Merge pull request #219 from 030/168-resolve-g307

[GH-168] Resolve G307 issues.
030 · Oct 10, 2021 · 4783a27 · 4783a27
2 parents e928b32 + 2e22e98
commit 4783a27
Show file tree

Hide file tree

Showing 9 changed files with 138 additions and 60 deletions.
diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml
@@ -18,4 +18,4 @@ jobs:
       - name: Run Gosec Security Scanner
         uses: securego/gosec@master
         with:
-          args: -exclude=G304,G307 ./...
+          args: -exclude=G304 ./...
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,7 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Fixed
 
-- Resolve gosec G401 and G501 issues
+- Resolve gosec G307, G401 and G501 issues.
 
 ## [6.0.12] - 2021-10-09
 

diff --git a/internal/artifacts/backup.go b/internal/artifacts/backup.go
@@ -107,17 +107,17 @@ func (n Nexus3) continuationTokenRecursion(t string) ([]string, error) {
 	return append(tokenSlice, token), nil
 }
 
-func createArtifact(d string, f string, content string, md5sum string) error {
+func createArtifact(d string, f string, content string, md5sum string) (errs []error) {
 	ociBucketname := viper.GetString("ociBucket")
 	Filename := d + "/" + f
 
 	// Check if object exists
 	objectExists := false
 	if ociBucketname != "" {
 		objectExists, err := findObject(ociBucketname, Filename, md5sum)
-
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 
 		if objectExists && viper.GetBool("removeLocalFile") {
@@ -130,7 +130,8 @@ func createArtifact(d string, f string, content string, md5sum string) error {
 
 	err := os.MkdirAll(d, os.ModePerm)
 	if err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
 
 	filename := filepath.Join(d, f)
@@ -139,12 +140,14 @@ func createArtifact(d string, f string, content string, md5sum string) error {
 	if fileExists(filename) {
 		dat, err := os.ReadFile(filename)
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 
 		checksumDownloadedArtifact = fmt.Sprintf("%x", sha512.Sum512(dat))
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 	}
 
@@ -154,20 +157,29 @@ func createArtifact(d string, f string, content string, md5sum string) error {
 		log.Debug("Creating ", filename)
 		file, err := os.Create(filename)
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
+		defer func() {
+			if err := file.Close(); err != nil {
+				errs = append(errs, err)
+			}
+		}()
 
 		_, err = file.WriteString(content)
-		defer file.Close()
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 	}
 
 	if ociBucketname != "" && !objectExists {
-		err := ociBackup(ociBucketname, Filename)
-		if err != nil {
-			return err
+		errs := ociBackup(ociBucketname, Filename)
+		for _, err := range errs {
+			if err != nil {
+				errs = append(errs, err)
+				return errs
+			}
 		}
 	}
 	return nil
@@ -203,8 +215,10 @@ func (n Nexus3) downloadArtifact(dir, url, md5 string) error {
 		return err
 	}
 
-	if err := createArtifact(filepath.Join(dir, n.Repository, d), f, jsonResp.strings, md5); err != nil {
-		return err
+	if errs := createArtifact(filepath.Join(dir, n.Repository, d), f, jsonResp.strings, md5); err != nil {
+		for _, err := range errs {
+			return err
+		}
 	}
 	return nil
 }

diff --git a/internal/artifacts/backup_test.go b/internal/artifacts/backup_test.go
@@ -136,11 +136,13 @@ func TestArtifactNameContainingRepositoryName(t *testing.T) {
 }
 
 func TestCreateArtifact(t *testing.T) {
-	actualErrorFile := createArtifact(testDirHome+testDirUpload, "file100/file100", "some-content", "ba1f2511fc30423bdbb183fe33f3dd0f")
+	actualFileErrors := createArtifact(testDirHome+testDirUpload, "file100/file100", "some-content", "ba1f2511fc30423bdbb183fe33f3dd0f")
 	expectedErrorFile := "open " + testDirHome + testDirUpload + "/file100/file100: no such file or directory"
 
-	if actualErrorFile.Error() != expectedErrorFile {
-		t.Errorf(errMsgTxt, expectedErrorFile, actualErrorFile)
+	for _, actualFileError := range actualFileErrors {
+		if actualFileError.Error() != expectedErrorFile {
+			t.Errorf(errMsgTxt, expectedErrorFile, actualFileError)
+		}
 	}
 }
 

diff --git a/internal/artifacts/common.go b/internal/artifacts/common.go
@@ -72,27 +72,36 @@ func (n Nexus3) request(url string) (requestJSONResponse, error) {
 	req.Header.Set("Accept", "application/json")
 	req.SetBasicAuth(n.User, n.Pass)
 
-	bodyBytes, bodyString, err := n.response(req)
-	if err != nil {
-		return requestJSONResponse{}, err
+	bodyBytes, bodyString, errs := n.response(req)
+	for _, err := range errs {
+		if err != nil {
+			return requestJSONResponse{}, err
+		}
 	}
+
 	return requestJSONResponse{bodyBytes, bodyString}, nil
 }
 
-func (n Nexus3) response(req *http.Request) ([]byte, string, error) {
+func (n Nexus3) response(req *http.Request) (b []byte, s string, errs []error) {
 	retryClient := retryablehttp.NewClient()
 	retryClient.RetryMax = 5
 	retryClient.Logger = &RetryLogAdaptor{}
 	standardClient := retryClient.StandardClient()
 	resp, err := standardClient.Do(req)
 	if err != nil {
-		return nil, "", err
+		errs = append(errs, err)
+		return nil, "", errs
 	}
-	defer resp.Body.Close()
+	defer func() {
+		if err := resp.Body.Close(); err != nil {
+			errs = append(errs, err)
+		}
+	}()
 
 	bodyBytes, bodyString, err := n.responseBodyString(resp)
 	if err != nil {
-		return nil, "", err
+		errs = append(errs, err)
+		return nil, "", errs
 	}
 
 	return bodyBytes, bodyString, nil

diff --git a/internal/artifacts/oci.go b/internal/artifacts/oci.go
@@ -27,43 +27,55 @@ type ociObject struct {
 	metadata   map[string]string
 }
 
-func ociBackup(Bucketname, Filename string) error {
+func ociBackup(Bucketname, Filename string) (errs []error) {
 	o, err := objectstorage.NewObjectStorageClientWithConfigurationProvider(common.DefaultConfigProvider())
 	if err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
 
 	ctx := context.Background()
 	namespace, err := getNamespace(ctx, o)
 
 	if err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
 
 	log.Debug("You are going to upload file " + Filename + " in bucket: " + Bucketname + "\n")
 	filename, err := filepath.Glob(Filename)
 	if filename == nil {
-		return fmt.Errorf("error: no files found to upload")
+		err = fmt.Errorf("error: no files found to upload")
+		errs = append(errs, err)
 	}
 
 	if err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
 	for _, f := range filename {
 		file, err := os.Open(f)
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
-		defer file.Close()
+		defer func() {
+			if err := file.Close(); err != nil {
+				errs = append(errs, err)
+			}
+		}()
+
 		fi, err := file.Stat()
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 
 		o := ociObject{ctx, o, namespace, Bucketname, f, fi.Size(), file, nil}
 		err = o.putObject()
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 
 		// Removing temporary file
@@ -72,7 +84,8 @@ func ociBackup(Bucketname, Filename string) error {
 		}
 
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 	}
 	return nil

diff --git a/internal/artifacts/oci_test.go b/internal/artifacts/oci_test.go
@@ -7,7 +7,9 @@ import (
 )
 
 func TestOciBackup(t *testing.T) {
-	assert.EqualError(t, ociBackup("", ""), "can not create client, bad configuration: did not find a proper configuration for tenancy")
+	for _, err := range ociBackup("", "") {
+		assert.EqualError(t, err, "can not create client, bad configuration: did not find a proper configuration for tenancy")
+	}
 }
 
 func TestFindObject(t *testing.T) {