cwe fixes

dell · Jul 19, 2024 · 0e155ab · 0e155ab
1 parent 3b21694
commit 0e155ab
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 11 deletions.
diff --git a/cmd/karavictl/cmd/api/api.go b/cmd/karavictl/cmd/api/api.go
@@ -102,10 +102,10 @@ func New(
 		host: host,
 	}
 
-	if opts.Insecure { // #nosec G402
+	if opts.Insecure {
 		c.http.Transport = &http.Transport{
 			TLSClientConfig: &tls.Config{
-				InsecureSkipVerify: true,
+				InsecureSkipVerify: true, // #nosec G402
 				MinVersion:         tls.VersionTLS13,
 			},
 		}

diff --git a/cmd/karavictl/cmd/role.go b/cmd/karavictl/cmd/role.go
@@ -366,13 +366,13 @@ func createRoleServiceClient(addr string, insecure bool) (pb.RoleServiceClient,
 	var conn *grpc.ClientConn
 	var err error
 
-	if insecure { // #nosec G402
+	if insecure {
 		conn, err = grpc.Dial(addr,
 			grpc.WithTimeout(10*time.Second),
 			grpc.WithContextDialer(func(_ context.Context, addr string) (net.Conn, error) {
-				return tls.Dial("tcp", addr, &tls.Config{
+				return tls.Dial("tcp", addr, &tls.Config{ // #nosec G402
 					NextProtos:         []string{"h2"},
-					InsecureSkipVerify: true,
+					InsecureSkipVerify: true, // #nosec G402
 				})
 			}),
 			grpc.WithInsecure())

diff --git a/cmd/karavictl/cmd/storage.go b/cmd/karavictl/cmd/storage.go
@@ -71,13 +71,13 @@ func createStorageServiceClient(addr string, insecure bool) (pb.StorageServiceCl
 	var conn *grpc.ClientConn
 	var err error
 
-	if insecure { // #nosec G402
+	if insecure {
 		conn, err = grpc.Dial(addr,
 			grpc.WithTimeout(10*time.Second),
 			grpc.WithContextDialer(func(_ context.Context, addr string) (net.Conn, error) {
 				return tls.Dial("tcp", addr, &tls.Config{
 					NextProtos:         []string{"h2"},
-					InsecureSkipVerify: true,
+					InsecureSkipVerify: true, // #nosec G402
 				})
 			}),
 			grpc.WithInsecure())

diff --git a/cmd/sidecar-proxy/main.go b/cmd/sidecar-proxy/main.go
@@ -108,10 +108,10 @@ func (pi *ProxyInstance) Start(proxyHost, access, refresh string) error {
 		Host:   proxyHost,
 	}
 	pi.rp = httputil.NewSingleHostReverseProxy(&proxyURL)
-	if insecureProxy { // #nosec G402
+	if insecureProxy {
 		pi.rp.Transport = &http.Transport{
 			TLSClientConfig: &tls.Config{
-				InsecureSkipVerify: true,
+				InsecureSkipVerify: true, // #nosec G402
 				MinVersion:         tls.VersionTLS12,
 				MaxVersion:         tls.VersionTLS13,
 				CipherSuites:       GetSecuredCipherSuites(),
@@ -347,10 +347,10 @@ func refreshTokens(proxyHost url.URL, refreshToken string, accessToken *string,
 		return err
 	}
 	httpClient := &http.Client{}
-	if insecureProxy { // #nosec G402
+	if insecureProxy {
 		httpClient.Transport = &http.Transport{
 			TLSClientConfig: &tls.Config{
-				InsecureSkipVerify: true,
+				InsecureSkipVerify: true, // #nosec G402
 				MinVersion:         tls.VersionTLS12,
 				MaxVersion:         tls.VersionTLS13,
 				CipherSuites:       GetSecuredCipherSuites(),