in keystore/file_keystore.go [223:269]
func (k *FileKeystore) doSave(override bool) error {
if !k.dirty {
return nil
}
temporaryPath := fmt.Sprintf("%s.tmp", k.Path)
w := new(bytes.Buffer)
jsonEncoder := json.NewEncoder(w)
if err := jsonEncoder.Encode(k.secrets); err != nil {
return fmt.Errorf("cannot serialize the keystore before saving it to disk: %w", err)
}
encrypted, err := k.encrypt(w)
if err != nil {
return fmt.Errorf("cannot encrypt the keystore: %w", err)
}
flags := os.O_RDWR | os.O_CREATE
if override {
flags |= os.O_TRUNC
} else {
flags |= os.O_EXCL
}
f, err := os.OpenFile(temporaryPath, flags, filePermission)
if err != nil {
return fmt.Errorf("cannot open file to save the keystore to '%s', error: %w", k.Path, err)
}
_, _ = f.Write(version)
base64Encoder := base64.NewEncoder(base64.StdEncoding, f)
_, _ = io.Copy(base64Encoder, encrypted)
base64Encoder.Close()
_ = f.Sync()
f.Close()
err = file.SafeFileRotate(k.Path, temporaryPath)
if err != nil {
os.Remove(temporaryPath)
return fmt.Errorf("cannot replace the existing keystore, with the new keystore file at '%s', error: %w", k.Path, err)
}
os.Remove(temporaryPath)
k.dirty = false
return nil
}