Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Quote profile json when passing to kando in go code #3261

Merged
merged 2 commits into from
Nov 28, 2024
Merged

fix: Quote profile json when passing to kando in go code #3261

merged 2 commits into from
Nov 28, 2024

Conversation

hairyhum
Copy link
Contributor

Change Overview

Add quoting when building kando command with profile in go code.
Add unit test case for non-null profile.

Fixes https://github.com/kanisterio/kanister/security/code-scanning/198 and https://github.com/kanisterio/kanister/security/code-scanning/199

Pull request type

Please check the type of change your PR introduces:

  • 🚧 Work in Progress
  • 🌈 Refactoring (no functional changes, no api changes)
  • 🐹 Trivial/Minor
  • 🐛 Bugfix
  • 🌻 Feature
  • 🗺️ Documentation
  • 🤖 Test
  • 🏗️ Build

Issues

  • fixes #issue-number

Test Plan

  • 💪 Manual
  • ⚡ Unit test
  • 💚 E2E

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 26, 2024
View reviewed changes
pkg/function/export_rds_snapshot_location.go Dismissed Show dismissed Hide dismissed
viveksinghggits
viveksinghggits approved these changes Nov 28, 2024
View reviewed changes
pkg/function/rds_functions_test.go
@@ -106,7 +128,7 @@ func (s *RDSFunctionsTest) TestPrepareCommand(c *check.C) {
for db in "${dblist[@]}";
do echo "backing up $db db" && pg_dump $db -C --inserts > /backup/$db.sql;
done
tar -zc backup | kando location push --profile '%s' --path "${BACKUP_PREFIX}/${BACKUP_ID}" -
tar -zc backup | kando location push --profile "%s" --path "${BACKUP_PREFIX}/${BACKUP_ID}" -
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see that at some places we are providing profile in double quotes "" and at some place without. Is that intentional?

Copy link
Contributor Author

@hairyhum hairyhum Nov 28, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In some tests we just pass "null" string to this function. We can make it more consistent by passing "\"null\"" instead, I guess.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am good, even if you want to merge this with current state.

@hairyhum hairyhum added the kueue label Nov 28, 2024
@mergify mergify bot merged commit ed51ff0 into master Nov 28, 2024
23 checks passed
@mergify mergify bot deleted the unsafe-quoting branch November 28, 2024 20:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@viveksinghggits viveksinghggits viveksinghggits approved these changes

@pavannd1 pavannd1 Awaiting requested review from pavannd1

Assignees
No one assigned
Labels
kueue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hairyhum @viveksinghggits