Push.Local == "kind": + //nolint:gosec cmd := exec.Command("kind", "load", "docker-image", image) stdout, err := cmd.StdoutPipe() if err != nil { @@ -95,7 +98,9 @@ func (b *Build) pushImage(io cmdutil.IOStreams, image string) error { return err } return nil + default: } + //nolint:gosec cmd := exec.Command("docker", "push", image) stdout, err := cmd.StdoutPipe() if err != nil { diff --git a/pkg/application/app.go b/pkg/application/app.go index d48d28dca..04a8ecb04 100644 --- a/pkg/application/app.go +++ b/pkg/application/app.go @@ -43,7 +43,7 @@ func LoadFromFile(fileName string) (*Application, error) { if err != nil { return nil, err } - _, err = ioutil.ReadFile(fileName) + _, err = os.Stat(fileName) if err != nil { if os.IsNotExist(err) { return newApplication(nil, tm), nil @@ -129,6 +129,7 @@ func (app *Application) Save(envName string) error { if err != nil { return err } + //nolint:gosec return ioutil.WriteFile(filepath.Join(appDir, app.Name+".yaml"), out, 0644) } diff --git a/pkg/commands/dashboard.go b/pkg/commands/dashboard.go index da28e4309..5fd9b7e95 100644 --- a/pkg/commands/dashboard.go +++ b/pkg/commands/dashboard.go @@ -87,6 +87,7 @@ func (o *Options) GetStaticPath() error { return fmt.Errorf("get fontend dir err %v", err) } _ = os.RemoveAll(o.staticPath) + //nolint:gosec err = os.MkdirAll(o.staticPath, 0755) if err != nil { return fmt.Errorf("create fontend dir err %v", err) @@ -96,12 +97,15 @@ func (o *Options) GetStaticPath() error { return fmt.Errorf("decode frontendSource err %v", err) } tgzpath := filepath.Join(o.staticPath, "frontend.tgz") + //nolint:gosec err = ioutil.WriteFile(tgzpath, data, 0644) if err != nil { return fmt.Errorf("write frontend.tgz to static path err %v", err) } + //nolint:errcheck defer os.Remove(tgzpath) tgz := archiver.NewTarGz() + //nolint:errcheck defer tgz.Close() if err = tgz.Unarchive(tgzpath, o.staticPath); err != nil { return fmt.Errorf("write static files to fontend dir err %v", err) @@ -183,6 +187,8 @@ func SetupAPIServer(c types.Args, cmd *cobra.Command, o Options) error { return server.Shutdown(ctx) } +//nolint:gosec +// OpenBrowser will open browser by url in different OS system func OpenBrowser(url string) error { var err error switch runtime.GOOS { diff --git a/pkg/commands/init.go b/pkg/commands/init.go index ceb0fecd9..bb8ea9df2 100644 --- a/pkg/commands/init.go +++ b/pkg/commands/init.go @@ -314,7 +314,7 @@ func (o *appInitOptions) Traits() error { return err } } - return nil + default: } return nil } diff --git a/pkg/commands/portforward.go b/pkg/commands/portforward.go index 8b602998b..0038bf25d 100644 --- a/pkg/commands/portforward.go +++ b/pkg/commands/portforward.go @@ -159,7 +159,7 @@ func (o *VelaPortForwardOptions) Complete() error { if err != nil { return err } - if len(svc.Spec.Ports) <= 0 { + if len(svc.Spec.Ports) == 0 { return fmt.Errorf("no port found in service %s", routeSvc) } val := strconv.Itoa(int(svc.Spec.Ports[0].Port)) diff --git a/pkg/commands/status.go b/pkg/commands/status.go index d70172be0..e88659486 100644 --- a/pkg/commands/status.go +++ b/pkg/commands/status.go @@ -30,7 +30,7 @@ import ( type HealthStatus = v1alpha2.HealthStatus const ( - // HealthStatusNotDiagnosed means there's no health scope refered or unknown health status returned + // HealthStatusNotDiagnosed means there's no health scope referred or unknown health status returned HealthStatusNotDiagnosed HealthStatus = "NOT DIAGNOSED" ) diff --git a/pkg/commands/system.go b/pkg/commands/system.go index dd22665fa..c29ec8229 100644 --- a/pkg/commands/system.go +++ b/pkg/commands/system.go @@ -181,6 +181,7 @@ func CheckCapabilityReady(ctx context.Context, c types.Args, timeout time.Durati if err != nil { return err } + //nolint:errcheck defer os.RemoveAll(tmpdir) start := time.Now() diff --git a/pkg/commands/trait.go b/pkg/commands/trait.go index 666e536e4..b61aeb6cd 100644 --- a/pkg/commands/trait.go +++ b/pkg/commands/trait.go @@ -65,10 +65,8 @@ func AddTraitCommands(parentCmd *cobra.Command, c types.Args, ioStreams cmdutil. return err } o.Detach = true - } else { - if err := o.AddOrUpdateTrait(cmd, args); err != nil { - return err - } + } else if err := o.AddOrUpdateTrait(cmd, args); err != nil { + return err } return o.Run(ctx, cmd, ioStreams) }, diff --git a/pkg/commands/up.go b/pkg/commands/up.go index 606f98da6..e460df8cd 100644 --- a/pkg/commands/up.go +++ b/pkg/commands/up.go @@ -75,10 +75,12 @@ type AppfileOptions struct { } func saveRemoteAppfile(url string) (string, error) { + //nolint:gosec resp, err := http.Get(url) if err != nil { return "", err } + //nolint:errcheck defer resp.Body.Close() body, err := ioutil.ReadAll(resp.Body) if err != nil { diff --git a/pkg/commands/util/factory.go b/pkg/commands/util/factory.go index 2a66851a1..d9117c85b 100644 --- a/pkg/commands/util/factory.go +++ b/pkg/commands/util/factory.go @@ -61,7 +61,7 @@ func (r *restConfigGetter) ToDiscoveryClient() (discovery.CachedDiscoveryInterfa httpCacheDir := defaultCacheDir discoveryCacheDir := computeDiscoverCacheDir(filepath.Join(homedir.HomeDir(), ".kube", "cache", "discovery"), config.Host) - return diskcached.NewCachedDiscoveryClientForConfig(config, discoveryCacheDir, httpCacheDir, time.Duration(10*time.Minute)) + return diskcached.NewCachedDiscoveryClientForConfig(config, discoveryCacheDir, httpCacheDir, 10*time.Minute) } // ToRESTMapper returns a mapper. diff --git a/pkg/controller/utils/utils.go b/pkg/controller/utils/utils.go index a660b6bbf..57fabb4e0 100644 --- a/pkg/controller/utils/utils.go +++ b/pkg/controller/utils/utils.go @@ -96,7 +96,7 @@ func SelectOAMAppLabelsWithoutRevision(labels map[string]string) map[string]stri } newLabel[k] = v } - if len(newLabel) <= 0 { + if len(newLabel) == 0 { return labels } return newLabel diff --git a/pkg/controller/v1alpha1/autoscaler/keda.go b/pkg/controller/v1alpha1/autoscaler/keda.go index 474ad2cf4..884853ac5 100644 --- a/pkg/controller/v1alpha1/autoscaler/keda.go +++ b/pkg/controller/v1alpha1/autoscaler/keda.go @@ -166,12 +166,12 @@ func (r *AutoscalerReconciler) prepareKEDACronScalerTriggerSpec(scaler v1alpha1. endHour := int(durationHour) + startHour if endMinite >= 60 { - endMinite = endMinite % 60 + endMinite %= 60 endHour++ } var durationOneMoreDay int if endHour >= 24 { - endHour = endHour % 24 + endHour %= 24 durationOneMoreDay = 1 } replicas, err := strconv.Atoi(triggerCondition.Replicas) diff --git a/pkg/controller/v1alpha1/podspecworkload/podspecworkload_controller.go b/pkg/controller/v1alpha1/podspecworkload/podspecworkload_controller.go index 61c290149..46335b5be 100644 --- a/pkg/controller/v1alpha1/podspecworkload/podspecworkload_controller.go +++ b/pkg/controller/v1alpha1/podspecworkload/podspecworkload_controller.go @@ -89,7 +89,7 @@ func (r *Reconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { log.Error(err, "workload", "name", workload.Name) eventObj = &workload } - deploy, err := r.renderDeployment(ctx, &workload) + deploy, err := r.renderDeployment(&workload) if err != nil { log.Error(err, "Failed to render a deployment") r.record.Event(eventObj, event.Warning(errRenderDeployment, err)) @@ -119,10 +119,10 @@ func (r *Reconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { } // Determine whether it is necessary to create a service.if container. - setPorts := r.checkContainerPortsSpecified(ctx, &workload) + setPorts := r.checkContainerPortsSpecified(&workload) if setPorts { // create a service for the workload - service, err := r.renderService(ctx, &workload) + service, err := r.renderService(&workload) if err != nil { log.Error(err, "Failed to render a service") r.record.Event(eventObj, event.Warning(errRenderService, err)) @@ -156,8 +156,7 @@ func (r *Reconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { } // create a corresponding deployment -func (r *Reconciler) renderDeployment(ctx context.Context, - workload *v1alpha1.PodSpecWorkload) (*appsv1.Deployment, error) { +func (r *Reconciler) renderDeployment(workload *v1alpha1.PodSpecWorkload) (*appsv1.Deployment, error) { // generate the deployment deploy := &appsv1.Deployment{ TypeMeta: metav1.TypeMeta{ @@ -210,8 +209,7 @@ func (r *Reconciler) renderDeployment(ctx context.Context, } // check whether the container port is specified -func (r *Reconciler) checkContainerPortsSpecified(ctx context.Context, - workload *v1alpha1.PodSpecWorkload) bool { +func (r *Reconciler) checkContainerPortsSpecified(workload *v1alpha1.PodSpecWorkload) bool { if workload == nil { return false } @@ -224,8 +222,7 @@ func (r *Reconciler) checkContainerPortsSpecified(ctx context.Context, } // create a service for the deployment -func (r *Reconciler) renderService(ctx context.Context, - workload *v1alpha1.PodSpecWorkload) (*corev1.Service, error) { +func (r *Reconciler) renderService(workload *v1alpha1.PodSpecWorkload) (*corev1.Service, error) { // create a service for the workload service := &corev1.Service{ TypeMeta: metav1.TypeMeta{ @@ -236,7 +233,7 @@ func (r *Reconciler) renderService(ctx context.Context, Name: workload.GetName(), Namespace: workload.GetNamespace(), Labels: map[string]string{ - labelNameKey: string(workload.GetName()), + labelNameKey: workload.GetName(), }, }, Spec: corev1.ServiceSpec{ diff --git a/pkg/controller/v1alpha1/routes/route_controller.go b/pkg/controller/v1alpha1/routes/route_controller.go index 0b6f0cef2..90639f626 100644 --- a/pkg/controller/v1alpha1/routes/route_controller.go +++ b/pkg/controller/v1alpha1/routes/route_controller.go @@ -165,12 +165,7 @@ func (r *Reconciler) discoveryAndFillBackend(ctx context.Context, mLog logr.Logg } } // try to see if the workload already has services in child childResources, and match for our route - err = r.fillBackendByCheckChildResource(mLog, routeTrait, childResources) - if err != nil && !apierrors.IsNotFound(err) { - r.record.Event(eventObj, event.Warning(common.ErrLocatingService, err)) - return nil, oamutil.PatchCondition(ctx, r, routeTrait, - cpv1alpha1.ReconcileError(errors.Wrap(err, common.ErrLocatingService))) - } + r.fillBackendByCheckChildResource(mLog, routeTrait, childResources) // Check if still need discovery after childResource filled. if NeedDiscovery(routeTrait) { @@ -286,9 +281,9 @@ func DiscoverPortsLabel(ctx context.Context, workload *unstructured.Unstructured // fetch the service that is associated with the workload func (r *Reconciler) fillBackendByCheckChildResource(mLog logr.Logger, - routeTrait *v1alpha1.Route, childResources []*unstructured.Unstructured) error { + routeTrait *v1alpha1.Route, childResources []*unstructured.Unstructured) { if len(childResources) == 0 { - return nil + return } // find the service that has the port for _, childRes := range childResources { @@ -307,7 +302,6 @@ func (r *Reconciler) fillBackendByCheckChildResource(mLog logr.Logger, FillRouteTraitWithService(&service, routeTrait) } } - return nil } // SetupWithManager setup with manager diff --git a/pkg/cue/convert.go b/pkg/cue/convert.go index 20929174e..af925454a 100644 --- a/pkg/cue/convert.go +++ b/pkg/cue/convert.go @@ -5,6 +5,7 @@ import ( "errors" "fmt" "io/ioutil" + "path/filepath" "strings" "cuelang.org/go/cue" @@ -23,7 +24,7 @@ const specValue = "parameter" // Eval evaluates the spec with the parameter values func Eval(templatePath string, value map[string]interface{}) (*unstructured.Unstructured, error) { r := cue.Runtime{} - b, err := ioutil.ReadFile(templatePath) + b, err := ioutil.ReadFile(filepath.Clean(templatePath)) if err != nil { return nil, err } @@ -60,7 +61,7 @@ func Eval(templatePath string, value map[string]interface{}) (*unstructured.Unst // GetParameters get parameter from cue template func GetParameters(templatePath string) ([]types.Parameter, error) { r := cue.Runtime{} - b, err := ioutil.ReadFile(templatePath) + b, err := ioutil.ReadFile(filepath.Clean(templatePath)) if err != nil { return nil, err } @@ -132,8 +133,9 @@ func getDefaultByKind(k cue.Kind) interface{} { case cue.NumberKind, cue.FloatKind: var d float64 return d + default: + // assume other cue kind won't be valid parameter } - // assume other cue kind won't be valid parameter return nil } @@ -156,6 +158,7 @@ func GetDefault(val cue.Value) interface{} { if d, err := val.Float64(); err == nil { return d } + default: } return getDefaultByKind(val.Kind()) } diff --git a/pkg/oam/application.go b/pkg/oam/application.go index 91d280471..e3cdab523 100644 --- a/pkg/oam/application.go +++ b/pkg/oam/application.go @@ -84,7 +84,7 @@ func ListApplications(ctx context.Context, c client.Client, opt Option) ([]apis. } // ListApplicationConfigurations lists all OAM ApplicationConfiguration -func ListApplicationConfigurations(ctx context.Context, c client.Client, opt Option) (corev1alpha2.ApplicationConfigurationList, error) { +func ListApplicationConfigurations(ctx context.Context, c client.Reader, opt Option) (corev1alpha2.ApplicationConfigurationList, error) { var appConfigList corev1alpha2.ApplicationConfigurationList if opt.AppName != "" { diff --git a/pkg/oam/capability.go b/pkg/oam/capability.go index 1f65dfb97..23e7c3400 100644 --- a/pkg/oam/capability.go +++ b/pkg/oam/capability.go @@ -87,7 +87,7 @@ func InstallCapability(client client.Client, mapper discoverymapper.DiscoveryMap switch tp.Type { case types.TypeWorkload: var wd v1alpha2.WorkloadDefinition - workloadData, err := ioutil.ReadFile(filepath.Join(repoDir, tp.CrdName+".yaml")) + workloadData, err := ioutil.ReadFile(filepath.Clean(filepath.Join(repoDir, tp.CrdName+".yaml"))) if err != nil { return nil } @@ -115,7 +115,7 @@ func InstallCapability(client client.Client, mapper discoverymapper.DiscoveryMap } case types.TypeTrait: var td v1alpha2.TraitDefinition - traitdata, err := ioutil.ReadFile(filepath.Join(repoDir, tp.CrdName+".yaml")) + traitdata, err := ioutil.ReadFile(filepath.Clean(filepath.Join(repoDir, tp.CrdName+".yaml"))) if err != nil { return nil } @@ -249,6 +249,8 @@ func UninstallCap(client client.Client, cap types.Capability, ioStreams cmdutil. obj = &v1alpha2.TraitDefinition{ObjectMeta: v1.ObjectMeta{Name: cap.Name, Namespace: types.DefaultKubeVelaNS}} case types.TypeWorkload: obj = &v1alpha2.WorkloadDefinition{ObjectMeta: v1.ObjectMeta{Name: cap.Name, Namespace: types.DefaultKubeVelaNS}} + case types.TypeScope: + return fmt.Errorf("uninstall scope capability was not supported yet") } if err := client.Delete(ctx, obj); err != nil { return err @@ -268,6 +270,8 @@ func UninstallCap(client client.Client, cap types.Capability, ioStreams cmdutil. return os.Remove(filepath.Join(capdir, "traits", cap.Name)) case types.TypeWorkload: return os.Remove(filepath.Join(capdir, "workloads", cap.Name)) + case types.TypeScope: + // TODO(wonderflow): add scope remove here. } ioStreams.Infof("%s removed successfully", cap.Name) return nil diff --git a/pkg/oam/trait.go b/pkg/oam/trait.go index 46cf704e2..a360f456e 100644 --- a/pkg/oam/trait.go +++ b/pkg/oam/trait.go @@ -146,6 +146,8 @@ func ValidateAndMutateForCore(traitType, workloadName string, flags *pflag.FlagS return fmt.Errorf("set flag for vela-core trait('route') err %v, please make sure your template is right", err) } } + default: + // extend other trait here in the future } return nil } @@ -182,6 +184,9 @@ func AddOrUpdateTrait(env *types.EnvMeta, appName string, componentName string, traitData[v.Name], err = flagSet.GetBool(name) case cue.NumberKind, cue.FloatKind: traitData[v.Name], err = flagSet.GetFloat64(name) + default: + // Currently we don't support get value from complex type + continue } if err != nil { diff --git a/pkg/oam/workload.go b/pkg/oam/workload.go index 5bd80d034..1588d0005 100644 --- a/pkg/oam/workload.go +++ b/pkg/oam/workload.go @@ -87,6 +87,9 @@ func BaseComplete(envName string, workloadName string, appName string, flagSet * workloadData[v.Name], err = flagSet.GetBool(name) case cue.NumberKind, cue.FloatKind: workloadData[v.Name], err = flagSet.GetFloat64(name) + default: + // Currently we don't support get value from complex type + continue } if err != nil { if strings.Contains(err.Error(), "of flag of type string") { @@ -98,6 +101,8 @@ func BaseComplete(envName string, workloadName string, appName string, flagSet * workloadData[v.Name], err = strconv.ParseBool(data) case cue.NumberKind, cue.FloatKind: workloadData[v.Name], err = strconv.ParseFloat(data, 64) + default: + return nil, fmt.Errorf("should not get string from type(%s) for parameter \"%s\"", v.Type.String(), name) } if err != nil { return nil, fmt.Errorf("get flag(s) \"%s\" err %v", v.Name, err) @@ -113,11 +118,11 @@ func BaseComplete(envName string, workloadName string, appName string, flagSet * return app, app.Save(envName) } -func BaseRun(staging bool, app *application.Application, kubeClient client.Client, Env *types.EnvMeta, io cmdutil.IOStreams) (string, error) { +func BaseRun(staging bool, app *application.Application, kubeClient client.Client, env *types.EnvMeta, io cmdutil.IOStreams) (string, error) { if staging { return "Staging saved", nil } - if err := app.BuildRun(context.Background(), kubeClient, Env, io); err != nil { + if err := app.BuildRun(context.Background(), kubeClient, env, io); err != nil { err = fmt.Errorf("create app err: %s", err) return "", err } diff --git a/pkg/plugins/capcenter.go b/pkg/plugins/capcenter.go index 721c687da..10de45631 100644 --- a/pkg/plugins/capcenter.go +++ b/pkg/plugins/capcenter.go @@ -51,6 +51,7 @@ func NewCenterClient(ctx context.Context, name, address, token string) (CenterCl switch Type { case TypeGithub: return NewGithubCenter(ctx, token, name, cfg) + default: } return nil, errors.New("we only support github as repository now") } @@ -132,7 +133,7 @@ func LoadRepos() ([]CapCenterConfig, error) { if err != nil { return nil, err } - data, err := ioutil.ReadFile(config) + data, err := ioutil.ReadFile(filepath.Clean(config)) if err != nil { if os.IsNotExist(err) { return []CapCenterConfig{}, nil @@ -156,6 +157,7 @@ func StoreRepos(repos []CapCenterConfig) error { if err != nil { return err } + //nolint:gosec return ioutil.WriteFile(config, data, 0644) } @@ -244,6 +246,7 @@ func (g *GithubCenter) SyncCapabilityFromCenter() error { fmt.Printf("parse definition of %s err %v\n", *fileContent.Name, err) continue } + //nolint:gosec err = ioutil.WriteFile(filepath.Join(repoDir, tmp.CrdName+".yaml"), data, 0644) if err != nil { fmt.Printf("write definition %s to %s err %v\n", tmp.CrdName+".yaml", repoDir, err) diff --git a/pkg/plugins/cluster.go b/pkg/plugins/cluster.go index b4975facf..8e3dceccd 100644 --- a/pkg/plugins/cluster.go +++ b/pkg/plugins/cluster.go @@ -171,6 +171,7 @@ func HandleTemplate(in *runtime.RawExtension, name, syncDir string) (types.Capab if err != nil { return types.Capability{}, err } + //nolint:errcheck defer res.Body.Close() b, err := ioutil.ReadAll(res.Body) if err != nil { @@ -186,6 +187,7 @@ func HandleTemplate(in *runtime.RawExtension, name, syncDir string) (types.Capab } _, _ = system.CreateIfNotExist(syncDir) filePath := filepath.Join(syncDir, name+".cue") + //nolint:gosec err = ioutil.WriteFile(filePath, []byte(cueTemplate), 0644) if err != nil { return types.Capability{}, err diff --git a/pkg/plugins/local.go b/pkg/plugins/local.go index 5869f4e42..9463e33de 100644 --- a/pkg/plugins/local.go +++ b/pkg/plugins/local.go @@ -87,7 +87,7 @@ func loadInstalledCapability(dir string, capAlias string) ([]types.Capability, e if strings.HasSuffix(f.Name(), ".cue") { continue } - data, err := ioutil.ReadFile(filepath.Join(dir, f.Name())) + data, err := ioutil.ReadFile(filepath.Clean(filepath.Join(dir, f.Name()))) if err != nil { fmt.Printf("read file %s err %v\n", f.Name(), err) continue @@ -120,6 +120,8 @@ func GetSubDir(dir string, capT types.CapType) string { return filepath.Join(dir, "workloads") case types.TypeTrait: return filepath.Join(dir, "traits") + case types.TypeScope: + return filepath.Join(dir, "scopes") } return dir } @@ -135,7 +137,8 @@ func SinkTemp2Local(templates []types.Capability, dir string) int { fmt.Printf("sync %s err: %v\n", tmp.Name, err) continue } - err = ioutil.WriteFile(filepath.Join(subDir, tmp.Name), data, 0o644) + //nolint:gosec + err = ioutil.WriteFile(filepath.Join(subDir, tmp.Name), data, 0644) if err != nil { fmt.Printf("sync %s err: %v\n", tmp.Name, err) continue @@ -148,7 +151,7 @@ func SinkTemp2Local(templates []types.Capability, dir string) int { // RemoveLegacyTemps will remove capability definitions under `dir` but not included in `retainedTemps`. func RemoveLegacyTemps(retainedTemps []types.Capability, dir string) int { success := 0 - retainedFiles := []string{} + var retainedFiles []string subDirs := []string{GetSubDir(dir, types.TypeWorkload), GetSubDir(dir, types.TypeTrait)} for _, tmp := range retainedTemps { subDir := GetSubDir(dir, tmp.Type) @@ -197,7 +200,7 @@ func LoadCapabilityFromSyncedCenter(dir string) ([]types.Capability, error) { if strings.HasSuffix(f.Name(), ".cue") { continue } - data, err := ioutil.ReadFile(filepath.Join(dir, f.Name())) + data, err := ioutil.ReadFile(filepath.Clean(filepath.Join(dir, f.Name()))) if err != nil { fmt.Printf("read file %s err %v\n", f.Name(), err) continue diff --git a/pkg/server/traitHandler.go b/pkg/server/traitHandler.go index ae946ee59..4d3b18142 100644 --- a/pkg/server/traitHandler.go +++ b/pkg/server/traitHandler.go @@ -1,6 +1,7 @@ package server import ( + "context" "os" "strconv" @@ -84,7 +85,7 @@ func (s *APIServer) DetachTrait(c *gin.Context) { util.AssembleResponse(c, msg, nil) } -func (s *APIServer) DoAttachTrait(c *gin.Context, body apis.TraitBody) (string, error) { +func (s *APIServer) DoAttachTrait(c context.Context, body apis.TraitBody) (string, error) { // Prepare var appObj *application.Application fs := pflag.NewFlagSet("trait", pflag.ContinueOnError) @@ -118,7 +119,7 @@ func (s *APIServer) DoAttachTrait(c *gin.Context, body apis.TraitBody) (string, return oam.TraitOperationRun(c, s.KubeClient, env, appObj, staging, io) } -func (s *APIServer) DoDetachTrait(c *gin.Context, envName string, traitType string, componentName string, appName string, staging bool) (string, error) { +func (s *APIServer) DoDetachTrait(c context.Context, envName string, traitType string, componentName string, appName string, staging bool) (string, error) { var appObj *application.Application var err error if appName == "" { diff --git a/pkg/server/util/errors.go b/pkg/server/util/errors.go index b2645ef41..0472f8370 100644 --- a/pkg/server/util/errors.go +++ b/pkg/server/util/errors.go @@ -54,16 +54,20 @@ func ConstructError(ec Code, a ...interface{}) error { msg := "" // the number of keys should be equal to the number of placeholders defined in ErrorCode.Message. c := strings.Count(ec.Message(), "%") - if a == nil && c > 0 || - a != nil && (c != len(a) || a[0] == nil) { - ctrl.Log.Error(fmt.Errorf("Args '%v' do not match placeholders in the msg '%s'", a, ec.Message()), - "Invalid error message argument") - } else if len(a) == 0 || a[0] == nil { - msg = ec.Message() - } else { + switch { + case a == nil && c > 0 || + a != nil && (c != len(a) || a[0] == nil): + { + ctrl.Log.Error(fmt.Errorf("Args '%v' do not match placeholders in the msg '%s'", a, ec.Message()), + "Invalid error message argument") + } + case len(a) == 0 || a[0] == nil: + { + msg = ec.Message() + } + default: msg = fmt.Sprintf(ec.Message(), a...) } - return errors.New(msg) } diff --git a/pkg/utils/config/config.go b/pkg/utils/config/config.go index adbc39dd3..30176711a 100644 --- a/pkg/utils/config/config.go +++ b/pkg/utils/config/config.go @@ -51,7 +51,7 @@ func ReadConfig(envName, configName string) ([]byte, error) { return nil, err } cfgFile := filepath.Join(d, configName) - b, err := ioutil.ReadFile(cfgFile) + b, err := ioutil.ReadFile(filepath.Clean(cfgFile)) if os.IsNotExist(err) { return []byte{}, nil } diff --git a/pkg/utils/env/env.go b/pkg/utils/env/env.go index 7cc22fdf8..7f6f9be39 100644 --- a/pkg/utils/env/env.go +++ b/pkg/utils/env/env.go @@ -119,6 +119,7 @@ func CreateOrUpdateEnv(ctx context.Context, c client.Client, envName string, env if _, err = system.CreateIfNotExist(subEnvDir); err != nil { return message, err } + // nolint:gosec if err = ioutil.WriteFile(filepath.Join(subEnvDir, system.EnvConfigName), data, 0644); err != nil { return message, err } @@ -126,6 +127,7 @@ func CreateOrUpdateEnv(ctx context.Context, c client.Client, envName string, env if err != nil { return message, err } + // nolint:gosec if err = ioutil.WriteFile(curEnvPath, []byte(envName), 0644); err != nil { return message, err } @@ -167,6 +169,7 @@ func UpdateEnv(ctx context.Context, c client.Client, envName string, namespace s return message, err } subEnvDir := filepath.Join(envdir, envName) + // nolint:gosec if err = ioutil.WriteFile(filepath.Join(subEnvDir, system.EnvConfigName), data, 0644); err != nil { return message, err } @@ -226,7 +229,7 @@ func GetCurrentEnvName() (string, error) { if err != nil { return "", err } - data, err := ioutil.ReadFile(currentEnvPath) + data, err := ioutil.ReadFile(filepath.Clean(currentEnvPath)) if err != nil { return "", err } @@ -274,6 +277,7 @@ func SetEnv(envName string) (string, error) { if err != nil { return msg, err } + //nolint:gosec if err = ioutil.WriteFile(currentEnvPath, []byte(envName), 0644); err != nil { return msg, err } diff --git a/pkg/utils/system/system.go b/pkg/utils/system/system.go index 8b774604d..c04b2948f 100644 --- a/pkg/utils/system/system.go +++ b/pkg/utils/system/system.go @@ -132,6 +132,7 @@ func InitDefaultEnv() error { return nil } data, _ := json.Marshal(&types.EnvMeta{Namespace: types.DefaultAppNamespace, Name: types.DefaultEnvName}) + //nolint:gosec if err = ioutil.WriteFile(filepath.Join(defaultEnvDir, EnvConfigName), data, 0644); err != nil { return err } @@ -139,6 +140,7 @@ func InitDefaultEnv() error { if err != nil { return err } + //nolint:gosec if err = ioutil.WriteFile(curEnvPath, []byte(types.DefaultEnvName), 0644); err != nil { return err } @@ -150,6 +152,7 @@ func CreateIfNotExist(dir string) (bool, error) { _, err := os.Stat(dir) if err != nil { if os.IsNotExist(err) { + // nolint:gosec return false, os.MkdirAll(dir, 0755) } return false, err diff --git a/pkg/webhook/metrics/validating_handler.go b/pkg/webhook/metrics/validating_handler.go index 51bc66fad..193013c67 100644 --- a/pkg/webhook/metrics/validating_handler.go +++ b/pkg/webhook/metrics/validating_handler.go @@ -72,6 +72,8 @@ func (h *ValidatingHandler) Handle(ctx context.Context, req admission.Request) a validatelog.Info("update failed", "name", obj.Name, "err", allErrs.ToAggregate().Error()) return admission.Errored(http.StatusUnprocessableEntity, allErrs.ToAggregate()) } + default: + // Do nothing for DELETE and CONNECT } return admission.ValidationResponse(true, "")