From 7af91b6bf0ae309f4e9915a161e458c5b5222fcf Mon Sep 17 00:00:00 2001 From: Allen Sun Date: Wed, 8 Jun 2022 23:57:26 +0800 Subject: [PATCH] actions: add golangci-lint action for sealer Signed-off-by: Allen Sun --- .github/workflows/{go.yml => build.yml} | 27 +++-------- .github/workflows/golangci-lint.yml | 46 +++++++++++++++++++ .github/workflows/gosec.yml | 16 ------- .../{markdown.yml => markdown-lint.yml} | 0 .golangci.yml | 10 +++- pkg/image/distributionutil/login.go | 2 +- .../save/distributionpkg/proxy/proxyauth.go | 12 +++-- pkg/image/save/filesystem.go | 4 +- pkg/plugin/etcd_backup_plugin.go | 4 +- pkg/runtime/kubeadm_config_test.go | 4 +- utils/os/readers.go | 6 +-- utils/strings/strings.go | 8 ++-- 12 files changed, 84 insertions(+), 55 deletions(-) rename .github/workflows/{go.yml => build.yml} (64%) create mode 100644 .github/workflows/golangci-lint.yml delete mode 100644 .github/workflows/gosec.yml rename .github/workflows/{markdown.yml => markdown-lint.yml} (100%) diff --git a/.github/workflows/go.yml b/.github/workflows/build.yml similarity index 64% rename from .github/workflows/go.yml rename to .github/workflows/build.yml index 52fe824b934..e9a55d5ce06 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/build.yml @@ -1,4 +1,4 @@ -name: Go +name: Binary Building on OS Distributions on: push: @@ -13,24 +13,17 @@ on: jobs: build: - name: ubuntu - Go v1.17 + name: build on ubuntu - Go v1.16 runs-on: ubuntu-latest steps: - - - name: Set up Go - uses: actions/setup-go@v2 + - uses: actions/checkout@v2 with: - go-version: '1.17.3' - id: go - - - name: Check out code into the Go module directory - uses: actions/checkout@v2 + fetch-depth: 2 + - uses: actions/setup-go@v2 with: - ref: ${{ github.ref }} - path: src/github.com/sealerio/sealer + go-version: '1.16' - name: Check out code lic - working-directory: src/github.com/sealerio/sealer run: | wget https://github.com/google/addlicense/releases/download/v1.0.0/addlicense_1.0.0_Linux_x86_64.tar.gz tar -zxvf addlicense_1.0.0_Linux_x86_64.tar.gz -C $(go env GOPATH)/bin @@ -46,19 +39,11 @@ jobs: exit -1 fi - - name: Install go ci lint - run: curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.39.0 - - - name: Run Linter - run: golangci-lint run -v - working-directory: src/github.com/sealerio/sealer - - name: Make linux shell: bash run: | export MULTI_PLATFORM_BUILD=true make build - working-directory: src/github.com/sealerio/sealer - name: Save build binaries uses: actions/upload-artifact@v2 diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml new file mode 100644 index 00000000000..9bf86ae1424 --- /dev/null +++ b/.github/workflows/golangci-lint.yml @@ -0,0 +1,46 @@ +name: golangci-lint +on: + push: + tags: + - v* + branches: + - main + pull_request: +permissions: + contents: read + # Optional: allow read access to pull request. Use with `only-new-issues` option. + # pull-requests: read +jobs: + golangci: + name: lint + runs-on: ubuntu-latest + steps: + - uses: actions/setup-go@v3 + with: + go-version: 1.16 + - uses: actions/checkout@v3 + - name: golangci-lint + uses: golangci/golangci-lint-action@v3 + with: + # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version + version: v1.46 + args: "--out-${NO_FUTURE}format colored-line-number --max-same-issues 20" + + # Optional: working directory, useful for monorepos + # working-directory: somedir + + # Optional: golangci-lint command line arguments. + # args: --issues-exit-code=0 + + # Optional: show only new issues if it's a pull request. The default value is `false`. + # only-new-issues: true + + # Optional: if set to true then the all caching functionality will be complete disabled, + # takes precedence over all other caching options. + # skip-cache: true + + # Optional: if set to true then the action don't cache or restore ~/go/pkg. + # skip-pkg-cache: true + + # Optional: if set to true then the action don't cache or restore ~/.cache/go-build. + # skip-build-cache: true \ No newline at end of file diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml deleted file mode 100644 index e695f049e04..00000000000 --- a/.github/workflows/gosec.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: Run Gosec - -on: [ push, pull_request ] - -jobs: - golang-security-action: - runs-on: ubuntu-latest - env: - GO111MODULE: on - steps: - - name: Checkout Source - uses: actions/checkout@v2 - - name: Run Gosec Security Scanner - uses: securego/gosec@master - with: - args: ./... \ No newline at end of file diff --git a/.github/workflows/markdown.yml b/.github/workflows/markdown-lint.yml similarity index 100% rename from .github/workflows/markdown.yml rename to .github/workflows/markdown-lint.yml diff --git a/.golangci.yml b/.golangci.yml index 959980ccf77..d86e4376625 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -38,6 +38,14 @@ linters: - unparam - ifshort - unconvert + - predeclared + - gosec + - forcetypeassert + - bodyclose + - containedctx + - exportloopref + - nosprintfhostport + - noctx issues: exclude-rules: @@ -49,4 +57,4 @@ issues: # https://github.com/golangci/golangci/wiki/Configuration service: # use the fixed version to not introduce new linters unexpectedly - golangci-lint-version: 1.39.0 + golangci-lint-version: 1.43.0 diff --git a/pkg/image/distributionutil/login.go b/pkg/image/distributionutil/login.go index 2b01c7bd53f..b594f3b0966 100644 --- a/pkg/image/distributionutil/login.go +++ b/pkg/image/distributionutil/login.go @@ -60,7 +60,7 @@ func Login(ctx context.Context, authConfig *types.AuthConfig) error { } endpointStr := strings.TrimRight(endpointURL.String(), "/") + "/v2/" - req, err := http.NewRequest("GET", endpointStr, nil) + req, err := http.NewRequestWithContext(ctx, "GET", endpointStr, nil) if err != nil { return err } diff --git a/pkg/image/save/distributionpkg/proxy/proxyauth.go b/pkg/image/save/distributionpkg/proxy/proxyauth.go index 9cbc7aeb2cb..3fc4455794b 100644 --- a/pkg/image/save/distributionpkg/proxy/proxyauth.go +++ b/pkg/image/save/distributionpkg/proxy/proxyauth.go @@ -76,18 +76,21 @@ func getAuthURLs(remoteURL string) ([]string, error) { authURLs := []string{} resp, err := http.Get(remoteURL + "/v2/") + if err == nil { + defer resp.Body.Close() + } if err != nil { if strings.Contains(err.Error(), certUnknown) { logrus.Warnf("create connect with unauthenticated registry url: %s", remoteURL) - resp, err = newClientSkipVerify().Get(remoteURL + "/v2/") + resp, err := newClientSkipVerify().Get(remoteURL + "/v2/") if err != nil { return nil, err } + defer resp.Body.Close() } else { return nil, err } } - defer resp.Body.Close() for _, c := range challenge.ResponseChallenges(resp) { if strings.EqualFold(c.Scheme, "bearer") { @@ -101,6 +104,10 @@ func getAuthURLs(remoteURL string) ([]string, error) { // #nosec func ping(manager challenge.Manager, endpoint string) error { resp, err := http.Get(endpoint) + if err == nil { + defer resp.Body.Close() + } + if err != nil { if strings.Contains(err.Error(), certUnknown) { resp, err = newClientSkipVerify().Get(endpoint) @@ -111,7 +118,6 @@ func ping(manager challenge.Manager, endpoint string) error { return err } } - defer resp.Body.Close() return manager.AddResponse(resp) } diff --git a/pkg/image/save/filesystem.go b/pkg/image/save/filesystem.go index a29963e4e03..f2415e905cb 100644 --- a/pkg/image/save/filesystem.go +++ b/pkg/image/save/filesystem.go @@ -194,7 +194,7 @@ func (d *driver) Reader(ctx context.Context, path string, offset int64) (io.Read return file, nil } -func (d *driver) Writer(ctx context.Context, subPath string, append bool) (storagedriver.FileWriter, error) { +func (d *driver) Writer(ctx context.Context, subPath string, appendable bool) (storagedriver.FileWriter, error) { fullPath := d.fullPath(subPath) parentDir := path.Dir(fullPath) if err := os.MkdirAll(parentDir, 0750); err != nil { @@ -208,7 +208,7 @@ func (d *driver) Writer(ctx context.Context, subPath string, append bool) (stora var offset int64 - if !append { + if !appendable { err := fp.Truncate(0) if err != nil { return nil, fp.Close() diff --git a/pkg/plugin/etcd_backup_plugin.go b/pkg/plugin/etcd_backup_plugin.go index cd990b6bb02..e2bf43a2ee8 100644 --- a/pkg/plugin/etcd_backup_plugin.go +++ b/pkg/plugin/etcd_backup_plugin.go @@ -21,6 +21,8 @@ import ( "errors" "fmt" "io/ioutil" + "net" + "strconv" "time" clientv3 "go.etcd.io/etcd/client/v3" @@ -108,7 +110,7 @@ func connEtcd(masterIP string) (clientv3.Config, error) { RootCAs: pool, } - endpoints := []string{fmt.Sprintf("https://%s:2379", masterIP)} + endpoints := []string{net.JoinHostPort(masterIP, strconv.Itoa(2379))} cfg := clientv3.Config{ Endpoints: endpoints, DialTimeout: dialTimeout, diff --git a/pkg/runtime/kubeadm_config_test.go b/pkg/runtime/kubeadm_config_test.go index 7402f504ee9..aa9683a8086 100644 --- a/pkg/runtime/kubeadm_config_test.go +++ b/pkg/runtime/kubeadm_config_test.go @@ -350,7 +350,7 @@ func TestKubeadmConfig_LoadFromClusterfile(t *testing.T) { t.Run(tt.name, func(t *testing.T) { k := tt.fields.KubeConfig testfile := "test-Clusterfile" - err := ioutil.WriteFile(testfile, tt.args.kubeadmconfig, 0644) + err := ioutil.WriteFile(testfile, tt.args.kubeadmconfig, 0600) if err != nil { t.Errorf("WriteFile %s error = %v, wantErr %v", testfile, err, tt.wantErr) } @@ -410,7 +410,7 @@ func TestKubeadmConfig_Merge(t *testing.T) { return }*/ testfile := "test-kubeadm.yml" - err := ioutil.WriteFile(testfile, tt.args.defaultKubeadmConfig, 0644) + err := ioutil.WriteFile(testfile, tt.args.defaultKubeadmConfig, 0600) if (err != nil) != tt.wantErr { t.Errorf("WriteFile %s error = %v, wantErr %v", testfile, err, tt.wantErr) return diff --git a/utils/os/readers.go b/utils/os/readers.go index 6cdfba261e8..6b3c896b28a 100644 --- a/utils/os/readers.go +++ b/utils/os/readers.go @@ -37,8 +37,7 @@ type fileReader struct { func (r fileReader) ReadLines() ([]string, error) { var lines []string - _, err := os.Stat(r.fileName) - if err != nil || os.IsNotExist(err) { + if _, err := os.Stat(r.fileName); err != nil || os.IsNotExist(err) { return nil, errors.New("no such file") } @@ -63,8 +62,7 @@ func (r fileReader) ReadLines() ([]string, error) { } func (r fileReader) ReadAll() ([]byte, error) { - _, err := os.Stat(r.fileName) - if err != nil || os.IsNotExist(err) { + if _, err := os.Stat(r.fileName); err != nil || os.IsNotExist(err) { return nil, errors.New("no such file") } diff --git a/utils/strings/strings.go b/utils/strings/strings.go index ee8f9740b19..f9184b2078a 100644 --- a/utils/strings/strings.go +++ b/utils/strings/strings.go @@ -181,19 +181,19 @@ func ConvertToMap(env []string) map[string]string { return envs } -func Diff(old, new []string) (add, sub []string) { +func Diff(olds, news []string) (add, sub []string) { diffMap := make(map[string]bool) - for _, v := range old { + for _, v := range olds { diffMap[v] = true } - for _, v := range new { + for _, v := range news { if !diffMap[v] { add = append(add, v) } else { diffMap[v] = false } } - for _, v := range old { + for _, v := range olds { if diffMap[v] { sub = append(sub, v) }