Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add hardening/retry flags to curl invocations #4691

Merged
merged 1 commit into from
Jul 8, 2024

Conversation

twz123
Copy link
Member

@twz123 twz123 commented Jun 27, 2024

Description

Enforce HTTPS with TLS 1.2+ for security reasons. Add -f to all curl invocations that are not used as a pipe input, so that non-successful HTTP status codes produce a non-zero exit code. Add retry flags to all curl invocations that write to the file system.

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update

How Has This Been Tested?

  • Manual test
  • Auto test added

Checklist:

  • My code follows the style guidelines of this project
  • My commit messages are signed-off
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules
  • I have checked my code and corrected any misspellings

@twz123 twz123 marked this pull request as ready for review June 28, 2024 08:53
@twz123 twz123 requested a review from a team as a code owner June 28, 2024 08:53
@twz123 twz123 requested review from ncopa and makhov June 28, 2024 08:53
Copy link
Contributor

github-actions bot commented Jul 1, 2024

This pull request has merge conflicts that need to be resolved.

jnummelin
jnummelin previously approved these changes Jul 3, 2024
Copy link
Contributor

github-actions bot commented Jul 3, 2024

This pull request has merge conflicts that need to be resolved.

Enforce HTTPS with TLS 1.2+ for security reasons. Add -f to all curl
invocations that are not used as a pipe input, so that non-successful
HTTP status codes produce a non-zero exit code. Add retry flags to all
curl invocations that write to the file system.

Signed-off-by: Tom Wieczorek <twieczorek@mirantis.com>
@twz123 twz123 merged commit ca55c82 into k0sproject:main Jul 8, 2024
83 checks passed
@twz123 twz123 deleted the curl-hardening branch July 8, 2024 17:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants