From 7841eba78491dcaa4a74dddc2d06c52d84709c1a Mon Sep 17 00:00:00 2001 From: Feny Mehta Date: Mon, 13 Jan 2025 13:56:41 +0530 Subject: [PATCH 1/2] KUBESAW-250: Updating GolangCiLint to v1.63.1 (#1116) * Updating GolangCiLint to v1.63.1 Signed-off-by: Feny Mehta * Fixing the Linter errors Signed-off-by: Feny Mehta * comments for gosec Signed-off-by: Feny Mehta * changing the comments Signed-off-by: Feny Mehta * Update controllers/spaceprovisionerconfig/spaceprovisionerconfig_controller.go Co-authored-by: Matous Jobanek * Update pkg/capacity/manager.go Co-authored-by: Matous Jobanek * Update pkg/capacity/manager.go Co-authored-by: Matous Jobanek * Update controllers/spaceprovisionerconfig/spaceprovisionerconfig_controller.go Co-authored-by: Matous Jobanek * updating comments Signed-off-by: Feny Mehta * rc on comments Signed-off-by: Feny Mehta --------- Signed-off-by: Feny Mehta Co-authored-by: Matous Jobanek --- .github/workflows/ci-golang-sbom.yml | 2 +- controllers/space/space_controller.go | 2 +- .../spaceprovisionerconfig_controller.go | 6 ++++-- controllers/toolchainconfig/toolchainconfig_controller.go | 2 +- controllers/toolchainstatus/toolchainstatus_controller.go | 2 +- controllers/usersignup/usersignup_controller.go | 7 ++++--- main.go | 6 +++--- pkg/capacity/manager.go | 6 ++++-- pkg/space/space.go | 3 ++- 9 files changed, 21 insertions(+), 15 deletions(-) diff --git a/.github/workflows/ci-golang-sbom.yml b/.github/workflows/ci-golang-sbom.yml index 3ed8c04d1..cb4eada63 100644 --- a/.github/workflows/ci-golang-sbom.yml +++ b/.github/workflows/ci-golang-sbom.yml @@ -29,7 +29,7 @@ jobs: - name: Lint uses: golangci/golangci-lint-action@v6 with: - version: v1.52.0 + version: v1.63.1 skip-pkg-cache: true skip-build-cache: true args: --config=./.golangci.yml --verbose diff --git a/controllers/space/space_controller.go b/controllers/space/space_controller.go index e791cca6c..ae6819593 100644 --- a/controllers/space/space_controller.go +++ b/controllers/space/space_controller.go @@ -254,7 +254,7 @@ func (r *Reconciler) ensureNSTemplateSet(ctx context.Context, space *toolchainv1 return norequeue, r.setStatusProvisioned(ctx, space) default: - return norequeue, r.setStatusProvisioningFailed(ctx, space, fmt.Errorf(nsTmplSetReady.Message)) + return norequeue, r.setStatusProvisioningFailed(ctx, space, fmt.Errorf("%s", nsTmplSetReady.Message)) } } diff --git a/controllers/spaceprovisionerconfig/spaceprovisionerconfig_controller.go b/controllers/spaceprovisionerconfig/spaceprovisionerconfig_controller.go index c12198e65..830f407c7 100644 --- a/controllers/spaceprovisionerconfig/spaceprovisionerconfig_controller.go +++ b/controllers/spaceprovisionerconfig/spaceprovisionerconfig_controller.go @@ -184,7 +184,8 @@ func (r *Reconciler) determineCapacityReadyState(spc *toolchainv1alpha1.SpacePro // It always knows this fact so returning a bool is ok, in contrast to determinMemoryUtilizationReadyState. func determineSpaceCountReadyState(spc *toolchainv1alpha1.SpaceProvisionerConfig) bool { max := spc.Spec.CapacityThresholds.MaxNumberOfSpaces - return max == 0 || max > uint(spc.Status.ConsumedCapacity.SpaceCount) + // we don't expect that the max number of spaces would ever go above the max size of int, so we don't have to worry about the overflow error, hence its okay to ignore the linter here + return max == 0 || int(max) > spc.Status.ConsumedCapacity.SpaceCount // nolint:gosec } // determineMemoryUtilizationReadyState checks that the cluster has enough free memory. It may not be able to tell the fact @@ -203,7 +204,8 @@ func determineMemoryUtilizationReadyState(spc *toolchainv1alpha1.SpaceProvisione // the memory utilitzation is ok if it is below the threshold in all node types for _, val := range spc.Status.ConsumedCapacity.MemoryUsagePercentPerNodeRole { - if uint(val) >= spc.Spec.CapacityThresholds.MaxMemoryUtilizationPercent { + // the MaxMemoryUtilizationPercent won't go over 100, so it's safe to cast it to int and to not worry about overflow error, thus ignoring the linter + if val >= int(spc.Spec.CapacityThresholds.MaxMemoryUtilizationPercent) { // nolint:gosec return corev1.ConditionFalse } } diff --git a/controllers/toolchainconfig/toolchainconfig_controller.go b/controllers/toolchainconfig/toolchainconfig_controller.go index c0b33a5e6..2ace242f4 100644 --- a/controllers/toolchainconfig/toolchainconfig_controller.go +++ b/controllers/toolchainconfig/toolchainconfig_controller.go @@ -118,7 +118,7 @@ func (r *Reconciler) Reconcile(ctx context.Context, request ctrl.Request) (ctrl. if syncErrs := sync.SyncMemberConfigs(ctx, toolchainConfig); len(syncErrs) > 0 { for cluster, errMsg := range syncErrs { - err := fmt.Errorf(errMsg) + err := fmt.Errorf("%s", errMsg) reqLogger.Error(err, "error syncing configuration to member cluster", "cluster", cluster) } return DefaultReconcile, r.updateSyncStatus(ctx, toolchainConfig, syncErrs, ToSyncFailure()) diff --git a/controllers/toolchainstatus/toolchainstatus_controller.go b/controllers/toolchainstatus/toolchainstatus_controller.go index 030a1fce3..fde74b09e 100644 --- a/controllers/toolchainstatus/toolchainstatus_controller.go +++ b/controllers/toolchainstatus/toolchainstatus_controller.go @@ -937,7 +937,7 @@ func (s *regServiceSubstatusHandler) addRegistrationServiceHealthAndRevisionChec // add the health status to the toolchainstatus toolchainStatus.Status.RegistrationService.Health = healthStatus if !healthValues.Alive { - err = fmt.Errorf(errMsgRegistrationServiceHealthStatusUnhealthy) + err = fmt.Errorf("%s", errMsgRegistrationServiceHealthStatusUnhealthy) logger.Error(err, "registration service is unhealthy") errCondition := status.NewComponentErrorCondition(toolchainv1alpha1.ToolchainStatusRegServiceNotReadyReason, err.Error()) toolchainStatus.Status.RegistrationService.Health.Conditions = []toolchainv1alpha1.Condition{*errCondition} diff --git a/controllers/usersignup/usersignup_controller.go b/controllers/usersignup/usersignup_controller.go index 639c2d896..e8e3d05dd 100644 --- a/controllers/usersignup/usersignup_controller.go +++ b/controllers/usersignup/usersignup_controller.go @@ -4,6 +4,8 @@ import ( "context" "fmt" + "strconv" + recaptcha "cloud.google.com/go/recaptchaenterprise/v2/apiv1" recaptchapb "cloud.google.com/go/recaptchaenterprise/v2/apiv1/recaptchaenterprisepb" toolchainv1alpha1 "github.com/codeready-toolchain/api/api/v1alpha1" @@ -36,7 +38,6 @@ import ( "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/manager" "sigs.k8s.io/controller-runtime/pkg/reconcile" - "strconv" ) type StatusUpdaterFunc func(ctx context.Context, userAcc *toolchainv1alpha1.UserSignup, message string) error @@ -610,7 +611,7 @@ func (r *Reconciler) generateCompliantUsername( } else if mur.Labels[toolchainv1alpha1.MasterUserRecordOwnerLabelKey] == instance.Name { // If the found MUR has the same UserID as the UserSignup, then *it* is the correct MUR - // Return an error here and allow the reconcile() function to pick it up on the next loop - return "", fmt.Errorf(fmt.Sprintf("INFO: could not generate compliant username as MasterUserRecord with the same name [%s] and user id [%s] already exists. The next reconcile loop will pick it up.", mur.Name, instance.Name)) + return "", fmt.Errorf("INFO: could not generate compliant username as MasterUserRecord with the same name [%s] and user id [%s] already exists. The next reconcile loop will pick it up", mur.Name, instance.Name) } if len(transformed) > maxlengthWithSuffix { @@ -620,7 +621,7 @@ func (r *Reconciler) generateCompliantUsername( } } - return "", fmt.Errorf(fmt.Sprintf("unable to transform username [%s] even after 100 attempts", instance.Spec.IdentityClaims.PreferredUsername)) + return "", fmt.Errorf("unable to transform username [%s] even after 100 attempts", instance.Spec.IdentityClaims.PreferredUsername) } // provisionMasterUserRecord does the work of provisioning the MasterUserRecord diff --git a/main.go b/main.go index e02495980..83fc31030 100644 --- a/main.go +++ b/main.go @@ -464,10 +464,10 @@ func addMemberClusters(mgr ctrl.Manager, cl runtimeclient.Client, namespace stri } }) if err != nil { - return nil, errors.Wrapf(err, "unable to create member cluster definition for "+memberConfig.Name) + return nil, fmt.Errorf("unable to create member cluster definition for '%s': %w", memberConfig.Name, err) } if err := mgr.Add(memberCluster); err != nil { - return nil, errors.Wrapf(err, "unable to add member cluster to the manager for "+memberConfig.Name) + return nil, fmt.Errorf("unable to add member cluster to the manager for '%s' : %w", memberConfig.Name, err) } // These fields need to be set when using the REST client memberConfig.RestConfig.ContentConfig = rest.ContentConfig{ @@ -476,7 +476,7 @@ func addMemberClusters(mgr ctrl.Manager, cl runtimeclient.Client, namespace stri } restClient, err := rest.RESTClientFor(memberConfig.RestConfig) if err != nil { - return nil, errors.Wrapf(err, "unable to create member cluster rest client "+memberConfig.Name) + return nil, fmt.Errorf("unable to create member cluster rest client '%s' : %w", memberConfig.Name, err) } memberClusters[memberConfig.Name] = cluster.Cluster{ Config: memberConfig, diff --git a/pkg/capacity/manager.go b/pkg/capacity/manager.go index bea0f1a3c..f27c88a9e 100644 --- a/pkg/capacity/manager.go +++ b/pkg/capacity/manager.go @@ -21,7 +21,8 @@ type ( func hasNotReachedMaxNumberOfSpacesThreshold(counts counter.Counts) spaceProvisionerConfigPredicate { return func(spc *toolchainv1alpha1.SpaceProvisionerConfig) bool { - numberOfSpaces := uint(counts.SpacesPerClusterCounts[spc.Spec.ToolchainCluster]) + // the numbers of Spaces per cluster shouldn't be negative, so it's fine to cast it to uint without worrying about the overflow error, and thus also ignore the linter + numberOfSpaces := uint(counts.SpacesPerClusterCounts[spc.Spec.ToolchainCluster]) // nolint:gosec threshold := spc.Spec.CapacityThresholds.MaxNumberOfSpaces return threshold == 0 || numberOfSpaces < threshold } @@ -45,7 +46,8 @@ func hasEnoughMemoryCapacity(status *toolchainv1alpha1.ToolchainStatus) spacePro func hasMemberEnoughMemoryCapacity(memberStatus toolchainv1alpha1.Member, threshold uint) bool { if len(memberStatus.MemberStatus.ResourceUsage.MemoryUsagePerNodeRole) > 0 { for _, usagePerNode := range memberStatus.MemberStatus.ResourceUsage.MemoryUsagePerNodeRole { - if uint(usagePerNode) >= threshold { + // the memory utilization threshold should be max 100, so it's fine to cast it to int without worrying about the overflow error, thus ignoring the linter here + if usagePerNode >= int(threshold) { // nolint:gosec return false } } diff --git a/pkg/space/space.go b/pkg/space/space.go index c5995565e..6960226ca 100644 --- a/pkg/space/space.go +++ b/pkg/space/space.go @@ -46,7 +46,8 @@ func NewSpaceWithFeatureToggles(userSignup *toolchainv1alpha1.UserSignup, target func addFeatureToggles(space *toolchainv1alpha1.Space, toggles []toolchainconfig.FeatureToggle) { var winners []string for _, t := range toggles { - weight := int(t.Weight()) + //the value of weight is not expected to go beyond 100, it won't overflow, hence its okay to ignore the overflow linter error + weight := int(t.Weight()) // nolint:gosec // We generate a random number between 0 and 100. If the number is equal to or lower than the weight // then the feature wins. // We don't use recommended crypto/rand here because we don't need crypto grade random generator From 000ed51e5d72b2cd1bed4f7d505280563ecdd3e7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Jan 2025 20:26:43 -0800 Subject: [PATCH 2/2] chore(deps): bump golang.org/x/net from 0.25.0 to 0.33.0 (#1120) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.25.0 to 0.33.0. - [Commits](https://github.com/golang/net/compare/v0.25.0...v0.33.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 531d89961..9b568ba48 100644 --- a/go.mod +++ b/go.mod @@ -100,7 +100,7 @@ require ( go.uber.org/atomic v1.7.0 // indirect go.uber.org/multierr v1.6.0 // indirect golang.org/x/crypto v0.31.0 // indirect - golang.org/x/net v0.25.0 // indirect + golang.org/x/net v0.33.0 // indirect golang.org/x/oauth2 v0.19.0 // indirect golang.org/x/sync v0.10.0 // indirect golang.org/x/sys v0.28.0 // indirect diff --git a/go.sum b/go.sum index 79b15e9e0..2f58096b8 100644 --- a/go.sum +++ b/go.sum @@ -308,8 +308,8 @@ golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= -golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= -golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= golang.org/x/oauth2 v0.19.0 h1:9+E/EZBCbTLNrbN35fHv/a/d/mOBatymz1zbtQrXpIg=