github/client-go
1
0
Fork 0
mirror of https://github.com/kubernetes/client-go.git synced 2025-07-17 08:41:53 +00:00
Code Issues Projects Releases Wiki Activity

client-go: change permissions of directories and certs

Browse Source 
Kubernetes-commit: c941877438c2219318b0625f5b4e321efe324171
This commit is contained in:
Khachatur Ashotyan 2023-02-17 11:16:46 +04:00 committed by Kubernetes Publisher
parent 71253f0b35
commit be82893604
4 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
util/cert/cert.go
View File

@ -191,7 +191,7 @@ func GenerateSelfSignedCertKeyWithFixtures(host string, alternateIPs []net.IP, a
if err := os.WriteFile(certFixturePath, certBuffer.Bytes(), 0600); err != nil {
return nil, nil, fmt.Errorf("failed to write cert fixture to %s: %v", certFixturePath, err)
}
if err := os.WriteFile(keyFixturePath, keyBuffer.Bytes(), 0600); err != nil {
if err := os.WriteFile(keyFixturePath, keyBuffer.Bytes(), 0644); err != nil {
return nil, nil, fmt.Errorf("failed to write key fixture to %s: %v", certFixturePath, err)
}
}

8
util/cert/io.go
View File

@ -58,14 +58,14 @@ func canReadFile(path string) bool {
}
// WriteCert writes the pem-encoded certificate data to certPath.
// The certificate file will be created with file mode 0600.
// The certificate file will be created with file mode 0644.
// If the certificate file already exists, it will be overwritten.
// The parent directory of the certPath will be created as needed with file mode 0700.
// The parent directory of the certPath will be created as needed with file mode 0755.
func WriteCert(certPath string, data []byte) error {
if err := os.MkdirAll(filepath.Dir(certPath), os.FileMode(0700)); err != nil {
if err := os.MkdirAll(filepath.Dir(certPath), os.FileMode(0755)); err != nil {
return err
}
return os.WriteFile(certPath, data, os.FileMode(0600))
return os.WriteFile(certPath, data, os.FileMode(0644))
}
// NewPool returns an x509.CertPool containing the certificates in the given PEM-encoded file.

2
util/certificate/certificate_store.go
View File

@ -188,7 +188,7 @@ func (s *fileStore) Update(certData, keyData []byte) (*tls.Certificate, error) {
ts := time.Now().Format("2006-01-02-15-04-05")
pemFilename := s.filename(ts)
if err := os.MkdirAll(s.certDirectory, 0700); err != nil {
if err := os.MkdirAll(s.certDirectory, 0755); err != nil {
return nil, fmt.Errorf("could not create directory %q to store certificates: %v", s.certDirectory, err)
}
certPath := filepath.Join(s.certDirectory, pemFilename)

4
util/keyutil/key.go
View File

@ -63,9 +63,9 @@ func MakeEllipticPrivateKeyPEM() ([]byte, error) {
// WriteKey writes the pem-encoded key data to keyPath.
// The key file will be created with file mode 0600.
// If the key file already exists, it will be overwritten.
// The parent directory of the keyPath will be created as needed with file mode 0700.
// The parent directory of the keyPath will be created as needed with file mode 0755.
func WriteKey(keyPath string, data []byte) error {
if err := os.MkdirAll(filepath.Dir(keyPath), os.FileMode(0700)); err != nil {
if err := os.MkdirAll(filepath.Dir(keyPath), os.FileMode(0755)); err != nil {
return err
}
return os.WriteFile(keyPath, data, os.FileMode(0600))