| 67 | } |
| 68 | |
| 69 | func Create(fileName string) (*os.File, error) { |
| 70 | // Set the permissions to `777` so that the downloaded files are still |
| 71 | // readable by every other user and group. This ensures that the agent is |
| 72 | // compatible with any model / server container, using any user ID. Note we |
| 73 | // also need to enable the `+x` bit to ensure the folder is "listable": |
| 74 | // https://stackoverflow.com/a/30788944/5015573 |
| 75 | if err := os.MkdirAll(filepath.Dir(fileName), os.ModePerm); err != nil { //nolint:gosec // G301: agent and model server run as different UIDs sharing an emptyDir volume |
| 76 | return nil, err |
| 77 | } |
| 78 | return os.Create(filepath.Clean(fileName)) |
| 79 | } |
| 80 | |
| 81 | func RemoveDir(dir string) error { |
| 82 | // Validate and sanitize the directory path |