Merge pull request #9 from alexandreh2ag/fix_owner

Fix owner perms for FS storage and get GID
alexandreh2ag · Jan 25, 2025 · f928ebd · f928ebd
2 parents de680c3 + 688df4b
commit f928ebd
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 9 deletions.
diff --git a/apps/agent/storage/certificate/fs.go b/apps/agent/storage/certificate/fs.go
@@ -77,11 +77,6 @@ func (f fs) GetFilePath(path, filename string) string {
 
 func (f fs) Save(certificates types.Certificates, hookChan chan<- *hook.Hook) []error {
 	errors := []error{}
-	err := f.fs.MkdirAll(f.cfg.Path, 0770)
-	if err != nil {
-		errors = append(errors, fmt.Errorf("unable to create dir %s: %v", f.cfg.Path, err))
-		return errors
-	}
 
 	isChanged := false
 	for _, cert := range certificates {
@@ -95,6 +90,12 @@ func (f fs) Save(certificates types.Certificates, hookChan chan<- *hook.Hook) []
 			continue
 		}
 
+		err := f.fs.MkdirAll(filepath.Dir(keyPath), 0770)
+		if err != nil {
+			errors = append(errors, fmt.Errorf("unable to create dir %s: %v", f.cfg.Path, err))
+			return errors
+		}
+
 		if !f.checksum.MustCompareContentWithPath(cert.Key, keyPath) {
 			isChanged = true
 			err = afero.WriteFile(f.fs, keyPath, cert.Key, 0660)
@@ -118,9 +119,9 @@ func (f fs) Save(certificates types.Certificates, hookChan chan<- *hook.Hook) []
 				continue
 			}
 
-			err = f.fs.Chown(keyPath, f.uid, f.gid)
+			err = f.fs.Chown(certPath, f.uid, f.gid)
 			if err != nil {
-				errors = append(errors, fmt.Errorf("fail to chown %s: %v", keyPath, err))
+				errors = append(errors, fmt.Errorf("fail to chown %s: %v", certPath, err))
 				continue
 			}
 		}

diff --git a/apps/agent/storage/certificate/fs_test.go b/apps/agent/storage/certificate/fs_test.go
@@ -263,7 +263,9 @@ func Test_fs_Save_FailCreateDir(t *testing.T) {
 	ctrl := gomock.NewController(t)
 	fsMock := mockAfero.NewMockFs(ctrl)
 	fsMock.EXPECT().MkdirAll(gomock.Any(), gomock.Any()).Times(1).Return(errors.New("error"))
-	certificates := types.Certificates{}
+	certificates := types.Certificates{
+		{Identifier: "example.com", Key: []byte("key"), Certificate: []byte("certificate")},
+	}
 	storage := &fs{fs: fsMock, cfg: ConfigFs{Path: "/app"}, checksum: appFs.NewChecksum(fsMock)}
 	errs := storage.Save(certificates, make(chan<- *hook.Hook))
 	assert.Len(t, errs, 1)

diff --git a/os/user.go b/os/user.go
@@ -23,7 +23,7 @@ func GetGroupUID(group string) int {
 	groupInfo, err := user.Lookup(group)
 
 	if err == nil && groupInfo != nil {
-		gid, errConv := strconv.Atoi(groupInfo.Uid)
+		gid, errConv := strconv.Atoi(groupInfo.Gid)
 		if errConv == nil {
 			return gid
 		}