fix: update cos-tool permissions to adhere to cis hardening rules (#371)

* fix: update cos-tool permissions to adhere to cis hardening rules

* fix cos-tool permissions for this charm as well

* remove chmod from library

* tox fmt

* fix unit tests

* tox fmt

charmcraft.yaml

@@ -140,7 +140,7 @@ parts:
       - curl
     override-pull: |
       curl -L -O https://github.com/canonical/cos-tool/releases/latest/download/cos-tool-${CRAFT_TARGET_ARCH}
-      chmod +x cos-tool-*
+      chmod 775 cos-tool-*
 
 actions:
   get-admin-password:

lib/charms/grafana_k8s/v0/grafana_dashboard.py

@@ -219,7 +219,7 @@ def __init__(self, *args):
 # Increment this PATCH version before using `charmcraft publish-lib` or reset
 # to 0 if you are raising the major API version
 
-LIBPATCH = 37
+LIBPATCH = 38
 
 logger = logging.getLogger(__name__)
 
@@ -1993,12 +1993,9 @@ def _get_tool_path(self) -> Optional[Path]:
         arch = "amd64" if arch == "x86_64" else arch
         res = "cos-tool-{}".format(arch)
         try:
-            path = Path(res).resolve()
-            path.chmod(0o777)
+            path = Path(res).resolve(strict=True)
             return path
-        except NotImplementedError:
-            logger.debug("System lacks support for chmod")
-        except FileNotFoundError:
+        except (FileNotFoundError, OSError):
             logger.debug('Could not locate cos-tool at: "{}"'.format(res))
         return None