Disable warning when Kube Config is group-readable.

Signed-off-by: Antoine Pultier <antoine.pultier@sintef.no>
2 years ago · b1c310be29
parent a749b66310
commit b1c310be29
2 changed files with 1 additions and 16 deletions
--- a/cmd/helm/root_unix.go
+++ b/cmd/helm/root_unix.go
@ -49,9 +49,6 @@ func checkPerms() {
 	}

 	perm := fi.Mode().Perm()
-	if perm&0040 > 0 {
-		warning("Kubernetes configuration file is group-readable. This is insecure. Location: %s", kc)
-	}
 	if perm&0004 > 0 {
 		warning("Kubernetes configuration file is world-readable. This is insecure. Location: %s", kc)
 	}
--- a/cmd/helm/root_unix_test.go
+++ b/cmd/helm/root_unix_test.go
@ -50,7 +50,7 @@ func checkPermsStderr() (string, error) {
 func TestCheckPerms(t *testing.T) {
 	tdir := t.TempDir()
 	tfile := filepath.Join(tdir, "testconfig")
-	fh, err := os.OpenFile(tfile, os.O_CREATE|os.O_APPEND|os.O_RDWR, 0440)
+	fh, err := os.OpenFile(tfile, os.O_CREATE|os.O_APPEND|os.O_RDWR, 0404)
 	if err != nil {
 		t.Errorf("Failed to create temp file: %s", err)
 	}
@ -59,18 +59,6 @@ func TestCheckPerms(t *testing.T) {
 	settings.KubeConfig = tfile
 	defer func() { settings.KubeConfig = tconfig }()

-	text, err := checkPermsStderr()
-	if err != nil {
-		t.Fatalf("could not read from stderr: %s", err)
-	}
-	expectPrefix := "WARNING: Kubernetes configuration file is group-readable. This is insecure. Location:"
-	if !strings.HasPrefix(text, expectPrefix) {
-		t.Errorf("Expected to get a warning for group perms. Got %q", text)
-	}
-
-	if err := fh.Chmod(0404); err != nil {
-		t.Errorf("Could not change mode on file: %s", err)
-	}
 	text, err = checkPermsStderr()
 	if err != nil {
 		t.Fatalf("could not read from stderr: %s", err)