This commit is contained in:
parent
fb8ac92abf
commit
b8d7c97eb7
@ -57,6 +57,8 @@ steps:
|
||||
- make goconst-check
|
||||
- make gocyclo-check
|
||||
- make static-check
|
||||
- curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | bash -s -- -b $GOPATH/bin v2.2.0 # Need to manually install as it does not support being installed via go modules like the rest.
|
||||
- make gosec-check
|
||||
- make build
|
||||
when:
|
||||
event: [ push, tag, pull_request ]
|
||||
|
10
Makefile
10
Makefile
@ -231,15 +231,17 @@ static-check:
|
||||
|
||||
.PHONY: gosec-check
|
||||
gosec-check:
|
||||
@hash ./bin/gosec > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
|
||||
curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s 1.2.0; \
|
||||
@hash gosec > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
|
||||
echo "Please manually install gosec by running"; \
|
||||
echo "curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | bash -s -- -b $GOPATH/bin v2.2.0"; \
|
||||
exit 1; \
|
||||
fi
|
||||
for S in $(PACKAGES); do ./bin/gosec $$S || exit 1; done;
|
||||
gosec ./...
|
||||
|
||||
.PHONY: goconst-check
|
||||
goconst-check:
|
||||
@hash goconst > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
|
||||
go get -u github.com/jgautheron/goconst/cmd/goconst; \
|
||||
go install $(GOFLAGS) github.com/jgautheron/goconst/cmd/goconst; \
|
||||
fi
|
||||
fi;
|
||||
for S in $(PACKAGES); do goconst $$S || exit 1; done;
|
||||
|
@ -24,7 +24,7 @@ import (
|
||||
func init() {
|
||||
migrateCmd.AddCommand(migrateListCmd)
|
||||
migrationRollbackCmd.Flags().StringVarP(&rollbackUntilFlag, "name", "n", "", "The id of the migration you want to roll back until.")
|
||||
migrationRollbackCmd.MarkFlagRequired("name")
|
||||
_ = migrationRollbackCmd.MarkFlagRequired("name")
|
||||
migrateCmd.AddCommand(migrationRollbackCmd)
|
||||
rootCmd.AddCommand(migrateCmd)
|
||||
}
|
||||
|
@ -34,6 +34,7 @@ type Key string
|
||||
|
||||
// These constants hold all config value keys
|
||||
const (
|
||||
// #nosec
|
||||
ServiceJWTSecret Key = `service.JWTSecret`
|
||||
ServiceInterface Key = `service.interface`
|
||||
ServiceFrontendurl Key = `service.frontendurl`
|
||||
|
@ -86,7 +86,7 @@ func GetLogWriter(logfile string) (writer io.Writer) {
|
||||
switch viper.GetString("log." + logfile) {
|
||||
case "file":
|
||||
fullLogFilePath := config.LogPath.GetString() + "/" + logfile + ".log"
|
||||
f, err := os.OpenFile(fullLogFilePath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
|
||||
f, err := os.OpenFile(fullLogFilePath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0600)
|
||||
if err != nil {
|
||||
Fatalf("Could not create logfile %s: %s", fullLogFilePath, err.Error())
|
||||
}
|
||||
|
@ -42,6 +42,7 @@ func StartMailDaemon() {
|
||||
|
||||
go func() {
|
||||
d := gomail.NewDialer(config.MailerHost.GetString(), config.MailerPort.GetInt(), config.MailerUsername.GetString(), config.MailerPassword.GetString())
|
||||
// #nosec
|
||||
d.TLSConfig = &tls.Config{InsecureSkipVerify: config.MailerSkipTLSVerify.GetBool()}
|
||||
|
||||
var s gomail.SendCloser
|
||||
|
@ -160,7 +160,7 @@ func CheckUserCredentials(u *Login) (*User, error) {
|
||||
user, err := GetUserByUsername(u.Username)
|
||||
if err != nil {
|
||||
// hashing the password takes a long time, so we hash something to not make it clear if the username was wrong
|
||||
bcrypt.GenerateFromPassword([]byte(u.Username), 14)
|
||||
_, _ = bcrypt.GenerateFromPassword([]byte(u.Username), 14)
|
||||
return &User{}, ErrWrongUsernameOrPassword{}
|
||||
}
|
||||
|
||||
|
@ -17,14 +17,15 @@
|
||||
package utils
|
||||
|
||||
import (
|
||||
"crypto/md5"
|
||||
"crypto/md5" // #nosec
|
||||
"fmt"
|
||||
"io"
|
||||
)
|
||||
|
||||
// Md5String generates an md5 hash from a string
|
||||
func Md5String(in string) string {
|
||||
// #nosec
|
||||
h := md5.New()
|
||||
io.WriteString(h, in)
|
||||
_, _ = io.WriteString(h, in)
|
||||
return fmt.Sprintf("%x", h.Sum(nil))
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user