From 1e0ea6f958f1d9afd66a9248c7ca649b96cf4c84 Mon Sep 17 00:00:00 2001 From: max furman Date: Tue, 20 Sep 2022 15:46:59 -0700 Subject: [PATCH] more linting fixes --- Makefile | 16 ++++++++-------- api/renew.go | 1 + api/sshRekey.go | 1 + api/sshRenew.go | 1 + authority/provisioner/acme.go | 2 +- ca/acmeClient.go | 1 + cmd/step-ca/main.go | 7 +++++-- go.mod | 4 ++-- go.sum | 8 ++++---- 9 files changed, 24 insertions(+), 17 deletions(-) diff --git a/Makefile b/Makefile index e4bece1d..845d395b 100644 --- a/Makefile +++ b/Makefile @@ -28,8 +28,9 @@ ci: testcgo build ######################################### bootstra%: - # Using a released version of golangci-lint to take into account custom replacements in their go.mod - $Q curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(shell go env GOPATH)/bin v1.48.0 + $Q curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $$(go env GOPATH)/bin latest + $Q go install golang.org/x/vuln/cmd/govulncheck@latest + $Q go install gotest.tools/gotestsum@latest .PHONY: bootstra% @@ -151,15 +152,14 @@ integration: bin/$(BINNAME) ######################################### fmt: - $Q goimports -local github.com/golangci/golangci-lint -l -w $(SRC) + $Q goimports -l -w $(SRC) +lint: SHELL:=/bin/bash lint: - $Q golangci-lint run --timeout=30m + $Q LOG_LEVEL=error golangci-lint run --config <(curl -s https://raw.githubusercontent.com/smallstep/workflows/master/.golangci.yml) --timeout=30m + $Q govulncheck ./... -lintcgo: - $Q LOG_LEVEL=error golangci-lint run --timeout=30m - -.PHONY: fmt lint lintcgo +.PHONY: fmt lint ######################################### # Install diff --git a/api/renew.go b/api/renew.go index 6e9f680f..3cfd5fdf 100644 --- a/api/renew.go +++ b/api/renew.go @@ -17,6 +17,7 @@ const ( // Renew uses the information of certificate in the TLS connection to create a // new one. func Renew(w http.ResponseWriter, r *http.Request) { + //nolint:contextcheck // the reqest has the context cert, err := getPeerCertificate(r) if err != nil { render.Error(w, err) diff --git a/api/sshRekey.go b/api/sshRekey.go index 6c0a5064..977c4719 100644 --- a/api/sshRekey.go +++ b/api/sshRekey.go @@ -83,6 +83,7 @@ func SSHRekey(w http.ResponseWriter, r *http.Request) { notBefore := time.Unix(int64(oldCert.ValidAfter), 0) notAfter := time.Unix(int64(oldCert.ValidBefore), 0) + //nolint:contextcheck // the reqest has the context identity, err := renewIdentityCertificate(r, notBefore, notAfter) if err != nil { render.Error(w, errs.ForbiddenErr(err, "error renewing identity certificate")) diff --git a/api/sshRenew.go b/api/sshRenew.go index 4e4d0b04..456be3f6 100644 --- a/api/sshRenew.go +++ b/api/sshRenew.go @@ -75,6 +75,7 @@ func SSHRenew(w http.ResponseWriter, r *http.Request) { notBefore := time.Unix(int64(oldCert.ValidAfter), 0) notAfter := time.Unix(int64(oldCert.ValidBefore), 0) + //nolint:contextcheck // the reqest has the context identity, err := renewIdentityCertificate(r, notBefore, notAfter) if err != nil { render.Error(w, errs.ForbiddenErr(err, "error renewing identity certificate")) diff --git a/authority/provisioner/acme.go b/authority/provisioner/acme.go index 5955ac6a..468a6f87 100644 --- a/authority/provisioner/acme.go +++ b/authority/provisioner/acme.go @@ -15,7 +15,7 @@ import ( // ACMEChallenge represents the supported acme challenges. type ACMEChallenge string -// nolint:revive // better names +//nolint:stylecheck,revive // better names const ( // HTTP_01 is the http-01 ACME challenge. HTTP_01 ACMEChallenge = "http-01" diff --git a/ca/acmeClient.go b/ca/acmeClient.go index 039b10a3..1c195efd 100644 --- a/ca/acmeClient.go +++ b/ca/acmeClient.go @@ -256,6 +256,7 @@ func (c *ACMEClient) ValidateWithPayload(url string, payload []byte) error { if err != nil { return err } + defer resp.Body.Close() if resp.StatusCode >= 400 { return readACMEError(resp.Body) } diff --git a/cmd/step-ca/main.go b/cmd/step-ca/main.go index 2c952cdd..75e82704 100644 --- a/cmd/step-ca/main.go +++ b/cmd/step-ca/main.go @@ -4,7 +4,6 @@ import ( "flag" "fmt" "html" - "log" "math/rand" "net/http" "os" @@ -176,7 +175,11 @@ $ step-ca --context=mybiz --password-file ./password.txt debugProfAddr := os.Getenv("STEP_PROF_ADDR") if debugProfAddr != "" { go func() { - log.Println(http.ListenAndServe(debugProfAddr, nil)) + srv := http.Server{ + Addr: debugProfAddr, + ReadHeaderTimeout: 15 * time.Second, + } + srv.ListenAndServe() }() } diff --git a/go.mod b/go.mod index 125e51d9..bf8eb094 100644 --- a/go.mod +++ b/go.mod @@ -44,8 +44,8 @@ require ( go.step.sm/cli-utils v0.7.4 go.step.sm/crypto v0.19.0 go.step.sm/linkedca v0.19.0-rc.1 - golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 - golang.org/x/net v0.0.0-20220909164309-bea034e7d591 + golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0 + golang.org/x/net v0.0.0-20220920203100-d0c6ba3f52d9 golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10 // indirect golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect google.golang.org/api v0.84.0 diff --git a/go.sum b/go.sum index 94a2f40e..90969016 100644 --- a/go.sum +++ b/go.sum @@ -809,8 +809,8 @@ golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 h1:Y/gsMcFOcR+6S6f3YeMKl5g+dZMEWqcz5Czj/GWYbkM= -golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0 h1:a5Yg6ylndHHYJqIPrdq0AhvR6KTvDTAvgBtaidhEevY= +golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -898,8 +898,8 @@ golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.0.0-20220909164309-bea034e7d591 h1:D0B/7al0LLrVC8aWF4+oxpv/m8bc7ViFfVS8/gXGdqI= -golang.org/x/net v0.0.0-20220909164309-bea034e7d591/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.0.0-20220920203100-d0c6ba3f52d9 h1:asZqf0wXastQr+DudYagQS8uBO8bHKeYD1vbAvGmFL8= +golang.org/x/net v0.0.0-20220920203100-d0c6ba3f52d9/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=