From 4f2caccbe9f177d47c0347b04095ebf8555bafe3 Mon Sep 17 00:00:00 2001 From: Yaroslav Halchenko Date: Wed, 6 Dec 2023 14:02:03 -0500 Subject: [PATCH 1/4] Add github action to codespell main on push and PRs Signed-off-by: Yaroslav Halchenko --- .github/workflows/codespell.yml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 .github/workflows/codespell.yml diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml new file mode 100644 index 0000000000..4a42998d85 --- /dev/null +++ b/.github/workflows/codespell.yml @@ -0,0 +1,23 @@ +--- +name: Codespell + +on: + push: + branches: [main] + pull_request: + branches: [main] + +permissions: + contents: read + +jobs: + codespell: + name: Check for spelling errors + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Codespell + # uses configuration within .codespellrc file + uses: codespell-project/actions-codespell@v2 From 3e888e48bfed15e985d150ecb9b3ab5baabe555d Mon Sep 17 00:00:00 2001 From: Yaroslav Halchenko Date: Wed, 6 Dec 2023 14:02:03 -0500 Subject: [PATCH 2/4] Add codespell config while moving some config options from Makefile Signed-off-by: Yaroslav Halchenko --- .codespellrc | 6 ++++++ Makefile | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 .codespellrc diff --git a/.codespellrc b/.codespellrc new file mode 100644 index 0000000000..2d68648595 --- /dev/null +++ b/.codespellrc @@ -0,0 +1,6 @@ +# See https://github.com/codespell-project/codespell#using-a-config-file +[codespell] +skip = .git,*.pdf,*.svg,.codespellrc,go.sum,system_registries_v2_test.go,Makefile,build,buildah,buildah.spec,imgtype,copy,AUTHORS,bin,vendor,CHANGELOG.md,changelog.txt,seccomp.json,.cirrus.yml,*.xz,*.gz,*.tar,*.tgz,*ico,*.png,*.1,*.5,*.orig,*.rej,*.gpg +check-hidden = true +ignore-regex = \b(isT|BU|this/doesnt:match)\b +ignore-words-list = te,pathc diff --git a/Makefile b/Makefile index f329ef0837..e42b43ab2f 100644 --- a/Makefile +++ b/Makefile @@ -89,4 +89,4 @@ vendor-in-container: podman run --privileged --rm --env HOME=/root -v `pwd`:/src -w /src golang go mod tidy codespell: - codespell -S Makefile,build,buildah,buildah.spec,imgtype,copy,AUTHORS,bin,vendor,.git,go.sum,CHANGELOG.md,changelog.txt,seccomp.json,.cirrus.yml,"*.xz,*.gz,*.tar,*.tgz,*ico,*.png,*.1,*.5,*.orig,*.rej" -L keypair,flate,uint,iff,od,ERRO -w + codespell -w From 498178b59a040bb08529ea9059c827cdcd5e320d Mon Sep 17 00:00:00 2001 From: Yaroslav Halchenko Date: Wed, 6 Dec 2023 14:11:36 -0500 Subject: [PATCH 3/4] [DATALAD RUNCMD] run codespell throughout but ignore fail === Do not change lines below === { "chain": [], "cmd": "codespell -w || :", "exit": 0, "extra_inputs": [], "inputs": [], "outputs": [], "pwd": "." } ^^^ Do not change lines above ^^^ Signed-off-by: Yaroslav Halchenko --- .github/renovate.json5 | 2 +- internal/blobinfocache/types.go | 2 +- internal/imagedestination/wrapper.go | 2 +- internal/imagesource/wrapper.go | 2 +- pkg/blobinfocache/boltdb/boltdb.go | 2 +- pkg/blobinfocache/internal/prioritize/prioritize.go | 4 ++-- pkg/blobinfocache/memory/memory.go | 2 +- pkg/blobinfocache/sqlite/sqlite.go | 4 ++-- signature/fulcio_cert_stub.go | 2 +- storage/storage_src.go | 2 +- 10 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/renovate.json5 b/.github/renovate.json5 index 22f80d3921..7c3c0607cc 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -36,7 +36,7 @@ ****** Global/general configuration options ***** *************************************************/ - // Re-use predefined sets of configuration options to DRY + // Reuse predefined sets of configuration options to DRY "extends": [ // https://github.com/containers/automation/blob/main/renovate/defaults.json5 "github>containers/automation//renovate/defaults.json5" diff --git a/internal/blobinfocache/types.go b/internal/blobinfocache/types.go index 429d682635..4d3858ab8d 100644 --- a/internal/blobinfocache/types.go +++ b/internal/blobinfocache/types.go @@ -36,7 +36,7 @@ type BlobInfoCache2 interface { // that could possibly be reused within the specified (transport scope) (if they still // exist, which is not guaranteed). // - // If !canSubstitute, the returned cadidates will match the submitted digest exactly; if + // If !canSubstitute, the returned candidates will match the submitted digest exactly; if // canSubstitute, data from previous RecordDigestUncompressedPair calls is used to also look // up variants of the blob which have the same uncompressed digest. // diff --git a/internal/imagedestination/wrapper.go b/internal/imagedestination/wrapper.go index 17e1870c19..cdd3c5e5d0 100644 --- a/internal/imagedestination/wrapper.go +++ b/internal/imagedestination/wrapper.go @@ -28,7 +28,7 @@ type wrapped struct { // // NOTE: The returned API MUST NOT be a public interface (it can be either just a struct // with public methods, or perhaps a private interface), so that we can add methods -// without breaking any external implementors of a public interface. +// without breaking any external implementers of a public interface. func FromPublic(dest types.ImageDestination) private.ImageDestination { if dest2, ok := dest.(private.ImageDestination); ok { return dest2 diff --git a/internal/imagesource/wrapper.go b/internal/imagesource/wrapper.go index 886b4e833b..f0d1d042bf 100644 --- a/internal/imagesource/wrapper.go +++ b/internal/imagesource/wrapper.go @@ -27,7 +27,7 @@ type wrapped struct { // // NOTE: The returned API MUST NOT be a public interface (it can be either just a struct // with public methods, or perhaps a private interface), so that we can add methods -// without breaking any external implementors of a public interface. +// without breaking any external implementers of a public interface. func FromPublic(src types.ImageSource) private.ImageSource { if src2, ok := src.(private.ImageSource); ok { return src2 diff --git a/pkg/blobinfocache/boltdb/boltdb.go b/pkg/blobinfocache/boltdb/boltdb.go index 4f66bcee4b..9a8fa22ab9 100644 --- a/pkg/blobinfocache/boltdb/boltdb.go +++ b/pkg/blobinfocache/boltdb/boltdb.go @@ -411,7 +411,7 @@ func (bdc *cache) candidateLocations(transport types.ImageTransport, scope types // CandidateLocations returns a prioritized, limited, number of blobs and their locations that could possibly be reused // within the specified (transport scope) (if they still exist, which is not guaranteed). // -// If !canSubstitute, the returned cadidates will match the submitted digest exactly; if canSubstitute, +// If !canSubstitute, the returned candidates will match the submitted digest exactly; if canSubstitute, // data from previous RecordDigestUncompressedPair calls is used to also look up variants of the blob which have the same // uncompressed digest. func (bdc *cache) CandidateLocations(transport types.ImageTransport, scope types.BICTransportScope, primaryDigest digest.Digest, canSubstitute bool) []types.BICReplacementCandidate { diff --git a/pkg/blobinfocache/internal/prioritize/prioritize.go b/pkg/blobinfocache/internal/prioritize/prioritize.go index 97562687c8..470fca0c18 100644 --- a/pkg/blobinfocache/internal/prioritize/prioritize.go +++ b/pkg/blobinfocache/internal/prioritize/prioritize.go @@ -91,11 +91,11 @@ func min(a, b int) int { // destructivelyPrioritizeReplacementCandidatesWithMax is destructivelyPrioritizeReplacementCandidates with parameters for the // number of entries to limit for known and unknown location separately, only to make testing simpler. -// TODO: following function is not destructive any more in the nature instead priortized result is actually copies of the original +// TODO: following function is not destructive any more in the nature instead prioritized result is actually copies of the original // candidate set, so In future we might wanna re-name this public API and remove the destructive prefix. func destructivelyPrioritizeReplacementCandidatesWithMax(cs []CandidateWithTime, primaryDigest, uncompressedDigest digest.Digest, totalLimit int, noLocationLimit int) []blobinfocache.BICReplacementCandidate2 { // split unknown candidates and known candidates - // and limit them seperately. + // and limit them separately. var knownLocationCandidates []CandidateWithTime var unknownLocationCandidates []CandidateWithTime // We don't need to use sort.Stable() because nanosecond timestamps are (presumably?) unique, so no two elements should diff --git a/pkg/blobinfocache/memory/memory.go b/pkg/blobinfocache/memory/memory.go index cfad16b2ec..16193db952 100644 --- a/pkg/blobinfocache/memory/memory.go +++ b/pkg/blobinfocache/memory/memory.go @@ -184,7 +184,7 @@ func (mem *cache) CandidateLocations(transport types.ImageTransport, scope types // CandidateLocations2 returns a prioritized, limited, number of blobs and their locations (if known) that could possibly be reused // within the specified (transport scope) (if they still exist, which is not guaranteed). // -// If !canSubstitute, the returned cadidates will match the submitted digest exactly; if canSubstitute, +// If !canSubstitute, the returned candidates will match the submitted digest exactly; if canSubstitute, // data from previous RecordDigestUncompressedPair calls is used to also look up variants of the blob which have the same // uncompressed digest. func (mem *cache) CandidateLocations2(transport types.ImageTransport, scope types.BICTransportScope, primaryDigest digest.Digest, canSubstitute bool) []blobinfocache.BICReplacementCandidate2 { diff --git a/pkg/blobinfocache/sqlite/sqlite.go b/pkg/blobinfocache/sqlite/sqlite.go index 2b446a61c4..d8bde2fa0e 100644 --- a/pkg/blobinfocache/sqlite/sqlite.go +++ b/pkg/blobinfocache/sqlite/sqlite.go @@ -171,7 +171,7 @@ func transaction[T any](sqc *cache, fn func(tx *sql.Tx) (T, error)) (T, error) { // dbTransaction calls fn within a read-write transaction in db. func dbTransaction[T any](db *sql.DB, fn func(tx *sql.Tx) (T, error)) (T, error) { - // Ideally we should be able to distinguish between read-only and read-write transactions, see the _txlock=exclusive dicussion. + // Ideally we should be able to distinguish between read-only and read-write transactions, see the _txlock=exclusive discussion. var zeroRes T // A zero value of T @@ -496,7 +496,7 @@ func (sqc *cache) appendReplacementCandidates(candidates []prioritize.CandidateW // that could possibly be reused within the specified (transport scope) (if they still // exist, which is not guaranteed). // -// If !canSubstitute, the returned cadidates will match the submitted digest exactly; if +// If !canSubstitute, the returned candidates will match the submitted digest exactly; if // canSubstitute, data from previous RecordDigestUncompressedPair calls is used to also look // up variants of the blob which have the same uncompressed digest. // diff --git a/signature/fulcio_cert_stub.go b/signature/fulcio_cert_stub.go index ee79b031dd..c0b48dafa7 100644 --- a/signature/fulcio_cert_stub.go +++ b/signature/fulcio_cert_stub.go @@ -23,6 +23,6 @@ func (f *fulcioTrustRoot) validate() error { func verifyRekorFulcio(rekorPublicKey *ecdsa.PublicKey, fulcioTrustRoot *fulcioTrustRoot, untrustedRekorSET []byte, untrustedCertificateBytes []byte, untrustedIntermediateChainBytes []byte, untrustedBase64Signature string, untrustedPayloadBytes []byte) (crypto.PublicKey, error) { - return nil, errors.New("fulcio diabled at compile-time") + return nil, errors.New("fulcio disabled at compile-time") } diff --git a/storage/storage_src.go b/storage/storage_src.go index 28df60da7b..7022d322ea 100644 --- a/storage/storage_src.go +++ b/storage/storage_src.go @@ -118,7 +118,7 @@ func (s *storageImageSource) GetBlob(ctx context.Context, info types.BlobInfo, c var layers []storage.Layer - // If the digest was overriden by LayerInfosForCopy, then we need to use the TOC digest + // If the digest was overridden by LayerInfosForCopy, then we need to use the TOC digest // to retrieve it from the storage. s.getBlobMutex.Lock() layerID, found := s.getBlobMutexProtected.digestToLayerID[digest] From 0976a1410879f1ddb3acce099d73e4c425133edf Mon Sep 17 00:00:00 2001 From: Yaroslav Halchenko Date: Wed, 6 Dec 2023 14:12:15 -0500 Subject: [PATCH 4/4] [DATALAD RUNCMD] Do interactive fixing of some ambigous typos === Do not change lines below === { "chain": [], "cmd": "codespell -w -i 3 -C 2", "exit": 0, "extra_inputs": [], "inputs": [], "outputs": [], "pwd": "." } ^^^ Do not change lines above ^^^ Signed-off-by: Yaroslav Halchenko --- internal/manifest/oci_index_test.go | 4 ++-- signature/simplesigning/signer_test.go | 2 +- storage/storage_test.go | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/internal/manifest/oci_index_test.go b/internal/manifest/oci_index_test.go index 3c9a3ac4bb..204af46330 100644 --- a/internal/manifest/oci_index_test.go +++ b/internal/manifest/oci_index_test.go @@ -177,13 +177,13 @@ func TestOCI1IndexChooseInstanceByCompression(t *testing.T) { {"amd64", "", "sha256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb", false}, // out of multiple gzip in arm64 select the first one to ensure original logic is prevented {"arm64", "", "sha256:cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc", false}, - // select a signle gzip s390x image + // select a single gzip s390x image {"s390x", "", "sha256:eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee", false}, // out of gzip and zstd in amd64 select the first gzip image {"amd64", "", "sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", true}, // out of multiple gzip in arm64 select the first one to ensure original logic is prevented {"arm64", "", "sha256:cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc", true}, - // select a signle gzip s390x image + // select a single gzip s390x image {"s390x", "", "sha256:eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee", true}, }, unmatchedInstances: []string{ diff --git a/signature/simplesigning/signer_test.go b/signature/simplesigning/signer_test.go index 0246c13c5a..e572eeb927 100644 --- a/signature/simplesigning/signer_test.go +++ b/signature/simplesigning/signer_test.go @@ -103,7 +103,7 @@ func TestSimpleSignerSignImageManifest(t *testing.T) { // Failures to sign need to be tested in two parts: First the failures that involve the wrong passphrase, then failures that // should manifest even with a valid passphrase or unlocked key (because the GPG agent is caching unlocked keys). - // Alternatively, we could be caling gpgagent.KillGPGAgent() all the time... + // Alternatively, we could be calling gpgagent.KillGPGAgent() all the time... type failingCase struct { name string opts []Option diff --git a/storage/storage_test.go b/storage/storage_test.go index fb5158e589..b0a07e507a 100644 --- a/storage/storage_test.go +++ b/storage/storage_test.go @@ -207,7 +207,7 @@ func makeLayerGoroutine(pwriter io.Writer, uncompressedCount *int64, compression // We do not do that, to workaround https://github.com/containers/storage/issues/1729 : // tar-split runs a goroutine that consumes/forwards tar content and might access // concurrently-freed objects if it sees a valid EOF marker. - // Instead, realy on raw EOF to terminate the goroutine. + // Instead, really on raw EOF to terminate the goroutine. // This depends on implementation details of tar.Writer (that it does not do any // internal buffering).