From fe3dae9501aaea6ff8246e6dad4edcd872f9533f Mon Sep 17 00:00:00 2001
From: z1cheng <imchench@gmail.com>
Date: Thu, 31 Aug 2023 06:16:34 +0000
Subject: [PATCH] Revert write file permision

Signed-off-by: z1cheng <imchench@gmail.com>
---
 internal/net/ssl/ssl.go        | 9 ++++++---
 test/e2e/settings/ocsp/ocsp.go | 3 ++-
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/internal/net/ssl/ssl.go b/internal/net/ssl/ssl.go
index 7ffab8bd0..516b1ec9c 100644
--- a/internal/net/ssl/ssl.go
+++ b/internal/net/ssl/ssl.go
@@ -208,7 +208,8 @@ func ConfigureCACertWithCertAndKey(_ string, ca []byte, sslCert *ingress.SSLCert
 		return fmt.Errorf("could not write ca data to cert file %v: %v", sslCert.CAFileName, err)
 	}
 
-	return os.WriteFile(sslCert.CAFileName, buffer.Bytes(), 0o600)
+	//nolint:gosec // Not change permission to avoid possible issues
+	return os.WriteFile(sslCert.CAFileName, buffer.Bytes(), 0o644)
 }
 
 // ConfigureCRL creates a CRL file and append it into the SSLCert
@@ -230,7 +231,8 @@ func ConfigureCRL(name string, crl []byte, sslCert *ingress.SSLCert) error {
 		return err
 	}
 
-	err = os.WriteFile(crlFileName, crl, 0o600)
+	//nolint:gosec // Not change permission to avoid possible issues
+	err = os.WriteFile(crlFileName, crl, 0o644)
 	if err != nil {
 		return fmt.Errorf("could not write CRL file %v: %v", crlFileName, err)
 	}
@@ -247,7 +249,8 @@ func ConfigureCACert(name string, ca []byte, sslCert *ingress.SSLCert) error {
 	caName := fmt.Sprintf("ca-%v.pem", name)
 	fileName := fmt.Sprintf("%v/%v", file.DefaultSSLDirectory, caName)
 
-	err := os.WriteFile(fileName, ca, 0o600)
+	//nolint:gosec // Not change permission to avoid possible issues
+	err := os.WriteFile(fileName, ca, 0o644)
 	if err != nil {
 		return fmt.Errorf("could not write CA file %v: %v", fileName, err)
 	}
diff --git a/test/e2e/settings/ocsp/ocsp.go b/test/e2e/settings/ocsp/ocsp.go
index baf60fdcc..0ec15db58 100644
--- a/test/e2e/settings/ocsp/ocsp.go
+++ b/test/e2e/settings/ocsp/ocsp.go
@@ -195,7 +195,8 @@ const configTemplate = `
 
 func prepareCertificates(namespace string) error {
 	config := fmt.Sprintf(configTemplate, namespace)
-	err := os.WriteFile("cfssl_config.json", []byte(config), 0o600)
+	//nolint:gosec // Not change permission to avoid possible issues
+	err := os.WriteFile("cfssl_config.json", []byte(config), 0o644)
 	if err != nil {
 		return fmt.Errorf("creating cfssl_config.json file: %v", err)
 	}