Skip to content

Commit b3b4a0c

Browse files
olivergondzaolivergondza
committed
fix(tests): 1-120_validate_running_must_gather.go: Do not read file to memory + please gosec
Signed-off-by: Oliver Gondža <[email protected]>
1 parent 19cbfac commit b3b4a0c

File tree

2 files changed

+10
-6
lines changed

2 files changed

+10
-6
lines changed

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@ require (
1818
github.com/stretchr/testify v1.10.0
1919
go.uber.org/zap v1.27.0
2020
golang.org/x/mod v0.25.0
21+
gopkg.in/yaml.v3 v3.0.1
2122
gotest.tools v2.2.0+incompatible
2223
k8s.io/api v0.33.2
2324
k8s.io/apiextensions-apiserver v0.33.1
@@ -156,7 +157,6 @@ require (
156157
gopkg.in/inf.v0 v0.9.1 // indirect
157158
gopkg.in/warnings.v0 v0.1.2 // indirect
158159
gopkg.in/yaml.v2 v2.4.0 // indirect
159-
gopkg.in/yaml.v3 v3.0.1 // indirect
160160
k8s.io/apiserver v0.33.2 // indirect
161161
k8s.io/cli-runtime v0.33.2 // indirect
162162
k8s.io/component-base v0.33.2 // indirect

test/openshift/e2e/ginkgo/parallel/1-120_validate_running_must_gather.go

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -19,11 +19,14 @@ package parallel
1919
import (
2020
"context"
2121
"fmt"
22-
osFixture "github.com/redhat-developer/gitops-operator/test/openshift/e2e/ginkgo/fixture/os"
2322
"os"
2423
"path"
24+
"path/filepath"
2525
"strings"
2626

27+
osFixture "github.com/redhat-developer/gitops-operator/test/openshift/e2e/ginkgo/fixture/os"
28+
"gopkg.in/yaml.v3"
29+
2730
argov1beta1api "github.com/argoproj-labs/argocd-operator/api/v1beta1"
2831
. "github.com/onsi/ginkgo/v2"
2932
. "github.com/onsi/gomega"
@@ -32,7 +35,6 @@ import (
3235
argocdFixture "github.com/redhat-developer/gitops-operator/test/openshift/e2e/ginkgo/fixture/argocd"
3336
fixtureUtils "github.com/redhat-developer/gitops-operator/test/openshift/e2e/ginkgo/fixture/utils"
3437
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
35-
"sigs.k8s.io/yaml"
3638

3739
"sigs.k8s.io/controller-runtime/pkg/client"
3840
)
@@ -165,14 +167,16 @@ func (matcher *validResourceFile) Match(actual any) (success bool, err error) {
165167
return false, fmt.Errorf("BeValidResourceFile matcher expects a string (file path)")
166168
}
167169

168-
content, err := os.ReadFile(filePath)
170+
filePath = filepath.Clean(filePath)
171+
f, err := os.Open(filePath)
169172
if err != nil {
170173
return false, fmt.Errorf("failed to read file: %v", err)
171174
}
172-
println(string(content))
175+
defer f.Close()
173176

177+
decoder := yaml.NewDecoder(f)
174178
var data map[string]any
175-
if err := yaml.Unmarshal(content, &data); err != nil {
179+
if err := decoder.Decode(&data); err != nil {
176180
return false, fmt.Errorf("failed parsing supposed YAML file: %v", err)
177181
}
178182

0 commit comments

Comments
 (0)