From eef9a5cd96c10665b5fe8e50337f7979757d9b59 Mon Sep 17 00:00:00 2001 From: Christian Bongiorno Date: Wed, 8 Sep 2021 14:19:28 -0700 Subject: [PATCH] Remove validation on file path. There are a lot of complications to prevalidating. Ultimately, the OS will put the break on an invalid write. Also, remove a logical error where in an empty file would fail a check sum, and thus now allow an overwrite --- go.mod | 1 + .../datasource_artifactory_file.go | 23 +++++++++++-------- pkg/artifactory/resource_xray_policy.go | 8 +++---- pkg/artifactory/validators.go | 5 ++-- 4 files changed, 21 insertions(+), 16 deletions(-) diff --git a/go.mod b/go.mod index 5bea08ffb..a38be662c 100644 --- a/go.mod +++ b/go.mod @@ -8,6 +8,7 @@ require ( github.com/hashicorp/terraform-plugin-sdk/v2 v2.7.0 github.com/jfrog/jfrog-client-go v0.23.1 github.com/stretchr/testify v1.7.0 + golang.org/x/sys v0.0.0-20210510120138-977fb7262007 golang.org/x/tools v0.1.5 // indirect gopkg.in/yaml.v2 v2.4.0 ) diff --git a/pkg/artifactory/datasource_artifactory_file.go b/pkg/artifactory/datasource_artifactory_file.go index 4f6c5df20..ffa1bd875 100644 --- a/pkg/artifactory/datasource_artifactory_file.go +++ b/pkg/artifactory/datasource_artifactory_file.go @@ -93,7 +93,6 @@ func dataSourceArtifactoryFile() *schema.Resource { "output_path": { Type: schema.TypeString, Required: true, - ValidateFunc: fileExist, }, "force_overwrite": { Type: schema.TypeBool, @@ -116,11 +115,17 @@ func dataSourceFileRead(d *schema.ResourceData, m interface{}) error { } fileExists := FileExists(outputPath) - chksMatches, _ := VerifySha256Checksum(outputPath, fileInfo.Checksums.Sha256) - if !chksMatches { - return fmt.Errorf("local file differs from upstream version") + chksMatches, err := VerifySha256Checksum(outputPath, fileInfo.Checksums.Sha256) + + if err != nil { + return err } - if !fileExists || (!chksMatches && forceOverwrite) { + + if fileExists { + if !chksMatches && !forceOverwrite { + return fmt.Errorf("local file differs from upstream version and no overwrite is permitted") + } + } else { outFile, err := os.Create(outputPath) if err != nil { return err @@ -129,11 +134,11 @@ func dataSourceFileRead(d *schema.ResourceData, m interface{}) error { defer func(outFile *os.File) { _ = outFile.Close() }(outFile) + } - _, err = m.(*resty.Client).R().SetOutput(outputPath).Get(fileInfo.DownloadUri) - if err != nil { - return err - } + _, err = m.(*resty.Client).R().SetOutput(outputPath).Get(fileInfo.DownloadUri) + if err != nil { + return err } return packFileInfo(fileInfo, d) diff --git a/pkg/artifactory/resource_xray_policy.go b/pkg/artifactory/resource_xray_policy.go index 78ef77945..13f2983fd 100644 --- a/pkg/artifactory/resource_xray_policy.go +++ b/pkg/artifactory/resource_xray_policy.go @@ -25,7 +25,7 @@ type PolicyRuleCriteria struct { CVSSRange *PolicyCVSSRange `json:"cvss_range,omitempty"` // License Criteria - AllowUnkown *bool `json:"allow_unknown,omitempty"` + AllowUnknown *bool `json:"allow_unknown,omitempty"` BannedLicenses *[]string `json:"banned_licenses,omitempty"` AllowedLicenses *[]string `json:"allowed_licenses,omitempty"` } @@ -282,7 +282,7 @@ func expandCriteria(l []interface{}, policyType *string) (*PolicyRuleCriteria, e } // If these are both the default values, we must be using license criteria - criteria.AllowUnkown = allowUnk // "Unkown" is a typo in xray-oss + criteria.AllowUnknown = allowUnk criteria.BannedLicenses = banned criteria.AllowedLicenses = allowed } else { @@ -412,8 +412,8 @@ func flattenCriteria(criteria *PolicyRuleCriteria) []interface{} { if criteria.MinimumSeverity != nil { m["min_severity"] = *criteria.MinimumSeverity } - if criteria.AllowUnkown != nil { - m["allow_unknown"] = *criteria.AllowUnkown // Same typo in the library + if criteria.AllowUnknown != nil { + m["allow_unknown"] = *criteria.AllowUnknown // Same typo in the library } if criteria.BannedLicenses != nil { m["banned_licenses"] = *criteria.BannedLicenses diff --git a/pkg/artifactory/validators.go b/pkg/artifactory/validators.go index c52ca5c83..51b921189 100644 --- a/pkg/artifactory/validators.go +++ b/pkg/artifactory/validators.go @@ -2,14 +2,13 @@ package artifactory import ( "fmt" + "github.com/gorhill/cronexpr" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "net/mail" "os" "regexp" "strings" - "github.com/gorhill/cronexpr" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" )