https://codereview.appspot.com/10447043/diff/1/environs/azure/environ.go#newcode158
environs/azure/environ.go:158: // make sure we clean up that certificate
file.
rather than recovering, i think a better approach might be something
like this:
func (env *azureEnviron) getManagementAPI() (_ *azureManagementContext,
retErr) {
...
certFile, err := newTempCertFile([]byte(certData))
if err != nil {
return nil, err
}
defer func() {
if retErr != nil { certFile.Delete()
}
}()
which amounts to much the same thing except you don't
need to call certFile.Delete if NewManagementAPI fails.
To be honest though, we're not gaining that much
by deleting the file even when we panic. That
will only happen if NewManagementAPI itself panics,
not if any other goroutine panics.
I'd probably just delete the defer and leave the
Delete in the NewManagementAPI error case.
Anyone with access to read the cert file
probably has access to get the environment
config anyway, so it's not a huge security issue.
LGTM with some minor suggestions below.
https:/ /codereview. appspot. com/10447043/ diff/1/ environs/ azure/environ. go azure/environ. go (right):
File environs/
https:/ /codereview. appspot. com/10447043/ diff/1/ environs/ azure/environ. go#newcode153 azure/environ. go:153: certFile, err := ([]byte( certData) )
environs/
newTempCertFile
i hope we manage to avoid the need for these temporary files sooner
rather than later.
https:/ /codereview. appspot. com/10447043/ diff/1/ environs/ azure/environ. go#newcode158 azure/environ. go:158: // make sure we clean up that certificate tContext, ([]byte( certData) )
certFile. Delete( )
environs/
file.
rather than recovering, i think a better approach might be something
like this:
func (env *azureEnviron) getManagementAPI() (_ *azureManagemen
retErr) {
...
certFile, err := newTempCertFile
if err != nil {
return nil, err
}
defer func() {
if retErr != nil {
}
}()
which amounts to much the same thing except you don't
need to call certFile.Delete if NewManagementAPI fails.
To be honest though, we're not gaining that much
by deleting the file even when we panic. That
will only happen if NewManagementAPI itself panics,
not if any other goroutine panics.
I'd probably just delete the defer and leave the
Delete in the NewManagementAPI error case.
Anyone with access to read the cert file
probably has access to get the environment
config anyway, so it's not a huge security issue.
https:/ /codereview. appspot. com/10447043/ diff/1/ environs/ azure/environ. go#newcode178 azure/environ. go:178: // releaseManageme ntAPI frees up a ntAPI frees up an Azure management context.
environs/
context object for interfacing with Azure's
// releaseManageme
?
https:/ /codereview. appspot. com/10447043/ diff/1/ environs/ azure/environ_ test.go azure/environ_ test.go (right):
File environs/
https:/ /codereview. appspot. com/10447043/ diff/1/ environs/ azure/environ_ test.go# newcode104 azure/environ_ test.go: 104: }
environs/
i wouldn't mind seeing a test that checks that the temporary cert file
is deleted when NewManagementAPI fails.
https:/ /codereview. appspot. com/10447043/