alihan/kubernetes-mcp-server
1
0
Fork 0
mirror of https://github.com/containers/kubernetes-mcp-server.git synced 2025-10-23 01:22:57 +03:00
Code Issues Packages Projects Releases Wiki Activity

chore(security): try to fix snyk security issues (#345)

Browse Source 
* chore(docs): update tools in README.md

Previous update wasn't made automatically.

Signed-off-by: Marc Nuri <marc@marcnuri.com>

* chore(security): try to fix snyk security issues

Even after the fix, Snyk seems to be reporting false positives.

Signed-off-by: Marc Nuri <marc@marcnuri.com>

---------

Signed-off-by: Marc Nuri <marc@marcnuri.com>
This commit is contained in:
Marc Nuri
2025-09-26 09:29:34 +02:00
committed by GitHub
parent 792d2f5b80
commit d3723804ed
2 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -261,7 +261,7 @@ The following sets of tools are available (all on by default):
- `name` (`string`) **(required)** - Name of the Pod to get the logs from - `name` (`string`) **(required)** - Name of the Pod to get the logs from
- `namespace` (`string`) - Namespace to get the Pod logs from - `namespace` (`string`) - Namespace to get the Pod logs from
- `previous` (`boolean`) - Return previous terminated container logs (Optional) - `previous` (`boolean`) - Return previous terminated container logs (Optional)
- `tail` (`number`) - Number of lines to retrieve from the end of the logs (Optional, default: 100) - `tail` (`integer`) - Number of lines to retrieve from the end of the logs (Optional, default: 100)
- **pods_run** - Run a Kubernetes Pod in the current or provided namespace with the provided container image and optional name - **pods_run** - Run a Kubernetes Pod in the current or provided namespace with the provided container image and optional name
- `image` (`string`) **(required)** - Container Image to run in the Pod - `image` (`string`) **(required)** - Container Image to run in the Pod

12
internal/tools/update-readme/main.go
View File

@@ -5,6 +5,7 @@ import (
"fmt" "fmt"
"maps" "maps"
"os" "os"
"path/filepath"
"slices" "slices"
"strings" "strings"
@@ -25,7 +26,14 @@ func (o *OpenShift) IsOpenShift(ctx context.Context) bool {
var _ internalk8s.Openshift = (*OpenShift)(nil) var _ internalk8s.Openshift = (*OpenShift)(nil)
func main() { func main() {
readme, err := os.ReadFile(os.Args[1]) // Snyk reports false positive unless we flow the args through filepath.Clean and filepath.Localize in this specific order
var err error
localReadmePath := filepath.Clean(os.Args[1])
localReadmePath, err = filepath.Localize(localReadmePath)
if err != nil {
panic(err)
}
readme, err := os.ReadFile(localReadmePath)
if err != nil { if err != nil {
panic(err) panic(err)
} }
@@ -81,7 +89,7 @@ func main() {
toolsetTools.String(), toolsetTools.String(),
) )
if err := os.WriteFile(os.Args[1], []byte(updated), 0o644); err != nil { if err := os.WriteFile(localReadmePath, []byte(updated), 0o644); err != nil {
panic(err) panic(err)
} }
} }