From 166473c6c70b6499c3bbdd00bef5c11454bd2cc1 Mon Sep 17 00:00:00 2001 From: Justin Kulikauskas <44813129+JustinKuli@users.noreply.github.com> Date: Wed, 8 May 2024 02:23:37 +0000 Subject: [PATCH] Add new checks More formatting and scanning. The github actions files for these checks has been combined, and will run only on push, removing the duplicated checks that appeared in Pull Requests. Also cleans up some oddities found with GOPATH, which resolved other oddities with coverage commands. Signed-off-by: Justin Kulikauskas <44813129+JustinKuli@users.noreply.github.com> --- .../workflows/{validate.yaml => checks.yaml} | 46 +++++++++++++------ .github/workflows/lint.yaml | 40 ---------------- .gitignore | 3 ++ Makefile | 38 +++++++++++---- api/v1alpha1/reflectiveResourceList.go | 3 +- test/fakepolicy/main.go | 8 ++-- test/fakepolicy/test/suite_test.go | 1 - test/fakepolicy/test/yamlformat_test.go | 3 +- 8 files changed, 71 insertions(+), 71 deletions(-) rename .github/workflows/{validate.yaml => checks.yaml} (54%) delete mode 100644 .github/workflows/lint.yaml diff --git a/.github/workflows/validate.yaml b/.github/workflows/checks.yaml similarity index 54% rename from .github/workflows/validate.yaml rename to .github/workflows/checks.yaml index 8e1fe48..c72e4d6 100644 --- a/.github/workflows/validate.yaml +++ b/.github/workflows/checks.yaml @@ -1,14 +1,14 @@ -name: Validation +name: Code Checks -on: [push, pull_request] +on: [push] defaults: run: shell: bash jobs: - basic: - name: generate and vet + makechecks: + name: Make Checks runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -17,16 +17,39 @@ jobs: with: go-version-file: './go.mod' + - uses: actions/setup-python@v5 + with: + python-version: 3.x + + - run: pip install yamllint==1.33.0 + - run: | - make generate make manifests - go mod tidy + make generate make fmt make vet + yamllint . git diff --exit-code - unit-tests: - name: Unit Tests + # A separate job so that it can annotate the code + golangci: + name: golangci-lint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-go@v5 + with: + go-version-file: './go.mod' + + - name: golangci-lint + uses: golangci/golangci-lint-action@v5 + with: + version: v1.58 + # Automatically uses ./.golangci.yml for configuration + + tests: + name: Tests runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -38,15 +61,10 @@ jobs: - run: | make test - # Fix things up for the coverage report - head -1 cover.out > nucleus_cover.out - grep 'governance-policy-nucleus' cover.out >> nucleus_cover.out - sudo rm -rf .go - - name: Update coverage report uses: ncruces/go-coverage-report@v0 with: - coverage-file: nucleus_cover.out + coverage-file: cover.out output-dir: ${{ github.ref_name }} report: true chart: false diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml deleted file mode 100644 index 6022ac8..0000000 --- a/.github/workflows/lint.yaml +++ /dev/null @@ -1,40 +0,0 @@ -name: Linting - -on: [push, pull_request] - -defaults: - run: - shell: bash - -jobs: - yamllint: - name: yamllint - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - uses: actions/setup-python@v5 - with: - python-version: 3.x - - - run: pip install yamllint==1.33.0 - - - name: Lint YAML files - run: yamllint . - # Automatically uses ./.yamllint.yaml for configuration - - golangci: - name: golangci-lint - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - uses: actions/setup-go@v5 - with: - go-version-file: './go.mod' - - - name: golangci-lint - uses: golangci/golangci-lint-action@v5 - with: - version: v1.58 - # Automatically uses ./.golangci.yml for configuration diff --git a/.gitignore b/.gitignore index df02ecf..4853111 100644 --- a/.gitignore +++ b/.gitignore @@ -15,5 +15,8 @@ bin/ # Output of the go coverage tool, specifically when used with LiteIDE *.out +# Output of gosec tool +gosec.json + # Dependency directories (remove the comment below to include it) # vendor/ diff --git a/Makefile b/Makefile index 2b04c53..d5f4625 100644 --- a/Makefile +++ b/Makefile @@ -6,8 +6,10 @@ $(LOCAL_BIN): mkdir -p $(LOCAL_BIN) # Keep an existing GOPATH, make a private one if it is undefined -GOPATH_DEFAULT := $(ROOTDIR)/.go -export GOPATH ?= $(GOPATH_DEFAULT) +export GOPATH ?= $(shell go env GOPATH) +ifeq ($(GOPATH),) + GOPATH := $(ROOTDIR)/.go +endif GOBIN_DEFAULT := $(GOPATH)/bin export GOBIN ?= $(GOBIN_DEFAULT) @@ -34,15 +36,26 @@ CONTROLLER_GEN ?= $(LOCAL_BIN)/controller-gen $(CONTROLLER_GEN): $(LOCAL_BIN) $(call go-install,sigs.k8s.io/controller-tools/cmd/controller-gen@$(CONTROLLER_GEN_VERSION)) -ENVTEST ?= $(LOCAL_BIN)/setup-envtest -$(ENVTEST): $(LOCAL_BIN) - $(call go-install,sigs.k8s.io/controller-runtime/tools/setup-envtest@latest) - KUSTOMIZE_VERSION ?= v5.4.1 # https://github.com/kubernetes-sigs/kustomize/releases/latest KUSTOMIZE ?= $(LOCAL_BIN)/kustomize $(KUSTOMIZE): $(LOCAL_BIN) $(call go-install,sigs.k8s.io/kustomize/kustomize/v5@$(KUSTOMIZE_VERSION)) +GOFUMPT_VERSION ?= v0.6.0 # https://github.com/mvdan/gofumpt/releases/latest +GOFUMPT ?= $(LOCAL_BIN)/gofumpt +$(GOFUMPT): $(LOCAL_BIN) + $(call go-install,mvdan.cc/gofumpt@$(GOFUMPT_VERSION)) + +GCI_VERSION ?= v0.13.4 # https://github.com/daixiang0/gci/releases/latest +GCI ?= $(LOCAL_BIN)/gci +$(GCI): $(LOCAL_BIN) + $(call go-install,github.com/daixiang0/gci@$(GCI_VERSION)) + +GOSEC_VERSION ?= v2.19.0 # https://github.com/securego/gosec/releases/latest +GOSEC ?= $(LOCAL_BIN)/gosec +$(GOSEC): $(LOCAL_BIN) + $(call go-install,github.com/securego/gosec/v2/cmd/gosec@$(GOSEC_VERSION)) + GOLANGCI_VERSION ?= v1.58.0 # https://github.com/golangci/golangci-lint/releases/latest GOLANGCI ?= $(LOCAL_BIN)/golangci-lint $(GOLANGCI): $(LOCAL_BIN) @@ -55,6 +68,10 @@ GINKGO ?= $(LOCAL_BIN)/ginkgo $(GINKGO): $(LOCAL_BIN) $(call go-install,github.com/onsi/ginkgo/v2/ginkgo@$(GINKGO_VERSION)) +ENVTEST ?= $(LOCAL_BIN)/setup-envtest +$(ENVTEST): $(LOCAL_BIN) + $(call go-install,sigs.k8s.io/controller-runtime/tools/setup-envtest@latest) + .PHONY: manifests manifests: $(CONTROLLER_GEN) $(KUSTOMIZE) ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths=".;./api/..." \ @@ -69,12 +86,15 @@ generate: $(CONTROLLER_GEN) ## Generate code containing DeepCopy, DeepCopyInto, $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." .PHONY: fmt -fmt: ## Run go fmt against code. - go fmt ./... +fmt: $(GOFUMPT) $(GCI) + go mod tidy + find . -not \( -path "./.go" -prune \) -name "*.go" | xargs $(GOFUMPT) -l -w + find . -not \( -path "./.go" -prune \) -name "*.go" | xargs $(GCI) write --skip-generated -s standard -s default -s localmodule .PHONY: vet -vet: ## Run go vet against code. +vet: $(GOSEC) go vet ./... + $(GOSEC) -fmt sonarqube -out gosec.json -stdout -exclude-dir=.go -exclude-dir=test -exclude-generated ./... # Note: this target is not used by Github Actions. Instead, each linter is run # separately to automatically decorate the code with the linting errors. diff --git a/api/v1alpha1/reflectiveResourceList.go b/api/v1alpha1/reflectiveResourceList.go index a524c92..9097a70 100644 --- a/api/v1alpha1/reflectiveResourceList.go +++ b/api/v1alpha1/reflectiveResourceList.go @@ -4,8 +4,9 @@ import ( "fmt" "reflect" - "open-cluster-management.io/governance-policy-nucleus/api/v1beta1" "sigs.k8s.io/controller-runtime/pkg/client" + + "open-cluster-management.io/governance-policy-nucleus/api/v1beta1" ) //+kubebuilder:object:generate=false diff --git a/test/fakepolicy/main.go b/test/fakepolicy/main.go index d412354..c81d02e 100644 --- a/test/fakepolicy/main.go +++ b/test/fakepolicy/main.go @@ -7,22 +7,20 @@ import ( "flag" "os" + "github.com/go-logr/zapr" + "github.com/stolostron/go-log-utils/zaputil" "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/client-go/dynamic" clientgoscheme "k8s.io/client-go/kubernetes/scheme" "k8s.io/client-go/rest" + "k8s.io/klog/v2" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/metrics/server" - "github.com/go-logr/zapr" - "github.com/stolostron/go-log-utils/zaputil" - "k8s.io/klog/v2" - fakev1beta1 "open-cluster-management.io/governance-policy-nucleus/test/fakepolicy/api/v1beta1" "open-cluster-management.io/governance-policy-nucleus/test/fakepolicy/controllers" - //+kubebuilder:scaffold:imports ) var scheme = runtime.NewScheme() diff --git a/test/fakepolicy/test/suite_test.go b/test/fakepolicy/test/suite_test.go index 486d32a..494a32d 100644 --- a/test/fakepolicy/test/suite_test.go +++ b/test/fakepolicy/test/suite_test.go @@ -19,7 +19,6 @@ import ( "open-cluster-management.io/governance-policy-nucleus/test/fakepolicy" fakev1beta1 "open-cluster-management.io/governance-policy-nucleus/test/fakepolicy/api/v1beta1" - //+kubebuilder:scaffold:imports ) // These tests use Ginkgo (BDD-style Go testing framework). Refer to diff --git a/test/fakepolicy/test/yamlformat_test.go b/test/fakepolicy/test/yamlformat_test.go index 3a5b5c8..dda1fde 100644 --- a/test/fakepolicy/test/yamlformat_test.go +++ b/test/fakepolicy/test/yamlformat_test.go @@ -7,8 +7,9 @@ import ( . "github.com/onsi/gomega" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - nucleusv1beta1 "open-cluster-management.io/governance-policy-nucleus/api/v1beta1" "sigs.k8s.io/controller-runtime/pkg/client" + + nucleusv1beta1 "open-cluster-management.io/governance-policy-nucleus/api/v1beta1" ) var _ = Describe("FakePolicy resource format verification", func() {