[GH-168] Resolve G307 issues.

030 · Oct 10, 2021 · ae7bfc0 · ae7bfc0
1 parent e928b32
commit ae7bfc0
Show file tree

Hide file tree

Showing 7 changed files with 107 additions and 47 deletions.
diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml
@@ -18,4 +18,4 @@ jobs:
       - name: Run Gosec Security Scanner
         uses: securego/gosec@master
         with:
-          args: -exclude=G304,G307 ./...
+          args: -exclude=G304 ./...
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,7 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Fixed
 
-- Resolve gosec G401 and G501 issues
+- Resolve gosec G307, G401 and G501 issues.
 
 ## [6.0.12] - 2021-10-09
 

diff --git a/internal/artifacts/backup.go b/internal/artifacts/backup.go
@@ -107,17 +107,17 @@ func (n Nexus3) continuationTokenRecursion(t string) ([]string, error) {
 	return append(tokenSlice, token), nil
 }
 
-func createArtifact(d string, f string, content string, md5sum string) error {
+func createArtifact(d string, f string, content string, md5sum string) (errs []error) {
 	ociBucketname := viper.GetString("ociBucket")
 	Filename := d + "/" + f
 
 	// Check if object exists
 	objectExists := false
 	if ociBucketname != "" {
 		objectExists, err := findObject(ociBucketname, Filename, md5sum)
-
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 
 		if objectExists && viper.GetBool("removeLocalFile") {
@@ -130,7 +130,8 @@ func createArtifact(d string, f string, content string, md5sum string) error {
 
 	err := os.MkdirAll(d, os.ModePerm)
 	if err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
 
 	filename := filepath.Join(d, f)
@@ -139,12 +140,14 @@ func createArtifact(d string, f string, content string, md5sum string) error {
 	if fileExists(filename) {
 		dat, err := os.ReadFile(filename)
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 
 		checksumDownloadedArtifact = fmt.Sprintf("%x", sha512.Sum512(dat))
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 	}
 
@@ -154,20 +157,29 @@ func createArtifact(d string, f string, content string, md5sum string) error {
 		log.Debug("Creating ", filename)
 		file, err := os.Create(filename)
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
+		defer func() {
+			if err := file.Close(); err != nil {
+				errs = append(errs, err)
+			}
+		}()
 
 		_, err = file.WriteString(content)
-		defer file.Close()
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 	}
 
 	if ociBucketname != "" && !objectExists {
-		err := ociBackup(ociBucketname, Filename)
-		if err != nil {
-			return err
+		errs := ociBackup(ociBucketname, Filename)
+		for _, err := range errs {
+			if err != nil {
+				errs = append(errs, err)
+				return errs
+			}
 		}
 	}
 	return nil
@@ -203,8 +215,10 @@ func (n Nexus3) downloadArtifact(dir, url, md5 string) error {
 		return err
 	}
 
-	if err := createArtifact(filepath.Join(dir, n.Repository, d), f, jsonResp.strings, md5); err != nil {
-		return err
+	if errs := createArtifact(filepath.Join(dir, n.Repository, d), f, jsonResp.strings, md5); err != nil {
+		for _, err := range errs {
+			return err
+		}
 	}
 	return nil
 }

diff --git a/internal/artifacts/backup_test.go b/internal/artifacts/backup_test.go
@@ -136,11 +136,13 @@ func TestArtifactNameContainingRepositoryName(t *testing.T) {
 }
 
 func TestCreateArtifact(t *testing.T) {
-	actualErrorFile := createArtifact(testDirHome+testDirUpload, "file100/file100", "some-content", "ba1f2511fc30423bdbb183fe33f3dd0f")
+	actualFileErrors := createArtifact(testDirHome+testDirUpload, "file100/file100", "some-content", "ba1f2511fc30423bdbb183fe33f3dd0f")
 	expectedErrorFile := "open " + testDirHome + testDirUpload + "/file100/file100: no such file or directory"
 
-	if actualErrorFile.Error() != expectedErrorFile {
-		t.Errorf(errMsgTxt, expectedErrorFile, actualErrorFile)
+	for _, actualFileError := range actualFileErrors {
+		if actualFileError.Error() != expectedErrorFile {
+			t.Errorf(errMsgTxt, expectedErrorFile, actualFileError)
+		}
 	}
 }
 

diff --git a/internal/artifacts/oci.go b/internal/artifacts/oci.go
@@ -27,43 +27,55 @@ type ociObject struct {
 	metadata   map[string]string
 }
 
-func ociBackup(Bucketname, Filename string) error {
+func ociBackup(Bucketname, Filename string) (errs []error) {
 	o, err := objectstorage.NewObjectStorageClientWithConfigurationProvider(common.DefaultConfigProvider())
 	if err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
 
 	ctx := context.Background()
 	namespace, err := getNamespace(ctx, o)
 
 	if err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
 
 	log.Debug("You are going to upload file " + Filename + " in bucket: " + Bucketname + "\n")
 	filename, err := filepath.Glob(Filename)
 	if filename == nil {
-		return fmt.Errorf("error: no files found to upload")
+		err = fmt.Errorf("error: no files found to upload")
+		errs = append(errs, err)
 	}
 
 	if err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
 	for _, f := range filename {
 		file, err := os.Open(f)
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
-		defer file.Close()
+		defer func() {
+			if err := file.Close(); err != nil {
+				errs = append(errs, err)
+			}
+		}()
+
 		fi, err := file.Stat()
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 
 		o := ociObject{ctx, o, namespace, Bucketname, f, fi.Size(), file, nil}
 		err = o.putObject()
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 
 		// Removing temporary file
@@ -72,7 +84,8 @@ func ociBackup(Bucketname, Filename string) error {
 		}
 
 		if err != nil {
-			return err
+			errs = append(errs, err)
+			return errs
 		}
 	}
 	return nil

diff --git a/internal/artifacts/oci_test.go b/internal/artifacts/oci_test.go
@@ -7,7 +7,9 @@ import (
 )
 
 func TestOciBackup(t *testing.T) {
-	assert.EqualError(t, ociBackup("", ""), "can not create client, bad configuration: did not find a proper configuration for tenancy")
+	for _, err := range ociBackup("", "") {
+		assert.EqualError(t, err, "can not create client, bad configuration: did not find a proper configuration for tenancy")
+	}
 }
 
 func TestFindObject(t *testing.T) {

diff --git a/internal/artifacts/upload.go b/internal/artifacts/upload.go
@@ -206,56 +206,79 @@ func (n *Nexus3) uploadMultipartFile(file *os.File, writer *multipart.Writer, re
 	return nil
 }
 
-func (n *Nexus3) openFileAndUpload(file string) error {
+func (n *Nexus3) openFileAndUpload(file string) (errs []error) {
 	log.Infof("Uploading file %v to %v", file, n.URL)
 
 	f, err := os.Open("./" + n.Repository + "/" + file)
 	if err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
-	defer f.Close()
+	defer func() {
+		if err := f.Close(); err != nil {
+			errs = append(errs, err)
+		}
+	}()
+
 	req, err := http.NewRequest("POST", n.URL+"/repository/"+n.Repository+"/", f)
 	if err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
+
 	if err := n.uploadFile(file, req); err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
+
 	return nil
 }
 
-func (n *Nexus3) openMultipartFileAndUpload(f, httpMethod, uri string, statusCreated int) error {
+func (n *Nexus3) openMultipartFileAndUpload(f, httpMethod, uri string, statusCreated int) (errs []error) {
 	log.Infof("Uploading file %v to %v", f, n.URL)
 	fileDir, _ := os.Getwd()
 	fileName := f
 	filePath := path.Join(fileDir, n.Repository, fileName)
 
-	file, _ := os.Open(filePath)
-	defer file.Close()
+	file, err := os.Open(filePath)
+	if err != nil {
+		errs = append(errs, err)
+		return errs
+	}
+	defer func() {
+		if err := file.Close(); err != nil {
+			errs = append(errs, err)
+		}
+	}()
 
 	body := &bytes.Buffer{}
 	writer := multipart.NewWriter(body)
 	part, err := writer.CreateFormFile("file", filepath.Base(file.Name()))
 	if err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
 
 	if _, err := io.Copy(part, file); err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
 
 	if err := writer.Close(); err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
 
 	log.Infof("Upload Method: '%v', URL: '%v'", httpMethod, n.URL+uri)
 	req, err := http.NewRequest(httpMethod, n.URL+uri, body)
 	if err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
 
 	if err := n.uploadMultipartFile(file, writer, req, statusCreated); err != nil {
-		return err
+		errs = append(errs, err)
+		return errs
 	}
 	return nil
 }
@@ -266,8 +289,11 @@ func (n *Nexus3) readMultipartFilesAndUpload(httpMethod, uri string, statusCreat
 		return err
 	}
 	for _, file := range files {
-		if err := n.openMultipartFileAndUpload(file, httpMethod, uri, statusCreated); err != nil {
-			return err
+		errs := n.openMultipartFileAndUpload(file, httpMethod, uri, statusCreated)
+		for _, err := range errs {
+			if err != nil {
+				return err
+			}
 		}
 	}
 	return nil
@@ -279,8 +305,11 @@ func (n *Nexus3) readFilesAndUpload() error {
 		return err
 	}
 	for _, file := range files {
-		if err := n.openFileAndUpload(file); err != nil {
-			return err
+		errs := n.openFileAndUpload(file)
+		for _, err := range errs {
+			if err != nil {
+				return err
+			}
 		}
 	}
 	return nil