fix(provenance): check error return in Digest and encodeRelease#32136
Open
SebTardif wants to merge 1 commit into
Open
fix(provenance): check error return in Digest and encodeRelease#32136SebTardif wants to merge 1 commit into
SebTardif wants to merge 1 commit into
Conversation
Return the actual error from io.Copy in Digest() instead of nil. The previous code swallowed the error and returned an empty string as a valid SHA-256 digest, which could silently break chart provenance verification. Also fix encodeRelease() in pkg/storage/driver/util.go: - Close the gzip writer on the w.Write() error path to avoid leaking resources. - Check the error return from gzip.Writer.Close(), which flushes remaining compressed data and can fail. Assisted-by: Grok/xAI Signed-off-by: Sebastien Tardif <sebtardif@ncf.ca>
pull-request-size
Bot
added
the
size/XS
Contributor
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Improves error handling in storage encoding and provenance digesting to ensure failures are surfaced correctly and writers are properly closed.
Changes:
- Properly handle
Write/Closeerrors in release encoding, ensuring the writer is closed and close failures are returned. - Fix
Digestto return the actual copy error instead ofnil.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| pkg/storage/driver/util.go | Ensures writer close is handled correctly and close errors are propagated. |
| pkg/provenance/sign.go | Fixes incorrect error return when hashing input fails. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What this PR does
Fixes two swallowed errors in the provenance and storage layers:
pkg/provenance/sign.go—Digest():return "", nilinstead ofreturn "", erronio.Copyfailure. This returns an empty string as a valid SHA-256 digest, which can cause chart provenance verification to silently produce wrong results.pkg/storage/driver/util.go—encodeRelease():gzip.Writer.Close()error discarded. Close flushes remaining data and writes the gzip footer; if it fails, the buffer contains a truncated stream that will be base64-encoded and stored in a Secret/ConfigMap. Also added close on the Write error path where the writer was leaked.AI Disclosure
Developed with AI assistance (Grok by xAI) in a human-in-the-loop workflow. All code reviewed and verified by the human author.
Signed-off-by: Sebastien Tardif sebtardif@ncf.ca
Assisted-by: Grok/xAI