From 844d84c9f8ff9f1e9a99c0d4fe5c4c241fdd32b7 Mon Sep 17 00:00:00 2001 From: Rishikesh Date: Mon, 9 Sep 2024 23:56:35 +0530 Subject: [PATCH 1/2] fix(sysdump): ensure AppArmor tar is gzipped in sysdump Signed-off-by: Rishikesh --- sysdump/sysdump.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sysdump/sysdump.go b/sysdump/sysdump.go index 7b9bf3e9..905c1484 100644 --- a/sysdump/sysdump.go +++ b/sysdump/sysdump.go @@ -277,7 +277,7 @@ func copyFromPod(srcPath string, d string, c *k8s.Client) error { for _, pod := range pods.Items { destPath := path.Join(d, fmt.Sprintf("%s_apparmor.tar.gz", pod.Name)) reader, outStream := io.Pipe() - cmdArr := []string{"tar", "cf", "-", srcPath} + cmdArr := []string{"tar", "czf", "-", srcPath} req := c.K8sClientset.CoreV1().RESTClient(). Get(). Namespace(pod.Namespace). From 47ddbfe75130476064d9de5104566ee5df3f1d49 Mon Sep 17 00:00:00 2001 From: Aryan-sharma11 Date: Thu, 5 Dec 2024 12:49:31 +0530 Subject: [PATCH 2/2] fix gosec Signed-off-by: Aryan-sharma11 --- recommend/registry/registry.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recommend/registry/registry.go b/recommend/registry/registry.go index 6fd9b475..b80adfbc 100644 --- a/recommend/registry/registry.go +++ b/recommend/registry/registry.go @@ -250,7 +250,7 @@ func extractTar(tarname string, tempDir string) ([]string, []string) { } dl = append(dl, tgt) case tar.TypeReg: - f, err := os.OpenFile(filepath.Clean(tgt), os.O_CREATE|os.O_RDWR, os.FileMode(hdr.Mode)) + f, err := os.OpenFile(filepath.Clean(tgt), os.O_CREATE|os.O_RDWR, os.FileMode(hdr.Mode)) //#nosec G115 // hdr.mode bits are trusted here if err != nil { log.WithError(err).WithFields(log.Fields{ "target": tgt,