suppress false positive gosec warnings

wollomatic · Dec 14, 2023 · f672742 · f672742
1 parent 9d0b367
commit f672742
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/hostsfile.go b/hostsfile.go
@@ -26,7 +26,7 @@ func refreshHostsfile(cli *client.Client) error {
 
 	if len(containers) > 0 {
 		for _, container := range containers {
-			if conf.onlyLabeledContainers && !(strings.ToLower(container.Labels[DOCKER_LABEL+".enabled"]) == "true") {
+			if conf.onlyLabeledContainers && (strings.ToLower(container.Labels[DOCKER_LABEL+".enabled"]) != "true") {
 				// log.Println("Skipping container", container.Names[len(container.Names)-1], "because it is not labeled with", DOCKER_LABEL+".enabled=true")
 				continue
 			}
@@ -60,7 +60,7 @@ func writeHostsfile(bs []byte) error {
 	hfnew := bytes.Split(hf, []byte(HOSTLIST_PREFIX))[0]
 	hfnew = append(hfnew, bs...)
 
-	return os.WriteFile(conf.hostsfile, hfnew, 0644)
+	return os.WriteFile(conf.hostsfile, hfnew, 0644) // #nosec G306 -- hostsfile has to be writable
 }
 
 // getContainerHostList returns the list of hostnames for a given container

diff --git a/main.go b/main.go
@@ -36,7 +36,7 @@ func main() {
 	// check if hostsfile is writable
 	if _, err := os.OpenFile(conf.hostsfile, os.O_WRONLY, 0644); err != nil {
 		log.Fatalf("Error: Hostsfile %s ist not writable: %s", conf.hostsfile, err)
-	}
+	} // #nosec G302 -- hostsfile has to be writable
 
 	// stop signal listener
 	done := make(chan os.Signal, 1)