diff --git a/cmd/cloudflared/tunnel/subcommands.go b/cmd/cloudflared/tunnel/subcommands.go index f89e05c1..b3a2198d 100644 --- a/cmd/cloudflared/tunnel/subcommands.go +++ b/cmd/cloudflared/tunnel/subcommands.go @@ -421,7 +421,7 @@ func listCommand(c *cli.Context) error { func formatAndPrintTunnelList(tunnels []*cfapi.Tunnel, showRecentlyDisconnected bool) { writer := tabWriter() - defer writer.Flush() + defer func() { _ = writer.Flush() }() _, _ = fmt.Fprintln(writer, "You can obtain more detailed information for each tunnel with `cloudflared tunnel info `") @@ -444,13 +444,14 @@ func formatAndPrintTunnelList(tunnels []*cfapi.Tunnel, showRecentlyDisconnected func fmtConnections(connections []cfapi.Connection, showRecentlyDisconnected bool) string { // Count connections per colo numConnsPerColo := make(map[string]uint, len(connections)) - for _, connection := range connections { - if !connection.IsPendingReconnect || showRecentlyDisconnected { - numConnsPerColo[connection.ColoName]++ + for _, cfConnections := range connections { + if !cfConnections.IsPendingReconnect || showRecentlyDisconnected { + numConnsPerColo[cfConnections.ColoName]++ } } // Get sorted list of colos + // nolint: prealloc sortedColos := []string{} for coloName := range numConnsPerColo { sortedColos = append(sortedColos, coloName) @@ -488,11 +489,12 @@ func readyCommand(c *cli.Context) error { if err != nil { return err } + // nolint: gosec res, err := http.DefaultClient.Do(req) if err != nil { return err } - defer res.Body.Close() + defer func() { _ = res.Body.Close() }() if res.StatusCode != 200 { body, err := io.ReadAll(res.Body) if err != nil { @@ -613,7 +615,7 @@ func getTunnel(sc *subcommandContext, tunnelID uuid.UUID) (*cfapi.Tunnel, error) func formatAndPrintConnectionsList(tunnelInfo Info, showRecentlyDisconnected bool) { writer := tabWriter() - defer writer.Flush() + defer func() { _ = writer.Flush() }() // Print the general tunnel info table _, _ = fmt.Fprintf(writer, "NAME: %s\nID: %s\nCREATED: %s\n\n", tunnelInfo.Name, tunnelInfo.ID, tunnelInfo.CreatedAt) @@ -654,14 +656,14 @@ func formatAndPrintConnectionsList(tunnelInfo Info, showRecentlyDisconnected boo func tabWriter() *tabwriter.Writer { const ( - minWidth = 0 - tabWidth = 8 - padding = 1 - padChar = ' ' - flags = 0 + minWidth = 0 + tabWidth = 8 + padding = 1 + padChar = ' ' + formatFlags = 0 ) - writer := tabwriter.NewWriter(os.Stdout, minWidth, tabWidth, padding, padChar, flags) + writer := tabwriter.NewWriter(os.Stdout, minWidth, tabWidth, padding, padChar, formatFlags) return writer } @@ -712,7 +714,8 @@ func renderOutput(format string, v interface{}) error { } func buildRunCommand() *cli.Command { - flags := []cli.Flag{ + //nolint: prealloc + cliFlags := []cli.Flag{ credentialsFileFlag, credentialsContentsFlag, postQuantumFlag, @@ -725,7 +728,7 @@ func buildRunCommand() *cli.Command { maxActiveFlowsFlag, dnsResolverAddrsFlag, } - flags = append(flags, configureProxyFlags(false)...) + cliFlags = append(cliFlags, configureProxyFlags(false)...) return &cli.Command{ Name: "run", Action: cliutil.ConfiguredAction(runCommand), @@ -740,7 +743,7 @@ func buildRunCommand() *cli.Command { If you experience other problems running the tunnel, "cloudflared tunnel cleanup" may help by removing any old connection records. `, - Flags: flags, + Flags: cliFlags, CustomHelpTemplate: commandHelpTemplate(), } } @@ -765,6 +768,7 @@ func runCommand(c *cli.Context) error { // Check if tokenStr is blank before checking for tokenFile if tokenStr == "" { if tokenFile := c.String(TunnelTokenFileFlag); tokenFile != "" { + // nolint: gosec data, err := os.ReadFile(tokenFile) if err != nil { return cliutil.UsageError("Failed to read token file: %s", err.Error()) diff --git a/diagnostic/diagnostic.go b/diagnostic/diagnostic.go index 0b0edbc8..92d760f6 100644 --- a/diagnostic/diagnostic.go +++ b/diagnostic/diagnostic.go @@ -126,13 +126,14 @@ func collectLogs( if err != nil { return "", fmt.Errorf("error opening log file while collecting logs: %w", err) } - defer logHandle.Close() + defer func() { _ = logHandle.Close() }() + // nolint: gosec outputLogHandle, err := os.Create(filepath.Join(os.TempDir(), logFilename)) if err != nil { return "", ErrCreatingTemporaryFile } - defer outputLogHandle.Close() + defer func() { _ = outputLogHandle.Close() }() _, err = io.Copy(outputLogHandle, logHandle) if err != nil { @@ -229,12 +230,13 @@ func networkInformationCollectors() (rawNetworkCollector, jsonNetworkCollector c } func rawNetworkInformationWriter(resultMap map[string]networkCollectionResult) (string, error) { + // nolint: gosec networkDumpHandle, err := os.Create(filepath.Join(os.TempDir(), rawNetworkBaseName)) if err != nil { return "", ErrCreatingTemporaryFile } - defer networkDumpHandle.Close() + defer func() { _ = networkDumpHandle.Close() }() var exitErr error @@ -260,12 +262,13 @@ func rawNetworkInformationWriter(resultMap map[string]networkCollectionResult) ( } func jsonNetworkInformationWriter(resultMap map[string]networkCollectionResult) (string, error) { + // nolint: gosec networkDumpHandle, err := os.Create(filepath.Join(os.TempDir(), networkBaseName)) if err != nil { return "", ErrCreatingTemporaryFile } - defer networkDumpHandle.Close() + defer func() { _ = networkDumpHandle.Close() }() encoder := newFormattedEncoder(networkDumpHandle) @@ -290,11 +293,12 @@ func jsonNetworkInformationWriter(resultMap map[string]networkCollectionResult) func collectFromEndpointAdapter(collect collectToWriterFunc, fileName string) collectFunc { return func(ctx context.Context) (string, error) { + // nolint: gosec dumpHandle, err := os.Create(filepath.Join(os.TempDir(), fileName)) if err != nil { return "", ErrCreatingTemporaryFile } - defer dumpHandle.Close() + defer func() { _ = dumpHandle.Close() }() err = collect(ctx, dumpHandle) if err != nil { @@ -349,12 +353,12 @@ func resolveInstanceBaseURL( if !strings.HasPrefix(metricsServerAddress, "http://") { metricsServerAddress = "http://" + metricsServerAddress } - url, err := url.Parse(metricsServerAddress) + baseUrl, err := url.Parse(metricsServerAddress) if err != nil { return nil, nil, nil, fmt.Errorf("provided address is not valid: %w", err) } - return url, nil, nil, nil + return baseUrl, nil, nil, nil } tunnelState, foundTunnelStates, err := FindMetricsServer(log, client, addresses) @@ -436,11 +440,12 @@ func createJobs( } func createTaskReport(taskReport map[string]taskResult) (string, error) { + // nolint: gosec dumpHandle, err := os.Create(filepath.Join(os.TempDir(), taskResultBaseName)) if err != nil { return "", ErrCreatingTemporaryFile } - defer dumpHandle.Close() + defer func() { _ = dumpHandle.Close() }() encoder := newFormattedEncoder(dumpHandle) @@ -545,7 +550,7 @@ func RunDiagnostic( defer func() { if !errors.Is(v.Err, ErrCreatingTemporaryFile) { - os.Remove(v.path) + _ = os.Remove(v.path) } }() } diff --git a/diagnostic/log_collector_docker.go b/diagnostic/log_collector_docker.go index f87a9534..0ebae1a1 100644 --- a/diagnostic/log_collector_docker.go +++ b/diagnostic/log_collector_docker.go @@ -20,18 +20,18 @@ func NewDockerLogCollector(containerID string) *DockerLogCollector { } func (collector *DockerLogCollector) Collect(ctx context.Context) (*LogInformation, error) { - tmp := os.TempDir() - - outputHandle, err := os.Create(filepath.Join(tmp, logFilename)) + // nolint: gosec + outputHandle, err := os.Create(filepath.Join(os.TempDir(), logFilename)) if err != nil { return nil, fmt.Errorf("error opening output file: %w", err) } - defer outputHandle.Close() + defer func() { _ = outputHandle.Close() }() // Calculate 2 weeks ago since := time.Now().Add(twoWeeksOffset).Format(time.RFC3339) + // nolint: gosec command := exec.CommandContext( ctx, "docker", diff --git a/diagnostic/log_collector_host.go b/diagnostic/log_collector_host.go index 5218e975..662c854a 100644 --- a/diagnostic/log_collector_host.go +++ b/diagnostic/log_collector_host.go @@ -13,7 +13,6 @@ const ( linuxManagedLogsPath = "/var/log/cloudflared.err" darwinManagedLogsPath = "/Library/Logs/com.cloudflare.cloudflared.err.log" linuxServiceConfigurationPath = "/etc/systemd/system/cloudflared.service" - linuxSystemdPath = "/run/systemd/system" ) type HostLogCollector struct { @@ -27,14 +26,13 @@ func NewHostLogCollector(client HTTPClient) *HostLogCollector { } func extractLogsFromJournalCtl(ctx context.Context) (*LogInformation, error) { - tmp := os.TempDir() - - outputHandle, err := os.Create(filepath.Join(tmp, logFilename)) + // nolint: gosec + outputHandle, err := os.Create(filepath.Join(os.TempDir(), logFilename)) if err != nil { return nil, fmt.Errorf("error opening output file: %w", err) } - defer outputHandle.Close() + defer func() { _ = outputHandle.Close() }() command := exec.CommandContext( ctx, diff --git a/diagnostic/log_collector_kubernetes.go b/diagnostic/log_collector_kubernetes.go index ce45030e..c3f67e78 100644 --- a/diagnostic/log_collector_kubernetes.go +++ b/diagnostic/log_collector_kubernetes.go @@ -22,18 +22,19 @@ func NewKubernetesLogCollector(containerID, pod string) *KubernetesLogCollector } func (collector *KubernetesLogCollector) Collect(ctx context.Context) (*LogInformation, error) { - tmp := os.TempDir() - outputHandle, err := os.Create(filepath.Join(tmp, logFilename)) + // nolint: gosec + outputHandle, err := os.Create(filepath.Join(os.TempDir(), logFilename)) if err != nil { return nil, fmt.Errorf("error opening output file: %w", err) } - defer outputHandle.Close() + defer func() { _ = outputHandle.Close() }() var command *exec.Cmd // Calculate 2 weeks ago since := time.Now().Add(twoWeeksOffset).Format(time.RFC3339) if collector.containerID != "" { + // nolint: gosec command = exec.CommandContext( ctx, "kubectl", @@ -47,6 +48,7 @@ func (collector *KubernetesLogCollector) Collect(ctx context.Context) (*LogInfor collector.containerID, ) } else { + // nolint: gosec command = exec.CommandContext( ctx, "kubectl", diff --git a/diagnostic/log_collector_utils.go b/diagnostic/log_collector_utils.go index 728b5298..60f7a56a 100644 --- a/diagnostic/log_collector_utils.go +++ b/diagnostic/log_collector_utils.go @@ -67,6 +67,8 @@ func PipeCommandOutputToFile(command *exec.Cmd, outputHandle *os.File) (*LogInfo } func CopyFilesFromDirectory(path string) (string, error) { + const defaultLogFilename = "cloudflared.log" + // rolling logs have as suffix the current date thus // when iterating the path files they are already in // chronological order @@ -75,30 +77,32 @@ func CopyFilesFromDirectory(path string) (string, error) { return "", fmt.Errorf("error reading directory %s: %w", path, err) } + // nolint: gosec outputHandle, err := os.Create(filepath.Join(os.TempDir(), logFilename)) if err != nil { - return "", fmt.Errorf("creating file %s: %w", outputHandle.Name(), err) + return "", fmt.Errorf("creating temporary log file %s: %w", logFilename, err) } - defer outputHandle.Close() + defer func() { _ = outputHandle.Close() }() for _, file := range files { + // nolint: gosec logHandle, err := os.Open(filepath.Join(path, file.Name())) if err != nil { - return "", fmt.Errorf("error opening file %s:%w", file.Name(), err) + return "", fmt.Errorf("error opening file %s: %w", file.Name(), err) } - defer logHandle.Close() - _, err = io.Copy(outputHandle, logHandle) + _ = logHandle.Close() if err != nil { - return "", fmt.Errorf("error copying file %s:%w", logHandle.Name(), err) + return "", fmt.Errorf("error copying file %s: %w", file.Name(), err) } } - logHandle, err := os.Open(filepath.Join(path, "cloudflared.log")) + // nolint: gosec + logHandle, err := os.Open(filepath.Join(path, defaultLogFilename)) if err != nil { - return "", fmt.Errorf("error opening file %s:%w", logHandle.Name(), err) + return "", fmt.Errorf("error opening file %s:%w", defaultLogFilename, err) } - defer logHandle.Close() + defer func() { _ = logHandle.Close() }() _, err = io.Copy(outputHandle, logHandle) if err != nil {