Re: [PR] Fix createFile with permission will not work [dolphinscheduler]
ruanwenjun merged PR #15556: URL: https://github.com/apache/dolphinscheduler/pull/15556 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@dolphinscheduler.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Fix createFile with permission will not work [dolphinscheduler]
ruanwenjun commented on PR #15556: URL: https://github.com/apache/dolphinscheduler/pull/15556#issuecomment-1925251719 > but we have a secutity scan in this pr It's OK, since the path is controlled by application, the path is not from user input. https://github.com/apache/dolphinscheduler/assets/22415594/c11dffcf-efd3-40f9-8aad-847b93bc3ec9";> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@dolphinscheduler.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Fix createFile with permission will not work [dolphinscheduler]
caishunfeng commented on PR #15556: URL: https://github.com/apache/dolphinscheduler/pull/15556#issuecomment-1925248816 Is it better to add some docs? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@dolphinscheduler.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Fix createFile with permission will not work [dolphinscheduler]
zhongjiajie commented on PR #15556: URL: https://github.com/apache/dolphinscheduler/pull/15556#issuecomment-1925246004 but we have a secutity scan in this pr -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@dolphinscheduler.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Fix createFile with permission will not work [dolphinscheduler]
sonarcloud[bot] commented on PR #15556: URL: https://github.com/apache/dolphinscheduler/pull/15556#issuecomment-1925206217 ## [![Quality Gate Failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/qg-failed-20px.png 'Quality Gate Failed')](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=15556) **Quality Gate failed** Failed conditions [28.1% Coverage on New Code](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=15556&metric=new_coverage&view=list) (required ≥ 60%) [See analysis details on SonarCloud](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=15556) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@dolphinscheduler.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Fix createFile with permission will not work [dolphinscheduler]
sonarcloud[bot] commented on PR #15556: URL: https://github.com/apache/dolphinscheduler/pull/15556#issuecomment-1925206277 ## [![Quality Gate Failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/qg-failed-20px.png 'Quality Gate Failed')](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=15556) **Quality Gate failed** Failed conditions [28.1% Coverage on New Code](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=15556&metric=new_coverage&view=list) (required ≥ 60%) [See analysis details on SonarCloud](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=15556) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@dolphinscheduler.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Fix createFile with permission will not work [dolphinscheduler]
github-advanced-security[bot] commented on code in PR #15556: URL: https://github.com/apache/dolphinscheduler/pull/15556#discussion_r1477011637 ## dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/utils/FileUtils.java: ## @@ -325,59 +266,47 @@ return crcString; } -public static void setFileOwner(Path filePath, String fileOwner) throws FileOperateException { -try { -// We use linux command to set the file owner, since jdk api will not use sudo. -String command = String.format("sudo chown %s %s", fileOwner, filePath.toString()); -Runtime.getRuntime().exec(command); -Process process = Runtime.getRuntime().exec(command); -int exitCode = process.waitFor(); -if (0 != exitCode) { -throw new FileOperateException( -"Set file: " + filePath + " to owner: " + fileOwner + " failed, existCode(" + exitCode + ")"); -} -} catch (FileOperateException ex) { -throw ex; -} catch (Exception ex) { -throw new FileOperateException("Set directory: " + filePath + " to owner: " + fileOwner + " failed"); - +public static void createFileWith755(@NonNull Path path) throws IOException { +if (SystemUtils.IS_OS_WINDOWS) { +Files.createFile(path); +} else { +Files.createFile(path); +Files.setPosixFilePermissions(path, PERMISSION_755); } } -public static void setDirectoryOwner(Path filePath, String fileOwner) throws FileOperateException { -try { -// We use linux command to set the file owner, since jdk api will not use sudo. -String command = String.format("sudo chown -R %s %s", fileOwner, filePath.toString()); -Runtime.getRuntime().exec(command); -Process process = Runtime.getRuntime().exec(command); -int exitCode = process.waitFor(); -if (0 != exitCode) { -throw new FileOperateException("Set directory: " + filePath + " to owner: " + fileOwner -+ " failed, existCode(" + exitCode + ")"); +public static void createDirectoryWith755(@NonNull Path path) throws IOException { +if (path.toFile().exists()) { +return; +} +if (OSUtils.isWindows()) { +Files.createDirectories(path); +} else { +Path parent = path.getParent(); +if (parent != null && !parent.toFile().exists()) { +createDirectoryWith755(parent); } -} catch (FileOperateException ex) { -throw ex; -} catch (Exception ex) { -throw new FileOperateException("Set directory: " + filePath + " to owner: " + fileOwner + " failed"); + +Files.createDirectory(path); Review Comment: ## Uncontrolled data used in path expression This path depends on a [user-provided value](1). [Show more details](https://github.com/apache/dolphinscheduler/security/code-scanning/3894) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@dolphinscheduler.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Fix createFile with permission will not work [dolphinscheduler]
codecov-commenter commented on PR #15556: URL: https://github.com/apache/dolphinscheduler/pull/15556#issuecomment-1925204666 ## [Codecov](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) Report Attention: `26 lines` in your changes are missing coverage. Please review. > Comparison is base [(`1b42d45`)](https://app.codecov.io/gh/apache/dolphinscheduler/commit/1b42d45fcdd22ccac7692fac4a64d096736f5e7c?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) 38.40% compared to head [(`2c33a9c`)](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) 38.40%. > :exclamation: Current head 2c33a9c differs from pull request most recent head 4d3e6e4. Consider uploading reports for the commit 4d3e6e4 to get more accurate results | [Files](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) | Patch % | Lines | |---|---|---| | [...pache/dolphinscheduler/common/utils/FileUtils.java](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-ZG9scGhpbnNjaGVkdWxlci1jb21tb24vc3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2RvbHBoaW5zY2hlZHVsZXIvY29tbW9uL3V0aWxzL0ZpbGVVdGlscy5qYXZh) | 24.00% | [16 Missing and 3 partials :warning: ](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) | | [...e/dolphinscheduler/service/utils/ProcessUtils.java](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-ZG9scGhpbnNjaGVkdWxlci1zZXJ2aWNlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9kb2xwaGluc2NoZWR1bGVyL3NlcnZpY2UvdXRpbHMvUHJvY2Vzc1V0aWxzLmphdmE=) | 0.00% | [1 Missing :warning: ](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) | | [...heduler/plugin/storage/abs/AbsStorageOperator.java](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-ZG9scGhpbnNjaGVkdWxlci1zdG9yYWdlLXBsdWdpbi9kb2xwaGluc2NoZWR1bGVyLXN0b3JhZ2UtYWJzL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9kb2xwaGluc2NoZWR1bGVyL3BsdWdpbi9zdG9yYWdlL2Ficy9BYnNTdG9yYWdlT3BlcmF0b3IuamF2YQ==) | 0.00% | [1 Missing :warning: ](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) | | [...heduler/plugin/storage/gcs/GcsStorageOperator.java](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-ZG9scGhpbnNjaGVkdWxlci1zdG9yYWdlLXBsdWdpbi9kb2xwaGluc2NoZWR1bGVyLXN0b3JhZ2UtZ2NzL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9kb2xwaGluc2NoZWR1bGVyL3BsdWdpbi9zdG9yYWdlL2djcy9HY3NTdG9yYWdlT3BlcmF0b3IuamF2YQ==) | 0.00% | [1 Missing :warning: ](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) | | [...heduler/plugin/storage/obs/ObsStorageOperator.java](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-ZG9scGhpbnNjaGVkdWxlci1zdG9yYWdlLXBsdWdpbi9kb2xwaGluc2NoZWR1bGVyLXN0b3JhZ2Utb2JzL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9kb2xwaGluc2NoZWR1bGVyL3BsdWdpbi9zdG9yYWdlL29icy9PYnNTdG9yYWdlT3BlcmF0b3IuamF2YQ==) | 0.00% | [1 Missing :warning: ](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) | | [...heduler/plugin/storage/oss/OssStorageOperator.java](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-ZG9scGhpbnNjaGVkdWxlci1zdG9yYWdlLXBsdWdpbi9kb2xwaGluc2NoZWR1bGVyLXN0b3JhZ2Utb3NzL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9kb2xwaGluc2NoZWR1bGVyL3BsdWdpbi9zdG9yYWdlL29zcy9Pc3NTdG9yYWdlT3BlcmF0b3IuamF2YQ==) | 0.00% | [1 Missing :warning: ](https://app.codecov.io/gh/apache/dolphinscheduler/pull/15556?src=pr&el=tree&utm_medium=r
Re: [PR] Fix createFile with permission will not work [dolphinscheduler]
sonarcloud[bot] commented on PR #15556: URL: https://github.com/apache/dolphinscheduler/pull/15556#issuecomment-1923790673 ## [![Quality Gate Failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/qg-failed-20px.png 'Quality Gate Failed')](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=15556) **Quality Gate failed** Failed conditions [41.7% Coverage on New Code](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=15556&metric=new_coverage&view=list) (required ≥ 60%) [See analysis details on SonarCloud](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=15556) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@dolphinscheduler.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Fix createFile with permission will not work [dolphinscheduler]
sonarcloud[bot] commented on PR #15556: URL: https://github.com/apache/dolphinscheduler/pull/15556#issuecomment-1923788957 ## [![Quality Gate Failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/qg-failed-20px.png 'Quality Gate Failed')](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=15556) **Quality Gate failed** Failed conditions [41.7% Coverage on New Code](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=15556&metric=new_coverage&view=list) (required ≥ 60%) [See analysis details on SonarCloud](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=15556) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@dolphinscheduler.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Fix createFile with permission will not work [dolphinscheduler]
github-advanced-security[bot] commented on code in PR #15556: URL: https://github.com/apache/dolphinscheduler/pull/15556#discussion_r147597 ## dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/utils/FileUtils.java: ## @@ -363,21 +306,27 @@ } } -public static void createDirectoryIfNotPresent(Path path) throws IOException { -if (Files.exists(path)) { -return; -} -Files.createDirectories(path); -} - -/** - * Create a file with '755'. - */ public static void createFileWith755(@NonNull Path path) throws IOException { if (SystemUtils.IS_OS_WINDOWS) { Files.createFile(path); } else { -Files.createFile(path, PERMISSION_755); +Files.createFile(path); +Files.setPosixFilePermissions(path, PERMISSION_755); +} +} + +public static void createDirectoryWith755(@NonNull Path path) throws IOException { +if (OSUtils.isWindows()) { +Files.createDirectories(path); Review Comment: ## Uncontrolled data used in path expression This path depends on a [user-provided value](1). [Show more details](https://github.com/apache/dolphinscheduler/security/code-scanning/3887) ## dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/utils/FileUtils.java: ## @@ -363,21 +306,27 @@ } } -public static void createDirectoryIfNotPresent(Path path) throws IOException { -if (Files.exists(path)) { -return; -} -Files.createDirectories(path); -} - -/** - * Create a file with '755'. - */ public static void createFileWith755(@NonNull Path path) throws IOException { if (SystemUtils.IS_OS_WINDOWS) { Files.createFile(path); } else { -Files.createFile(path, PERMISSION_755); +Files.createFile(path); +Files.setPosixFilePermissions(path, PERMISSION_755); +} +} + +public static void createDirectoryWith755(@NonNull Path path) throws IOException { +if (OSUtils.isWindows()) { +Files.createDirectories(path); +} else { +Path parent = path.getParent(); +if (parent != null && !parent.toFile().exists()) { +createDirectoryWith755(parent); +} + +Files.createDirectory(path); Review Comment: ## Uncontrolled data used in path expression This path depends on a [user-provided value](1). [Show more details](https://github.com/apache/dolphinscheduler/security/code-scanning/3888) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@dolphinscheduler.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org