fluxcd
diff --git a/‎controllers/bucket_controller_test.go‎
Lines changed: 2 additions & 2 deletions b/‎controllers/bucket_controller_test.go‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎controllers/gitrepository_controller_test.go‎
Lines changed: 2 additions & 2 deletions b/‎controllers/gitrepository_controller_test.go‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎controllers/helmchart_controller_test.go‎
Lines changed: 2 additions & 2 deletions b/‎controllers/helmchart_controller_test.go‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎controllers/helmrepository_controller_test.go‎
Lines changed: 2 additions & 2 deletions b/‎controllers/helmrepository_controller_test.go‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎controllers/storage.go‎
Lines changed: 2 additions & 2 deletions b/‎controllers/storage.go‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎controllers/storage_test.go‎
Lines changed: 6 additions & 6 deletions b/‎controllers/storage_test.go‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎internal/fs/fs_test.go‎
Lines changed: 18 additions & 18 deletions b/‎internal/fs/fs_test.go‎
Lines changed: 18 additions & 18 deletions
diff --git a/‎internal/helm/chart/builder_local_test.go‎
Lines changed: 2 additions & 2 deletions b/‎internal/helm/chart/builder_local_test.go‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎internal/helm/chart/metadata_test.go‎
Lines changed: 2 additions & 2 deletions b/‎internal/helm/chart/metadata_test.go‎
Lines changed: 2 additions & 2 deletions
@@ -187,7 +187,7 @@ func TestBucketReconciler_reconcileStorage(t *testing.T) {
 					if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {
 						return err
 					}
-					if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o644); err != nil {
+					if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o640); err != nil {
 						return err
 					}
 					if n != len(revisions)-1 {
@@ -242,7 +242,7 @@ func TestBucketReconciler_reconcileStorage(t *testing.T) {
 				if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {
 					return err
 				}
-				if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o644); err != nil {
+				if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o640); err != nil {
 					return err
 				}
 				return nil
 
@@ -1128,7 +1128,7 @@ func TestGitRepositoryReconciler_reconcileStorage(t *testing.T) {
 					if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {
 						return err
 					}
-					if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o644); err != nil {
+					if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o640); err != nil {
 						return err
 					}
 					if n != len(revisions)-1 {
@@ -1183,7 +1183,7 @@ func TestGitRepositoryReconciler_reconcileStorage(t *testing.T) {
 				if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {
 					return err
 				}
-				if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o644); err != nil {
+				if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o640); err != nil {
 					return err
 				}
 				return nil
 
@@ -187,7 +187,7 @@ func TestHelmChartReconciler_reconcileStorage(t *testing.T) {
 					if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {
 						return err
 					}
-					if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o644); err != nil {
+					if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o640); err != nil {
 						return err
 					}
 					if n != len(revisions)-1 {
@@ -242,7 +242,7 @@ func TestHelmChartReconciler_reconcileStorage(t *testing.T) {
 				if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {
 					return err
 				}
-				if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o644); err != nil {
+				if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o640); err != nil {
 					return err
 				}
 				return nil
 
@@ -158,7 +158,7 @@ func TestHelmRepositoryReconciler_reconcileStorage(t *testing.T) {
 					if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {
 						return err
 					}
-					if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o644); err != nil {
+					if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o640); err != nil {
 						return err
 					}
 					if n != len(revisions)-1 {
@@ -213,7 +213,7 @@ func TestHelmRepositoryReconciler_reconcileStorage(t *testing.T) {
 				if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {
 					return err
 				}
-				if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o644); err != nil {
+				if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o640); err != nil {
 					return err
 				}
 				return nil
 
@@ -112,7 +112,7 @@ func (s Storage) SetHostname(URL string) string {
 // MkdirAll calls os.MkdirAll for the given v1beta1.Artifact base dir.
 func (s *Storage) MkdirAll(artifact sourcev1.Artifact) error {
 	dir := filepath.Dir(s.LocalPath(artifact))
-	return os.MkdirAll(dir, 0o777)
+	return os.MkdirAll(dir, 0o770)
 }
 
 // RemoveAll calls os.RemoveAll for the given v1beta1.Artifact base dir.
@@ -432,7 +432,7 @@ func (s *Storage) Archive(artifact *sourcev1.Artifact, dir string, filter Archiv
 		return err
 	}
 
-	if err := os.Chmod(tmpName, 0o644); err != nil {
+	if err := os.Chmod(tmpName, 0o640); err != nil {
 		return err
 	}
 
 
@@ -136,7 +136,7 @@ func TestStorage_Archive(t *testing.T) {
 		}
 		for name, b := range files {
 			absPath := filepath.Join(dir, name)
-			if err = os.MkdirAll(filepath.Dir(absPath), 0o755); err != nil {
+			if err = os.MkdirAll(filepath.Dir(absPath), 0o750); err != nil {
 				return
 			}
 			f, err := os.Create(absPath)
@@ -316,7 +316,7 @@ func TestStorageRemoveAllButCurrent(t *testing.T) {
 
 		// Create artifact dir and artifacts.
 		artifactDir := path.Join(dir, "foo", "bar")
-		g.Expect(os.MkdirAll(artifactDir, 0o755)).NotTo(HaveOccurred())
+		g.Expect(os.MkdirAll(artifactDir, 0o750)).NotTo(HaveOccurred())
 		current := []string{
 			path.Join(artifactDir, "artifact1.tar.gz"),
 		}
@@ -378,7 +378,7 @@ func TestStorageRemoveAll(t *testing.T) {
 			}
 
 			if tt.createArtifactPath {
-				g.Expect(os.MkdirAll(path.Join(dir, tt.artifactPath), 0o755)).ToNot(HaveOccurred())
+				g.Expect(os.MkdirAll(path.Join(dir, tt.artifactPath), 0o750)).ToNot(HaveOccurred())
 			}
 
 			deleted, err := s.RemoveAll(artifact)
@@ -412,7 +412,7 @@ func TestStorageCopyFromPath(t *testing.T) {
 		}
 		t.Cleanup(cleanupStoragePath(dir))
 		absPath = filepath.Join(dir, file.Name)
-		if err = os.MkdirAll(filepath.Dir(absPath), 0o755); err != nil {
+		if err = os.MkdirAll(filepath.Dir(absPath), 0o750); err != nil {
 			return
 		}
 		f, err := os.Create(absPath)
@@ -591,7 +591,7 @@ func TestStorage_getGarbageFiles(t *testing.T) {
 			artifact := sourcev1.Artifact{
 				Path: tt.artifactPaths[len(tt.artifactPaths)-1],
 			}
-			g.Expect(os.MkdirAll(path.Join(dir, artifactFolder), 0o755)).ToNot(HaveOccurred())
+			g.Expect(os.MkdirAll(path.Join(dir, artifactFolder), 0o750)).ToNot(HaveOccurred())
 			for _, artifactPath := range tt.artifactPaths {
 				f, err := os.Create(path.Join(dir, artifactPath))
 				g.Expect(err).ToNot(HaveOccurred())
@@ -667,7 +667,7 @@ func TestStorage_GarbageCollect(t *testing.T) {
 			artifact := sourcev1.Artifact{
 				Path: tt.artifactPaths[len(tt.artifactPaths)-1],
 			}
-			g.Expect(os.MkdirAll(path.Join(dir, artifactFolder), 0o755)).ToNot(HaveOccurred())
+			g.Expect(os.MkdirAll(path.Join(dir, artifactFolder), 0o750)).ToNot(HaveOccurred())
 			for i, artifactPath := range tt.artifactPaths {
 				f, err := os.Create(path.Join(dir, artifactPath))
 				g.Expect(err).ToNot(HaveOccurred())
 
@@ -42,12 +42,12 @@ func TestRenameWithFallback(t *testing.T) {
 	}
 
 	srcpath = filepath.Join(dir, "a")
-	if err = os.MkdirAll(srcpath, 0o777); err != nil {
+	if err = os.MkdirAll(srcpath, 0o770); err != nil {
 		t.Fatal(err)
 	}
 
 	dstpath := filepath.Join(dir, "b")
-	if err = os.MkdirAll(dstpath, 0o777); err != nil {
+	if err = os.MkdirAll(dstpath, 0o770); err != nil {
 		t.Fatal(err)
 	}
 
@@ -64,7 +64,7 @@ func TestCopyDir(t *testing.T) {
 	defer os.RemoveAll(dir)
 
 	srcdir := filepath.Join(dir, "src")
-	if err := os.MkdirAll(srcdir, 0o755); err != nil {
+	if err := os.MkdirAll(srcdir, 0o750); err != nil {
 		t.Fatal(err)
 	}
 
@@ -81,7 +81,7 @@ func TestCopyDir(t *testing.T) {
 	for i, file := range files {
 		fn := filepath.Join(srcdir, file.path)
 		dn := filepath.Dir(fn)
-		if err = os.MkdirAll(dn, 0o755); err != nil {
+		if err = os.MkdirAll(dn, 0o750); err != nil {
 			t.Fatal(err)
 		}
 
@@ -151,7 +151,7 @@ func TestCopyDirFail_SrcInaccessible(t *testing.T) {
 
 	cleanup := setupInaccessibleDir(t, func(dir string) error {
 		srcdir = filepath.Join(dir, "src")
-		return os.MkdirAll(srcdir, 0o755)
+		return os.MkdirAll(srcdir, 0o750)
 	})
 	defer cleanup()
 
@@ -184,7 +184,7 @@ func TestCopyDirFail_DstInaccessible(t *testing.T) {
 	defer os.RemoveAll(dir)
 
 	srcdir = filepath.Join(dir, "src")
-	if err = os.MkdirAll(srcdir, 0o755); err != nil {
+	if err = os.MkdirAll(srcdir, 0o750); err != nil {
 		t.Fatal(err)
 	}
 
@@ -235,12 +235,12 @@ func TestCopyDirFail_DstExists(t *testing.T) {
 	defer os.RemoveAll(dir)
 
 	srcdir = filepath.Join(dir, "src")
-	if err = os.MkdirAll(srcdir, 0o755); err != nil {
+	if err = os.MkdirAll(srcdir, 0o750); err != nil {
 		t.Fatal(err)
 	}
 
 	dstdir = filepath.Join(dir, "dst")
-	if err = os.MkdirAll(dstdir, 0o755); err != nil {
+	if err = os.MkdirAll(dstdir, 0o750); err != nil {
 		t.Fatal(err)
 	}
 
@@ -273,7 +273,7 @@ func TestCopyDirFailOpen(t *testing.T) {
 	defer os.RemoveAll(dir)
 
 	srcdir = filepath.Join(dir, "src")
-	if err = os.MkdirAll(srcdir, 0o755); err != nil {
+	if err = os.MkdirAll(srcdir, 0o750); err != nil {
 		t.Fatal(err)
 	}
 
@@ -285,7 +285,7 @@ func TestCopyDirFailOpen(t *testing.T) {
 	srcf.Close()
 
 	// setup source file so that it cannot be read
-	if err = os.Chmod(srcfn, 0o222); err != nil {
+	if err = os.Chmod(srcfn, 0o220); err != nil {
 		t.Fatal(err)
 	}
 
@@ -419,11 +419,11 @@ func TestCopyFileLongFilePath(t *testing.T) {
 	}
 
 	fullPath := filepath.Join(dir, dirName, string(os.PathSeparator))
-	if err := os.MkdirAll(fullPath, 0o755); err != nil && !os.IsExist(err) {
+	if err := os.MkdirAll(fullPath, 0o750); err != nil && !os.IsExist(err) {
 		t.Fatalf("%+v", fmt.Errorf("unable to create temp directory: %s", fullPath))
 	}
 
-	err = os.WriteFile(fullPath+"src", []byte(nil), 0o644)
+	err = os.WriteFile(fullPath+"src", []byte(nil), 0o640)
 	if err != nil {
 		t.Fatalf("%+v", err)
 	}
@@ -460,7 +460,7 @@ func TestCopyFileFail(t *testing.T) {
 
 	cleanup := setupInaccessibleDir(t, func(dir string) error {
 		dstdir = filepath.Join(dir, "dir")
-		return os.Mkdir(dstdir, 0o777)
+		return os.Mkdir(dstdir, 0o770)
 	})
 	defer cleanup()
 
@@ -493,15 +493,15 @@ func setupInaccessibleDir(t *testing.T, op func(dir string) error) func() {
 	subdir := filepath.Join(dir, "dir")
 
 	cleanup := func() {
-		if err := os.Chmod(subdir, 0o777); err != nil {
+		if err := os.Chmod(subdir, 0o770); err != nil {
 			t.Error(err)
 		}
 		if err := os.RemoveAll(dir); err != nil {
 			t.Error(err)
 		}
 	}
 
-	if err := os.Mkdir(subdir, 0o777); err != nil {
+	if err := os.Mkdir(subdir, 0o770); err != nil {
 		cleanup()
 		t.Fatal(err)
 		return nil
@@ -513,7 +513,7 @@ func setupInaccessibleDir(t *testing.T, op func(dir string) error) func() {
 		return nil
 	}
 
-	if err := os.Chmod(subdir, 0o666); err != nil {
+	if err := os.Chmod(subdir, 0o660); err != nil {
 		cleanup()
 		t.Fatal(err)
 		return nil
@@ -532,7 +532,7 @@ func TestIsDir(t *testing.T) {
 
 	cleanup := setupInaccessibleDir(t, func(dir string) error {
 		dn = filepath.Join(dir, "dir")
-		return os.Mkdir(dn, 0o777)
+		return os.Mkdir(dn, 0o770)
 	})
 	defer cleanup()
 
@@ -575,7 +575,7 @@ func TestIsSymlink(t *testing.T) {
 	defer os.RemoveAll(dir)
 
 	dirPath := filepath.Join(dir, "directory")
-	if err = os.MkdirAll(dirPath, 0o777); err != nil {
+	if err = os.MkdirAll(dirPath, 0o770); err != nil {
 		t.Fatal(err)
 	}
 
 
@@ -201,7 +201,7 @@ fullnameOverride: "full-foo-name-override"`),
 			// Write value file in the base dir.
 			for _, f := range tt.valuesFiles {
 				vPath := filepath.Join(localRef.WorkDir, f.Name)
-				g.Expect(os.WriteFile(vPath, f.Data, 0o644)).ToNot(HaveOccurred())
+				g.Expect(os.WriteFile(vPath, f.Data, 0o640)).ToNot(HaveOccurred())
 			}
 
 			// Write chart dependencies in the base dir.
@@ -336,7 +336,7 @@ func Test_mergeFileValues(t *testing.T) {
 			defer os.RemoveAll(baseDir)
 
 			for _, f := range tt.files {
-				g.Expect(os.WriteFile(filepath.Join(baseDir, f.Name), f.Data, 0o644)).To(Succeed())
+				g.Expect(os.WriteFile(filepath.Join(baseDir, f.Name), f.Data, 0o640)).To(Succeed())
 			}
 
 			got, err := mergeFileValues(baseDir, tt.paths)
 
@@ -140,7 +140,7 @@ func TestLoadChartMetadataFromDir(t *testing.T) {
 	copy.Copy("../testdata/charts/helmchart", tmpDir)
 	bigRequirementsFile := filepath.Join(tmpDir, "requirements.yaml")
 	data := make([]byte, helm.MaxChartFileSize+10)
-	g.Expect(os.WriteFile(bigRequirementsFile, data, 0o644)).ToNot(HaveOccurred())
+	g.Expect(os.WriteFile(bigRequirementsFile, data, 0o640)).ToNot(HaveOccurred())
 
 	tests := []struct {
 		name                string
@@ -205,7 +205,7 @@ func TestLoadChartMetadataFromArchive(t *testing.T) {
 	defer os.RemoveAll(tmpDir)
 	bigArchiveFile := filepath.Join(tmpDir, "chart.tgz")
 	data := make([]byte, helm.MaxChartSize+10)
-	g.Expect(os.WriteFile(bigArchiveFile, data, 0o644)).ToNot(HaveOccurred())
+	g.Expect(os.WriteFile(bigArchiveFile, data, 0o640)).ToNot(HaveOccurred())
 
 	tests := []struct {
 		name                string
Original file line number	Diff line number	Diff line change
`@@ -187,7 +187,7 @@ func TestBucketReconciler_reconcileStorage(t *testing.T) {`
`187`	`187`	`if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {`
`188`	`188`	`return err`
`189`	`189`	`}`
`190`		`- if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o644); err != nil {`
	`190`	`+ if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o640); err != nil {`
`191`	`191`	`return err`
`192`	`192`	`}`
`193`	`193`	`if n != len(revisions)-1 {`
`@@ -242,7 +242,7 @@ func TestBucketReconciler_reconcileStorage(t *testing.T) {`
`242`	`242`	`if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {`
`243`	`243`	`return err`
`244`	`244`	`}`
`245`		`- if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o644); err != nil {`
	`245`	`+ if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o640); err != nil {`
`246`	`246`	`return err`
`247`	`247`	`}`
`248`	`248`	`return nil`
Original file line number	Diff line number	Diff line change
`@@ -1128,7 +1128,7 @@ func TestGitRepositoryReconciler_reconcileStorage(t *testing.T) {`
`1128`	`1128`	`if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {`
`1129`	`1129`	`return err`
`1130`	`1130`	`}`
`1131`		`- if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o644); err != nil {`
	`1131`	`+ if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o640); err != nil {`
`1132`	`1132`	`return err`
`1133`	`1133`	`}`
`1134`	`1134`	`if n != len(revisions)-1 {`
`@@ -1183,7 +1183,7 @@ func TestGitRepositoryReconciler_reconcileStorage(t *testing.T) {`
`1183`	`1183`	`if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {`
`1184`	`1184`	`return err`
`1185`	`1185`	`}`
`1186`		`- if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o644); err != nil {`
	`1186`	`+ if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o640); err != nil {`
`1187`	`1187`	`return err`
`1188`	`1188`	`}`
`1189`	`1189`	`return nil`
Original file line number	Diff line number	Diff line change
`@@ -187,7 +187,7 @@ func TestHelmChartReconciler_reconcileStorage(t *testing.T) {`
`187`	`187`	`if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {`
`188`	`188`	`return err`
`189`	`189`	`}`
`190`		`- if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o644); err != nil {`
	`190`	`+ if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o640); err != nil {`
`191`	`191`	`return err`
`192`	`192`	`}`
`193`	`193`	`if n != len(revisions)-1 {`
`@@ -242,7 +242,7 @@ func TestHelmChartReconciler_reconcileStorage(t *testing.T) {`
`242`	`242`	`if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {`
`243`	`243`	`return err`
`244`	`244`	`}`
`245`		`- if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o644); err != nil {`
	`245`	`+ if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o640); err != nil {`
`246`	`246`	`return err`
`247`	`247`	`}`
`248`	`248`	`return nil`
Original file line number	Diff line number	Diff line change
`@@ -158,7 +158,7 @@ func TestHelmRepositoryReconciler_reconcileStorage(t *testing.T) {`
`158`	`158`	`if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {`
`159`	`159`	`return err`
`160`	`160`	`}`
`161`		`- if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o644); err != nil {`
	`161`	`+ if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o640); err != nil {`
`162`	`162`	`return err`
`163`	`163`	`}`
`164`	`164`	`if n != len(revisions)-1 {`
`@@ -213,7 +213,7 @@ func TestHelmRepositoryReconciler_reconcileStorage(t *testing.T) {`
`213`	`213`	`if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {`
`214`	`214`	`return err`
`215`	`215`	`}`
`216`		`- if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o644); err != nil {`
	`216`	`+ if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o640); err != nil {`
`217`	`217`	`return err`
`218`	`218`	`}`
`219`	`219`	`return nil`
Original file line number	Diff line number	Diff line change
`@@ -112,7 +112,7 @@ func (s Storage) SetHostname(URL string) string {`
`112`	`112`	`// MkdirAll calls os.MkdirAll for the given v1beta1.Artifact base dir.`
`113`	`113`	`func (s *Storage) MkdirAll(artifact sourcev1.Artifact) error {`
`114`	`114`	`dir := filepath.Dir(s.LocalPath(artifact))`
`115`		`- return os.MkdirAll(dir, 0o777)`
	`115`	`+ return os.MkdirAll(dir, 0o770)`
`116`	`116`	`}`
`117`	`117`
`118`	`118`	`// RemoveAll calls os.RemoveAll for the given v1beta1.Artifact base dir.`
`@@ -432,7 +432,7 @@ func (s Storage) Archive(artifact sourcev1.Artifact, dir string, filter Archiv`
`432`	`432`	`return err`
`433`	`433`	`}`
`434`	`434`
`435`		`- if err := os.Chmod(tmpName, 0o644); err != nil {`
	`435`	`+ if err := os.Chmod(tmpName, 0o640); err != nil {`
`436`	`436`	`return err`
`437`	`437`	`}`
`438`	`438`
Original file line number	Diff line number	Diff line change
`@@ -136,7 +136,7 @@ func TestStorage_Archive(t *testing.T) {`
`136`	`136`	`}`
`137`	`137`	`for name, b := range files {`
`138`	`138`	`absPath := filepath.Join(dir, name)`
`139`		`- if err = os.MkdirAll(filepath.Dir(absPath), 0o755); err != nil {`
	`139`	`+ if err = os.MkdirAll(filepath.Dir(absPath), 0o750); err != nil {`
`140`	`140`	`return`
`141`	`141`	`}`
`142`	`142`	`f, err := os.Create(absPath)`
`@@ -316,7 +316,7 @@ func TestStorageRemoveAllButCurrent(t *testing.T) {`
`316`	`316`
`317`	`317`	`// Create artifact dir and artifacts.`
`318`	`318`	`artifactDir := path.Join(dir, "foo", "bar")`
`319`		`- g.Expect(os.MkdirAll(artifactDir, 0o755)).NotTo(HaveOccurred())`
	`319`	`+ g.Expect(os.MkdirAll(artifactDir, 0o750)).NotTo(HaveOccurred())`
`320`	`320`	`current := []string{`
`321`	`321`	`path.Join(artifactDir, "artifact1.tar.gz"),`
`322`	`322`	`}`
`@@ -378,7 +378,7 @@ func TestStorageRemoveAll(t *testing.T) {`
`378`	`378`	`}`
`379`	`379`
`380`	`380`	`if tt.createArtifactPath {`
`381`		`- g.Expect(os.MkdirAll(path.Join(dir, tt.artifactPath), 0o755)).ToNot(HaveOccurred())`
	`381`	`+ g.Expect(os.MkdirAll(path.Join(dir, tt.artifactPath), 0o750)).ToNot(HaveOccurred())`
`382`	`382`	`}`
`383`	`383`
`384`	`384`	`deleted, err := s.RemoveAll(artifact)`
`@@ -412,7 +412,7 @@ func TestStorageCopyFromPath(t *testing.T) {`
`412`	`412`	`}`
`413`	`413`	`t.Cleanup(cleanupStoragePath(dir))`
`414`	`414`	`absPath = filepath.Join(dir, file.Name)`
`415`		`- if err = os.MkdirAll(filepath.Dir(absPath), 0o755); err != nil {`
	`415`	`+ if err = os.MkdirAll(filepath.Dir(absPath), 0o750); err != nil {`
`416`	`416`	`return`
`417`	`417`	`}`
`418`	`418`	`f, err := os.Create(absPath)`
`@@ -591,7 +591,7 @@ func TestStorage_getGarbageFiles(t *testing.T) {`
`591`	`591`	`artifact := sourcev1.Artifact{`
`592`	`592`	`Path: tt.artifactPaths[len(tt.artifactPaths)-1],`
`593`	`593`	`}`
`594`		`- g.Expect(os.MkdirAll(path.Join(dir, artifactFolder), 0o755)).ToNot(HaveOccurred())`
	`594`	`+ g.Expect(os.MkdirAll(path.Join(dir, artifactFolder), 0o750)).ToNot(HaveOccurred())`
`595`	`595`	`for _, artifactPath := range tt.artifactPaths {`
`596`	`596`	`f, err := os.Create(path.Join(dir, artifactPath))`
`597`	`597`	`g.Expect(err).ToNot(HaveOccurred())`
`@@ -667,7 +667,7 @@ func TestStorage_GarbageCollect(t *testing.T) {`
`667`	`667`	`artifact := sourcev1.Artifact{`
`668`	`668`	`Path: tt.artifactPaths[len(tt.artifactPaths)-1],`
`669`	`669`	`}`
`670`		`- g.Expect(os.MkdirAll(path.Join(dir, artifactFolder), 0o755)).ToNot(HaveOccurred())`
	`670`	`+ g.Expect(os.MkdirAll(path.Join(dir, artifactFolder), 0o750)).ToNot(HaveOccurred())`
`671`	`671`	`for i, artifactPath := range tt.artifactPaths {`
`672`	`672`	`f, err := os.Create(path.Join(dir, artifactPath))`
`673`	`673`	`g.Expect(err).ToNot(HaveOccurred())`
Original file line number	Diff line number	Diff line change
@@ -201,7 +201,7 @@ fullnameOverride: "full-foo-name-override"`),
`201`	`201`	`// Write value file in the base dir.`
`202`	`202`	`for _, f := range tt.valuesFiles {`
`203`	`203`	`vPath := filepath.Join(localRef.WorkDir, f.Name)`
`204`		`- g.Expect(os.WriteFile(vPath, f.Data, 0o644)).ToNot(HaveOccurred())`
	`204`	`+ g.Expect(os.WriteFile(vPath, f.Data, 0o640)).ToNot(HaveOccurred())`
`205`	`205`	`}`
`206`	`206`
`207`	`207`	`// Write chart dependencies in the base dir.`
`@@ -336,7 +336,7 @@ func Test_mergeFileValues(t *testing.T) {`
`336`	`336`	`defer os.RemoveAll(baseDir)`
`337`	`337`
`338`	`338`	`for _, f := range tt.files {`
`339`		`- g.Expect(os.WriteFile(filepath.Join(baseDir, f.Name), f.Data, 0o644)).To(Succeed())`
	`339`	`+ g.Expect(os.WriteFile(filepath.Join(baseDir, f.Name), f.Data, 0o640)).To(Succeed())`
`340`	`340`	`}`
`341`	`341`
`342`	`342`	`got, err := mergeFileValues(baseDir, tt.paths)`