From 1d49b482ce3bfc7882d9531799f8378cce94c95b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vic=20Sh=C3=B3stak?= <vikkyshostak@gmail.com>
Date: Tue, 18 Aug 2020 13:41:01 +0300
Subject: [PATCH] Solve securego/gosec/issues/512

---
 go.mod                  | 2 +-
 go.sum                  | 2 ++
 pkg/apiserver/config.go | 9 ++++++++-
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/go.mod b/go.mod
index 8d62c0c..09a4ec2 100644
--- a/go.mod
+++ b/go.mod
@@ -7,6 +7,6 @@ require (
 	github.com/gofiber/fiber v1.14.2
 	github.com/klauspost/compress v1.10.11 // indirect
 	github.com/stretchr/testify v1.6.1
-	golang.org/x/sys v0.0.0-20200814200057-3d37ad5750ed // indirect
+	golang.org/x/sys v0.0.0-20200817155316-9781c653f443 // indirect
 	gopkg.in/yaml.v2 v2.3.0
 )
diff --git a/go.sum b/go.sum
index bf15f98..37a4a27 100644
--- a/go.sum
+++ b/go.sum
@@ -38,6 +38,8 @@ golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200602225109-6fdc65e7d980/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200814200057-3d37ad5750ed h1:J22ig1FUekjjkmZUM7pTKixYm8DvrYsvrBZdunYeIuQ=
 golang.org/x/sys v0.0.0-20200814200057-3d37ad5750ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200817155316-9781c653f443 h1:X18bCaipMcoJGm27Nv7zr4XYPKGUy92GtqboKC2Hxaw=
+golang.org/x/sys v0.0.0-20200817155316-9781c653f443/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/pkg/apiserver/config.go b/pkg/apiserver/config.go
index 622580e..98b02ab 100644
--- a/pkg/apiserver/config.go
+++ b/pkg/apiserver/config.go
@@ -47,7 +47,14 @@ func NewConfig(configPath string) (*Config, error) {
 	if err != nil {
 		return nil, err
 	}
-	defer file.Close()
+
+	// Solved gosec issue G307 (CWE-703)
+	// See: https://github.com/securego/gosec/issues/512#issuecomment-675286833
+	defer func() {
+		if err := file.Close(); err != nil {
+			return
+		}
+	}()
 
 	// Init new YAML decode
 	d := yaml.NewDecoder(file)