jake/mctl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 9 Wiki Activity

security push

Browse Source 
- addressing gosec issues
- adding workflow docs
- go version bump
This commit is contained in:
jake 2025-04-24 12:23:07 -04:00
parent 13d3b2cef3
commit b414b269ac
6 changed files with 26 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.gitea/workflows/security.yaml Normal file
View File

@ -0,0 +1,8 @@
name: "security scans"
on: push
jobs:
scans:
runs-on: smoke-test
steps:
uses: https://code.jakeyoungdev.com/actions/security@master #update this to a tag after first successful run

14
cmd/config.go
View File

@ -48,7 +48,8 @@ var configCmd = &cobra.Command{
viper.Set("server", cfgserver) viper.Set("server", cfgserver)
viper.Set("password", string(ciphert)) viper.Set("password", string(ciphert))
viper.Set("port", cfgport) viper.Set("port", cfgport)
viper.WriteConfig() err = viper.WriteConfig()
cobra.CheckErr(err)
fmt.Println() fmt.Println()
fmt.Println("Config file updated!") fmt.Println("Config file updated!")
}, },
@ -57,9 +58,11 @@ var configCmd = &cobra.Command{
func init() { func init() {
initConfig() initConfig()
configCmd.Flags().StringVarP(&cfgserver, "server", "s", "", "server address") configCmd.Flags().StringVarP(&cfgserver, "server", "s", "", "server address")
configCmd.MarkFlagRequired("server") err := configCmd.MarkFlagRequired("server")
cobra.CheckErr(err)
configCmd.Flags().IntVarP(&cfgport, "port", "p", 0, "server rcon port") configCmd.Flags().IntVarP(&cfgport, "port", "p", 0, "server rcon port")
configCmd.MarkFlagRequired("port") err = configCmd.MarkFlagRequired("port")
cobra.CheckErr(err)
rootCmd.AddCommand(configCmd) rootCmd.AddCommand(configCmd)
} }
@ -72,7 +75,8 @@ func initConfig() {
viper.SetConfigType("yaml") viper.SetConfigType("yaml")
viper.SetConfigName(".mctl") viper.SetConfigName(".mctl")
viper.AutomaticEnv() viper.AutomaticEnv()
viper.ReadInConfig() err = viper.ReadInConfig()
cobra.CheckErr(err)
if err := viper.ReadInConfig(); err != nil { if err := viper.ReadInConfig(); err != nil {
//file does not exist, create it //file does not exist, create it
@ -92,6 +96,6 @@ func initConfig() {
//write config //write config
viper.Set("customcmd", cmdMap) viper.Set("customcmd", cmdMap)
viper.Set("device", string(uu)) viper.Set("device", string(uu))
viper.SafeWriteConfig() cobra.CheckErr(viper.SafeWriteConfig())
} }
} }

3
cmd/delete.go
View File

@ -21,7 +21,8 @@ var deleteCmd = &cobra.Command{
cmdMap := viper.Get("customcmd").(map[string]any) cmdMap := viper.Get("customcmd").(map[string]any)
delete(cmdMap, args[0]) delete(cmdMap, args[0])
viper.Set("customcmd", cmdMap) viper.Set("customcmd", cmdMap)
viper.WriteConfig() err := viper.WriteConfig()
cobra.CheckErr(err)
} }
}, },
PreRunE: func(cmd *cobra.Command, args []string) error { PreRunE: func(cmd *cobra.Command, args []string) error {

3
cmd/save.go
View File

@ -36,7 +36,8 @@ var saveCmd = &cobra.Command{
} }
cmdMap[args[0]] = txt cmdMap[args[0]] = txt
viper.Set("customcmd", cmdMap) viper.Set("customcmd", cmdMap)
viper.WriteConfig() err := viper.WriteConfig()
cobra.CheckErr(err)
fmt.Println("\nSaved!") fmt.Println("\nSaved!")
} }
} }

5
cryptography/aes.go
View File

@ -21,7 +21,10 @@ func EncryptPassword(b []byte) ([]byte, error) {
return nil, err return nil, err
} }
ct := aesg.Seal(nil, []byte(nonce), []byte(b), nil) //adding #nosec here since gosec interprets this as a hardcoded nonce when in reality it is securely generated
//using crypto/rand when running the config command. Here is is pulled from memory and is not a hardcoded nonce
//as gosec thinks, will remove this skip once the issue is addressed from gosec
ct := aesg.Seal(nil, []byte(nonce), []byte(b), nil) // #nosec
return ct, nil return ct, nil
} }

2
go.mod
View File

@ -1,6 +1,6 @@
module code.jakeyoungdev.com/jake/mctl module code.jakeyoungdev.com/jake/mctl
go 1.24.0 go 1.24.2
require ( require (
github.com/jake-young-dev/mcr v1.3.1 github.com/jake-young-dev/mcr v1.3.1