Skip to content

Commit c050ae5

Browse files
john-david3john-david3
authored
Review file permission for otel collector config (#1037)
* Review file permission for otel collector config * Merge v3, removed error from parameters
1 parent 380f665 commit c050ae5

File tree

2 files changed

+36
-5
lines changed

2 files changed

+36
-5
lines changed

internal/collector/settings.go

Lines changed: 20 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,22 @@ func createURIs(cfg *config.Config) []string {
7373
return []string{cfg.Collector.ConfigPath}
7474
}
7575

76+
func createFile(confPath string) error {
77+
// Create if doesn't exist.
78+
_, createErr := os.Create(confPath)
79+
if createErr != nil {
80+
return createErr
81+
}
82+
83+
// Set the file permissions to 600.
84+
permissionErr := os.Chmod(confPath, configFilePermission)
85+
if permissionErr != nil {
86+
return permissionErr
87+
}
88+
89+
return nil
90+
}
91+
7692
// Generates a OTel Collector config to a file by injecting the Metrics Config to a Go template.
7793
func writeCollectorConfig(conf *config.Collector) error {
7894
otelcolTemplate, err := template.New(otelTemplatePath).Parse(otelcolTemplate)
@@ -82,17 +98,16 @@ func writeCollectorConfig(conf *config.Collector) error {
8298

8399
confPath := filepath.Clean(conf.ConfigPath)
84100

85-
// Check if file exists.
101+
// Check if file exists, if not create it.
86102
_, err = os.Stat(confPath)
87103
if err != nil {
88104
if !os.IsNotExist(err) {
89105
return err
90106
}
91107

92-
// Create if doesn't exist.
93-
_, createErr := os.Create(confPath)
94-
if createErr != nil {
95-
return createErr
108+
fileErr := createFile(confPath)
109+
if fileErr != nil {
110+
return fileErr
96111
}
97112
}
98113

internal/collector/settings_test.go

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -171,3 +171,19 @@ func TestTemplateWrite(t *testing.T) {
171171
// Convert to string for human readable error messages.
172172
assert.Equal(t, string(expected), string(actual))
173173
}
174+
175+
func TestFilePermissions(t *testing.T) {
176+
tmpDir := t.TempDir()
177+
178+
cfg := types.AgentConfig()
179+
actualConfPath := filepath.Join(tmpDir, "nginx-agent-otelcol-test.yaml")
180+
cfg.Collector.ConfigPath = actualConfPath
181+
182+
err := writeCollectorConfig(cfg.Collector)
183+
require.NoError(t, err)
184+
185+
// Check file permissions are 600
186+
fileInfo, err := os.Stat(actualConfPath)
187+
require.NoError(t, err)
188+
assert.Equal(t, os.FileMode(0o600), fileInfo.Mode())
189+
}

0 commit comments

Comments
 (0)