You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by as...@apache.org on 2021/11/24 12:52:51 UTC
[camel-k] 03/19: fix(gosec): Implicit memory aliasing in for loop (G601)
This is an automated email from the ASF dual-hosted git repository.
astefanutti pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-k.git
commit 53e8014fd40e6e0c42eb5c60cba6dbee6aa98db2
Author: Luca Burgazzoli <lb...@gmail.com>
AuthorDate: Mon Nov 22 12:18:16 2021 +0100
fix(gosec): Implicit memory aliasing in for loop (G601)
---
.golangci.yml | 1 +
pkg/cmd/uninstall.go | 11 +++++------
pkg/controller/integration/build_kit.go | 7 ++++---
pkg/controller/integration/integration_controller.go | 5 +++--
pkg/controller/integration/kits.go | 7 ++++---
pkg/controller/integration/monitor.go | 9 +++++----
6 files changed, 22 insertions(+), 18 deletions(-)
diff --git a/.golangci.yml b/.golangci.yml
index 34ab844..eb4e5e2 100644
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -66,6 +66,7 @@ linters:
- unused
- varcheck
- wastedassign
+ - gosec
issues:
exclude-rules:
diff --git a/pkg/cmd/uninstall.go b/pkg/cmd/uninstall.go
index 43fbff4..2cc76d9 100644
--- a/pkg/cmd/uninstall.go
+++ b/pkg/cmd/uninstall.go
@@ -359,12 +359,11 @@ func (o *uninstallCmdOptions) removeSubjectFromClusterRoleBindings(ctx context.C
}
// Remove the subject corresponding to this operator install
- for _, clusterRoleBinding := range clusterRoleBindings.Items {
+ for crbIndex, clusterRoleBinding := range clusterRoleBindings.Items {
for i, subject := range clusterRoleBinding.Subjects {
if subject.Name == "camel-k-operator" && subject.Namespace == namespace {
clusterRoleBinding.Subjects = append(clusterRoleBinding.Subjects[:i], clusterRoleBinding.Subjects[i+1:]...)
- crb := &clusterRoleBinding
- _, err = api.ClusterRoleBindings().Update(ctx, crb, metav1.UpdateOptions{})
+ _, err = api.ClusterRoleBindings().Update(ctx, &clusterRoleBindings.Items[crbIndex], metav1.UpdateOptions{})
if err != nil {
return err
}
@@ -470,10 +469,10 @@ func (o *uninstallCmdOptions) uninstallKamelets(ctx context.Context, c client.Cl
return err
}
- for _, kamelet := range kameletList.Items {
+ for i := range kameletList.Items {
// remove only platform Kamelets (use-defined Kamelets should be skipped)
- if kamelet.Labels[v1alpha1.KameletBundledLabel] == "true" {
- err := c.Delete(ctx, &kamelet)
+ if kameletList.Items[i].Labels[v1alpha1.KameletBundledLabel] == "true" {
+ err := c.Delete(ctx, &kameletList.Items[i])
if err != nil {
return err
}
diff --git a/pkg/controller/integration/build_kit.go b/pkg/controller/integration/build_kit.go
index eb392af..0feddc9 100644
--- a/pkg/controller/integration/build_kit.go
+++ b/pkg/controller/integration/build_kit.go
@@ -107,8 +107,9 @@ func (action *buildKitAction) Handle(ctx context.Context, integration *v1.Integr
kits:
for _, kit := range env.IntegrationKits {
kit := kit
- for i, k := range existingKits {
- match, err := kitMatches(&kit, &k)
+ for i := range existingKits {
+ k := &existingKits[i]
+ match, err := kitMatches(&kit, k)
if err != nil {
return nil, err
}
@@ -116,7 +117,7 @@ kits:
if integrationKit == nil ||
integrationKit.Status.Phase != v1.IntegrationKitPhaseReady && k.Status.Phase == v1.IntegrationKitPhaseReady ||
integrationKit.Status.Phase == v1.IntegrationKitPhaseReady && k.Status.Phase == v1.IntegrationKitPhaseReady && k.HasHigherPriorityThan(integrationKit) {
- integrationKit = &existingKits[i]
+ integrationKit = k
}
continue kits
diff --git a/pkg/controller/integration/integration_controller.go b/pkg/controller/integration/integration_controller.go
index bfd7fbe..342db8c 100644
--- a/pkg/controller/integration/integration_controller.go
+++ b/pkg/controller/integration/integration_controller.go
@@ -139,8 +139,9 @@ func add(mgr manager.Manager, c client.Client, r reconcile.Reconciler) error {
return requests
}
- for _, integration := range list.Items {
- if match, err := integrationMatches(&integration, kit); err != nil {
+ for i := range list.Items {
+ integration := &list.Items[i]
+ if match, err := integrationMatches(integration, kit); err != nil {
log.Errorf(err, "Error matching integration %q with kit %q", integration.Name, kit.Name)
continue
diff --git a/pkg/controller/integration/kits.go b/pkg/controller/integration/kits.go
index f28723d..f31fabf 100644
--- a/pkg/controller/integration/kits.go
+++ b/pkg/controller/integration/kits.go
@@ -67,14 +67,15 @@ func lookupKitsForIntegration(ctx context.Context, c ctrl.Reader, integration *v
}
kits := make([]v1.IntegrationKit, 0)
- for _, kit := range list.Items {
- match, err := integrationMatches(integration, &kit)
+ for i := range list.Items {
+ kit := &list.Items[i]
+ match, err := integrationMatches(integration, kit)
if err != nil {
return nil, err
} else if !match {
continue
}
- kits = append(kits, kit)
+ kits = append(kits, *kit)
}
return kits, nil
diff --git a/pkg/controller/integration/monitor.go b/pkg/controller/integration/monitor.go
index 2c59130..492cb97 100644
--- a/pkg/controller/integration/monitor.go
+++ b/pkg/controller/integration/monitor.go
@@ -369,16 +369,17 @@ func (action *monitorAction) updateIntegrationPhaseAndReadyCondition(ctx context
// Finally, call the readiness probes of the non-ready Pods directly,
// to retrieve insights from the Camel runtime.
var runtimeNotReadyMessages []string
- for _, pod := range unreadyPods {
- if ready := kubernetes.GetPodCondition(pod, corev1.PodReady); ready.Reason != "ContainersNotReady" {
+ for i := range unreadyPods {
+ pod := &unreadyPods[i]
+ if ready := kubernetes.GetPodCondition(*pod, corev1.PodReady); ready.Reason != "ContainersNotReady" {
continue
}
- container := getIntegrationContainer(environment, &pod)
+ container := getIntegrationContainer(environment, pod)
if container == nil {
return fmt.Errorf("integration container not found in Pod %s/%s", pod.Namespace, pod.Name)
}
if probe := container.ReadinessProbe; probe != nil && probe.HTTPGet != nil {
- body, err := proxyGetHTTPProbe(ctx, action.client, probe, &pod, container)
+ body, err := proxyGetHTTPProbe(ctx, action.client, probe, pod, container)
if err == nil {
continue
}