chore: update Go, linter, and dependencies

2022-08-29 08:57:30 +02:00 · 2022-08-29 08:57:30 +02:00 · 7b9a0b72d6
commit 7b9a0b72d6
parent a645d164e0
18 changed files with 97 additions and 1565 deletions
--- a/.github/workflows/go-cross.yml
+++ b/.github/workflows/go-cross.yml
@ -16,7 +16,7 @@ jobs:

    strategy:
      matrix:
-        go-version: [ 1.17, 1.x ]
+        go-version: [ 1.19, 1.x ]
        os: [ubuntu-latest, macos-latest, windows-latest]

    steps:
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -12,8 +12,8 @@ jobs:
    name: Main Process
    runs-on: ubuntu-latest
    env:
-      GO_VERSION: 1.17
-      GOLANGCI_LINT_VERSION: v1.47.2
+      GO_VERSION: 1.19
+      GOLANGCI_LINT_VERSION: v1.49.0
      SEIHON_VERSION: v0.9.0
      CGO_ENABLED: 0

--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -9,7 +9,7 @@ jobs:
    name: Release Process
    runs-on: ubuntu-latest
    env:
-      GO_VERSION: 1.17
+      GO_VERSION: 1.19
      SEIHON_VERSION: v0.9.0
      CGO_ENABLED: 0

--- a/.golangci.yml
+++ b/.golangci.yml
@ -53,23 +53,32 @@ linters-settings:
      - github.com/mailgun/minheap
      - github.com/mailgun/multibuf
      - github.com/jaguilar/vt100
+  gosec:
+    excludes:
+      - G204 # Subprocess launched with a potential tainted input or cmd arguments
+      - G301 # Expect directory permissions to be 0750 or less
+      - G306 # Expect WriteFile permissions to be 0600 or less

 linters:
  enable-all: true
  disable:
-    - golint # deprecated
+    - scopelint # deprecated
    - interfacer # deprecated
    - maligned # deprecated
-    - scopelint # deprecated
+    - golint # deprecated
    - exhaustivestruct # deprecated
+    - scopelint # deprecated
+    - varcheck # deprecated
+    - structcheck # deprecated
+    - nosnakecase # deprecated
+    - deadcode # deprecated
+    - ifshort # deprecated
    - sqlclosecheck # not relevant (SQL)
    - rowserrcheck # not relevant (SQL)
    - cyclop # duplicate of gocyclo
    - lll
-    - gas
    - dupl
    - prealloc
-    - scopelint
    - wsl
    - nlreturn
    - gomnd
@ -80,7 +89,6 @@ linters:
    - wrapcheck
    - exhaustive
    - exhaustruct
-    - ifshort
    - varnamelen
    - nilnil

@ -90,11 +98,9 @@ issues:
  max-same-issues: 0
  exclude:
    - 'ST1000: at least one file in a package should have a package comment'
+    - 'package-comments: should have a package comment'
  exclude-rules:
    - path: cmd/
      linters:
        - gochecknoglobals
        - gochecknoinits
-    - path: "(.+)_test.go"
-      linters:
-        - nosnakecase
--- a/cmd/boltdb.go
+++ b/cmd/boltdb.go
@ -1,6 +1,8 @@
 package cmd

 import (
+	"context"
+
 	"github.com/kvtools/valkeyrie/store"
 	"github.com/kvtools/valkeyrie/store/boltdb"
 	"github.com/ldez/traefik-certs-dumper/v2/dumper"
@ -35,5 +37,5 @@ func boltdbRun(baseConfig *dumper.BaseConfig, cmd *cobra.Command) error {
 	config.Backend = store.BOLTDB
 	boltdb.Register()

-	return kv.Dump(config, baseConfig)
+	return kv.Dump(context.Background(), config, baseConfig)
 }
--- a/cmd/consul.go
+++ b/cmd/consul.go
@ -1,6 +1,8 @@
 package cmd

 import (
+	"context"
+
 	"github.com/kvtools/valkeyrie/store"
 	"github.com/kvtools/valkeyrie/store/consul"
 	"github.com/ldez/traefik-certs-dumper/v2/dumper"
@ -33,5 +35,5 @@ func consulRun(baseConfig *dumper.BaseConfig, cmd *cobra.Command) error {
 	config.Backend = store.CONSUL
 	consul.Register()

-	return kv.Dump(config, baseConfig)
+	return kv.Dump(context.Background(), config, baseConfig)
 }
--- a/cmd/etcd.go
+++ b/cmd/etcd.go
@ -1,6 +1,7 @@
 package cmd

 import (
+	"context"
 	"time"

 	"github.com/kvtools/valkeyrie/store"
@ -52,5 +53,5 @@ func etcdRun(baseConfig *dumper.BaseConfig, cmd *cobra.Command) error {
 		etcdv2.Register()
 	}

-	return kv.Dump(config, baseConfig)
+	return kv.Dump(context.Background(), config, baseConfig)
 }
--- a/cmd/file.go
+++ b/cmd/file.go
@ -1,12 +1,13 @@
 package cmd

 import (
+	"context"
+
 	"github.com/ldez/traefik-certs-dumper/v2/dumper"
 	"github.com/ldez/traefik-certs-dumper/v2/dumper/file"
 	"github.com/spf13/cobra"
 )

-// fileCmd represents the file command.
 var fileCmd = &cobra.Command{
 	Use:   "file",
 	Short: `Dump the content of the "acme.json" file.`,
@ -16,7 +17,7 @@ var fileCmd = &cobra.Command{

 		baseConfig.Version = cmd.Flag("version").Value.String()

-		return file.Dump(acmeFile, baseConfig)
+		return file.Dump(context.Background(), acmeFile, baseConfig)
 	}),
 }

--- a/cmd/kv.go
+++ b/cmd/kv.go
@ -98,7 +98,7 @@ func createTLSConfig(cmd *cobra.Command) (*tls.Config, error) {
 	return &tls.Config{
 		Certificates:       []tls.Certificate{cert},
 		RootCAs:            caPool,
-		InsecureSkipVerify: insecureSkipVerify,
+		InsecureSkipVerify: insecureSkipVerify, //nolint:gosec // it's a CLI option.
 		ClientAuth:         clientAuth,
 	}, nil
 }
--- a/cmd/zookeeper.go
+++ b/cmd/zookeeper.go
@ -1,6 +1,8 @@
 package cmd

 import (
+	"context"
+
 	"github.com/kvtools/valkeyrie/store"
 	"github.com/kvtools/valkeyrie/store/zookeeper"
 	"github.com/ldez/traefik-certs-dumper/v2/dumper"
@ -29,5 +31,5 @@ func zookeeperRun(baseConfig *dumper.BaseConfig, cmd *cobra.Command) error {
 	config.Backend = store.ZK
 	zookeeper.Register()

-	return kv.Dump(config, baseConfig)
+	return kv.Dump(context.Background(), config, baseConfig)
 }
--- a/dumper/file/file.go
+++ b/dumper/file/file.go
@ -2,7 +2,8 @@ package file

 import (
 	"bytes"
-	"crypto/md5"
+	"context"
+	"crypto/sha256"
 	"encoding/json"
 	"errors"
 	"fmt"
@ -21,16 +22,16 @@ import (
 )

 // Dump Dumps "acme.json" file to certificates.
-func Dump(acmeFile string, baseConfig *dumper.BaseConfig) error {
+func Dump(ctx context.Context, acmeFile string, baseConfig *dumper.BaseConfig) error {
 	err := dump(acmeFile, baseConfig)
 	if err != nil {
 		return err
 	}

 	if baseConfig.Watch {
-		hook.Exec(baseConfig.Hook)
+		hook.Exec(ctx, baseConfig.Hook)

-		return watch(acmeFile, baseConfig)
+		return watch(ctx, acmeFile, baseConfig)
 	}
 	return nil
 }
@ -90,7 +91,7 @@ func readJSONFile(acmeFile string, data interface{}) error {
 	return nil
 }

-func watch(acmeFile string, baseConfig *dumper.BaseConfig) error {
+func watch(ctx context.Context, acmeFile string, baseConfig *dumper.BaseConfig) error {
 	watcher, err := fsnotify.NewWatcher()
 	if err != nil {
 		return fmt.Errorf("failed to create new watcher: %w", err)
@ -113,7 +114,7 @@ func watch(acmeFile string, baseConfig *dumper.BaseConfig) error {
 					log.Println("event:", event)
 				}

-				hash, errW := manageEvent(watcher, event, acmeFile, previousHash, baseConfig)
+				hash, errW := manageEvent(ctx, watcher, event, acmeFile, previousHash, baseConfig)
 				if errW != nil {
 					log.Println("error:", errW)
 					done <- true
@ -144,7 +145,7 @@ func watch(acmeFile string, baseConfig *dumper.BaseConfig) error {
 	return nil
 }

-func manageEvent(watcher *fsnotify.Watcher, event fsnotify.Event, acmeFile string, previousHash []byte, baseConfig *dumper.BaseConfig) ([]byte, error) {
+func manageEvent(ctx context.Context, watcher *fsnotify.Watcher, event fsnotify.Event, acmeFile string, previousHash []byte, baseConfig *dumper.BaseConfig) ([]byte, error) {
 	err := manageRename(watcher, event, acmeFile)
 	if err != nil {
 		return nil, fmt.Errorf("watcher renewal failed: %w", err)
@ -168,7 +169,7 @@ func manageEvent(watcher *fsnotify.Watcher, event fsnotify.Event, acmeFile strin
 			log.Println("Dumped new certificate data.")
 		}

-		hook.Exec(baseConfig.Hook)
+		hook.Exec(ctx, baseConfig.Hook)
 	}

 	return hash, nil
@ -193,7 +194,7 @@ func calculateHash(acmeFile string) ([]byte, error) {
 	}
 	defer func() { _ = file.Close() }()

-	h := md5.New()
+	h := sha256.New()
 	_, err = io.Copy(h, file)
 	if err != nil {
 		return nil, err
--- a/dumper/file/file_test.go
+++ b/dumper/file/file_test.go
@ -1,6 +1,7 @@
 package file

 import (
+	"context"
 	"testing"

 	"github.com/ldez/traefik-certs-dumper/v2/dumper"
@ -49,7 +50,7 @@ func TestDump(t *testing.T) {
 				Version: test.version,
 			}

-			err := Dump(test.acmeFile, cfg)
+			err := Dump(context.Background(), test.acmeFile, cfg)
 			require.NoError(t, err)
 		})
 	}
--- a/dumper/kv/kv.go
+++ b/dumper/kv/kv.go
@ -3,6 +3,7 @@ package kv
 import (
 	"bytes"
 	"compress/gzip"
+	"context"
 	"encoding/json"
 	"fmt"
 	"io"
@ -21,8 +22,8 @@ import (
 const DefaultStoreKeySuffix = "/acme/account/object"

 // Dump Dumps KV content to certificates.
-func Dump(config *Config, baseConfig *dumper.BaseConfig) error {
-	kvStore, err := valkeyrie.NewStore(config.Backend, config.Endpoints, config.Options)
+func Dump(ctx context.Context, config *Config, baseConfig *dumper.BaseConfig) error {
+	kvStore, err := valkeyrie.NewStore(ctx, config.Backend, config.Endpoints, config.Options)
 	if err != nil {
 		return fmt.Errorf("unable to create client of the store: %w", err)
 	}
@ -30,10 +31,10 @@ func Dump(config *Config, baseConfig *dumper.BaseConfig) error {
 	storeKey := config.Prefix + config.Suffix

 	if baseConfig.Watch {
-		return watch(kvStore, storeKey, baseConfig)
+		return watch(ctx, kvStore, storeKey, baseConfig)
 	}

-	pair, err := kvStore.Get(storeKey, nil)
+	pair, err := kvStore.Get(ctx, storeKey, nil)
 	if err != nil {
 		return fmt.Errorf("unable to retrieve %s value: %w", storeKey, err)
 	}
@ -41,10 +42,8 @@ func Dump(config *Config, baseConfig *dumper.BaseConfig) error {
 	return dumpPair(pair, baseConfig)
 }

-func watch(kvStore store.Store, storeKey string, baseConfig *dumper.BaseConfig) error {
-	stopCh := make(<-chan struct{})
-
-	pairs, err := kvStore.Watch(storeKey, stopCh, nil)
+func watch(ctx context.Context, kvStore store.Store, storeKey string, baseConfig *dumper.BaseConfig) error {
+	pairs, err := kvStore.Watch(ctx, storeKey, nil)
 	if err != nil {
 		return err
 	}
@ -64,7 +63,7 @@ func watch(kvStore store.Store, storeKey string, baseConfig *dumper.BaseConfig)
 			log.Println("Dumped new certificate data.")
 		}

-		hook.Exec(baseConfig.Hook)
+		hook.Exec(ctx, baseConfig.Hook)
 	}
 }

--- a/go.mod
+++ b/go.mod
@ -1,16 +1,16 @@
 module github.com/ldez/traefik-certs-dumper/v2

-go 1.17
+go 1.19

 require (
 	github.com/fsnotify/fsnotify v1.5.4
 	github.com/go-acme/lego/v4 v4.8.0
-	github.com/kvtools/valkeyrie v0.4.1
+	github.com/kvtools/valkeyrie v0.4.2-0.20220810161836-a9a70ee3f199
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/spf13/cobra v1.5.0
 	github.com/spf13/viper v1.12.0
 	github.com/stretchr/testify v1.8.0
-	github.com/traefik/traefik/v2 v2.8.1
+	github.com/traefik/traefik/v2 v2.8.3
 )

 require (
@ -30,7 +30,7 @@ require (
 	github.com/akamai/AkamaiOPEN-edgegrid-golang v1.1.1 // indirect
 	github.com/aliyun/alibaba-cloud-sdk-go v1.61.1183 // indirect
 	github.com/armon/go-metrics v0.3.10 // indirect
-	github.com/aws/aws-sdk-go v1.39.0 // indirect
+	github.com/aws/aws-sdk-go v1.44.47 // indirect
 	github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect
 	github.com/cenkalti/backoff/v4 v4.1.1 // indirect
 	github.com/cloudflare/cloudflare-go v0.20.0 // indirect
@ -128,13 +128,13 @@ require (
 	github.com/subosito/gotenv v1.3.0 // indirect
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.287 // indirect
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.287 // indirect
-	github.com/traefik/paerser v0.1.5 // indirect
+	github.com/traefik/paerser v0.1.8 // indirect
 	github.com/transip/gotransip/v6 v6.6.1 // indirect
 	github.com/unrolled/render v1.0.2 // indirect
 	github.com/vinyldns/go-vinyldns v0.9.16 // indirect
 	github.com/vulcand/predicate v1.2.0 // indirect
 	github.com/vultr/govultr/v2 v2.16.0 // indirect
-	go.etcd.io/bbolt v1.3.5 // indirect
+	go.etcd.io/bbolt v1.3.6 // indirect
 	go.etcd.io/etcd/api/v3 v3.5.4 // indirect
 	go.etcd.io/etcd/client/pkg/v3 v3.5.4 // indirect
 	go.etcd.io/etcd/client/v2 v2.305.4 // indirect
@ -146,9 +146,9 @@ require (
 	go.uber.org/zap v1.18.1 // indirect
 	golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f // indirect
 	golang.org/x/mod v0.5.0 // indirect
-	golang.org/x/net v0.0.0-20220520000938-2e3eb7b945c2 // indirect
+	golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e // indirect
 	golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 // indirect
-	golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c // indirect
+	golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e // indirect
 	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
 	golang.org/x/text v0.3.7 // indirect
 	golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11 // indirect
--- a/go.sum
+++ b/go.sum
--- a/hook/hook.go
+++ b/hook/hook.go
@ -11,21 +11,21 @@ import (
 )

 // Exec Execute a command on a go routine.
-func Exec(command string) {
+func Exec(ctx context.Context, command string) {
 	if command == "" {
 		return
 	}

 	go func() {
-		errH := execute(command)
+		errH := execute(ctx, command)
 		if errH != nil {
 			panic(errH)
 		}
 	}()
 }

-func execute(command string) error {
-	ctxCmd, cancel := context.WithTimeout(context.Background(), 30*time.Second)
+func execute(ctx context.Context, command string) error {
+	ctxCmd, cancel := context.WithTimeout(ctx, 30*time.Second)
 	defer cancel()

 	parts := strings.Fields(os.ExpandEnv(command))
--- a/hook/hook_test.go
+++ b/hook/hook_test.go
@ -1,6 +1,9 @@
 package hook

-import "testing"
+import (
+	"context"
+	"testing"
+)

 func Test_execute(t *testing.T) {
 	testCases := []struct {
@ -19,7 +22,7 @@ func Test_execute(t *testing.T) {

 	for _, test := range testCases {
 		t.Run(test.desc, func(t *testing.T) {
-			err := execute(test.command)
+			err := execute(context.Background(), test.command)
 			if err != nil {
 				t.Fatal(err)
 			}
--- a/integrationtest/loader.go
+++ b/integrationtest/loader.go
@ -3,6 +3,7 @@ package main
 import (
 	"bytes"
 	"compress/gzip"
+	"context"
 	"log"
 	"os"
 	"path/filepath"
@ -22,38 +23,38 @@ func main() {
 	log.SetFlags(log.Lshortfile)

 	source := "./acme.json"
-	err := loadData(source)
+	err := loadData(context.Background(), source)
 	if err != nil {
 		log.Fatal(err)
 	}
 }

-func loadData(source string) error {
+func loadData(ctx context.Context, source string) error {
 	content, err := readFile(source)
 	if err != nil {
 		return err
 	}

 	// Consul
-	err = putData(store.CONSUL, []string{"localhost:8500"}, content)
+	err = putData(ctx, store.CONSUL, []string{"localhost:8500"}, content)
 	if err != nil {
 		return err
 	}

 	// ETCD v3
-	err = putData(store.ETCDV3, []string{"localhost:2379"}, content)
+	err = putData(ctx, store.ETCDV3, []string{"localhost:2379"}, content)
 	if err != nil {
 		return err
 	}

 	// Zookeeper
-	err = putData(store.ZK, []string{"localhost:2181"}, content)
+	err = putData(ctx, store.ZK, []string{"localhost:2181"}, content)
 	if err != nil {
 		return err
 	}

 	// BoltDB
-	err = putData(store.BOLTDB, []string{"/tmp/test-traefik-certs-dumper.db"}, content)
+	err = putData(ctx, store.BOLTDB, []string{"/tmp/test-traefik-certs-dumper.db"}, content)
 	if err != nil {
 		return err
 	}
@ -61,7 +62,7 @@ func loadData(source string) error {
 	return nil
 }

-func putData(backend store.Backend, addrs []string, content []byte) error {
+func putData(ctx context.Context, backend store.Backend, addrs []string, content []byte) error {
 	storeConfig := &store.Config{
 		ConnectionTimeout: 3 * time.Second,
 		Bucket:            "traefik",
@ -78,12 +79,12 @@ func putData(backend store.Backend, addrs []string, content []byte) error {
 		boltdb.Register()
 	}

-	kvStore, err := valkeyrie.NewStore(backend, addrs, storeConfig)
+	kvStore, err := valkeyrie.NewStore(ctx, backend, addrs, storeConfig)
 	if err != nil {
 		return err
 	}

-	if err := kvStore.Put(storeKey, content, nil); err != nil {
+	if err := kvStore.Put(ctx, storeKey, content, nil); err != nil {
 		return err
 	}