diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml index 5a6b2ca18..75b8e1362 100644 --- a/.github/workflows/create-release.yml +++ b/.github/workflows/create-release.yml @@ -35,7 +35,7 @@ jobs: - uses: actions/setup-go@v5 with: - go-version: "stable" + go-version-file: go.mod - name: "Setup yq" # Required for rendering the files. shell: bash @@ -219,107 +219,109 @@ jobs: ./hack/ci/render_and_upload_manifests.sh bump-sec-scanners-config-main: - name: Bump sec-scanners-config.yaml on main branch - needs: create-draft - runs-on: ubuntu-latest - env: - VERSION: ${{ needs.generate-version.outputs.VERSION }} - - steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - ref: main - - - uses: actions/setup-go@v5 - with: - go-version: "stable" - - - name: "Setup yq" # Required for rendering the files. - shell: bash - run: | - go install github.com/mikefarah/yq/v4@latest - echo "$(go env GOPATH)/bin" >> $GITHUB_PATH - - - name: Render sec-scanners-config.yaml - shell: bash - run: | - yq --version - ./hack/ci/render-sec-scanners-config.sh "${VERSION}" - FILE="sec-scanners-config.yaml" - echo "******* ${FILE} *******" - [ -f "${FILE}" ] && cat "${FILE}" || echo "${FILE} not found." - - # Check if there are changes, so we can determine if all following steps can be skipped. - - name: Check for changes - shell: bash - run: | - if [ -z "$(git status --porcelain)" ]; then - echo "No changes found. No need to create a PR" - else - echo "Changes found. Creating a PR and waiting for it to be merged." - echo "CREATE_PR=true" >> $GITHUB_ENV - fi - - - name: Set up git - if: ${{ env.CREATE_PR == 'true' }} - env: - GH_TOKEN: ${{ secrets.BOT_PAT }} - REPO: ${{ github.repository }} - shell: bash - run: | - # set git username - ghusername=$(curl -s -H "Authorization: token ${GH_TOKEN}" https://api.github.com/user | jq '.login') - git config user.name "${ghusername}" - # set git mail address - ghemailaddress="${ghusername}@users.noreply.github.com" - git config user.email "${ghemailaddress}" - # set remote url - git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${REPO}.git" - - - name: Set all variables - if: ${{ env.CREATE_PR == 'true' }} - shell: bash - run: | - PR_DATE="$(date '+%Y-%m-%d-%H-%M-%S')" - echo "pr date: ${PR_DATE}" - echo "PR_DATE=${PR_DATE}" >> $GITHUB_ENV - - BRANCH_NAME="sec-scanners-bump-main-${PR_DATE}" - echo "name of the new branch: ${BRANCH_NAME}" - echo "BRANCH_NAME=${BRANCH_NAME}" >> $GITHUB_ENV - - - name: Create a pull request - if: ${{ env.CREATE_PR == 'true' }} - env: - REPO: ${{ github.repository }} - PR_DATE: ${{ env.PR_DATE }} - BRANCH_NAME: ${{ env.BRANCH_NAME }} - GH_TOKEN: ${{ secrets.BOT_PAT }} - shell: bash - run: | - # Create a new branch for our changes. - git checkout -b "${BRANCH_NAME}" - - # Stage the changes to sec-scanner-config.yaml and create a commit. - git add sec-scanners-config.yaml - git commit -m "auto-bump sec-scanners-config: ${PR_DATE}" - - # Push the changes to origin, as defined earlier. - git push origin "$BRANCH_NAME" - - # Create a PR. - BODY="This is an auto-generated PR to bump the sec-scanners-config.yml on ${REPO}." - PR_URL=$(gh pr create --base "main" --head "${BRANCH_NAME}" --title "chore: bump sec-scanners-config on main" --body "${BODY}") - echo "PR_URL=${PR_URL}" >> $GITHUB_ENV - - - name: USER INTERACTION REQUIRED - if: ${{ env.CREATE_PR == 'true' }} - shell: bash - timeout-minutes: 60 - env: - PR_URL: ${{ env.PR_URL }} - GH_TOKEN: ${{ secrets.BOT_PAT }} - run: | - echo "please review: ${PR_URL}" - ./hack/ci/await-pr-merge.sh + name: Bump sec-scanners-config.yaml on main branch + needs: + - create-draft + - generate-version + runs-on: ubuntu-latest + env: + VERSION: ${{ needs.generate-version.outputs.VERSION }} + + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: main + + - uses: actions/setup-go@v5 + with: + go-version-file: go.mod + + - name: "Setup yq" # Required for rendering the files. + shell: bash + run: | + go install github.com/mikefarah/yq/v4@latest + echo "$(go env GOPATH)/bin" >> $GITHUB_PATH + + - name: Render sec-scanners-config.yaml + shell: bash + run: | + yq --version + ./hack/ci/render-sec-scanners-config.sh "${VERSION}" + FILE="sec-scanners-config.yaml" + echo "******* ${FILE} *******" + [ -f "${FILE}" ] && cat "${FILE}" || echo "${FILE} not found." + + # Check if there are changes, so we can determine if all following steps can be skipped. + - name: Check for changes + shell: bash + run: | + if [ -z "$(git status --porcelain)" ]; then + echo "No changes found. No need to create a PR" + else + echo "Changes found. Creating a PR and waiting for it to be merged." + echo "CREATE_PR=true" >> $GITHUB_ENV + fi + + - name: Set up git + if: ${{ env.CREATE_PR == 'true' }} + env: + GH_TOKEN: ${{ secrets.BOT_PAT }} + REPO: ${{ github.repository }} + shell: bash + run: | + # set git username + ghusername=$(curl -s -H "Authorization: token ${GH_TOKEN}" https://api.github.com/user | jq '.login') + git config user.name "${ghusername}" + # set git mail address + ghemailaddress="${ghusername}@users.noreply.github.com" + git config user.email "${ghemailaddress}" + # set remote url + git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${REPO}.git" + + - name: Set all variables + if: ${{ env.CREATE_PR == 'true' }} + shell: bash + run: | + PR_DATE="$(date '+%Y-%m-%d-%H-%M-%S')" + echo "pr date: ${PR_DATE}" + echo "PR_DATE=${PR_DATE}" >> $GITHUB_ENV + + BRANCH_NAME="sec-scanners-bump-main-${PR_DATE}" + echo "name of the new branch: ${BRANCH_NAME}" + echo "BRANCH_NAME=${BRANCH_NAME}" >> $GITHUB_ENV + + - name: Create a pull request + if: ${{ env.CREATE_PR == 'true' }} + env: + REPO: ${{ github.repository }} + PR_DATE: ${{ env.PR_DATE }} + BRANCH_NAME: ${{ env.BRANCH_NAME }} + GH_TOKEN: ${{ secrets.BOT_PAT }} + shell: bash + run: | + # Create a new branch for our changes. + git checkout -b "${BRANCH_NAME}" + + # Stage the changes to sec-scanner-config.yaml and create a commit. + git add sec-scanners-config.yaml + git commit -m "auto-bump sec-scanners-config: ${PR_DATE}" + + # Push the changes to origin, as defined earlier. + git push origin "$BRANCH_NAME" + + # Create a PR. + BODY="This is an auto-generated PR to bump the sec-scanners-config.yml on ${REPO}." + PR_URL=$(gh pr create --base "main" --head "${BRANCH_NAME}" --title "chore: bump sec-scanners-config on main" --body "${BODY}") + echo "PR_URL=${PR_URL}" >> $GITHUB_ENV + + - name: USER INTERACTION REQUIRED + if: ${{ env.CREATE_PR == 'true' }} + shell: bash + timeout-minutes: 60 + env: + PR_URL: ${{ env.PR_URL }} + GH_TOKEN: ${{ secrets.BOT_PAT }} + run: | + echo "please review: ${PR_URL}" + ./hack/ci/await-pr-merge.sh diff --git a/.github/workflows/lint-go.yml b/.github/workflows/lint-go.yml index 0d703e5ee..1c7f746d3 100644 --- a/.github/workflows/lint-go.yml +++ b/.github/workflows/lint-go.yml @@ -29,15 +29,15 @@ jobs: runs-on: ubuntu-latest steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Setup Go uses: actions/setup-go@v5 with: - go-version: 1.22 # This can be a specific version. E.g. 1.19 or 1.21.x - - - name: Checkout code - uses: actions/checkout@v4 + go-version-file: go.mod - name: golangci-lint uses: golangci/golangci-lint-action@v4.0.0 with: - version: v1.55 + version: v1.57 diff --git a/.github/workflows/sink.yml b/.github/workflows/sink.yml index 5fbb74bb1..b7d665c44 100644 --- a/.github/workflows/sink.yml +++ b/.github/workflows/sink.yml @@ -39,7 +39,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 with: - go-version: 1.19 + go-version-file: go.mod cache: true - name: Build diff --git a/.golangci.yaml b/.golangci.yaml index bb95d7e5c..0c3770e2d 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -26,6 +26,8 @@ linters: - testpackage - wrapcheck - paralleltest + - copyloopvar + - perfsprint linters-settings: stylecheck: diff --git a/Makefile b/Makefile index 5a0c18bdb..001763e49 100644 --- a/Makefile +++ b/Makefile @@ -204,7 +204,7 @@ ENVTEST ?= $(LOCALBIN)/setup-envtest ## Tool Versions KUSTOMIZE_VERSION ?= v5.0.0 CONTROLLER_TOOLS_VERSION ?= v0.14.0 -GOLANG_CI_LINT_VERSION ?= v1.55.2 +GOLANG_CI_LINT_VERSION ?= v1.57 KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" .PHONY: kustomize diff --git a/api/operator/v1alpha1/status_test.go b/api/operator/v1alpha1/status_test.go index bf240ffe1..00e955593 100644 --- a/api/operator/v1alpha1/status_test.go +++ b/api/operator/v1alpha1/status_test.go @@ -438,7 +438,7 @@ func assertConditionsEqual(t *testing.T, expected, actual []kmetav1.Condition) { t.Helper() assert.Equal(t, len(expected), len(actual)) - for i := 0; i < len(expected); i++ { + for i := range len(expected) { assertConditionEqual(t, expected[i], actual[i]) } } diff --git a/internal/controller/errors/skip.go b/internal/controller/errors/skip.go index ff14b0a1e..f24bba40a 100644 --- a/internal/controller/errors/skip.go +++ b/internal/controller/errors/skip.go @@ -12,7 +12,7 @@ func IsSkippable(err error) bool { if err == nil { return true } - _, ok := err.(skippable) //nolint:errorlint // here we do not want to check the chain + _, ok := err.(skippable) return ok } diff --git a/internal/controller/eventing/subscription/jetstream/test_utils_test.go b/internal/controller/eventing/subscription/jetstream/test_utils_test.go index e447e0623..4805432f1 100644 --- a/internal/controller/eventing/subscription/jetstream/test_utils_test.go +++ b/internal/controller/eventing/subscription/jetstream/test_utils_test.go @@ -415,7 +415,6 @@ func StartTestEnv(ens *Ensemble) error { } }), ) - if err != nil { return err } diff --git a/internal/controller/operator/eventing/eventmesh_test.go b/internal/controller/operator/eventing/eventmesh_test.go index cf0e07f21..fe66536a3 100644 --- a/internal/controller/operator/eventing/eventmesh_test.go +++ b/internal/controller/operator/eventing/eventmesh_test.go @@ -309,7 +309,7 @@ func Test_reconcileEventMeshSubManager(t *testing.T) { // then if testcase.wantError != nil { require.Error(t, err) - require.ErrorAs(t, err, &testcase.wantError) + require.ErrorAs(t, err, &testcase.wantError) //nolint:testifylint // testifylint is disabled as it would not work without a pointer here } else { require.NoError(t, err) require.NotNil(t, testEnv.Reconciler.eventMeshSubManager) diff --git a/internal/controller/operator/eventing/integrationtests/controller/integration_test.go b/internal/controller/operator/eventing/integrationtests/controller/integration_test.go index e284913ec..d0026dda6 100644 --- a/internal/controller/operator/eventing/integrationtests/controller/integration_test.go +++ b/internal/controller/operator/eventing/integrationtests/controller/integration_test.go @@ -345,7 +345,7 @@ func Test_ReconcileSameEventingCR(t *testing.T) { // Ensure reconciling the same Eventing CR multiple times does not update the EPP deployment. const runs = 3 resourceVersionBefore := eppDeployment.ObjectMeta.ResourceVersion - for r := 0; r < runs; r++ { + for r := range runs { // when runID := fmt.Sprintf("run-%d", r) diff --git a/internal/controller/operator/eventing/nats_test.go b/internal/controller/operator/eventing/nats_test.go index cf600615d..4fda2e43a 100644 --- a/internal/controller/operator/eventing/nats_test.go +++ b/internal/controller/operator/eventing/nats_test.go @@ -580,7 +580,7 @@ func Test_UpdateNatsConfig(t *testing.T) { // then require.Equal(t, testcase.expectedError, err) - require.Equal(t, testcase.expectedConfig, testcase.expectedConfig) + require.Equal(t, testcase.expectedConfig, natsConfig) }) } } diff --git a/pkg/backend/cleaner/eventmesh.go b/pkg/backend/cleaner/eventmesh.go index 078d31e42..9d15940e1 100644 --- a/pkg/backend/cleaner/eventmesh.go +++ b/pkg/backend/cleaner/eventmesh.go @@ -44,7 +44,7 @@ func (c *EventMeshCleaner) getMergedSegments(eventType string) string { if totalSegments > maxEventMeshSegmentsLimit { combinedSegment := "" // combine the first n-2 segments without dots "." - for i := 0; i < totalSegments-2; i++ { + for i := range totalSegments - 2 { combinedSegment += segments[i] } // append the last two segment with preceding dots "." diff --git a/pkg/backend/jetstream/config_internal_unit_test.go b/pkg/backend/jetstream/config_internal_unit_test.go index 23ab296d5..7f3a48985 100644 --- a/pkg/backend/jetstream/config_internal_unit_test.go +++ b/pkg/backend/jetstream/config_internal_unit_test.go @@ -64,7 +64,7 @@ func TestUnitValidate_For_Errors(t *testing.T) { func fixtureStreamNameTooLong() string { b := strings.Builder{} - for i := 0; i < (jsMaxStreamNameLength + 1); i++ { + for range jsMaxStreamNameLength + 1 { b.WriteString("a") } streamName := b.String() diff --git a/pkg/backend/jetstream/jetstream_integration_test.go b/pkg/backend/jetstream/jetstream_integration_test.go index d6ab7eca1..e09c02190 100644 --- a/pkg/backend/jetstream/jetstream_integration_test.go +++ b/pkg/backend/jetstream/jetstream_integration_test.go @@ -158,11 +158,11 @@ func TestMultipleJSSubscriptionsToSameEvent(t *testing.T) { types.ContentModeBinary), ) // Check for the 3 events that should be received by the subscriber - for i := 0; i < len(subs); i++ { + for range len(subs) { require.NoError(t, subscriber.CheckEvent(eventingtesting.CloudEventData)) } // Delete all 3 subscription - for i := 0; i < len(subs); i++ { + for i := range len(subs) { require.NoError(t, jsBackend.DeleteSubscription(subs[i])) } // Check if all subscriptions are deleted in NATS diff --git a/pkg/utils/utils_unit_test.go b/pkg/utils/utils_unit_test.go index b3c4edf95..336c7d140 100644 --- a/pkg/utils/utils_unit_test.go +++ b/pkg/utils/utils_unit_test.go @@ -138,7 +138,7 @@ func TestGetRandSuffix(t *testing.T) { totalExecutions := 10 lengthOfRandomSuffix := 6 results := make(map[string]bool) - for i := 0; i < totalExecutions; i++ { + for range totalExecutions { result := GetRandString(lengthOfRandomSuffix) if _, ok := results[result]; ok { t.Fatalf("generated string already exists: %s", result) diff --git a/pkg/watcher/watcher.go b/pkg/watcher/watcher.go index 7e7feed5a..ad8cfc35e 100644 --- a/pkg/watcher/watcher.go +++ b/pkg/watcher/watcher.go @@ -60,7 +60,6 @@ func (w *ResourceWatcher) Start() { UpdateFunc: w.updateFunc, DeleteFunc: w.deleteFunc, }) - if err != nil { runtime.HandleError(err) } diff --git a/test/utils/integration/integration.go b/test/utils/integration/integration.go index 7bc9d0196..560a53cc7 100644 --- a/test/utils/integration/integration.go +++ b/test/utils/integration/integration.go @@ -373,7 +373,7 @@ func (env TestEnvironment) TearDown() error { // retry to stop the api-server sleepTime := 1 * time.Second const retries = 20 - for i := 0; i < retries; i++ { + for range retries { if err = env.EnvTestInstance.Stop(); err == nil { break } diff --git a/testing/eventmeshmock.go b/testing/eventmeshmock.go index b5d7a15c9..06a2599c7 100644 --- a/testing/eventmeshmock.go +++ b/testing/eventmeshmock.go @@ -208,7 +208,7 @@ func (m *EventMeshMock) handleMessaging() func(w http.ResponseWriter, r *http.Re // extract get request key from /messaging/events/subscriptions/%s/state key := strings.TrimSuffix(r.URL.Path, "/state") - for i := 0; i < 3; i++ { + for i := range 3 { err := m.UpdateStateResponse(w, key, state) if err == nil { break