Convert previously missed directory permissions to use constants

These directory permissions were missed in the previous MR.
author: James Fargher <jfargher@gitlab.com> 2023-02-07 23:04:30 +0300
committer: James Fargher <jfargher@gitlab.com> 2023-02-08 22:41:28 +0300
commit: e9281454fe7557c99e8e1a844a628d9364c27e5f (patch)
tree: 9bd92a5e773d1fbea55002bc2a88b9509d99ba38
parent: 8e36d58e5c9bbe2844a75a12f82d726ee863ee47 (diff)
3 files changed, 44 insertions, 43 deletions
diff --git a/internal/backup/backup_test.go b/internal/backup/backup_test.go
index 8bf225ff1..5416f87f5 100644
--- a/internal/backup/backup_test.go
+++ b/internal/backup/backup_test.go
@@ -122,7 +122,7 @@ func TestManager_Create(t *testing.T) {
 
 				dirInfo, err := os.Stat(filepath.Dir(bundlePath))
 				require.NoError(t, err)
-				require.Equal(t, os.FileMode(0o700), dirInfo.Mode().Perm(), "expecting restricted directory permissions")
+				require.Equal(t, perm.PrivateDir, dirInfo.Mode().Perm(), "expecting restricted directory permissions")
 
 				bundleInfo, err := os.Stat(bundlePath)
 				require.NoError(t, err)
diff --git a/internal/git/housekeeping/clean_stale_data.go b/internal/git/housekeeping/clean_stale_data.go
index 4c5911643..5d896ea4f 100644
--- a/internal/git/housekeeping/clean_stale_data.go
+++ b/internal/git/housekeeping/clean_stale_data.go
@@ -15,6 +15,7 @@ import (
 	log "github.com/sirupsen/logrus"
 	"gitlab.com/gitlab-org/gitaly/v15/internal/git"
 	"gitlab.com/gitlab-org/gitaly/v15/internal/git/localrepo"
+	"gitlab.com/gitlab-org/gitaly/v15/internal/helper/perm"
 	"gitlab.com/gitlab-org/gitaly/v15/internal/safe"
 	"gitlab.com/gitlab-org/gitaly/v15/internal/structerr"
 	"google.golang.org/grpc/codes"
@@ -24,7 +25,7 @@ const (
 	emptyRefsGracePeriod             = 24 * time.Hour
 	deleteTempFilesOlderThanDuration = 7 * 24 * time.Hour
 	brokenRefsGracePeriod            = 24 * time.Hour
-	minimumDirPerm                   = 0o700
+	minimumDirPerm                   = perm.PrivateDir
 	lockfileGracePeriod              = 15 * time.Minute
 	referenceLockfileGracePeriod     = 1 * time.Hour
 	packedRefsLockGracePeriod        = 1 * time.Hour
diff --git a/internal/git/housekeeping/clean_stale_data_test.go b/internal/git/housekeeping/clean_stale_data_test.go
index 726d2afde..573254edb 100644
--- a/internal/git/housekeeping/clean_stale_data_test.go
+++ b/internal/git/housekeeping/clean_stale_data_test.go
@@ -185,7 +185,7 @@ func TestRepositoryManager_CleanStaleData(t *testing.T) {
 		{
 			name: "clean",
 			entries: []entry{
-				d("objects", 0o700, 240*time.Hour, Keep,
+				d("objects", perm.PrivateDir, 240*time.Hour, Keep,
 					f("a", 0o700, 24*time.Hour, Keep),
 					f("b", 0o700, 24*time.Hour, Keep),
 					f("c", 0o700, 24*time.Hour, Keep),
@@ -195,7 +195,7 @@ func TestRepositoryManager_CleanStaleData(t *testing.T) {
 		{
 			name: "emptyperms",
 			entries: []entry{
-				d("objects", 0o700, 240*time.Hour, Keep,
+				d("objects", perm.PrivateDir, 240*time.Hour, Keep,
 					f("b", 0o700, 24*time.Hour, Keep),
 					f("tmp_a", 0o000, 2*time.Hour, Keep),
 				),
@@ -204,7 +204,7 @@ func TestRepositoryManager_CleanStaleData(t *testing.T) {
 		{
 			name: "emptytempdir",
 			entries: []entry{
-				d("objects", 0o700, 240*time.Hour, Keep,
+				d("objects", perm.PrivateDir, 240*time.Hour, Keep,
 					d("tmp_d", 0o000, 240*time.Hour, Keep),
 					f("b", 0o700, 24*time.Hour, Keep),
 				),
@@ -213,7 +213,7 @@ func TestRepositoryManager_CleanStaleData(t *testing.T) {
 		{
 			name: "oldtempfile",
 			entries: []entry{
-				d("objects", 0o700, 240*time.Hour, Keep,
+				d("objects", perm.PrivateDir, 240*time.Hour, Keep,
 					f("tmp_a", 0o655, 240*time.Hour, Delete),
 					f("b", 0o700, 24*time.Hour, Keep),
 				),
@@ -225,8 +225,8 @@ func TestRepositoryManager_CleanStaleData(t *testing.T) {
 		{
 			name: "subdir temp file",
 			entries: []entry{
-				d("objects", 0o700, 240*time.Hour, Keep,
-					d("a", 0o770, 240*time.Hour, Keep,
+				d("objects", perm.PrivateDir, 240*time.Hour, Keep,
+					d("a", perm.GroupPrivateDir, 240*time.Hour, Keep,
 						f("tmp_b", 0o700, 240*time.Hour, Delete),
 					),
 				),
@@ -238,7 +238,7 @@ func TestRepositoryManager_CleanStaleData(t *testing.T) {
 		{
 			name: "inaccessible tmp directory",
 			entries: []entry{
-				d("objects", 0o700, 240*time.Hour, Keep,
+				d("objects", perm.PrivateDir, 240*time.Hour, Keep,
 					d("tmp_a", 0o000, 240*time.Hour, Keep,
 						f("tmp_b", 0o700, 240*time.Hour, Delete),
 					),
@@ -248,9 +248,9 @@ func TestRepositoryManager_CleanStaleData(t *testing.T) {
 		{
 			name: "deeply nested inaccessible tmp directory",
 			entries: []entry{
-				d("objects", 0o700, 240*time.Hour, Keep,
-					d("tmp_a", 0o700, 240*time.Hour, Keep,
-						d("tmp_a", 0o700, 24*time.Hour, Keep,
+				d("objects", perm.PrivateDir, 240*time.Hour, Keep,
+					d("tmp_a", perm.PrivateDir, 240*time.Hour, Keep,
+						d("tmp_a", perm.PrivateDir, 24*time.Hour, Keep,
 							f("tmp_b", 0o000, 240*time.Hour, Delete),
 						),
 					),
@@ -264,7 +264,7 @@ func TestRepositoryManager_CleanStaleData(t *testing.T) {
 			name: "files outside of object database",
 			entries: []entry{
 				f("tmp_a", 0o655, 240*time.Hour, Keep),
-				d("info", 0o700, 240*time.Hour, Keep,
+				d("info", perm.PrivateDir, 240*time.Hour, Keep,
 					f("tmp_a", 0o655, 240*time.Hour, Keep),
 				),
 			},
@@ -431,30 +431,30 @@ func TestRepositoryManager_CleanStaleData_emptyRefDirs(t *testing.T) {
 		{
 			name: "unrelated empty directories",
 			entries: []entry{
-				d("objects", 0o700, 240*time.Hour, Keep,
-					d("empty", 0o700, 240*time.Hour, Keep),
+				d("objects", perm.PrivateDir, 240*time.Hour, Keep,
+					d("empty", perm.PrivateDir, 240*time.Hour, Keep),
 				),
 			},
 		},
 		{
 			name: "empty ref dir gets retained",
 			entries: []entry{
-				d("refs", 0o700, 240*time.Hour, Keep),
+				d("refs", perm.PrivateDir, 240*time.Hour, Keep),
 			},
 		},
 		{
 			name: "empty nested non-stale ref dir gets kept",
 			entries: []entry{
-				d("refs", 0o700, 240*time.Hour, Keep,
-					d("nested", 0o700, 23*time.Hour, Keep),
+				d("refs", perm.PrivateDir, 240*time.Hour, Keep,
+					d("nested", perm.PrivateDir, 23*time.Hour, Keep),
 				),
 			},
 		},
 		{
 			name: "empty nested stale ref dir gets pruned",
 			entries: []entry{
-				d("refs", 0o700, 240*time.Hour, Keep,
-					d("nested", 0o700, 240*time.Hour, Delete),
+				d("refs", perm.PrivateDir, 240*time.Hour, Keep,
+					d("nested", perm.PrivateDir, 240*time.Hour, Delete),
 				),
 			},
 			expectedMetrics: cleanStaleDataMetrics{
@@ -464,9 +464,9 @@ func TestRepositoryManager_CleanStaleData_emptyRefDirs(t *testing.T) {
 		{
 			name: "hierarchy of nested stale ref dirs gets pruned",
 			entries: []entry{
-				d("refs", 0o700, 240*time.Hour, Keep,
-					d("first", 0o700, 240*time.Hour, Delete,
-						d("second", 0o700, 240*time.Hour, Delete),
+				d("refs", perm.PrivateDir, 240*time.Hour, Keep,
+					d("first", perm.PrivateDir, 240*time.Hour, Delete,
+						d("second", perm.PrivateDir, 240*time.Hour, Delete),
 					),
 				),
 			},
@@ -477,10 +477,10 @@ func TestRepositoryManager_CleanStaleData_emptyRefDirs(t *testing.T) {
 		{
 			name: "hierarchy with intermediate non-stale ref dir gets kept",
 			entries: []entry{
-				d("refs", 0o700, 240*time.Hour, Keep,
-					d("first", 0o700, 240*time.Hour, Keep,
-						d("second", 0o700, 1*time.Hour, Keep,
-							d("third", 0o700, 24*time.Hour, Delete),
+				d("refs", perm.PrivateDir, 240*time.Hour, Keep,
+					d("first", perm.PrivateDir, 240*time.Hour, Keep,
+						d("second", perm.PrivateDir, 1*time.Hour, Keep,
+							d("third", perm.PrivateDir, 24*time.Hour, Delete),
 						),
 					),
 				),
@@ -492,12 +492,12 @@ func TestRepositoryManager_CleanStaleData_emptyRefDirs(t *testing.T) {
 		{
 			name: "stale hierrachy with refs gets partially retained",
 			entries: []entry{
-				d("refs", 0o700, 240*time.Hour, Keep,
-					d("first", 0o700, 240*time.Hour, Keep,
-						d("second", 0o700, 240*time.Hour, Delete,
-							d("third", 0o700, 24*time.Hour, Delete),
+				d("refs", perm.PrivateDir, 240*time.Hour, Keep,
+					d("first", perm.PrivateDir, 240*time.Hour, Keep,
+						d("second", perm.PrivateDir, 240*time.Hour, Delete,
+							d("third", perm.PrivateDir, 24*time.Hour, Delete),
 						),
-						d("other", 0o700, 240*time.Hour, Keep,
+						d("other", perm.PrivateDir, 240*time.Hour, Keep,
 							f("ref", 0o700, 1*time.Hour, Keep),
 						),
 					),
@@ -550,7 +550,7 @@ func TestRepositoryManager_CleanStaleData_withSpecificFile(t *testing.T) {
 
 		var topLevelDir, currentDir *dirEntry
 		for _, subdir := range subdirs {
-			dir := d(subdir, 0o700, 1*time.Hour, Keep)
+			dir := d(subdir, perm.PrivateDir, 1*time.Hour, Keep)
 			if topLevelDir == nil {
 				topLevelDir = dir
 			}
@@ -666,7 +666,7 @@ func TestRepositoryManager_CleanStaleData_withSpecificFile(t *testing.T) {
 				},
 				{
 					desc: fmt.Sprintf("stale %s in subdir is kept", tc.file),
-					entry: d("subdir", 0o700, 240*time.Hour, Keep,
+					entry: d("subdir", perm.PrivateDir, 240*time.Hour, Keep,
 						f(tc.file, 0o700, 24*time.Hour, Keep),
 					),
 				},
@@ -721,14 +721,14 @@ func TestRepositoryManager_CleanStaleData_serverInfo(t *testing.T) {
 	repo := localrepo.NewTestRepo(t, cfg, repoProto)
 
 	entries := []entry{
-		d("info", 0o755, 0, Keep,
+		d("info", perm.SharedDir, 0, Keep,
 			f("ref", 0, 0o644, Keep),
 			f("refs", 0, 0o644, Delete),
 			f("refsx", 0, 0o644, Keep),
 			f("refs_123456", 0, 0o644, Delete),
 		),
-		d("objects", 0o755, 0, Keep,
-			d("info", 0o755, 0, Keep,
+		d("objects", perm.SharedDir, 0, Keep,
+			d("info", perm.SharedDir, 0, Keep,
 				f("pack", 0, 0o644, Keep),
 				f("packs", 0, 0o644, Delete),
 				f("packsx", 0, 0o644, Keep),
@@ -776,7 +776,7 @@ func TestRepositoryManager_CleanStaleData_referenceLocks(t *testing.T) {
 		{
 			desc: "fresh lock is kept",
 			entries: []entry{
-				d("refs", 0o755, 0*time.Hour, Keep,
+				d("refs", perm.SharedDir, 0*time.Hour, Keep,
 					f("main", 0o755, 10*time.Minute, Keep),
 					f("main.lock", 0o755, 10*time.Minute, Keep),
 				),
@@ -785,7 +785,7 @@ func TestRepositoryManager_CleanStaleData_referenceLocks(t *testing.T) {
 		{
 			desc: "stale lock is deleted",
 			entries: []entry{
-				d("refs", 0o755, 0*time.Hour, Keep,
+				d("refs", perm.SharedDir, 0*time.Hour, Keep,
 					f("main", 0o755, 1*time.Hour, Keep),
 					f("main.lock", 0o755, 1*time.Hour, Delete),
 				),
@@ -800,16 +800,16 @@ func TestRepositoryManager_CleanStaleData_referenceLocks(t *testing.T) {
 		{
 			desc: "nested reference locks are deleted",
 			entries: []entry{
-				d("refs", 0o755, 0*time.Hour, Keep,
-					d("tags", 0o755, 0*time.Hour, Keep,
+				d("refs", perm.SharedDir, 0*time.Hour, Keep,
+					d("tags", perm.SharedDir, 0*time.Hour, Keep,
 						f("main", 0o755, 1*time.Hour, Keep),
 						f("main.lock", 0o755, 1*time.Hour, Delete),
 					),
-					d("heads", 0o755, 0*time.Hour, Keep,
+					d("heads", perm.SharedDir, 0*time.Hour, Keep,
 						f("main", 0o755, 1*time.Hour, Keep),
 						f("main.lock", 0o755, 1*time.Hour, Delete),
 					),
-					d("foobar", 0o755, 0*time.Hour, Keep,
+					d("foobar", perm.SharedDir, 0*time.Hour, Keep,
 						f("main", 0o755, 1*time.Hour, Keep),
 						f("main.lock", 0o755, 1*time.Hour, Delete),
 					),
author	James Fargher <jfargher@gitlab.com>	2023-02-07 23:04:30 +0300
committer	James Fargher <jfargher@gitlab.com>	2023-02-08 22:41:28 +0300
commit	e9281454fe7557c99e8e1a844a628d9364c27e5f (patch)
tree	9bd92a5e773d1fbea55002bc2a88b9509d99ba38
parent	8e36d58e5c9bbe2844a75a12f82d726ee863ee47 (diff)