New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(cosmovisor): fixed cosmovisor add-upgrade permissions #20062
fix(cosmovisor): fixed cosmovisor add-upgrade permissions #20062
Conversation
@julienrbrt can you review? |
Summary of changestools/cosmovisor/cmd/cosmovisor/add_upgrade.go: In the Objectives from linked issues for validation#20061: [Bug]: Cosmovisor's add-upgrade creates a binary that's not executableTitle[Bug]: Cosmovisor's add-upgrade creates a binary that's not executable DescriptionIs there an existing issue for this?
What happened?Better show on example: I guess it's because of this line
Feel free to assign me to this issue if you want btw. Cosmos SDK Versioncosmovisor version: v1.5.0 How to reproduce?See above. InstructionsGenerate the below sections using H2 header for each:
WalkthroughThe recent changes in the Changes
Assessment against linked issues
The changes made in the Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
lol I guess I know why it used these values initially |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks!
@@ -110,7 +110,7 @@ func saveOrAbort(path string, data []byte, force bool) error { | |||
return fmt.Errorf("failed to check if file exists: %w", err) | |||
} | |||
|
|||
if err := os.WriteFile(path, data, 0o600); err != nil { | |||
if err := os.WriteFile(path, data, 0o755); err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you add a changelog in cosmovisor and a nolint comment so we don't revert it back because of the gosec? And so that linting passes?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cmd/cosmovisor/add_upgrade.go:58:2: directive `//nolint:gosec` is unused for linter "gosec" (nolintlint)
//nolint:gosec
^
cmd/cosmovisor/add_upgrade.go:115:2: directive `//nolint:gosec` should provide explanation such as `//nolint:gosec // this is why` (nolintlint)
//nolint:gosec
^
lol now it gives me this. do you think it's worth disabling? or what's better to do here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nevermind, I fixed it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
and also added the changelog entry. @julienrbrt can you check?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 3
@@ -35,6 +35,8 @@ Ref: https://keepachangelog.com/en/1.0.0/ | |||
# Changelog | |||
|
|||
## [Unreleased] | |||
* [#20062](https://github.com/cosmos/cosmos-sdk/pull/20062) Fixed cosmovisor add-upgrade permissions |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ensure the changelog entry is surrounded by blank lines for better readability and adherence to the changelog guidelines.
37a38
>
39a40
>
Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation.
* [#20062](https://github.com/cosmos/cosmos-sdk/pull/20062) Fixed cosmovisor add-upgrade permissions | |
* [#20062](https://github.com/cosmos/cosmos-sdk/pull/20062) Fixed cosmovisor add-upgrade permissions | |
The changelog entry for PR #20062 could be more descriptive. Consider specifying what was fixed and why it's important.
- * [#20062](https://github.com/cosmos/cosmos-sdk/pull/20062) Fixed cosmovisor add-upgrade permissions
+ * [#20062](https://github.com/cosmos/cosmos-sdk/pull/20062) Fixed cosmovisor add-upgrade permissions to allow executable access, resolving a critical issue where upgrades were failing due to permission errors.
Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation.
* [#20062](https://github.com/cosmos/cosmos-sdk/pull/20062) Fixed cosmovisor add-upgrade permissions | |
* [#20062](https://github.com/cosmos/cosmos-sdk/pull/20062) Fixed cosmovisor add-upgrade permissions to allow executable access, resolving a critical issue where upgrades were failing due to permission errors. |
@@ -35,6 +35,8 @@ | |||
# Changelog | |||
|
|||
## [Unreleased] | |||
* [#20062](https://github.com/cosmos/cosmos-sdk/pull/20062) Fixed cosmovisor add-upgrade permissions | |||
|
|||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Multiple consecutive blank lines detected. It's best to maintain a single blank line to keep the file clean and organized.
40d39
Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation.
Btw @julienrbrt once I'm on it. I may have found another really minor but somewhat annoying bug in logging I want to fix before 1.6.0:
|
Fixing it here is fine! Thank you 🙏 |
@julienrbrt can you check once more? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK
@julienrbrt anything else I should do to get it merged or is it all good? |
It's all good. Just waiting for another reviewer. Cc @facundomedica |
Description
Closes: #20061
Sets file permissions for upgrade directory and the binary itself to 0755 (owner can do everything, others can read and execute) when adding an upgrade through the
cosmovisor add-upgrade
command.Author Checklist
All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.
I have...
!
in the type prefix if API or client breaking changeCHANGELOG.md
Reviewers Checklist
All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.
I have...
Summary by CodeRabbit
cosmovisor
module.