fix: add nosec flags

pull/1/head
Markus Pesch 7 months ago
parent 0388cf11bc
commit ffa8f99d67
Signed by: volker.raschek
GPG Key ID: 852BCC170D81A982
  1. 8
      pkg/config/config.go
  2. 1
      pkg/updater/updater.go

@ -39,6 +39,7 @@ func GetDefaultConfiguration() (*types.Config, error) {
func Read(cnfFile string) (*types.Config, error) {
// Load burned in configuration if config not available
if _, err := os.Stat(cnfFile); os.IsNotExist(err) {
// #nosec G301
if err := os.MkdirAll(filepath.Dir(cnfFile), 0755); err != nil {
return nil, fmt.Errorf("failed to create directory: %w", err)
}
@ -57,11 +58,12 @@ func Read(cnfFile string) (*types.Config, error) {
return cnf, nil
}
// #nosec G304
f, err := os.Open(cnfFile)
if err != nil {
return nil, fmt.Errorf("failed to open file: %w", err)
}
defer f.Close()
defer func() { _ = f.Close() }()
cnf := new(types.Config)
jsonDecoder := json.NewDecoder(f)
@ -97,17 +99,19 @@ func Read(cnfFile string) (*types.Config, error) {
// Write config into a file
func Write(cnf *types.Config, cnfFile string) error {
if _, err := os.Stat(filepath.Dir(cnfFile)); os.IsNotExist(err) {
// #nosec G301
err := os.MkdirAll(filepath.Dir(cnfFile), 0755)
if err != nil {
return err
}
}
// #nosec G304
f, err := os.Create(cnfFile)
if err != nil {
return fmt.Errorf("failed to create file %v: %v", cnfFile, err)
}
defer f.Close()
defer func() { _ = f.Close() }()
jsonEncoder := json.NewEncoder(f)
jsonEncoder.SetIndent("", " ")

@ -46,6 +46,7 @@ func (u *NSUpdate) execute(ctx context.Context, nsUpdateCmd string) error {
errBuffer := new(bytes.Buffer)
// #nosec G204
cmd := exec.CommandContext(ctx, "nsupdate", "-y", fmt.Sprintf("%v:%v:%v", u.tsigKey.Algorithm, u.tsigKey.Name, u.tsigKey.Secret))
// cmd.Stdout = os.Stdout
cmd.Stderr = bufio.NewWriter(errBuffer)

Loading…
Cancel
Save