MAAS

Merge ~r00ta/maas:lp-2026802-3.4 into maas:3.4

  1. Git
  2. lp:~r00ta/maas
  3. lp-2026802-3.4
  4. Merge into 3.4
Proposed by Jacopo Rota
Status: Merged
Approved by: Adam Collard
Approved revision: b6a9255e240186f700b6d3ca59f3665b12b0c710
Merge reported by: MAAS Lander
Merged at revision: not available
Proposed branch: ~r00ta/maas:lp-2026802-3.4
Merge into: maas:3.4
Diff against target: 26 lines (+6/-1)
2 files modified
src/provisioningserver/utils/env.py (+1/-1)
src/tests/provisioningserver/utils/test_env.py (+5/-0)
Reviewer Review Type Date Requested Status
MAAS Lander Needs Fixing
Alberto Donato (community) Approve
Review via email: mp+446500@code.launchpad.net

Commit message

Backport of e0a86ecd5863a8f8aa6e8342bb0801ac248e0e86 - Fix secret permissions

To post a comment you must log in.
Revision history for this message
Alberto Donato (ack) :
review: Approve
Revision history for this message
MAAS Lander (maas-lander) wrote :

LANDING
-b lp-2026802-3.4 lp:~r00ta/maas/+git/maas into -b 3.4 lp:~maas-committers/maas

STATUS: FAILED BUILD
LOG: http://maas-ci.internal:8080/job/maas-tester/2959/console

Revision history for this message
MAAS Lander (maas-lander) wrote :

UNIT TESTS
-b lp-2026802-3.4 lp:~r00ta/maas/+git/maas into -b 3.4 lp:~maas-committers/maas

STATUS: FAILED
LOG: http://maas-ci.internal:8080/job/maas-tester/2963/console
COMMIT: b6a9255e240186f700b6d3ca59f3665b12b0c710

review: Needs Fixing
Revision history for this message
MAAS Lander (maas-lander) wrote :

LANDING
-b lp-2026802-3.4 lp:~r00ta/maas/+git/maas into -b 3.4 lp:~maas-committers/maas

STATUS: FAILED BUILD
LOG: http://maas-ci.internal:8080/job/maas-tester/2965/console

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/src/provisioningserver/utils/env.py b/src/provisioningserver/utils/env.py
2index 4ea40f8..f0c32a0 100644
3--- a/src/provisioningserver/utils/env.py
4+++ b/src/provisioningserver/utils/env.py
5@@ -80,7 +80,7 @@ class FileBackedValue:
6 else:
7 # ensure the parent dirs exist
8 self.path.parent.mkdir(exist_ok=True)
9- atomic_write(value.encode("ascii"), self.path)
10+ atomic_write(value.encode("ascii"), self.path, mode=0o640)
11 self._value = value
12
13 def _normalise_value(self, value: Optional[str]) -> Optional[str]:
14diff --git a/src/tests/provisioningserver/utils/test_env.py b/src/tests/provisioningserver/utils/test_env.py
15index dba8b77..f123f4a 100644
16--- a/src/tests/provisioningserver/utils/test_env.py
17+++ b/src/tests/provisioningserver/utils/test_env.py
18@@ -198,3 +198,8 @@ class TestFileBackedValue:
19 file_value.path.write_text("new content")
20 # the file is read again
21 assert file_value.get() == "new content"
22+
23+ def test_set_default_permission(self, factory, file_value):
24+ factory.make_name("contents")
25+ file_value.set("content")
26+ assert (file_value.path.stat().st_mode & 0o777) == 0o640

Subscribers

People subscribed via source and target branches