You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dolphinscheduler.apache.org by GitBox <gi...@apache.org> on 2022/11/03 03:29:18 UTC
[GitHub] [dolphinscheduler] github-code-scanning[bot] commented on a diff in pull request #12678: Change command file permission to 755
github-code-scanning[bot] commented on code in PR #12678:
URL: https://github.com/apache/dolphinscheduler/pull/12678#discussion_r1012465958
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-api/src/main/java/org/apache/dolphinscheduler/plugin/task/api/ShellCommandExecutor.java:
##########
@@ -80,42 +80,45 @@
*/
@Override
protected void createCommandFileIfNotExists(String execCommand, String commandFile) throws IOException {
- logger.info("tenantCode user:{}, task dir:{}", taskRequest.getTenantCode(),
- taskRequest.getTaskAppId());
-
// create if non existence
- if (!Files.exists(Paths.get(commandFile))) {
- logger.info("create command file:{}", commandFile);
-
- StringBuilder sb = new StringBuilder();
- if (SystemUtils.IS_OS_WINDOWS) {
- sb.append("@echo off\n");
- sb.append("cd /d %~dp0\n");
- if (!Strings.isNullOrEmpty(taskRequest.getEnvironmentConfig())) {
- sb.append(taskRequest.getEnvironmentConfig()).append("\n");
- } else {
- if (taskRequest.getEnvFile() != null) {
- sb.append("call ").append(taskRequest.getEnvFile()).append("\n");
- }
+ logger.info("Begin to create command file:{}", commandFile);
+
+ Path commandFilePath = Paths.get(commandFile);
+ if (Files.exists(commandFilePath)) {
+ logger.warn("The command file: {} is already exist, will not create a again", commandFile);
+ return;
+ }
+
+ StringBuilder sb = new StringBuilder();
+ if (SystemUtils.IS_OS_WINDOWS) {
+ sb.append("@echo off\n");
+ sb.append("cd /d %~dp0\n");
+ if (StringUtils.isNotBlank(taskRequest.getEnvironmentConfig())) {
+ sb.append(taskRequest.getEnvironmentConfig()).append("\n");
+ } else {
+ if (taskRequest.getEnvFile() != null) {
+ sb.append("call ").append(taskRequest.getEnvFile()).append("\n");
}
+ }
+ } else {
+ sb.append("#!/bin/sh\n");
+ sb.append("BASEDIR=$(cd `dirname $0`; pwd)\n");
+ sb.append("cd $BASEDIR\n");
+ if (StringUtils.isNotBlank(taskRequest.getEnvironmentConfig())) {
+ sb.append(taskRequest.getEnvironmentConfig()).append("\n");
} else {
- sb.append("#!/bin/bash\n");
- sb.append("BASEDIR=$(cd `dirname $0`; pwd)\n");
- sb.append("cd $BASEDIR\n");
- if (!Strings.isNullOrEmpty(taskRequest.getEnvironmentConfig())) {
- sb.append(taskRequest.getEnvironmentConfig()).append("\n");
- } else {
- if (taskRequest.getEnvFile() != null) {
- sb.append("source ").append(taskRequest.getEnvFile()).append("\n");
- }
+ if (taskRequest.getEnvFile() != null) {
+ sb.append("source ").append(taskRequest.getEnvFile()).append("\n");
}
}
- sb.append(execCommand);
- logger.info("command : {}", sb);
-
- // write data to file
- FileUtils.writeStringToFile(new File(commandFile), sb.toString(), StandardCharsets.UTF_8);
}
+ sb.append(execCommand);
+ String commandContent = sb.toString();
+
+ FileUtils.createFileWith755(commandFilePath);
+ Files.write(commandFilePath, commandContent.getBytes(), StandardOpenOption.APPEND);
+
+ logger.info("Success create command file, command: {}", commandContent);
Review Comment:
## Insertion of sensitive information into log files
This [potentially sensitive information](1) is written to a log file.
This [potentially sensitive information](2) is written to a log file.
[Show more details](https://github.com/apache/dolphinscheduler/security/code-scanning/2227)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org