chore: fix linter issues

[tzdybal]

Overview

Fix linter issues from initial import.
As a bonus, mock was moved to _test package, so it's not exported.

Summary by CodeRabbit

Release Notes

• New Features

  • Introduced a new configuration file for YAML linting, allowing for flexible line length rules.

• Bug Fixes

  • Improved error handling in test cases for better robustness.

• Documentation

  • Updated README formatting for clarity in the "Architecture" and "Development" sections.

• Chores

  • Reformatted Docker Compose configurations for improved readability.

• Refactor

  • Streamlined the EngineAPIExecutionClient by removing unnecessary fields and enhancing documentation.
  • Renamed and adjusted visibility of types in test files for better organization.

[coderabbitai]

Walkthrough

The pull request introduces several modifications across multiple files, primarily focusing on configuration adjustments, structural changes, and documentation improvements. Key changes include the removal of specific linters from .golangci.yml, the elimination of the proxyClient field in execution.go, and updates to the testing files to reflect a new package structure. Additionally, a new YAML linter configuration file is added, and various test files see enhancements in error handling and organization. Overall, the changes aim to streamline code and improve clarity without altering core functionalities.

Changes

File	Change Summary
.golangci.yml	Removed linters: deadcode, structcheck, varcheck from linters.enable.
execution.go	Removed proxyClient field; simplified Start method; improved error handling comments.
execution_test.go	Renamed package to execution_test; updated mock instantiation; improved error handling.
integration_test.go	Updated import organization; added //nolint:gosec comments for constants; changed file permissions.
.yamllint.yml	Created new configuration file with a rule for line length (max 120 characters).
README.md	Changed header from ## Architecture to # Architecture; simplified command formatting.
docker/docker-compose.yml	Reformatted commands for jwt-init and reth services for better readability.
mocks_test.go	Renamed package to execution_test; changed type visibility; enhanced error handling.

Possibly related PRs

• test: fix integration & unit tests #14: The changes in execution.go and execution_test.go related to the EngineAPIExecutionClient struct and its methods are relevant as they involve modifications to the same functions that are impacted by the main PR's changes to the linter configurations in .golangci.yml. The removal of specific linters may affect how the code is structured and tested, particularly in terms of error handling and code quality checks.

Suggested reviewers

• Manav-Aggarwal
• gupadhyaya

Poem

🐰 In the code where bunnies hop,
Linters gone, we make a stop.
With clearer paths and tests anew,
Our code now shines, a joyful view!
So let us dance and celebrate,
For changes made, oh, isn’t it great? 🎉

Warning

Rate limit exceeded

@tzdybal has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 11 minutes and 48 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 4aa92d4 and 723ade2.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (3)

execution_test.go (1)

Line range hint 25-33: Consider adding more detailed documentation for the helper function.

The function generates deterministic JWT secrets which is good for testing, but this should be explicitly documented. Consider adding a comment explaining the predictable nature of the generated secret.

+// generateTestJWTSecret creates a deterministic JWT secret for testing purposes.
+// It generates a 32-byte hex string where each byte is its index value.
+// Note: This is not secure for production use.
 func generateTestJWTSecret() string {

🧰 Tools

🪛 GitHub Check: lint / golangci-lint

[failure] 35-35:
undefined: NewMockEngineAPI

---

[failure] 38-38:
undefined: NewMockEthAPI

integration_test.go (1)

Line range hint 108-110: Consider implementing a more robust container startup check.

The current implementation uses a fixed sleep duration which could be flaky. Consider implementing a retry mechanism that checks container health or service availability.

Example approach:

func waitForContainer(ctx context.Context, t *testing.T, url string) error {
    client := &http.Client{Timeout: time.Second}
    deadline := time.Now().Add(30 * time.Second)
    for time.Now().Before(deadline) {
        _, err := client.Get(url)
        if err == nil {
            return nil
        }
        time.Sleep(100 * time.Millisecond)
    }
    return fmt.Errorf("container failed to start within timeout")
}

execution.go (1)

126-126: Document rationale for G115 suppressions

There are multiple instances of suppressing the G115 gosec linter warning for integer conversions. While these suppressions are valid, consider adding a package-level comment explaining why these conversions are safe to improve maintainability.

Example documentation to add at the package level:

// Note: This package suppresses G115 gosec warnings for specific integer
// conversions (Unix timestamps and block heights) as these values are
// guaranteed to be within safe ranges in the context of blockchain operations.

Also applies to: 224-224, 266-266, 295-295

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 1403e27 and da70ddd.

📒 Files selected for processing (5)

• .golangci.yml (0 hunks)
• execution.go (6 hunks)
• execution_test.go (7 hunks)
• integration_test.go (4 hunks)
• mocks/mocks.go (0 hunks)

💤 Files with no reviewable changes (2)

• .golangci.yml
• mocks/mocks.go

🧰 Additional context used

🪛 GitHub Check: lint / golangci-lint

execution_test.go

[failure] 1-1:
: # github.com/rollkit/go-execution-evm_test [github.com/rollkit/go-execution-evm.test]

---

[failure] 35-35:
undefined: NewMockEngineAPI

---

[failure] 38-38:
undefined: NewMockEthAPI

---

[failure] 74-74:
undefined: NewMockEngineAPI

---

[failure] 77-77:
undefined: NewMockEthAPI

---

[failure] 125-125:
undefined: NewMockEngineAPI

---

[failure] 128-128:
undefined: NewMockEthAPI

---

[failure] 194-194:
undefined: NewMockEngineAPI

---

[failure] 197-197:
undefined: NewMockEthAPI (typecheck)

🪛 golangci-lint

execution_test.go

1-1: : # github.com/rollkit/go-execution-evm_test [github.com/rollkit/go-execution-evm.test]
./execution_test.go:35:16: undefined: NewMockEngineAPI
./execution_test.go:38:13: undefined: NewMockEthAPI
./execution_test.go:74:16: undefined: NewMockEngineAPI
./execution_test.go:77:13: undefined: NewMockEthAPI
./execution_test.go:125:16: undefined: NewMockEngineAPI
./execution_test.go:128:13: undefined: NewMockEthAPI
./execution_test.go:194:16: undefined: NewMockEngineAPI
./execution_test.go:197:13: undefined: NewMockEthAPI

(typecheck)

🪛 Gitleaks

integration_test.go

29-29: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

🔇 Additional comments (8)

execution_test.go (3)

Line range hint 1-23: LGTM! Good practice moving to execution_test package.

Moving to execution_test package is a good practice as it:

• Prevents test code from being imported by other packages
• Tests the package from an external consumer's perspective

---

178-183: LGTM! Good error handling improvement.

Adding error checking for JSON encoding improves test robustness by catching potential encoding issues early.

---

35-35: ⚠️ Potential issue

Missing mock implementations prevent tests from compiling.

The test file uses NewMockEngineAPI and NewMockEthAPI functions that are undefined. According to the PR objectives, mock functionality was moved to the _test package, but the implementations are missing.

Please provide the mock implementations in a separate file (e.g., mock_test.go) within the same execution_test package.

Would you like me to help generate the mock implementations?

Also applies to: 38-38, 74-74, 77-77, 125-125, 128-128, 194-194, 197-197

🧰 Tools

🪛 GitHub Check: lint / golangci-lint

[failure] 35-35:
undefined: NewMockEngineAPI

integration_test.go (3)

11-12: LGTM! Import organization improved.

The reordering of testify imports improves code organization.

---

29-29: Verify test-only usage of JWT secret.

The hardcoded JWT secret and path with //nolint:gosec comments are acceptable for testing purposes. However, please ensure these values are only used in test files and never copied to production code.

Also applies to: 38-38

🧰 Tools

🪛 Gitleaks

29-29: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

51-51: LGTM! Improved file permissions for JWT secret.

The change to 0600 permissions enhances security by restricting access to the JWT secret file to owner-only read/write.

execution.go (2)

27-30: LGTM! Clear and helpful error documentation.

The added error documentation follows Go best practices and clearly explains the error conditions.

---

101-102: Verify if Start() method is still needed

The Start() method has been simplified to just return nil and appears to no longer serve any purpose. Consider:

1. Documenting why this method exists if it's required by an interface
2. Removing it if it's no longer needed

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (4)

mocks_test.go (1)

Line range hint 195-199: Consider consistent error handling approach

The error from json.NewEncoder is explicitly ignored here, while it's properly handled in the Engine API mock. Consider using the same error handling approach for consistency.

-		_ = json.NewEncoder(w).Encode(map[string]interface{}{
+		err = json.NewEncoder(w).Encode(map[string]interface{}{
 			"jsonrpc": "2.0",
 			"id":      req["id"],
 			"result":  resp,
 		})
+		require.NoError(t, err)

execution_test.go (2)

Line range hint 125-191: Consider enhancing transaction content validation

While the test covers the basic flow well, consider adding more specific assertions to validate the parsed transaction fields (nonce, gas price, value, etc.) against the mock response data.

Example addition after line 191:

require.Equal(t, "0x123456", txs[0].Data())
require.Equal(t, uint64(0), txs[0].Nonce())
require.Equal(t, big.NewInt(1000000000), txs[0].GasPrice())

---

Line range hint 194-224: Document the expected block hash value

Consider adding a comment explaining the significance of the hardcoded block hash value 0x4bbb1357b89ddc1b1371f9ae83b72739a1815628f8648665fc332c3f0fb8d853. This would help other developers understand its purpose in the test.

+ // expectedBlockHash represents the known block hash for height 1 in the test environment
  expectedBlockHash := "0x4bbb1357b89ddc1b1371f9ae83b72739a1815628f8648665fc332c3f0fb8d853"

integration_test.go (1)

38-38: Consider removing unnecessary nolint directive

The //nolint:gosec directive seems unnecessary for DOCKER_JWTSECRET_PATH as it's just a path constant, not a secret value.

-	DOCKER_JWTSECRET_PATH  = "./docker/jwttoken/" //nolint:gosec // path relative to the test file
+	DOCKER_JWTSECRET_PATH  = "./docker/jwttoken/" // path relative to the test file

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between da70ddd and 4aa92d4.

📒 Files selected for processing (8)

• .golangci.yml (0 hunks)
• .yamllint.yml (1 hunks)
• README.md (2 hunks)
• docker/docker-compose.yml (2 hunks)
• execution.go (6 hunks)
• execution_test.go (7 hunks)
• integration_test.go (4 hunks)
• mocks_test.go (6 hunks)

💤 Files with no reviewable changes (1)

• .golangci.yml

✅ Files skipped from review due to trivial changes (3)

• .yamllint.yml
• README.md
• docker/docker-compose.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• execution.go

🧰 Additional context used

🪛 Gitleaks

integration_test.go

29-29: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

🔇 Additional comments (10)

mocks_test.go (4)

1-1: LGTM! Well-structured package and type definitions

The changes follow Go best practices:

• Appropriate test package naming
• Properly unexported test-only types
• Clean type structure with clear field names

Also applies to: 19-25

---

95-100: LGTM! Improved error handling for JSON encoding

Good addition of error checking for JSON encoding operations using require.NoError.

---

Line range hint 53-57: LGTM! Clean forkchoice state handling

The initialization of the unexported forkChoiceState is well-structured with proper field mapping.

---

205-207: LGTM! Clean helper method implementation

The method correctly returns the unexported type and maintains a clean interface.

execution_test.go (3)

Line range hint 1-22: LGTM! Good package organization

The change to execution_test package is a good practice as it:

• Prevents test code from being imported by other packages
• Helps maintain a clear separation between implementation and test code

---

Line range hint 35-73: LGTM! Comprehensive test coverage

The test case properly validates:

• Chain initialization
• State root verification
• Gas limit checks
• Forkchoice state updates

---

Line range hint 74-124: LGTM! Well-structured transaction execution test

The test thoroughly validates:

• Transaction execution flow
• State root updates
• Gas usage calculations
• Forkchoice state consistency

integration_test.go (3)

11-13: LGTM: Import organization improved

The testify imports have been properly organized and deduplicated.

---

29-29: Verify that this JWT secret is for testing only

While the //nolint:gosec directive is appropriate for test constants, please confirm that this JWT secret is not used in any production environment and is solely for testing purposes.

🧰 Tools

🪛 Gitleaks

29-29: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

51-51: LGTM: Improved file permissions for JWT secret

Good security improvement changing the JWT secret file permissions from 0644 to 0600, restricting access to owner-only read/write.

[coderabbitai]

Actionable comments posted: 1

🧹 Outside diff range and nitpick comments (2)

integration_test.go (1)

51-51: Security improvement: Restricted file permissions

Good security practice to use 0600 permissions for the JWT secret file, restricting access to owner only.

Consider adding cleanup in case of early test failures:

 func setupTestRethEngine(t *testing.T) {
     t.Helper()
+    // Clean up any leftover files from previous failed tests
+    _ = os.Remove(DOCKER_JWTSECRET_PATH + DOCKER_JWT_SECRET_FILE)

execution.go (1)

101-102: Add documentation for the empty Start method

While removing the proxy client implementation is fine, please add a comment explaining why this method exists and returns nil. This helps future maintainers understand the design decision.

+// Start implements the Executor interface. This is a no-op as the client connections
+// are established during initialization.
 func (c *EngineAPIExecutionClient) Start() error {
     return nil
 }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 4aa92d4 and 723ade2.

📒 Files selected for processing (8)

• .golangci.yml (0 hunks)
• .yamllint.yml (1 hunks)
• README.md (2 hunks)
• docker/docker-compose.yml (2 hunks)
• execution.go (6 hunks)
• execution_test.go (7 hunks)
• integration_test.go (5 hunks)
• mocks_test.go (6 hunks)

💤 Files with no reviewable changes (1)

• .golangci.yml

🚧 Files skipped from review as they are similar to previous changes (5)

• .yamllint.yml
• README.md
• docker/docker-compose.yml
• execution_test.go
• mocks_test.go

🧰 Additional context used

🪛 Gitleaks (8.21.2)

integration_test.go

29-29: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

🔇 Additional comments (4)

integration_test.go (2)

11-12: LGTM: Import organization improved

The reordering of testify imports improves code organization and removes potential duplicates.

---

29-29: LGTM: Appropriate use of linter annotations

The //nolint:gosec annotations are correctly applied to test-only constants. These are not real secrets but test fixtures, making the annotations appropriate.

Also applies to: 38-38

🧰 Tools

🪛 Gitleaks (8.21.2)

29-29: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

execution.go (2)

27-30: LGTM: Well-documented error variables

The added documentation for error variables follows Go conventions and clearly explains their purpose.

---

126-126: Consider adding bounds checking for numeric conversions

While disabling the G115 linter warning is acceptable, these conversions could potentially overflow. Consider adding bounds checking to ensure safe conversions:

1. For timestamps (lines 126, 224): Ensure they're within reasonable Unix timestamp range
2. For block numbers (lines 266, 295): Verify they don't exceed int64.MaxValue

Let's check if there are any existing bounds checks in the codebase:

Example implementation for block number validation:

 func (c *EngineAPIExecutionClient) SetFinal(ctx context.Context, height uint64) error {
+    if height > math.MaxInt64 {
+        return fmt.Errorf("block height %d exceeds maximum allowed value", height)
+    }
     block, err := c.ethClient.BlockByNumber(ctx, big.NewInt(int64(height)))

Also applies to: 224-224, 266-266, 295-295