From 8811713ef489a12fec2d9b6e5bc5291a9da6b57c Mon Sep 17 00:00:00 2001 From: Daniel Mikusa Date: Thu, 10 Oct 2024 16:57:28 -0400 Subject: [PATCH 1/2] Add CopyFileFrom Resolves #354. Adds CopyFileFrom convenience method that opens the source file and delegates to CopyFile. Signed-off-by: Daniel Mikusa --- sherpa/copy_file.go | 14 +++++++++- sherpa/copy_file_test.go | 55 ++++++++++++++++++++++++++++++---------- 2 files changed, 54 insertions(+), 15 deletions(-) diff --git a/sherpa/copy_file.go b/sherpa/copy_file.go index a3bece6..9c8b12b 100644 --- a/sherpa/copy_file.go +++ b/sherpa/copy_file.go @@ -1,5 +1,5 @@ /* - * Copyright 2018-2020 the original author or authors. + * Copyright 2018-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -48,3 +48,15 @@ func CopyFile(source *os.File, destination string) error { return nil } + +// CopyFileFrom copies a file from the source to the destination. It ensures that the parent directory is created and +// matches the source and destination permissions. +func CopyFileFrom(source string, destination string) error { + in, err := os.Open(source) + if err != nil { + return fmt.Errorf("unable to open %s\n%w", source, err) + } + defer in.Close() + + return CopyFile(in, destination) +} diff --git a/sherpa/copy_file_test.go b/sherpa/copy_file_test.go index ffceee7..875ef08 100644 --- a/sherpa/copy_file_test.go +++ b/sherpa/copy_file_test.go @@ -1,5 +1,5 @@ /* - * Copyright 2018-2020 the original author or authors. + * Copyright 2018-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,9 @@ package sherpa_test import ( + "fmt" "os" + "path/filepath" "testing" . "github.com/onsi/gomega" @@ -30,35 +32,60 @@ func testCopyFile(t *testing.T, context spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect - source *os.File - destination string + rootPath string + sourcePath string ) + expectFilePermissionsToMatch := func(destination string, fileMode os.FileMode) { + fileInfo, err := os.Stat(destination) + fmt.Println("eperms:", fileInfo.Mode().Perm().String()) + Expect(err).NotTo(HaveOccurred()) + Expect(fileInfo.Mode().Perm().String()).To(Equal(fileMode.String())) + } + it.Before(func() { var err error - source, err = os.CreateTemp("", "copy-file") + rootPath = t.TempDir() + + source, err := os.CreateTemp(rootPath, "source.txt") Expect(err).NotTo(HaveOccurred()) + sourcePath = source.Name() + _, err = source.WriteString("test") Expect(err).NotTo(HaveOccurred()) Expect(source.Close()).To(Succeed()) - source, err = os.Open(source.Name()) - Expect(err).NotTo(HaveOccurred()) - - f, err := os.CreateTemp("", "copy-file") - Expect(err).NotTo(HaveOccurred()) - Expect(f.Close()).To(Succeed()) - destination = f.Name() }) it.After(func() { - Expect(os.RemoveAll(source.Name())).To(Succeed()) - Expect(os.RemoveAll(destination)).To(Succeed()) + Expect(os.RemoveAll(rootPath)).To(Succeed()) }) - it("create listing", func() { + it("copy file with permissions", func() { + destination := filepath.Join(rootPath, "destination/nested/destination.txt") + + source, err := os.Open(sourcePath) + Expect(err).NotTo(HaveOccurred()) defer source.Close() + + expectedMode := os.FileMode(0640) + Expect(os.Chmod(sourcePath, expectedMode)).To(Succeed()) + Expect(sherpa.CopyFile(source, destination)).To(Succeed()) Expect(os.ReadFile(destination)).To(Equal([]byte("test"))) + + expectFilePermissionsToMatch(destination, expectedMode) + }) + + it.Focus("copy file from string path with permissions", func() { + destination := filepath.Join(rootPath, "destination/other-nested/destination.txt") + + expectedMode := os.FileMode(0440) + Expect(os.Chmod(sourcePath, expectedMode)).To(Succeed()) + + Expect(sherpa.CopyFileFrom(sourcePath, destination)).To(Succeed()) + Expect(os.ReadFile(destination)).To(Equal([]byte("test"))) + + expectFilePermissionsToMatch(destination, expectedMode) }) } From 86919f9e58a2a5d0be3b7204fca4f8ed814fe13d Mon Sep 17 00:00:00 2001 From: Daniel Mikusa Date: Sat, 12 Oct 2024 22:11:34 -0400 Subject: [PATCH 2/2] Fix lints Enables all of the linters that were commented out and resolves the lints. Signed-off-by: Daniel Mikusa --- build_test.go | 6 +- buildmodule.go | 20 +-- buildmodule_test.go | 4 +- buildpack_plan_test.go | 6 +- carton/build_image_dependency.go | 2 +- carton/build_image_dependency_test.go | 2 +- carton/buildmodule_dependency.go | 8 +- carton/buildmodule_dependency_test.go | 14 +- carton/lifecycle_dependency.go | 2 +- carton/lifecycle_dependency_test.go | 2 +- carton/netrc.go | 2 +- carton/netrc_test.go | 8 +- carton/package_dependency.go | 8 +- carton/package_dependency_test.go | 15 +- carton/package_test.go | 11 +- crush/crush.go | 65 +------- crush/crush_test.go | 230 +++++++------------------- dependency_cache.go | 30 ++-- dependency_cache_test.go | 28 ++-- detect_test.go | 6 +- effect/executor.go | 1 + effect/executor_unix.go | 1 + formatter_test.go | 5 +- generate_test.go | 6 +- golangci.yaml | 22 ++- internal/entry_writer_test.go | 1 - internal/environment_writer.go | 1 + internal/exit_handler_test.go | 2 +- internal/toml_marshal_test.go | 5 +- internal/toml_writer.go | 2 + internal/toml_writer_test.go | 2 - layer_test.go | 74 ++++----- log/formatter_test.go | 5 +- log/logger.go | 4 +- log/logger_test.go | 7 +- log/writer_test.go | 3 +- main.go | 1 + main_test.go | 39 +++-- sbom/sbom.go | 24 ++- sbom/sbom_test.go | 34 ++-- sherpa/copy_dir_test.go | 2 +- sherpa/copy_file_test.go | 2 +- sherpa/env_var_test.go | 3 - sherpa/exists.go | 44 +++-- sherpa/exists_test.go | 9 +- sherpa/file_listing_test.go | 24 +-- sherpa/nodejs_test.go | 6 +- sherpa/sherpa_test.go | 3 - stack_test.go | 7 +- 49 files changed, 333 insertions(+), 475 deletions(-) diff --git a/build_test.go b/build_test.go index a988277..1e60ec6 100644 --- a/build_test.go +++ b/build_test.go @@ -32,7 +32,7 @@ import ( "github.com/paketo-buildpacks/libpak/v2/log" ) -func testBuild(t *testing.T, context spec.G, it spec.S) { +func testBuild(t *testing.T, _ spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect @@ -123,9 +123,9 @@ api = "0.8" [buildpack] name = "test-name" version = "test-version"`), - 0644)).To(Succeed()) + 0600)).To(Succeed()) - libpak.Build(func(ctx libcnb.BuildContext) (libcnb.BuildResult, error) { + libpak.Build(func(_ libcnb.BuildContext) (libcnb.BuildResult, error) { return libcnb.BuildResult{}, fmt.Errorf("test-error") }, libcnb.WithArguments([]string{commandPath, layersPath, platformPath, buildpackPlanPath}), diff --git a/buildmodule.go b/buildmodule.go index 0f41d06..b7a2b45 100644 --- a/buildmodule.go +++ b/buildmodule.go @@ -122,18 +122,18 @@ func (b BuildModuleDependency) GetMetadata() DependencyLayerContributorMetadata // Equals compares the 2 structs if they are equal. This is very simiar to reflect.DeepEqual // except that properties that will not work (e.g. DeprecationDate) are ignored. -func (b1 BuildModuleDependency) Equals(b2 BuildModuleDependency) bool { - b1.DeprecationDate = b1.DeprecationDate.Truncate(time.Second).In(time.UTC) - b2.DeprecationDate = b2.DeprecationDate.Truncate(time.Second).In(time.UTC) +func (b BuildModuleDependency) Equals(other BuildModuleDependency) bool { + b.DeprecationDate = b.DeprecationDate.Truncate(time.Second).In(time.UTC) + other.DeprecationDate = other.DeprecationDate.Truncate(time.Second).In(time.UTC) - if len(b1.CPEs) == 0 { - b1.CPEs = nil + if len(b.CPEs) == 0 { + b.CPEs = nil } - if len(b2.CPEs) == 0 { - b2.CPEs = nil + if len(other.CPEs) == 0 { + other.CPEs = nil } - return reflect.DeepEqual(b1, b2) + return reflect.DeepEqual(b, other) } // AsSyftArtifact renders a bill of materials entry describing the dependency as Syft. @@ -461,8 +461,8 @@ type DependencyResolver struct { } // NewDependencyResolver creates a new instance from the build module metadata and stack id. -func NewDependencyResolver(md BuildModuleMetadata, stackId string) (DependencyResolver, error) { - return DependencyResolver{Dependencies: md.Dependencies, StackID: stackId}, nil +func NewDependencyResolver(md BuildModuleMetadata, stackID string) (DependencyResolver, error) { + return DependencyResolver{Dependencies: md.Dependencies, StackID: stackID}, nil } // NoValidDependenciesError is returned when the resolver cannot find any valid dependencies given the constraints. diff --git a/buildmodule_test.go b/buildmodule_test.go index 2a70a9d..02be140 100644 --- a/buildmodule_test.go +++ b/buildmodule_test.go @@ -631,12 +631,12 @@ func testBuildpack(t *testing.T, context spec.G, it spec.S) { } for _, dependency := range resolver.Dependencies { - resolver.Resolve(dependency.ID, "") + _, err := resolver.Resolve(dependency.ID, "") + Expect(err).ToNot(HaveOccurred()) } Expect(buff.String()).To(Equal(fmt.Sprintf(" \x1b[33mDeprecation Notice:\x1b[0m\n\x1b[2m \x1b[33mVersion 1.1 of soon-deprecated-dependency will be deprecated after %s.\x1b[0m\x1b[2m\x1b[0m\n\x1b[2m \x1b[33mMigrate your application to a supported version of soon-deprecated-dependency before this time.\x1b[0m\x1b[2m\x1b[0m\n \x1b[33mDeprecation Notice:\x1b[0m\n\x1b[2m \x1b[33mVersion 1.1 of deprecated-dependency is deprecated.\x1b[0m\x1b[2m\x1b[0m\n\x1b[2m \x1b[33mMigrate your application to a supported version of deprecated-dependency.\x1b[0m\x1b[2m\x1b[0m\n", soonDeprecated.Format("2006-01-02")))) }) - }) it("indicates whether error is NoValidDependenciesError", func() { diff --git a/buildpack_plan_test.go b/buildpack_plan_test.go index d2254d0..961924b 100644 --- a/buildpack_plan_test.go +++ b/buildpack_plan_test.go @@ -32,7 +32,6 @@ func testBuildpackPlan(t *testing.T, context spec.G, it spec.S) { ) context("ShallowMerge", func() { - it("merges with empty", func() { a := libcnb.BuildpackPlanEntry{} b := libcnb.BuildpackPlanEntry{Name: "test-name"} @@ -109,11 +108,9 @@ func testBuildpackPlan(t *testing.T, context spec.G, it spec.S) { Expect(libpak.ShallowMerge(a, b)).To(Equal(expected)) }) }) - }) context("PlanEntryResolver", func() { - context("ResolveWithMerge", func() { var ( resolver = libpak.PlanEntryResolver{} @@ -135,7 +132,7 @@ func testBuildpackPlan(t *testing.T, context spec.G, it spec.S) { } }) - var f = func(a, b libcnb.BuildpackPlanEntry) (libcnb.BuildpackPlanEntry, error) { + var f = func(_, b libcnb.BuildpackPlanEntry) (libcnb.BuildpackPlanEntry, error) { return b, nil } @@ -165,7 +162,6 @@ func testBuildpackPlan(t *testing.T, context spec.G, it spec.S) { }) context("Resolve", func() { - it("merges with empty", func() { a := libcnb.BuildpackPlanEntry{} b := libcnb.BuildpackPlanEntry{Name: "test-name"} diff --git a/carton/build_image_dependency.go b/carton/build_image_dependency.go index af3b960..2491a93 100644 --- a/carton/build_image_dependency.go +++ b/carton/build_image_dependency.go @@ -63,9 +63,9 @@ func (i BuildImageDependency) Update(options ...Option) { s := fmt.Sprintf(ImageDependencySubstitution, i.Version) c = r.ReplaceAll(c, []byte(s)) + // #nosec G306 - permissions need to be 644 on the builder if err := os.WriteFile(i.BuilderPath, c, 0644); err != nil { config.exitHandler.Error(fmt.Errorf("unable to write %s\n%w", i.BuilderPath, err)) return } - } diff --git a/carton/build_image_dependency_test.go b/carton/build_image_dependency_test.go index 646133f..bfb9a4c 100644 --- a/carton/build_image_dependency_test.go +++ b/carton/build_image_dependency_test.go @@ -28,7 +28,7 @@ import ( "github.com/paketo-buildpacks/libpak/v2/carton" ) -func testBuildImageDependency(t *testing.T, context spec.G, it spec.S) { +func testBuildImageDependency(t *testing.T, _ spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect diff --git a/carton/buildmodule_dependency.go b/carton/buildmodule_dependency.go index 0722c9a..88ff780 100644 --- a/carton/buildmodule_dependency.go +++ b/carton/buildmodule_dependency.go @@ -23,6 +23,7 @@ import ( "regexp" "github.com/BurntSushi/toml" + "github.com/paketo-buildpacks/libpak/v2/internal" "github.com/paketo-buildpacks/libpak/v2/log" ) @@ -128,16 +129,16 @@ func (b BuildModuleDependency) Update(options ...Option) { } for _, dep := range dependencies { - depIdUnwrapped, found := dep["id"] + depIDUnwrapped, found := dep["id"] if !found { continue } - depId, ok := depIdUnwrapped.(string) + depID, ok := depIDUnwrapped.(string) if !ok { continue } - if depId == b.ID { + if depID == b.ID { depVersionUnwrapped, found := dep["version"] if !found { continue @@ -186,6 +187,7 @@ func (b BuildModuleDependency) Update(options ...Option) { c = append(comments, c...) + // #nosec G306 - permissions need to be 644 on the build module if err := os.WriteFile(b.BuildModulePath, c, 0644); err != nil { config.exitHandler.Error(fmt.Errorf("unable to write %s\n%w", b.BuildModulePath, err)) return diff --git a/carton/buildmodule_dependency_test.go b/carton/buildmodule_dependency_test.go index 0920396..5aab269 100644 --- a/carton/buildmodule_dependency_test.go +++ b/carton/buildmodule_dependency_test.go @@ -67,7 +67,7 @@ version = "test-version-1" uri = "test-uri-1" sha256 = "test-sha256-1" stacks = [ "test-stack" ] -`), 0644)).To(Succeed()) +`), 0600)).To(Succeed()) d := carton.BuildModuleDependency{ BuildModulePath: path, @@ -112,7 +112,7 @@ sha256 = "test-sha256-1" stacks = [ "test-stack" ] purl = "pkg:generic/test-jre@different-version-1?arch=amd64" cpes = ["cpe:2.3:a:test-vendor:test-product:test-version-1:patch1:*:*:*:*:*:*:*"] -`), 0644)).To(Succeed()) +`), 0600)).To(Succeed()) d := carton.BuildModuleDependency{ BuildModulePath: path, @@ -173,7 +173,7 @@ sha256 = "test-sha256-2" stacks = [ "test-stack" ] purl = "pkg:generic/test-jre@different-version-2?arch=amd64" cpes = ["cpe:2.3:a:test-vendor:test-product:test-version-2:patch2:*:*:*:*:*:*:*"] -`), 0644)).To(Succeed()) +`), 0600)).To(Succeed()) d := carton.BuildModuleDependency{ BuildModulePath: path, @@ -233,7 +233,7 @@ uri = "test-uri-1" sha256 = "test-sha256-1" stacks = [ "test-stack" ] cpes = ["cpe:2.3:a:test-vendor:test-product:test-version-1:patch1:*:*:*:*:*:*:*"] -`), 0644)).To(Succeed()) +`), 0600)).To(Succeed()) d := carton.BuildModuleDependency{ BuildModulePath: path, @@ -283,7 +283,7 @@ sha256 = "test-sha256-1" stacks = [ "test-stack" ] purl = 1234 cpes = ["cpe:2.3:a:test-vendor:test-product:test-version-1:patch1:*:*:*:*:*:*:*"] -`), 0644)).To(Succeed()) +`), 0600)).To(Succeed()) d := carton.BuildModuleDependency{ BuildModulePath: path, @@ -334,7 +334,7 @@ sha256 = "test-sha256-1" stacks = [ "test-stack" ] purl = "pkg:generic/test-jre@different-version-1?arch=amd64" cpes = 1234 -`), 0644)).To(Succeed()) +`), 0600)).To(Succeed()) d := carton.BuildModuleDependency{ BuildModulePath: path, @@ -387,7 +387,7 @@ version = "1.2.3" uri = "test-uri-1" sha256 = "test-sha256-1" stacks = [ "test-stack" ] -`), 0644)).To(Succeed()) +`), 0600)).To(Succeed()) d := carton.BuildModuleDependency{ BuildModulePath: path, diff --git a/carton/lifecycle_dependency.go b/carton/lifecycle_dependency.go index d4636c2..d7a3674 100644 --- a/carton/lifecycle_dependency.go +++ b/carton/lifecycle_dependency.go @@ -63,9 +63,9 @@ func (l LifecycleDependency) Update(options ...Option) { s := fmt.Sprintf(LifecycleDependencySubstitution, l.Version) c = r.ReplaceAll(c, []byte(s)) + // #nosec G306 - permissions need to be 644 on the builder if err := os.WriteFile(l.BuilderPath, c, 0644); err != nil { config.exitHandler.Error(fmt.Errorf("unable to write %s\n%w", l.BuilderPath, err)) return } - } diff --git a/carton/lifecycle_dependency_test.go b/carton/lifecycle_dependency_test.go index 89da324..4c029cc 100644 --- a/carton/lifecycle_dependency_test.go +++ b/carton/lifecycle_dependency_test.go @@ -28,7 +28,7 @@ import ( "github.com/paketo-buildpacks/libpak/v2/carton" ) -func testLifecycleDependency(t *testing.T, context spec.G, it spec.S) { +func testLifecycleDependency(t *testing.T, _ spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect diff --git a/carton/netrc.go b/carton/netrc.go index bb7a1c9..8a1e79e 100644 --- a/carton/netrc.go +++ b/carton/netrc.go @@ -76,7 +76,7 @@ func ParseNetrc(path string) (Netrc, error) { i += 2 case "default": l = NetrcLine{Machine: "default"} - i += 1 + i++ case "login": l.Login = f[i+1] i += 2 diff --git a/carton/netrc_test.go b/carton/netrc_test.go index 6902467..ddfd1af 100644 --- a/carton/netrc_test.go +++ b/carton/netrc_test.go @@ -74,7 +74,7 @@ func testNetrc(t *testing.T, context spec.G, it spec.S) { context("parse", func() { it("parses one-liner", func() { - Expect(os.WriteFile(path, []byte(`machine test-machine login test-login password test-password`), 0644)).To(Succeed()) + Expect(os.WriteFile(path, []byte(`machine test-machine login test-login password test-password`), 0600)).To(Succeed()) Expect(carton.ParseNetrc(path)).To(Equal(carton.Netrc{ { @@ -90,7 +90,7 @@ func testNetrc(t *testing.T, context spec.G, it spec.S) { machine test-machine login test-login password test-password -`), 0644)).To(Succeed()) +`), 0600)).To(Succeed()) Expect(carton.ParseNetrc(path)).To(Equal(carton.Netrc{ { @@ -110,7 +110,7 @@ macdef uploadtest quit machine test-machine login test-login password test-password -`), 0644)).To(Succeed()) +`), 0600)).To(Succeed()) Expect(carton.ParseNetrc(path)).To(Equal(carton.Netrc{ { @@ -130,7 +130,7 @@ login test-login-2 password test-password-2 machine test-machine-3 login test-login-3 password test-password-3 -`), 0644)).To(Succeed()) +`), 0600)).To(Succeed()) Expect(carton.ParseNetrc(path)).To(Equal(carton.Netrc{ { diff --git a/carton/package_dependency.go b/carton/package_dependency.go index 174de0c..e109457 100644 --- a/carton/package_dependency.go +++ b/carton/package_dependency.go @@ -23,6 +23,7 @@ import ( "strings" "github.com/BurntSushi/toml" + "github.com/paketo-buildpacks/libpak/v2/internal" "github.com/paketo-buildpacks/libpak/v2/log" ) @@ -92,17 +93,17 @@ func (p PackageDependency) Update(options ...Option) { continue } - bpIdUnwrappd, found := bp["id"] + bpIDUnwrappd, found := bp["id"] if !found { continue } - bpId, ok := bpIdUnwrappd.(string) + bpID, ok := bpIDUnwrappd.(string) if !ok { continue } - if bpId == id { + if bpID == id { bp["version"] = p.Version } } @@ -180,6 +181,7 @@ func updateFile(cfgPath string, f func(md map[string]interface{})) error { b = append(comments, b...) + // #nosec G306 - permissions need to be 644 on the package if err := os.WriteFile(cfgPath, b, 0644); err != nil { return fmt.Errorf("unable to write %s\n%w", cfgPath, err) } diff --git a/carton/package_dependency_test.go b/carton/package_dependency_test.go index 191bbd8..b9627c8 100644 --- a/carton/package_dependency_test.go +++ b/carton/package_dependency_test.go @@ -29,7 +29,7 @@ import ( "github.com/paketo-buildpacks/libpak/v2/internal" ) -func testPackageDependency(t *testing.T, context spec.G, it spec.S) { +func testPackageDependency(t *testing.T, _ spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect @@ -73,7 +73,7 @@ include-files = [ "LICENSE", "README.md", "buildpack.toml", -]`), 0644)).To(Succeed()) +]`), 0600)).To(Succeed()) p := carton.PackageDependency{ BuildpackPath: path, @@ -114,7 +114,7 @@ include-files = ["LICENSE","README.md","buildpack.toml"] group = [ { id = "paketo-buildpacks/test-1", version="test-version-1" }, { id = "paketo-buildpacks/test-2", version="test-version-2" }, -]`), 0644)).To(Succeed()) +]`), 0600)).To(Succeed()) p := carton.PackageDependency{ BuildpackPath: path, @@ -138,7 +138,7 @@ group = [ group = [ { id = "paketocommunity/test-1", version="test-version-1" }, { id = "paketocommunity/test-2", version="test-version-2" }, -]`), 0644)).To(Succeed()) +]`), 0600)).To(Succeed()) p := carton.PackageDependency{ BuildpackPath: path, @@ -161,7 +161,7 @@ group = [ Expect(os.WriteFile(path, []byte(`buildpacks = [ { id = "paketo-buildpacks/test-1", uri = "docker://gcr.io/paketo-buildpacks/test-1:test-version-1" }, { id = "paketo-buildpacks/test-2", uri = "docker://gcr.io/paketo-buildpacks/test-2:test-version-2" }, -]`), 0644)).To(Succeed()) +]`), 0600)).To(Succeed()) p := carton.PackageDependency{ BuilderPath: path, @@ -184,7 +184,7 @@ group = [ Expect(os.WriteFile(path, []byte(`dependencies = [ { uri = "docker://gcr.io/paketo-buildpacks/test-1:test-version-1" }, { uri = "docker://gcr.io/paketo-buildpacks/test-2:test-version-2" }, -]`), 0644)).To(Succeed()) +]`), 0600)).To(Succeed()) p := carton.PackageDependency{ PackagePath: path, @@ -205,7 +205,7 @@ group = [ Expect(os.WriteFile(path, []byte(`dependencies = [ { uri = "docker://docker.io/paketocommunity/test-1:test-version-1" }, { uri = "docker://docker.io/paketocommunity/test-2:test-version-2" }, -]`), 0644)).To(Succeed()) +]`), 0600)).To(Succeed()) p := carton.PackageDependency{ PackagePath: path, @@ -221,5 +221,4 @@ group = [ [[dependencies]] uri = "docker://docker.io/paketocommunity/test-2:test-version-2"`)) }) - } diff --git a/carton/package_test.go b/carton/package_test.go index 3a56d8f..c4a6bff 100644 --- a/carton/package_test.go +++ b/carton/package_test.go @@ -80,8 +80,7 @@ include-files = [ "test-include-files", "buildpack.toml", ] -`), 0644)).To(Succeed()) - +`), 0600)).To(Succeed()) }) it.After(func() { @@ -196,7 +195,7 @@ include-files = [ "test-include-files", "buildpack.toml", ] -`), 0644)).To(Succeed()) +`), 0600)).To(Succeed()) }) it("includes all dependencies", func() { @@ -354,8 +353,7 @@ include-files = [ "test-include-files", "extension.toml", ] -`), 0644)).To(Succeed()) - +`), 0600)).To(Succeed()) }) it.After(func() { @@ -470,7 +468,7 @@ include-files = [ "test-include-files", "extension.toml", ] -`), 0644)).To(Succeed()) +`), 0600)).To(Succeed()) }) it("includes all dependencies", func() { @@ -593,5 +591,4 @@ include-files = [ }) }) }) - } diff --git a/crush/crush.go b/crush/crush.go index e666c1c..59677a5 100644 --- a/crush/crush.go +++ b/crush/crush.go @@ -151,14 +151,6 @@ func Extract(source io.Reader, destination string, stripComponents int) error { return nil } -// ExtractTar extracts source TAR file to a destination directory. An arbitrary number of top-level directory -// components can be stripped from each path. -// -// Deprecated: use Extract instead -func ExtractTar(source io.Reader, destination string, stripComponents int) error { - return extractTar(source, destination, stripComponents) -} - func extractTar(source io.Reader, destination string, stripComponents int) error { t := tar.NewReader(source) @@ -180,61 +172,22 @@ func extractTar(source io.Reader, destination string, stripComponents int) error if err := os.MkdirAll(target, 0755); err != nil { return fmt.Errorf("unable to make directory %s\n%w", target, err) } - } else if info.Mode()&os.ModeSymlink != 0 { + continue + } + + if info.Mode()&os.ModeSymlink != 0 { if err := writeSymlink(f.Linkname, target); err != nil { return err } - } else { - if err := writeFile(t, target, info.Mode()); err != nil { - return err - } + continue } - } - - return nil -} - -// ExtractTarBz2 extracts source BZIP2'd TAR file to a destination directory. An arbitrary number of top-level -// directory components can be stripped from each path. -// -// Deprecated: use Extract instead -func ExtractTarBz2(source io.Reader, destination string, stripComponents int) error { - return ExtractTar(bzip2.NewReader(source), destination, stripComponents) -} -// ExtractTarGz extracts source GZIP'd TAR file to a destination directory. An arbitrary number of top-level directory -// components can be stripped from each path. -// -// Deprecated: use Extract instead -func ExtractTarGz(source io.Reader, destination string, stripComponents int) error { - gz, err := gzip.NewReader(source) - if err != nil { - return fmt.Errorf("unable to create GZIP reader\n%w", err) - } - defer gz.Close() - - return ExtractTar(gz, destination, stripComponents) -} - -// ExtractTarXz extracts source XZ'd TAR file to a destination directory. An arbitrary number of top-level directory -// components can be stripped from each path. -// -// Deprecated: use Extract instead -func ExtractTarXz(source io.Reader, destination string, stripComponents int) error { - xz, err := xz.NewReader(source, 0) - if err != nil { - return fmt.Errorf("unable to create XZ reader\n%w", err) + if err := writeFile(t, target, info.Mode()); err != nil { + return err + } } - return ExtractTar(xz, destination, stripComponents) -} - -// ExtractZip extracts source ZIP file to a destination directory. An arbitrary number of top-level directory -// components can be stripped from each path. -// -// Deprecated: use Extract instead -func ExtractZip(source io.Reader, destination string, stripComponents int) error { - return extractZip(source, destination, stripComponents) + return nil } func extractZip(source io.Reader, destination string, stripComponents int) error { diff --git a/crush/crush_test.go b/crush/crush_test.go index b0b24c5..5c1f001 100644 --- a/crush/crush_test.go +++ b/crush/crush_test.go @@ -43,6 +43,7 @@ func testCrush(t *testing.T, context spec.G, it spec.S) { out *os.File testPath string ) + it.Before(func() { var err error @@ -59,10 +60,10 @@ func testCrush(t *testing.T, context spec.G, it spec.S) { }) it("writes a TAR", func() { - Expect(os.WriteFile(filepath.Join(path, "fileA.txt"), []byte(""), 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "fileA.txt"), []byte(""), 0600)).To(Succeed()) Expect(os.MkdirAll(filepath.Join(path, "dirA"), 0755)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(path, "dirA", "fileB.txt"), []byte(""), 0644)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(path, "dirA", "fileC.txt"), []byte(""), 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "dirA", "fileB.txt"), []byte(""), 0600)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "dirA", "fileC.txt"), []byte(""), 0600)).To(Succeed()) Expect(os.Symlink(filepath.Join(path, "dirA", "fileC.txt"), filepath.Join(path, "dirA", "fileD.txt"))).To(Succeed()) Expect(crush.CreateTar(out, path)).To(Succeed()) @@ -70,7 +71,7 @@ func testCrush(t *testing.T, context spec.G, it spec.S) { in, err := os.Open(out.Name()) Expect(err).NotTo(HaveOccurred()) - Expect(crush.ExtractTar(in, testPath, 0)).To(Succeed()) + Expect(crush.Extract(in, testPath, 0)).To(Succeed()) Expect(filepath.Join(testPath, "fileA.txt")).To(BeARegularFile()) Expect(filepath.Join(testPath, "dirA", "fileB.txt")).To(BeARegularFile()) Expect(filepath.Join(testPath, "dirA", "fileC.txt")).To(BeARegularFile()) @@ -78,10 +79,10 @@ func testCrush(t *testing.T, context spec.G, it spec.S) { }) it("writes a TAR.GZ", func() { - Expect(os.WriteFile(filepath.Join(path, "fileA.txt"), []byte(""), 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "fileA.txt"), []byte(""), 0600)).To(Succeed()) Expect(os.MkdirAll(filepath.Join(path, "dirA"), 0755)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(path, "dirA", "fileB.txt"), []byte(""), 0644)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(path, "dirA", "fileC.txt"), []byte(""), 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "dirA", "fileB.txt"), []byte(""), 0600)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "dirA", "fileC.txt"), []byte(""), 0600)).To(Succeed()) Expect(os.Symlink(filepath.Join(path, "dirA", "fileC.txt"), filepath.Join(path, "dirA", "fileD.txt"))).To(Succeed()) Expect(crush.CreateTarGz(out, path)).To(Succeed()) @@ -89,7 +90,7 @@ func testCrush(t *testing.T, context spec.G, it spec.S) { in, err := os.Open(out.Name()) Expect(err).NotTo(HaveOccurred()) - Expect(crush.ExtractTarGz(in, testPath, 0)).To(Succeed()) + Expect(crush.Extract(in, testPath, 0)).To(Succeed()) Expect(filepath.Join(testPath, "fileA.txt")).To(BeARegularFile()) Expect(filepath.Join(testPath, "dirA", "fileB.txt")).To(BeARegularFile()) Expect(filepath.Join(testPath, "dirA", "fileC.txt")).To(BeARegularFile()) @@ -108,7 +109,7 @@ func testCrush(t *testing.T, context spec.G, it spec.S) { Expect(in.Close()).NotTo(HaveOccurred()) }) - context("ExtractTar", func() { + context("Tar", func() { it.Before(func() { var err error in, err = os.Open(filepath.Join("testdata", "test-archive.tar")) @@ -116,62 +117,62 @@ func testCrush(t *testing.T, context spec.G, it spec.S) { }) it("extracts the archive", func() { - Expect(crush.ExtractTar(in, path, 0)).To(Succeed()) + Expect(crush.Extract(in, path, 0)).To(Succeed()) Expect(filepath.Join(path, "fileA.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "dirA", "fileB.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "dirA", "fileC.txt")).To(BeARegularFile()) }) it("skips stripped components", func() { - Expect(crush.ExtractTar(in, path, 1)).To(Succeed()) + Expect(crush.Extract(in, path, 1)).To(Succeed()) Expect(filepath.Join(path, "fileB.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "fileC.txt")).To(BeARegularFile()) }) }) - context("ExtractTarBz2", func() { + context("TarGZ", func() { it.Before(func() { var err error - in, err = os.Open(filepath.Join("testdata", "test-archive.tar.bz2")) + in, err = os.Open(filepath.Join("testdata", "test-archive.tar.gz")) Expect(err).NotTo(HaveOccurred()) }) it("extracts the archive", func() { - Expect(crush.ExtractTarBz2(in, path, 0)).To(Succeed()) + Expect(crush.Extract(in, path, 0)).To(Succeed()) Expect(filepath.Join(path, "fileA.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "dirA", "fileB.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "dirA", "fileC.txt")).To(BeARegularFile()) }) it("skips stripped components", func() { - Expect(crush.ExtractTarBz2(in, path, 1)).To(Succeed()) + Expect(crush.Extract(in, path, 1)).To(Succeed()) Expect(filepath.Join(path, "fileB.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "fileC.txt")).To(BeARegularFile()) }) }) - context("ExtractTarGz", func() { + context("TarBz2", func() { it.Before(func() { var err error - in, err = os.Open(filepath.Join("testdata", "test-archive.tar.gz")) + in, err = os.Open(filepath.Join("testdata", "test-archive.tar.bz2")) Expect(err).NotTo(HaveOccurred()) }) it("extracts the archive", func() { - Expect(crush.ExtractTarGz(in, path, 0)).To(Succeed()) + Expect(crush.Extract(in, path, 0)).To(Succeed()) Expect(filepath.Join(path, "fileA.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "dirA", "fileB.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "dirA", "fileC.txt")).To(BeARegularFile()) }) it("skips stripped components", func() { - Expect(crush.ExtractTarGz(in, path, 1)).To(Succeed()) + Expect(crush.Extract(in, path, 1)).To(Succeed()) Expect(filepath.Join(path, "fileB.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "fileC.txt")).To(BeARegularFile()) }) }) - context("ExtractTarXZ", func() { + context("TarXZ", func() { it.Before(func() { var err error in, err = os.Open(filepath.Join("testdata", "test-archive.tar.xz")) @@ -179,20 +180,20 @@ func testCrush(t *testing.T, context spec.G, it spec.S) { }) it("extracts the archive", func() { - Expect(crush.ExtractTarXz(in, path, 0)).To(Succeed()) + Expect(crush.Extract(in, path, 0)).To(Succeed()) Expect(filepath.Join(path, "fileA.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "dirA", "fileB.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "dirA", "fileC.txt")).To(BeARegularFile()) }) it("skips stripped components", func() { - Expect(crush.ExtractTarXz(in, path, 1)).To(Succeed()) + Expect(crush.Extract(in, path, 1)).To(Succeed()) Expect(filepath.Join(path, "fileB.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "fileC.txt")).To(BeARegularFile()) }) }) - context("ExtractZip", func() { + context("Zip", func() { it.Before(func() { var err error in, err = os.Open(filepath.Join("testdata", "test-archive.zip")) @@ -200,173 +201,66 @@ func testCrush(t *testing.T, context spec.G, it spec.S) { }) it("extracts the archive", func() { - Expect(crush.ExtractZip(in, path, 0)).To(Succeed()) + Expect(crush.Extract(in, path, 0)).To(Succeed()) Expect(filepath.Join(path, "fileA.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "dirA", "fileB.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "dirA", "fileC.txt")).To(BeARegularFile()) }) it("skips stripped components", func() { - Expect(crush.ExtractZip(in, path, 1)).To(Succeed()) + Expect(crush.Extract(in, path, 1)).To(Succeed()) Expect(filepath.Join(path, "fileB.txt")).To(BeARegularFile()) Expect(filepath.Join(path, "fileC.txt")).To(BeARegularFile()) }) }) - context("Extract", func() { - context("Tar", func() { - it.Before(func() { - var err error - in, err = os.Open(filepath.Join("testdata", "test-archive.tar")) - Expect(err).NotTo(HaveOccurred()) - }) - - it("extracts the archive", func() { - Expect(crush.Extract(in, path, 0)).To(Succeed()) - Expect(filepath.Join(path, "fileA.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "dirA", "fileB.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "dirA", "fileC.txt")).To(BeARegularFile()) - }) - - it("skips stripped components", func() { - Expect(crush.Extract(in, path, 1)).To(Succeed()) - Expect(filepath.Join(path, "fileB.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "fileC.txt")).To(BeARegularFile()) - }) + context("Tar", func() { + it.Before(func() { + var err error + in, err = os.Open(filepath.Join("testdata", "test-archive.tar")) + Expect(err).NotTo(HaveOccurred()) }) - context("TarGZ", func() { - it.Before(func() { - var err error - in, err = os.Open(filepath.Join("testdata", "test-archive.tar.gz")) - Expect(err).NotTo(HaveOccurred()) - }) - - it("extracts the archive", func() { - Expect(crush.Extract(in, path, 0)).To(Succeed()) - Expect(filepath.Join(path, "fileA.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "dirA", "fileB.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "dirA", "fileC.txt")).To(BeARegularFile()) - }) - - it("skips stripped components", func() { - Expect(crush.Extract(in, path, 1)).To(Succeed()) - Expect(filepath.Join(path, "fileB.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "fileC.txt")).To(BeARegularFile()) - }) + it("extracts the archive", func() { + Expect(crush.Extract(in, path, 0)).To(Succeed()) + Expect(filepath.Join(path, "fileA.txt")).To(BeARegularFile()) + Expect(filepath.Join(path, "dirA", "fileB.txt")).To(BeARegularFile()) + Expect(filepath.Join(path, "dirA", "fileC.txt")).To(BeARegularFile()) }) - context("TarBz2", func() { - it.Before(func() { - var err error - in, err = os.Open(filepath.Join("testdata", "test-archive.tar.bz2")) - Expect(err).NotTo(HaveOccurred()) - }) - - it("extracts the archive", func() { - Expect(crush.Extract(in, path, 0)).To(Succeed()) - Expect(filepath.Join(path, "fileA.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "dirA", "fileB.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "dirA", "fileC.txt")).To(BeARegularFile()) - }) - - it("skips stripped components", func() { - Expect(crush.Extract(in, path, 1)).To(Succeed()) - Expect(filepath.Join(path, "fileB.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "fileC.txt")).To(BeARegularFile()) - }) + it("skips stripped components", func() { + Expect(crush.Extract(in, path, 1)).To(Succeed()) + Expect(filepath.Join(path, "fileB.txt")).To(BeARegularFile()) + Expect(filepath.Join(path, "fileC.txt")).To(BeARegularFile()) }) + }) - context("TarXZ", func() { - it.Before(func() { - var err error - in, err = os.Open(filepath.Join("testdata", "test-archive.tar.xz")) - Expect(err).NotTo(HaveOccurred()) - }) - - it("extracts the archive", func() { - Expect(crush.Extract(in, path, 0)).To(Succeed()) - Expect(filepath.Join(path, "fileA.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "dirA", "fileB.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "dirA", "fileC.txt")).To(BeARegularFile()) - }) - - it("skips stripped components", func() { - Expect(crush.Extract(in, path, 1)).To(Succeed()) - Expect(filepath.Join(path, "fileB.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "fileC.txt")).To(BeARegularFile()) - }) - }) + context("compression only", func() { + it("decompresses gzip", func() { + var err error + in, err = os.Open(filepath.Join("testdata", "test-compress.gz")) + Expect(err).NotTo(HaveOccurred()) - context("Zip", func() { - it.Before(func() { - var err error - in, err = os.Open(filepath.Join("testdata", "test-archive.zip")) - Expect(err).NotTo(HaveOccurred()) - }) - - it("extracts the archive", func() { - Expect(crush.Extract(in, path, 0)).To(Succeed()) - Expect(filepath.Join(path, "fileA.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "dirA", "fileB.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "dirA", "fileC.txt")).To(BeARegularFile()) - }) - - it("skips stripped components", func() { - Expect(crush.Extract(in, path, 1)).To(Succeed()) - Expect(filepath.Join(path, "fileB.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "fileC.txt")).To(BeARegularFile()) - }) + Expect(crush.Extract(in, filepath.Join(path, "test-compress"), 0)).To(Succeed()) + Expect(filepath.Join(path, "test-compress")).To(BeARegularFile()) }) - context("Tar", func() { - it.Before(func() { - var err error - in, err = os.Open(filepath.Join("testdata", "test-archive.tar")) - Expect(err).NotTo(HaveOccurred()) - }) - - it("extracts the archive", func() { - Expect(crush.Extract(in, path, 0)).To(Succeed()) - Expect(filepath.Join(path, "fileA.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "dirA", "fileB.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "dirA", "fileC.txt")).To(BeARegularFile()) - }) - - it("skips stripped components", func() { - Expect(crush.Extract(in, path, 1)).To(Succeed()) - Expect(filepath.Join(path, "fileB.txt")).To(BeARegularFile()) - Expect(filepath.Join(path, "fileC.txt")).To(BeARegularFile()) - }) + it("decompresses xz", func() { + var err error + in, err = os.Open(filepath.Join("testdata", "test-compress.xz")) + Expect(err).NotTo(HaveOccurred()) + + Expect(crush.Extract(in, filepath.Join(path, "test-compress"), 0)).To(Succeed()) + Expect(filepath.Join(path, "test-compress")).To(BeARegularFile()) }) - context("compression only", func() { - it("decompresses gzip", func() { - var err error - in, err = os.Open(filepath.Join("testdata", "test-compress.gz")) - Expect(err).NotTo(HaveOccurred()) - - Expect(crush.Extract(in, filepath.Join(path, "test-compress"), 0)).To(Succeed()) - Expect(filepath.Join(path, "test-compress")).To(BeARegularFile()) - }) - - it("decompresses xz", func() { - var err error - in, err = os.Open(filepath.Join("testdata", "test-compress.xz")) - Expect(err).NotTo(HaveOccurred()) - - Expect(crush.Extract(in, filepath.Join(path, "test-compress"), 0)).To(Succeed()) - Expect(filepath.Join(path, "test-compress")).To(BeARegularFile()) - }) - - it("decompresses bz2", func() { - var err error - in, err = os.Open(filepath.Join("testdata", "test-compress.bz2")) - Expect(err).NotTo(HaveOccurred()) - - Expect(crush.Extract(in, filepath.Join(path, "test-compress"), 0)).To(Succeed()) - Expect(filepath.Join(path, "test-compress")).To(BeARegularFile()) - }) + it("decompresses bz2", func() { + var err error + in, err = os.Open(filepath.Join("testdata", "test-compress.bz2")) + Expect(err).NotTo(HaveOccurred()) + + Expect(crush.Extract(in, filepath.Join(path, "test-compress"), 0)).To(Succeed()) + Expect(filepath.Join(path, "test-compress")).To(BeARegularFile()) }) }) }) diff --git a/dependency_cache.go b/dependency_cache.go index d51db31..4df16c7 100644 --- a/dependency_cache.go +++ b/dependency_cache.go @@ -38,7 +38,7 @@ import ( "github.com/paketo-buildpacks/libpak/v2/sherpa" ) -type HttpClientTimeouts struct { +type HTTPClientTimeouts struct { DialerTimeout time.Duration DialerKeepAlive time.Duration TLSHandshakeTimeout time.Duration @@ -65,7 +65,7 @@ type DependencyCache struct { Mappings map[string]string // httpClientTimeouts contains the timeout values used by HTTP client - HttpClientTimeouts HttpClientTimeouts + HTTPClientTimeouts HTTPClientTimeouts } // NewDependencyCache creates a new instance setting the default cache path (/dependencies) and user @@ -84,16 +84,16 @@ func NewDependencyCache(buildModuleID string, buildModuleVersion string, buildMo } cache.Mappings = mappings - clientTimeouts, err := customizeHttpClientTimeouts() + clientTimeouts, err := customizeHTTPClientTimeouts() if err != nil { return DependencyCache{}, fmt.Errorf("unable to read custom timeout settings\n%w", err) } - cache.HttpClientTimeouts = *clientTimeouts + cache.HTTPClientTimeouts = *clientTimeouts return cache, nil } -func customizeHttpClientTimeouts() (*HttpClientTimeouts, error) { +func customizeHTTPClientTimeouts() (*HTTPClientTimeouts, error) { rawStr := sherpa.GetEnvWithDefault("BP_DIALER_TIMEOUT", "6") dialerTimeout, err := strconv.Atoi(rawStr) if err != nil { @@ -124,7 +124,7 @@ func customizeHttpClientTimeouts() (*HttpClientTimeouts, error) { return nil, fmt.Errorf("unable to convert BP_EXPECT_CONTINUE_TIMEOUT=%s to integer\n%w", rawStr, err) } - return &HttpClientTimeouts{ + return &HTTPClientTimeouts{ DialerTimeout: time.Duration(dialerTimeout) * time.Second, DialerKeepAlive: time.Duration(dialerKeepAlive) * time.Second, TLSHandshakeTimeout: time.Duration(tlsHandshakeTimeout) * time.Second, @@ -250,7 +250,7 @@ func (d DependencyCache) download(uri string, destination string, mods ...Reques return d.downloadFile(url.Path, destination) } - return d.downloadHttp(uri, destination, mods...) + return d.downloadHTTP(uri, destination, mods...) } func (d DependencyCache) downloadFile(source string, destination string) error { @@ -258,7 +258,7 @@ func (d DependencyCache) downloadFile(source string, destination string) error { return fmt.Errorf("unable to make directory %s\n%w", filepath.Dir(destination), err) } - out, err := os.OpenFile(destination, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0644) + out, err := os.OpenFile(destination, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0600) if err != nil { return fmt.Errorf("unable to open destination file %s\n%w", destination, err) } @@ -277,7 +277,7 @@ func (d DependencyCache) downloadFile(source string, destination string) error { return nil } -func (d DependencyCache) downloadHttp(uri string, destination string, mods ...RequestModifierFunc) error { +func (d DependencyCache) downloadHTTP(uri string, destination string, mods ...RequestModifierFunc) error { req, err := http.NewRequest("GET", uri, nil) if err != nil { return fmt.Errorf("unable to create new GET request for %s\n%w", uri, err) @@ -297,12 +297,12 @@ func (d DependencyCache) downloadHttp(uri string, destination string, mods ...Re client := http.Client{ Transport: &http.Transport{ Dial: (&net.Dialer{ - Timeout: d.HttpClientTimeouts.DialerTimeout, - KeepAlive: d.HttpClientTimeouts.DialerKeepAlive, + Timeout: d.HTTPClientTimeouts.DialerTimeout, + KeepAlive: d.HTTPClientTimeouts.DialerKeepAlive, }).Dial, - TLSHandshakeTimeout: d.HttpClientTimeouts.TLSHandshakeTimeout, - ResponseHeaderTimeout: d.HttpClientTimeouts.ResponseHeaderTimeout, - ExpectContinueTimeout: d.HttpClientTimeouts.ExpectContinueTimeout, + TLSHandshakeTimeout: d.HTTPClientTimeouts.TLSHandshakeTimeout, + ResponseHeaderTimeout: d.HTTPClientTimeouts.ResponseHeaderTimeout, + ExpectContinueTimeout: d.HTTPClientTimeouts.ExpectContinueTimeout, Proxy: http.ProxyFromEnvironment, }, } @@ -320,7 +320,7 @@ func (d DependencyCache) downloadHttp(uri string, destination string, mods ...Re return fmt.Errorf("unable to make directory %s\n%w", filepath.Dir(destination), err) } - out, err := os.OpenFile(destination, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0644) + out, err := os.OpenFile(destination, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0600) if err != nil { return fmt.Errorf("unable to open file %s\n%w", destination, err) } diff --git a/dependency_cache_test.go b/dependency_cache_test.go index 697ddc0..d8785bc 100644 --- a/dependency_cache_test.go +++ b/dependency_cache_test.go @@ -58,7 +58,7 @@ func testDependencyCache(t *testing.T, context spec.G, it spec.S) { it("set default CachePath and UserAgent", func() { dependencyCache, err := libpak.NewDependencyCache(ctx.Buildpack.Info.ID, ctx.Buildpack.Info.Version, ctx.Buildpack.Path, ctx.Platform.Bindings, log.NewDiscardLogger()) Expect(err).NotTo(HaveOccurred()) - Expect(dependencyCache.CachePath).To(Equal(filepath.Join("some/path/dependencies"))) + Expect(dependencyCache.CachePath).To(Equal("some/path/dependencies")) Expect(dependencyCache.UserAgent).To(Equal("some-buildpack-id/some-buildpack-version")) Expect(dependencyCache.Mappings).To(Equal(map[string]string{})) }) @@ -66,11 +66,11 @@ func testDependencyCache(t *testing.T, context spec.G, it spec.S) { it("uses default timeout values", func() { dependencyCache, err := libpak.NewDependencyCache(ctx.Buildpack.Info.ID, ctx.Buildpack.Info.Version, ctx.Buildpack.Path, ctx.Platform.Bindings, log.NewDiscardLogger()) Expect(err).NotTo(HaveOccurred()) - Expect(dependencyCache.HttpClientTimeouts.DialerTimeout).To(Equal(6 * time.Second)) - Expect(dependencyCache.HttpClientTimeouts.DialerKeepAlive).To(Equal(60 * time.Second)) - Expect(dependencyCache.HttpClientTimeouts.TLSHandshakeTimeout).To(Equal(5 * time.Second)) - Expect(dependencyCache.HttpClientTimeouts.ResponseHeaderTimeout).To(Equal(5 * time.Second)) - Expect(dependencyCache.HttpClientTimeouts.ExpectContinueTimeout).To(Equal(1 * time.Second)) + Expect(dependencyCache.HTTPClientTimeouts.DialerTimeout).To(Equal(6 * time.Second)) + Expect(dependencyCache.HTTPClientTimeouts.DialerKeepAlive).To(Equal(60 * time.Second)) + Expect(dependencyCache.HTTPClientTimeouts.TLSHandshakeTimeout).To(Equal(5 * time.Second)) + Expect(dependencyCache.HTTPClientTimeouts.ResponseHeaderTimeout).To(Equal(5 * time.Second)) + Expect(dependencyCache.HTTPClientTimeouts.ExpectContinueTimeout).To(Equal(1 * time.Second)) }) context("custom timeout setttings", func() { @@ -85,11 +85,11 @@ func testDependencyCache(t *testing.T, context spec.G, it spec.S) { it("uses custom timeout values", func() { dependencyCache, err := libpak.NewDependencyCache(ctx.Buildpack.Info.ID, ctx.Buildpack.Info.Version, ctx.Buildpack.Path, ctx.Platform.Bindings, log.NewDiscardLogger()) Expect(err).NotTo(HaveOccurred()) - Expect(dependencyCache.HttpClientTimeouts.DialerTimeout).To(Equal(7 * time.Second)) - Expect(dependencyCache.HttpClientTimeouts.DialerKeepAlive).To(Equal(50 * time.Second)) - Expect(dependencyCache.HttpClientTimeouts.TLSHandshakeTimeout).To(Equal(2 * time.Second)) - Expect(dependencyCache.HttpClientTimeouts.ResponseHeaderTimeout).To(Equal(3 * time.Second)) - Expect(dependencyCache.HttpClientTimeouts.ExpectContinueTimeout).To(Equal(2 * time.Second)) + Expect(dependencyCache.HTTPClientTimeouts.DialerTimeout).To(Equal(7 * time.Second)) + Expect(dependencyCache.HTTPClientTimeouts.DialerKeepAlive).To(Equal(50 * time.Second)) + Expect(dependencyCache.HTTPClientTimeouts.TLSHandshakeTimeout).To(Equal(2 * time.Second)) + Expect(dependencyCache.HTTPClientTimeouts.ResponseHeaderTimeout).To(Equal(3 * time.Second)) + Expect(dependencyCache.HTTPClientTimeouts.ExpectContinueTimeout).To(Equal(2 * time.Second)) }) }) @@ -209,7 +209,7 @@ func testDependencyCache(t *testing.T, context spec.G, it spec.S) { defer in.Close() Expect(os.MkdirAll(filepath.Dir(destination), 0755)).To(Succeed()) - out, err := os.OpenFile(destination, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0644) + out, err := os.OpenFile(destination, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0600) Expect(err).NotTo(HaveOccurred()) defer out.Close() @@ -219,7 +219,7 @@ func testDependencyCache(t *testing.T, context spec.G, it spec.S) { writeTOML := func(destination string, v interface{}) { Expect(os.MkdirAll(filepath.Dir(destination), 0755)).To(Succeed()) - out, err := os.OpenFile(destination, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0644) + out, err := os.OpenFile(destination, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0600) Expect(err).NotTo(HaveOccurred()) defer out.Close() @@ -304,7 +304,7 @@ func testDependencyCache(t *testing.T, context spec.G, it spec.S) { it.Before(func() { sourcePath := t.TempDir() sourceFile := filepath.Join(sourcePath, "source-file") - Expect(os.WriteFile(sourceFile, []byte("test-fixture"), 0644)).ToNot(HaveOccurred()) + Expect(os.WriteFile(sourceFile, []byte("test-fixture"), 0600)).ToNot(HaveOccurred()) dependencyCache.Mappings = map[string]string{ dependency.SHA256: fmt.Sprintf("file://%s", sourceFile), diff --git a/detect_test.go b/detect_test.go index 4f23925..5b8de18 100644 --- a/detect_test.go +++ b/detect_test.go @@ -32,7 +32,7 @@ import ( "github.com/paketo-buildpacks/libpak/v2/log" ) -func testDetect(t *testing.T, context spec.G, it spec.S) { +func testDetect(t *testing.T, _ spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect @@ -122,9 +122,9 @@ api = "0.8" [buildpack] name = "test-name" version = "test-version"`), - 0644)).To(Succeed()) + 0600)).To(Succeed()) - libpak.Detect(func(ctx libcnb.DetectContext) (libcnb.DetectResult, error) { + libpak.Detect(func(_ libcnb.DetectContext) (libcnb.DetectResult, error) { return libcnb.DetectResult{}, fmt.Errorf("test-error") }, libcnb.WithArguments([]string{commandPath, platformPath, buildPlanPath}), diff --git a/effect/executor.go b/effect/executor.go index f6d620c..f0e33e5 100644 --- a/effect/executor.go +++ b/effect/executor.go @@ -59,6 +59,7 @@ type Executor interface { type CommandExecutor struct{} func (CommandExecutor) Execute(execution Execution) error { + // #nosec G204 -- this is a generic executor so this cannot apply cmd := exec.Command(execution.Command, execution.Args...) if execution.Dir != "" { diff --git a/effect/executor_unix.go b/effect/executor_unix.go index 8db28c0..05e87aa 100644 --- a/effect/executor_unix.go +++ b/effect/executor_unix.go @@ -33,6 +33,7 @@ import ( type TTYExecutor struct{} func (t TTYExecutor) Execute(execution Execution) error { + // #nosec G204 -- this is a generic executor so this cannot apply cmd := exec.Command(execution.Command, execution.Args...) if execution.Dir != "" { diff --git a/formatter_test.go b/formatter_test.go index e13a2c3..0701f7e 100644 --- a/formatter_test.go +++ b/formatter_test.go @@ -20,8 +20,9 @@ import ( "testing" . "github.com/onsi/gomega" - "github.com/paketo-buildpacks/libpak/v2" "github.com/sclevine/spec" + + "github.com/paketo-buildpacks/libpak/v2" ) func testFormatter(t *testing.T, context spec.G, it spec.S) { @@ -30,7 +31,6 @@ func testFormatter(t *testing.T, context spec.G, it spec.S) { ) context("DependenciesFormatter", func() { - it("formats contents", func() { deps := []libpak.BuildModuleDependency{ { @@ -48,6 +48,5 @@ func testFormatter(t *testing.T, context spec.G, it spec.S) { Expect(libpak.DependenciesFormatter(deps).String()). To(Equal("[(test-id-1, 1.1.1, [test-stack-1]) (test-id-2, 2.2.2, [test-stack-2])]")) }) - }) } diff --git a/generate_test.go b/generate_test.go index c201e80..3b5128a 100644 --- a/generate_test.go +++ b/generate_test.go @@ -32,7 +32,7 @@ import ( "github.com/paketo-buildpacks/libpak/v2/log" ) -func testGenerate(t *testing.T, context spec.G, it spec.S) { +func testGenerate(t *testing.T, _ spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect @@ -119,9 +119,9 @@ api = "0.8" [extension] name = "test-name" version = "test-version"`), - 0644)).To(Succeed()) + 0600)).To(Succeed()) - libpak.Generate(func(ctx libcnb.GenerateContext) (libcnb.GenerateResult, error) { + libpak.Generate(func(_ libcnb.GenerateContext) (libcnb.GenerateResult, error) { return libcnb.GenerateResult{}, fmt.Errorf("test-error") }, libcnb.WithArguments([]string{commandPath, platformPath, buildPlanPath}), diff --git a/golangci.yaml b/golangci.yaml index c3cccc4..192d247 100644 --- a/golangci.yaml +++ b/golangci.yaml @@ -7,22 +7,26 @@ linters: - bodyclose - dogsled - copyloopvar -# - gocritic -# - goimports -# - gosec + - gocritic + - goimports + - gosec - gosimple - govet - ineffassign - misspell - nakedret -# - revive -# - staticcheck -# - stylecheck -# - typecheck + - revive + - staticcheck + - stylecheck + - typecheck - unconvert - unused -# - whitespace + - whitespace linters-settings: + revive: + rules: + - name: dot-imports + disabled: true goimports: - local-prefixes: github.com/buildpacks/libcnb/v2 + local-prefixes: github.com/paketo-buildpacks/libpak/v2 diff --git a/internal/entry_writer_test.go b/internal/entry_writer_test.go index 9439fdd..1ca41ac 100644 --- a/internal/entry_writer_test.go +++ b/internal/entry_writer_test.go @@ -101,5 +101,4 @@ func testEntryWriter(t *testing.T, context spec.G, it spec.S) { Expect(os.Readlink(destination)).To(Equal(source)) }) }) - } diff --git a/internal/environment_writer.go b/internal/environment_writer.go index 68041d6..479c3d5 100644 --- a/internal/environment_writer.go +++ b/internal/environment_writer.go @@ -79,6 +79,7 @@ func (w EnvironmentWriter) Write(path string, environment map[string]string) err return fmt.Errorf("unable to mkdir from key %s\n%w", filepath.Dir(f), err) } + // #nosec G306 - permissions need to be 644 on the environment files if err := os.WriteFile(f, []byte(environment[k]), 0644); err != nil { return fmt.Errorf("unable to write file %s\n%w", f, err) } diff --git a/internal/exit_handler_test.go b/internal/exit_handler_test.go index 62e4549..bd425d9 100644 --- a/internal/exit_handler_test.go +++ b/internal/exit_handler_test.go @@ -29,7 +29,7 @@ import ( "github.com/paketo-buildpacks/libpak/v2/log" ) -func testExitHandler(t *testing.T, context spec.G, it spec.S) { +func testExitHandler(t *testing.T, _ spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect diff --git a/internal/toml_marshal_test.go b/internal/toml_marshal_test.go index e2b487a..1128a9f 100644 --- a/internal/toml_marshal_test.go +++ b/internal/toml_marshal_test.go @@ -5,8 +5,9 @@ import ( "github.com/BurntSushi/toml" . "github.com/onsi/gomega" - "github.com/paketo-buildpacks/libpak/v2/internal" "github.com/sclevine/spec" + + "github.com/paketo-buildpacks/libpak/v2/internal" ) type Stuff struct { @@ -19,7 +20,7 @@ type Stuff struct { BPointer *string } -func testTOMLMarshal(t *testing.T, context spec.G, it spec.S) { +func testTOMLMarshal(t *testing.T, _ spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect ) diff --git a/internal/toml_writer.go b/internal/toml_writer.go index 083e70e..38269a4 100644 --- a/internal/toml_writer.go +++ b/internal/toml_writer.go @@ -26,6 +26,7 @@ import ( "github.com/BurntSushi/toml" "github.com/buildpacks/libcnb/v2" "github.com/heroku/color" + "github.com/paketo-buildpacks/libpak/v2/log" ) @@ -135,6 +136,7 @@ func (t TOMLWriter) Write(path string, value interface{}) error { return fmt.Errorf("unable to mkdir %s\n%w", d, err) } + // #nosec G304 - permissions need to be 644 on buildpack toml files file, err := os.OpenFile(path, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0644) if err != nil { return fmt.Errorf("unable to open file %s\n%w", path, err) diff --git a/internal/toml_writer_test.go b/internal/toml_writer_test.go index 9c7b134..0c744b6 100644 --- a/internal/toml_writer_test.go +++ b/internal/toml_writer_test.go @@ -107,7 +107,6 @@ other-field = "other-value"`)) }) context("[]libcnb.Process", func() { - it("aligns process types", func() { err := tomlWriter.Write(path, libcnb.LaunchTOML{ Processes: []libcnb.Process{ @@ -137,7 +136,6 @@ other-field = "other-value"`)) `, color.CyanString("test-type")))) }) - }) it("logs libcnb.Store", func() { diff --git a/layer_test.go b/layer_test.go index 315ef6d..b46458d 100644 --- a/layer_test.go +++ b/layer_test.go @@ -70,7 +70,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { it("calls function with no existing metadata", func() { var called bool - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { called = true return nil }) @@ -80,12 +80,11 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { }) it("calls function with non-matching metadata", func() { - layer.Metadata["alpha"] = "test-alpha" var called bool - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { called = true return nil }) @@ -109,11 +108,11 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { }) it("calls function with matching metadata but no layer directory on cache layer", func() { - Expect(os.WriteFile(fmt.Sprintf("%s.toml", layer.Path), []byte{}, 0644)).To(Succeed()) + Expect(os.WriteFile(fmt.Sprintf("%s.toml", layer.Path), []byte{}, 0600)).To(Succeed()) Expect(os.RemoveAll(layer.Path)).To(Succeed()) lc.ExpectedTypes.Cache = true - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { called = true return nil }) @@ -123,11 +122,11 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { }) it("calls function with matching metadata but no layer directory on build layer", func() { - Expect(os.WriteFile(fmt.Sprintf("%s.toml", layer.Path), []byte{}, 0644)).To(Succeed()) + Expect(os.WriteFile(fmt.Sprintf("%s.toml", layer.Path), []byte{}, 0600)).To(Succeed()) Expect(os.RemoveAll(layer.Path)).To(Succeed()) lc.ExpectedTypes.Build = true - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { called = true return nil }) @@ -137,11 +136,11 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { }) it("calls function with matching metadata but an empty layer directory on build layer", func() { - Expect(os.WriteFile(fmt.Sprintf("%s.toml", layer.Path), []byte{}, 0644)).To(Succeed()) + Expect(os.WriteFile(fmt.Sprintf("%s.toml", layer.Path), []byte{}, 0600)).To(Succeed()) Expect(os.MkdirAll(layer.Path, 0755)).To(Succeed()) lc.ExpectedTypes.Build = true - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { called = true return nil }) @@ -151,12 +150,12 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { }) it("does not call function with matching metadata when layer directory exists and has a file in it", func() { - Expect(os.WriteFile(fmt.Sprintf("%s.toml", layer.Path), []byte{}, 0644)).To(Succeed()) + Expect(os.WriteFile(fmt.Sprintf("%s.toml", layer.Path), []byte{}, 0600)).To(Succeed()) Expect(os.MkdirAll(layer.Path, 0755)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(layer.Path, "foo"), []byte{}, 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(layer.Path, "foo"), []byte{}, 0600)).To(Succeed()) lc.ExpectedTypes.Build = true - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { called = true return nil }) @@ -169,7 +168,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { Expect(os.MkdirAll(layer.Path, 0755)).To(Succeed()) layer.Build = true - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { called = true return nil }) @@ -190,7 +189,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { var called bool - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { called = true return nil }) @@ -200,14 +199,14 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { }) it("returns function error", func() { - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { return fmt.Errorf("test-error") }) Expect(err).To(MatchError("test-error")) }) it("adds expected metadata to layer", func() { - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { return nil }) Expect(err).NotTo(HaveOccurred()) @@ -223,7 +222,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { it("sets build layer flag", func() { lc.ExpectedTypes.Build = true - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { return nil }) Expect(err).NotTo(HaveOccurred()) @@ -233,7 +232,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { it("sets cache layer flag", func() { lc.ExpectedTypes.Cache = true - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { return nil }) Expect(err).NotTo(HaveOccurred()) @@ -243,7 +242,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { it("sets launch layer flag", func() { lc.ExpectedTypes.Launch = true - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { return nil }) Expect(err).NotTo(HaveOccurred()) @@ -266,7 +265,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { var called bool - err := lc.Contribute(layer, func(layer *libcnb.Layer) error { + err := lc.Contribute(layer, func(_ *libcnb.Layer) error { called = true return nil }) @@ -330,7 +329,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { var called bool - err := dlc.Contribute(layer, func(layer *libcnb.Layer, artifact *os.File) error { + err := dlc.Contribute(layer, func(_ *libcnb.Layer, artifact *os.File) error { defer artifact.Close() called = true @@ -352,7 +351,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { return request, nil }) - err := dlc.Contribute(layer, func(layer *libcnb.Layer, artifact *os.File) error { + err := dlc.Contribute(layer, func(_ *libcnb.Layer, artifact *os.File) error { defer artifact.Close() return nil }) @@ -366,7 +365,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { var called bool - err := dlc.Contribute(layer, func(layer *libcnb.Layer, artifact *os.File) error { + err := dlc.Contribute(layer, func(_ *libcnb.Layer, artifact *os.File) error { defer artifact.Close() called = true @@ -398,7 +397,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { var called bool - err := dlc.Contribute(layer, func(layer *libcnb.Layer, artifact *os.File) error { + err := dlc.Contribute(layer, func(_ *libcnb.Layer, artifact *os.File) error { defer artifact.Close() called = true @@ -412,7 +411,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { it("returns function error", func() { server.AppendHandlers(ghttp.RespondWith(http.StatusOK, "test-fixture")) - err := dlc.Contribute(layer, func(layer *libcnb.Layer, artifact *os.File) error { + err := dlc.Contribute(layer, func(_ *libcnb.Layer, artifact *os.File) error { defer artifact.Close() return fmt.Errorf("test-error") @@ -423,7 +422,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { it("adds expected metadata to layer", func() { server.AppendHandlers(ghttp.RespondWith(http.StatusOK, "test-fixture")) - err := dlc.Contribute(layer, func(layer *libcnb.Layer, artifact *os.File) error { + err := dlc.Contribute(layer, func(_ *libcnb.Layer, artifact *os.File) error { defer artifact.Close() return nil }) @@ -472,7 +471,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { var called bool - err := dlc.Contribute(layer, func(layer *libcnb.Layer, artifact *os.File) error { + err := dlc.Contribute(layer, func(_ *libcnb.Layer, artifact *os.File) error { defer artifact.Close() called = true @@ -490,7 +489,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { it("adds expected Syft SBOM file", func() { server.AppendHandlers(ghttp.RespondWith(http.StatusOK, "test-fixture")) - err := dlc.Contribute(layer, func(layer *libcnb.Layer, artifact *os.File) error { + err := dlc.Contribute(layer, func(_ *libcnb.Layer, artifact *os.File) error { defer artifact.Close() return nil }) @@ -529,6 +528,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { Expect(os.MkdirAll(file, 0755)).To(Succeed()) file = filepath.Join(file, "helper") + // #nosec G306 - permissions need to be 755 on the helper as it should be executable Expect(os.WriteFile(file, []byte{}, 0755)).To(Succeed()) hlc = libpak.HelperLayerContributor{ @@ -547,7 +547,7 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { err := hlc.Contribute(layer) Expect(err).NotTo(HaveOccurred()) - Expect(filepath.Join(layer.Exec.FilePath("test-name-1"))).To(BeAnExistingFile()) + Expect(layer.Exec.FilePath("test-name-1")).To(BeAnExistingFile()) }) it("calls function with non-matching metadata", func() { @@ -556,11 +556,11 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { err := hlc.Contribute(layer) Expect(err).NotTo(HaveOccurred()) - file := filepath.Join(layer.Exec.FilePath("test-name-1")) + file := layer.Exec.FilePath("test-name-1") Expect(file).To(BeAnExistingFile()) Expect(os.Readlink(file)).To(Equal(filepath.Join(layer.Path, "helper"))) - file = filepath.Join(layer.Exec.FilePath("test-name-2")) + file = layer.Exec.FilePath("test-name-2") Expect(file).To(BeAnExistingFile()) Expect(os.Readlink(file)).To(Equal(filepath.Join(layer.Path, "helper"))) }) @@ -581,8 +581,8 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { Expect(err).NotTo(HaveOccurred()) - Expect(filepath.Join(layer.Exec.FilePath("test-name-1"))).NotTo(BeAnExistingFile()) - Expect(filepath.Join(layer.Exec.FilePath("test-name-2"))).NotTo(BeAnExistingFile()) + Expect(layer.Exec.FilePath("test-name-1")).NotTo(BeAnExistingFile()) + Expect(layer.Exec.FilePath("test-name-2")).NotTo(BeAnExistingFile()) }) it("adds expected metadata to layer", func() { @@ -617,8 +617,8 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { err := hlc.Contribute(layer) Expect(err).NotTo(HaveOccurred()) - Expect(filepath.Join(layer.Exec.FilePath("test-name-1"))).NotTo(BeAnExistingFile()) - Expect(filepath.Join(layer.Exec.FilePath("test-name-2"))).NotTo(BeAnExistingFile()) + Expect(layer.Exec.FilePath("test-name-1")).NotTo(BeAnExistingFile()) + Expect(layer.Exec.FilePath("test-name-2")).NotTo(BeAnExistingFile()) Expect(layer.LayerTypes.Launch).To(BeTrue()) Expect(layer.LayerTypes.Cache).To(BeFalse()) @@ -631,8 +631,8 @@ func testLayer(t *testing.T, context spec.G, it spec.S) { err := hlc.Contribute(layer) Expect(err).NotTo(HaveOccurred()) - Expect(filepath.Join(layer.Exec.FilePath("test-name-1"))).To(BeAnExistingFile()) - Expect(filepath.Join(layer.Exec.FilePath("test-name-2"))).To(BeAnExistingFile()) + Expect(layer.Exec.FilePath("test-name-1")).To(BeAnExistingFile()) + Expect(layer.Exec.FilePath("test-name-2")).To(BeAnExistingFile()) outputFile := layer.SBOMPath(libcnb.SyftJSON) Expect(outputFile).To(BeARegularFile()) diff --git a/log/formatter_test.go b/log/formatter_test.go index ace344b..1889055 100644 --- a/log/formatter_test.go +++ b/log/formatter_test.go @@ -22,8 +22,9 @@ import ( "github.com/heroku/color" . "github.com/onsi/gomega" - "github.com/paketo-buildpacks/libpak/v2/log" "github.com/sclevine/spec" + + "github.com/paketo-buildpacks/libpak/v2/log" ) func testFormatter(t *testing.T, context spec.G, it spec.S) { @@ -32,7 +33,6 @@ func testFormatter(t *testing.T, context spec.G, it spec.S) { ) context("FormatIdentity", func() { - it("it formats name", func() { Expect(log.FormatIdentity("test-name", "")). To(Equal(color.New(color.Bold).Sprint("test-name"))) @@ -43,5 +43,4 @@ func testFormatter(t *testing.T, context spec.G, it spec.S) { To(Equal(fmt.Sprintf("%s test-description", color.New(color.Bold).Sprint("test-name")))) }) }) - } diff --git a/log/logger.go b/log/logger.go index 218a720..bf05e93 100644 --- a/log/logger.go +++ b/log/logger.go @@ -274,7 +274,7 @@ func (PaketoLogger) print(writer io.Writer, a ...interface{}) { s := fmt.Sprint(a...) if !strings.HasSuffix(s, "\n") { - s = s + "\n" + s += "\n" } _, _ = fmt.Fprint(writer, s) @@ -282,7 +282,7 @@ func (PaketoLogger) print(writer io.Writer, a ...interface{}) { func (PaketoLogger) printf(writer io.Writer, format string, a ...interface{}) { if !strings.HasSuffix(format, "\n") { - format = format + "\n" + format += "\n" } _, _ = fmt.Fprintf(writer, format, a...) diff --git a/log/logger_test.go b/log/logger_test.go index fd35374..e4ee57a 100644 --- a/log/logger_test.go +++ b/log/logger_test.go @@ -23,8 +23,9 @@ import ( "testing" . "github.com/onsi/gomega" - "github.com/paketo-buildpacks/libpak/v2/log" "github.com/sclevine/spec" + + "github.com/paketo-buildpacks/libpak/v2/log" ) func testLogger(t *testing.T, context spec.G, it spec.S) { @@ -51,8 +52,8 @@ func testLogger(t *testing.T, context spec.G, it spec.S) { context("with BP_DEBUG", func() { it.Before(func() { - //libcnb defines BP_DEBUG as enabled if it has _any_ value - //this does not include empty string as previously tested here. + // libcnb defines BP_DEBUG as enabled if it has _any_ value + // this does not include empty string as previously tested here. t.Setenv("BP_DEBUG", "true") l = log.NewPaketoLogger(b) }) diff --git a/log/writer_test.go b/log/writer_test.go index 92b1cbf..30d4adc 100644 --- a/log/writer_test.go +++ b/log/writer_test.go @@ -22,8 +22,9 @@ import ( "github.com/heroku/color" . "github.com/onsi/gomega" - "github.com/paketo-buildpacks/libpak/v2/log" "github.com/sclevine/spec" + + "github.com/paketo-buildpacks/libpak/v2/log" ) func testWriter(t *testing.T, context spec.G, it spec.S) { diff --git a/main.go b/main.go index 56eaf84..3fe8f8a 100644 --- a/main.go +++ b/main.go @@ -18,6 +18,7 @@ package libpak import ( "github.com/buildpacks/libcnb/v2" + "github.com/paketo-buildpacks/libpak/v2/internal" ) diff --git a/main_test.go b/main_test.go index 2095cde..20a9166 100644 --- a/main_test.go +++ b/main_test.go @@ -30,7 +30,7 @@ import ( "github.com/paketo-buildpacks/libpak/v2" ) -func testMain(t *testing.T, context spec.G, it spec.S) { +func testMain(t *testing.T, _ spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect @@ -82,7 +82,7 @@ mixins = ["test-name"] [metadata] test-key = "test-value" `), - 0644), + 0600), ).To(Succeed()) f, err := os.CreateTemp("", "main-buildpackplan-path") @@ -101,7 +101,7 @@ version = "test-version" [entries.metadata] test-key = "test-value" `), - 0644), + 0600), ).To(Succeed()) f, err = os.CreateTemp("", "main-buildplan-path") @@ -128,7 +128,7 @@ test-key = "test-value" [metadata] test-key = "test-value" `), - 0644), + 0600), ).To(Succeed()) platformPath = t.TempDir() @@ -139,17 +139,17 @@ test-key = "test-value" Expect(os.WriteFile( filepath.Join(platformPath, "bindings", "alpha", "metadata", "test-metadata-key"), []byte("test-metadata-value"), - 0644, + 0600, )).To(Succeed()) Expect(os.MkdirAll(filepath.Join(platformPath, "bindings", "alpha", "secret"), 0755)).To(Succeed()) Expect(os.WriteFile( filepath.Join(platformPath, "bindings", "alpha", "secret", "test-secret-key"), []byte("test-secret-value"), - 0644, + 0600, )).To(Succeed()) Expect(os.MkdirAll(filepath.Join(platformPath, "env"), 0755)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(platformPath, "env", "TEST_ENV"), []byte("test-value"), 0644)). + Expect(os.WriteFile(filepath.Join(platformPath, "env", "TEST_ENV"), []byte("test-value"), 0600)). To(Succeed()) tomlWriter = &mocks.TOMLWriter{} @@ -180,10 +180,10 @@ test-key = "test-value" }) it("encounters the wrong number of arguments", func() { - detector := func(context libcnb.DetectContext) (libcnb.DetectResult, error) { + detector := func(_ libcnb.DetectContext) (libcnb.DetectResult, error) { return libcnb.DetectResult{Pass: true}, nil } - builder := func(context libcnb.BuildContext) (libcnb.BuildResult, error) { return libcnb.NewBuildResult(), nil } + builder := func(_ libcnb.BuildContext) (libcnb.BuildResult, error) { return libcnb.NewBuildResult(), nil } libpak.BuildpackMain(detector, builder, libcnb.WithArguments([]string{}), @@ -194,10 +194,10 @@ test-key = "test-value" }) it("calls builder for build command", func() { - detector := func(context libcnb.DetectContext) (libcnb.DetectResult, error) { + detector := func(_ libcnb.DetectContext) (libcnb.DetectResult, error) { return libcnb.DetectResult{Pass: true}, nil } - builder := func(context libcnb.BuildContext) (libcnb.BuildResult, error) { return libcnb.NewBuildResult(), nil } + builder := func(_ libcnb.BuildContext) (libcnb.BuildResult, error) { return libcnb.NewBuildResult(), nil } commandPath := filepath.Join("bin", "build") libpak.BuildpackMain(detector, builder, @@ -209,10 +209,10 @@ test-key = "test-value" }) it("calls detector for detect command", func() { - detector := func(context libcnb.DetectContext) (libcnb.DetectResult, error) { + detector := func(_ libcnb.DetectContext) (libcnb.DetectResult, error) { return libcnb.DetectResult{Pass: true}, nil } - builder := func(context libcnb.BuildContext) (libcnb.BuildResult, error) { return libcnb.NewBuildResult(), nil } + builder := func(_ libcnb.BuildContext) (libcnb.BuildResult, error) { return libcnb.NewBuildResult(), nil } commandPath := filepath.Join("bin", "detect") libpak.BuildpackMain(detector, builder, @@ -222,10 +222,10 @@ test-key = "test-value" }) it("calls exitHandler.Pass() on detection pass", func() { - detector := func(context libcnb.DetectContext) (libcnb.DetectResult, error) { + detector := func(_ libcnb.DetectContext) (libcnb.DetectResult, error) { return libcnb.DetectResult{Pass: true}, nil } - builder := func(context libcnb.BuildContext) (libcnb.BuildResult, error) { return libcnb.NewBuildResult(), nil } + builder := func(_ libcnb.BuildContext) (libcnb.BuildResult, error) { return libcnb.NewBuildResult(), nil } commandPath := filepath.Join("bin", "detect") libpak.BuildpackMain(detector, builder, @@ -237,10 +237,10 @@ test-key = "test-value" }) it("calls exitHandler.Fail() on detection fail", func() { - detector := func(context libcnb.DetectContext) (libcnb.DetectResult, error) { + detector := func(_ libcnb.DetectContext) (libcnb.DetectResult, error) { return libcnb.DetectResult{Pass: false}, nil } - builder := func(context libcnb.BuildContext) (libcnb.BuildResult, error) { return libcnb.NewBuildResult(), nil } + builder := func(_ libcnb.BuildContext) (libcnb.BuildResult, error) { return libcnb.NewBuildResult(), nil } commandPath := filepath.Join("bin", "detect") libpak.BuildpackMain(detector, builder, @@ -252,10 +252,10 @@ test-key = "test-value" }) it("encounters an unknown command", func() { - detector := func(context libcnb.DetectContext) (libcnb.DetectResult, error) { + detector := func(_ libcnb.DetectContext) (libcnb.DetectResult, error) { return libcnb.DetectResult{Pass: true}, nil } - builder := func(context libcnb.BuildContext) (libcnb.BuildResult, error) { return libcnb.NewBuildResult(), nil } + builder := func(_ libcnb.BuildContext) (libcnb.BuildResult, error) { return libcnb.NewBuildResult(), nil } commandPath := filepath.Join("bin", "test-command") libpak.BuildpackMain(detector, builder, @@ -265,5 +265,4 @@ test-key = "test-value" Expect(exitHandler.Calls[0].Arguments.Get(0)).To(MatchError("unsupported command test-command")) }) - } diff --git a/sbom/sbom.go b/sbom/sbom.go index 0d8340e..c278ccd 100644 --- a/sbom/sbom.go +++ b/sbom/sbom.go @@ -7,13 +7,14 @@ import ( "github.com/buildpacks/libcnb/v2" "github.com/mitchellh/hashstructure/v2" + "github.com/paketo-buildpacks/libpak/v2/effect" "github.com/paketo-buildpacks/libpak/v2/log" ) -//go:generate mockery --name SBOMScanner --case=underscore +//go:generate mockery --name Scanner --case=underscore -type SBOMScanner interface { +type Scanner interface { ScanLayer(layer libcnb.Layer, scanDir string, formats ...libcnb.SBOMFormat) error ScanBuild(scanDir string, formats ...libcnb.SBOMFormat) error ScanLaunch(scanDir string, formats ...libcnb.SBOMFormat) error @@ -50,6 +51,7 @@ func (s SyftDependency) WriteTo(path string) error { return fmt.Errorf("unable to marshal to JSON\n%w", err) } + // #nosec G306 - permissions need to be 644 on the sbom file err = os.WriteFile(path, output, 0644) if err != nil { return fmt.Errorf("unable to write to path %s\n%w", path, err) @@ -118,30 +120,24 @@ func NewSyftCLISBOMScanner(layers libcnb.Layers, executor effect.Executor, logge // ScanLayer will use syft CLI to scan the scanDir and write it's output to the layer SBoM file in the given formats func (b SyftCLISBOMScanner) ScanLayer(layer libcnb.Layer, scanDir string, formats ...libcnb.SBOMFormat) error { - return b.scan(func(fmt libcnb.SBOMFormat) string { - return layer.SBOMPath(fmt) - }, scanDir, formats...) + return b.scan(layer.SBOMPath, scanDir, formats...) } // ScanBuild will use syft CLI to scan the scanDir and write it's output to the build SBoM file in the given formats func (b SyftCLISBOMScanner) ScanBuild(scanDir string, formats ...libcnb.SBOMFormat) error { - return b.scan(func(fmt libcnb.SBOMFormat) string { - return b.Layers.BuildSBOMPath(fmt) - }, scanDir, formats...) + return b.scan(b.Layers.BuildSBOMPath, scanDir, formats...) } // ScanLaunch will use syft CLI to scan the scanDir and write it's output to the launch SBoM file in the given formats func (b SyftCLISBOMScanner) ScanLaunch(scanDir string, formats ...libcnb.SBOMFormat) error { - return b.scan(func(fmt libcnb.SBOMFormat) string { - return b.Layers.LaunchSBOMPath(fmt) - }, scanDir, formats...) + return b.scan(b.Layers.LaunchSBOMPath, scanDir, formats...) } func (b SyftCLISBOMScanner) scan(sbomPathCreator func(libcnb.SBOMFormat) string, scanDir string, formats ...libcnb.SBOMFormat) error { args := []string{"scan", "-q"} for _, format := range formats { - args = append(args, "-o", fmt.Sprintf("%s=%s", SBOMFormatToSyftOutputFormat(format), sbomPathCreator(format))) + args = append(args, "-o", fmt.Sprintf("%s=%s", FormatToSyftOutputFormat(format), sbomPathCreator(format))) } args = append(args, fmt.Sprintf("dir:%s", scanDir)) @@ -209,8 +205,8 @@ func loadCycloneDXFile(path string) (map[string]interface{}, error) { return raw, nil } -// SBOMFormatToSyftOutputFormat converts a libcnb.SBOMFormat to the syft matching syft output format string -func SBOMFormatToSyftOutputFormat(format libcnb.SBOMFormat) string { +// FormatToSyftOutputFormat converts a libcnb.SBOMFormat to the syft matching syft output format string +func FormatToSyftOutputFormat(format libcnb.SBOMFormat) string { var formatRaw string switch format { diff --git a/sbom/sbom_test.go b/sbom/sbom_test.go index 8a36130..a4310f2 100644 --- a/sbom/sbom_test.go +++ b/sbom/sbom_test.go @@ -8,12 +8,13 @@ import ( "github.com/buildpacks/libcnb/v2" . "github.com/onsi/gomega" + "github.com/sclevine/spec" + "github.com/stretchr/testify/mock" + "github.com/paketo-buildpacks/libpak/v2/effect" "github.com/paketo-buildpacks/libpak/v2/effect/mocks" "github.com/paketo-buildpacks/libpak/v2/log" "github.com/paketo-buildpacks/libpak/v2/sbom" - "github.com/sclevine/spec" - "github.com/stretchr/testify/mock" ) func testSBOM(t *testing.T, context spec.G, it spec.S) { @@ -23,7 +24,7 @@ func testSBOM(t *testing.T, context spec.G, it spec.S) { layers libcnb.Layers layer libcnb.Layer executor mocks.Executor - scanner sbom.SBOMScanner + scanner sbom.Scanner ) it.Before(func() { @@ -56,8 +57,8 @@ func testSBOM(t *testing.T, context spec.G, it spec.S) { len(e.Args) == 5 && strings.HasPrefix(e.Args[3], "json=") && e.Args[4] == "dir:something" - })).Run(func(args mock.Arguments) { - Expect(os.WriteFile(outputPath, []byte("succeed1"), 0644)).To(Succeed()) + })).Run(func(_ mock.Arguments) { + Expect(os.WriteFile(outputPath, []byte("succeed1"), 0600)).To(Succeed()) }).Return(nil) // uses interface here intentionally, to force that inteface and implementation match @@ -79,7 +80,7 @@ func testSBOM(t *testing.T, context spec.G, it spec.S) { len(e.Args) == 5 && strings.HasPrefix(e.Args[3], "cyclonedx-json=") && e.Args[4] == "dir:something" - })).Run(func(args mock.Arguments) { + })).Run(func(_ mock.Arguments) { Expect(os.WriteFile(outputPath, []byte(`{ "bomFormat": "CycloneDX", "specVersion": "1.4", @@ -100,7 +101,7 @@ func testSBOM(t *testing.T, context spec.G, it spec.S) { "name": "target/demo-0.0.1-SNAPSHOT.jar" } } -}`), 0644)).To(Succeed()) +}`), 0600)).To(Succeed()) }).Return(nil) // uses interface here intentionally, to force that inteface and implementation match @@ -125,8 +126,8 @@ func testSBOM(t *testing.T, context spec.G, it spec.S) { len(e.Args) == 5 && strings.HasPrefix(e.Args[3], "json=") && e.Args[4] == "dir:something" - })).Run(func(args mock.Arguments) { - Expect(os.WriteFile(outputPath, []byte("succeed2"), 0644)).To(Succeed()) + })).Run(func(_ mock.Arguments) { + Expect(os.WriteFile(outputPath, []byte("succeed2"), 0600)).To(Succeed()) }).Return(nil) scanner := sbom.SyftCLISBOMScanner{ @@ -146,14 +147,14 @@ func testSBOM(t *testing.T, context spec.G, it spec.S) { executor.On("Execute", mock.MatchedBy(func(e effect.Execution) bool { return e.Command == "syft" && len(e.Args) == 9 && - strings.HasPrefix(e.Args[3], sbom.SBOMFormatToSyftOutputFormat(libcnb.CycloneDXJSON)) && - strings.HasPrefix(e.Args[5], sbom.SBOMFormatToSyftOutputFormat(libcnb.SyftJSON)) && - strings.HasPrefix(e.Args[7], sbom.SBOMFormatToSyftOutputFormat(libcnb.SPDXJSON)) && + strings.HasPrefix(e.Args[3], sbom.FormatToSyftOutputFormat(libcnb.CycloneDXJSON)) && + strings.HasPrefix(e.Args[5], sbom.FormatToSyftOutputFormat(libcnb.SyftJSON)) && + strings.HasPrefix(e.Args[7], sbom.FormatToSyftOutputFormat(libcnb.SPDXJSON)) && e.Args[8] == "dir:something" - })).Run(func(args mock.Arguments) { - Expect(os.WriteFile(layers.LaunchSBOMPath(libcnb.CycloneDXJSON), []byte(`{"succeed":1}`), 0644)).To(Succeed()) - Expect(os.WriteFile(layers.LaunchSBOMPath(libcnb.SyftJSON), []byte(`{"succeed":2}`), 0644)).To(Succeed()) - Expect(os.WriteFile(layers.LaunchSBOMPath(libcnb.SPDXJSON), []byte(`{"succeed":3}`), 0644)).To(Succeed()) + })).Run(func(_ mock.Arguments) { + Expect(os.WriteFile(layers.LaunchSBOMPath(libcnb.CycloneDXJSON), []byte(`{"succeed":1}`), 0600)).To(Succeed()) + Expect(os.WriteFile(layers.LaunchSBOMPath(libcnb.SyftJSON), []byte(`{"succeed":2}`), 0600)).To(Succeed()) + Expect(os.WriteFile(layers.LaunchSBOMPath(libcnb.SPDXJSON), []byte(`{"succeed":3}`), 0600)).To(Succeed()) }).Return(nil) scanner := sbom.SyftCLISBOMScanner{ @@ -258,5 +259,4 @@ func testSBOM(t *testing.T, context spec.G, it spec.S) { Expect(string(data)).To(ContainSubstring(`"Source":{`)) }) }) - } diff --git a/sherpa/copy_dir_test.go b/sherpa/copy_dir_test.go index 353414b..20529dd 100644 --- a/sherpa/copy_dir_test.go +++ b/sherpa/copy_dir_test.go @@ -27,7 +27,7 @@ import ( "github.com/sclevine/spec" ) -func testCopyDir(t *testing.T, context spec.G, it spec.S) { +func testCopyDir(t *testing.T, _ spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect diff --git a/sherpa/copy_file_test.go b/sherpa/copy_file_test.go index 875ef08..a254279 100644 --- a/sherpa/copy_file_test.go +++ b/sherpa/copy_file_test.go @@ -28,7 +28,7 @@ import ( "github.com/paketo-buildpacks/libpak/v2/sherpa" ) -func testCopyFile(t *testing.T, context spec.G, it spec.S) { +func testCopyFile(t *testing.T, _ spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect diff --git a/sherpa/env_var_test.go b/sherpa/env_var_test.go index c896312..7cdd9f5 100644 --- a/sherpa/env_var_test.go +++ b/sherpa/env_var_test.go @@ -32,9 +32,7 @@ func testEnvVar(t *testing.T, context spec.G, it spec.S) { ) context("AppendToEnvVar", func() { - context("No Existing", func() { - it("append one", func() { Expect(sherpa.AppendToEnvVar("TEST_KEY", "|", "test-value-2")). To(Equal("test-value-2")) @@ -159,7 +157,6 @@ func testEnvVar(t *testing.T, context spec.G, it spec.S) { Expect(os.Unsetenv("TEST_KEY")).To(Succeed()) }) }) - }) context("ResolveBool", func() { diff --git a/sherpa/exists.go b/sherpa/exists.go index 9580a7c..0e363a4 100644 --- a/sherpa/exists.go +++ b/sherpa/exists.go @@ -20,44 +20,56 @@ import "os" // Exists returns true if the path exists. func Exists(path string) (bool, error) { - if _, err := os.Stat(path); err == nil { + _, err := os.Stat(path) + if err == nil { return true, nil - } else if os.IsNotExist(err) { + } + + if os.IsNotExist(err) { return false, nil - } else { - return false, err } + + return false, err } // FileExists returns true if the path exists and is a regular file. func FileExists(path string) (bool, error) { - if stat, err := os.Stat(path); err == nil { + stat, err := os.Stat(path) + if err == nil { return stat.Mode().IsRegular(), nil - } else if os.IsNotExist(err) { + } + + if os.IsNotExist(err) { return false, nil - } else { - return false, err } + + return false, err } // DirExists returns true if the path exists and is a directory. func DirExists(path string) (bool, error) { - if stat, err := os.Stat(path); err == nil { + stat, err := os.Stat(path) + if err == nil { return stat.IsDir(), nil - } else if os.IsNotExist(err) { + } + + if os.IsNotExist(err) { return false, nil - } else { - return false, err } + + return false, err } // SymlinkExists returns true if the path exists and is a symlink. func SymlinkExists(path string) (bool, error) { - if stat, err := os.Lstat(path); err == nil { + stat, err := os.Lstat(path) + if err == nil { return stat.Mode()&os.ModeSymlink != 0, nil - } else if os.IsNotExist(err) { + } + + if os.IsNotExist(err) { return false, nil - } else { - return false, err } + + return false, err } diff --git a/sherpa/exists_test.go b/sherpa/exists_test.go index 43b789c..13dbc27 100644 --- a/sherpa/exists_test.go +++ b/sherpa/exists_test.go @@ -21,10 +21,11 @@ import ( "path/filepath" "testing" - "github.com/paketo-buildpacks/libpak/v2/sherpa" "github.com/sclevine/spec" . "github.com/onsi/gomega" + + "github.com/paketo-buildpacks/libpak/v2/sherpa" ) func testExists(t *testing.T, when spec.G, it spec.S) { @@ -40,7 +41,7 @@ func testExists(t *testing.T, when spec.G, it spec.S) { when("checking something exists", func() { it("should return true if path is a file", func() { path := filepath.Join(testPath, "test-file") - Expect(os.WriteFile(path, []byte{}, 0644)).To(Succeed()) + Expect(os.WriteFile(path, []byte{}, 0600)).To(Succeed()) exists, err := sherpa.Exists(path) Expect(err).ToNot(HaveOccurred()) Expect(exists).To(BeTrue()) @@ -72,7 +73,7 @@ func testExists(t *testing.T, when spec.G, it spec.S) { it("should return false if path is a file", func() { path := filepath.Join(testPath, "test-file") - Expect(os.WriteFile(path, []byte{}, 0644)).To(Succeed()) + Expect(os.WriteFile(path, []byte{}, 0600)).To(Succeed()) exists, err := sherpa.DirExists(path) Expect(err).ToNot(HaveOccurred()) Expect(exists).To(BeFalse()) @@ -88,7 +89,7 @@ func testExists(t *testing.T, when spec.G, it spec.S) { when("checking a file exists", func() { it("should return true if path is a file", func() { path := filepath.Join(testPath, "test-file") - Expect(os.WriteFile(path, []byte{}, 0644)).To(Succeed()) + Expect(os.WriteFile(path, []byte{}, 0600)).To(Succeed()) exists, err := sherpa.FileExists(path) Expect(err).ToNot(HaveOccurred()) Expect(exists).To(BeTrue()) diff --git a/sherpa/file_listing_test.go b/sherpa/file_listing_test.go index 3f8fb46..6336cb4 100644 --- a/sherpa/file_listing_test.go +++ b/sherpa/file_listing_test.go @@ -29,7 +29,7 @@ import ( "github.com/paketo-buildpacks/libpak/v2/sherpa" ) -func testFileListing(t *testing.T, context spec.G, it spec.S) { +func testFileListing(t *testing.T, _ spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect @@ -41,9 +41,9 @@ func testFileListing(t *testing.T, context spec.G, it spec.S) { }) it("create listing", func() { - Expect(os.WriteFile(filepath.Join(path, "alpha.txt"), []byte{1}, 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "alpha.txt"), []byte{1}, 0600)).To(Succeed()) Expect(os.MkdirAll(filepath.Join(path, "test-directory"), 0755)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(path, "test-directory", "bravo.txt"), []byte{2}, 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "test-directory", "bravo.txt"), []byte{2}, 0600)).To(Succeed()) e, err := sherpa.NewFileListing(path) Expect(err).NotTo(HaveOccurred()) @@ -53,13 +53,13 @@ func testFileListing(t *testing.T, context spec.G, it spec.S) { it("create listing skipping .git folder", func() { Expect(os.MkdirAll(filepath.Join(path, ".git"), 0755)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(path, ".git", "HEAD"), []byte{1}, 0644)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(path, ".git", "config"), []byte{1}, 0644)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(path, "alpha.txt"), []byte{1}, 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, ".git", "HEAD"), []byte{1}, 0600)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, ".git", "config"), []byte{1}, 0600)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "alpha.txt"), []byte{1}, 0600)).To(Succeed()) Expect(os.MkdirAll(filepath.Join(path, "test-directory"), 0755)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(path, "test-directory", "bravo.txt"), []byte{2}, 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "test-directory", "bravo.txt"), []byte{2}, 0600)).To(Succeed()) Expect(os.MkdirAll(filepath.Join(path, "test-directory", ".git"), 0755)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(path, "test-directory", ".git", "config"), []byte{1}, 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "test-directory", ".git", "config"), []byte{1}, 0600)).To(Succeed()) e, err := sherpa.NewFileListing(path) Expect(err).NotTo(HaveOccurred()) @@ -68,9 +68,9 @@ func testFileListing(t *testing.T, context spec.G, it spec.S) { }) it("create listing as hash with non-regular file", func() { - Expect(os.WriteFile(filepath.Join(path, "alpha.txt"), []byte{1}, 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "alpha.txt"), []byte{1}, 0600)).To(Succeed()) Expect(os.MkdirAll(filepath.Join(path, "test-directory"), 0755)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(path, "test-directory", "bravo.txt"), []byte{2}, 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "test-directory", "bravo.txt"), []byte{2}, 0600)).To(Succeed()) Expect(os.Symlink(filepath.Join(path, "test-directory"), filepath.Join(path, "symlink-test-dir"))) Expect(os.Symlink(filepath.Join(path, "test-directory", "bravo.txt"), filepath.Join(path, "symlink-bravo.txt"))) Expect(os.Symlink("alpha.txt", filepath.Join(path, "symlink-relative.txt"))) @@ -89,9 +89,9 @@ func testFileListing(t *testing.T, context spec.G, it spec.S) { }) it("create listing and get SHA256", func() { - Expect(os.WriteFile(filepath.Join(path, "alpha.txt"), []byte{}, 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "alpha.txt"), []byte{}, 0600)).To(Succeed()) Expect(os.MkdirAll(filepath.Join(path, "test-directory"), 0755)).To(Succeed()) - Expect(os.WriteFile(filepath.Join(path, "test-directory", "bravo.txt"), []byte{}, 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "test-directory", "bravo.txt"), []byte{}, 0600)).To(Succeed()) e, err := sherpa.NewFileListing(path) Expect(err).NotTo(HaveOccurred()) diff --git a/sherpa/nodejs_test.go b/sherpa/nodejs_test.go index 01693d0..94021c7 100644 --- a/sherpa/nodejs_test.go +++ b/sherpa/nodejs_test.go @@ -27,7 +27,7 @@ import ( "github.com/paketo-buildpacks/libpak/v2/sherpa" ) -func testNodeJS(t *testing.T, context spec.G, it spec.S) { +func testNodeJS(t *testing.T, _ spec.G, it spec.S) { var ( Expect = NewWithT(t).Expect @@ -43,13 +43,13 @@ func testNodeJS(t *testing.T, context spec.G, it spec.S) { }) it("returns server.js if package.json does not have a main entry", func() { - Expect(os.WriteFile(filepath.Join(path, "package.json"), []byte(`{}`), 0644)).To(Succeed()) + Expect(os.WriteFile(filepath.Join(path, "package.json"), []byte(`{}`), 0600)).To(Succeed()) Expect(sherpa.NodeJSMainModule(path)).To(Equal("server.js")) }) it("returns main module", func() { - Expect(os.WriteFile(filepath.Join(path, "package.json"), []byte(`{ "main": "test-main" }`), 0644)). + Expect(os.WriteFile(filepath.Join(path, "package.json"), []byte(`{ "main": "test-main" }`), 0600)). To(Succeed()) Expect(sherpa.NodeJSMainModule(path)).To(Equal("test-main")) diff --git a/sherpa/sherpa_test.go b/sherpa/sherpa_test.go index 4b56935..64d55e6 100644 --- a/sherpa/sherpa_test.go +++ b/sherpa/sherpa_test.go @@ -43,7 +43,6 @@ func testSherpa(t *testing.T, context spec.G, it spec.S) { }) context("Execute", func() { - it("exits with error", func() { sherpa.Execute(func() error { return fmt.Errorf("test-error") @@ -59,11 +58,9 @@ func testSherpa(t *testing.T, context spec.G, it spec.S) { Expect(exitHandler.Calls).To(HaveLen(0)) }) - }) context("Helpers", func() { - var ( execd *mocks2.ExecD ) diff --git a/stack_test.go b/stack_test.go index e6d11c2..51cd92c 100644 --- a/stack_test.go +++ b/stack_test.go @@ -4,11 +4,16 @@ import ( "testing" . "github.com/onsi/gomega" - "github.com/paketo-buildpacks/libpak/v2" "github.com/sclevine/spec" + + "github.com/paketo-buildpacks/libpak/v2" ) func testStack(t *testing.T, context spec.G, it spec.S) { + var ( + Expect = NewWithT(t).Expect + ) + context("bionic stacks", func() { it("matches standard bionic stack", func() { Expect(libpak.IsBionicStack("io.buildpacks.stacks.bionic")).To(BeTrue())