From e437f57633fe20b72f4743f485c99bdbdd46e08e Mon Sep 17 00:00:00 2001 From: marco Date: Wed, 3 Jan 2024 12:45:01 +0100 Subject: [PATCH] golangci-lint update --- .github/workflows/lint.yml | 2 +- .golangci.yml | 27 ++++++++++++++++++++++++--- cmd/root.go | 3 ++- pkg/iptables/iptables.go | 2 -- pkg/iptables/iptables_context.go | 4 +--- pkg/pf/pf_context.go | 3 ++- 6 files changed, 30 insertions(+), 11 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 903037b0..f7239126 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -39,7 +39,7 @@ jobs: - name: golangci-lint uses: golangci/golangci-lint-action@v3 with: - version: v1.54 + version: v1.55 args: --issues-exit-code=1 --timeout 10m only-new-issues: false # the cache is already managed above, enabling it here diff --git a/.golangci.yml b/.golangci.yml index 4bfad033..fad5bd44 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,6 +1,14 @@ # see https://github.com/golangci/golangci-lint/blob/master/.golangci.example.yml linters-settings: + gci: + sections: + - standard + - default + - prefix(github.com/crowdsecurity) + - prefix(github.com/crowdsecurity/crowdsec) + - prefix(github.com/crowdsecurity/cs-firewall-bouncer) + gocyclo: min-complexity: 30 @@ -16,16 +24,28 @@ linters-settings: govet: check-shadowing: true + lll: line-length: 140 + misspell: locale: US + + nlreturn: + block-size: 4 + nolintlint: - allow-leading-space: true # don't require machine-readable nolint directives (i.e. with no leading space) allow-unused: false # report any unused nolint directives require-explanation: false # don't require an explanation for nolint directives require-specific: false # don't require nolint directives to be specific about which linter is being skipped + depguard: + rules: + main: + deny: + - pkg: "github.com/pkg/errors" + desc: "errors.New() is deprecated in favor of fmt.Errorf()" + linters: enable-all: true disable: @@ -47,7 +67,6 @@ linters: # Disabled # - gci # Gci control golang package import order and make it always deterministic. - - depguard # Go linter that checks if package imports are in a list of acceptable packages # # Enabled @@ -60,6 +79,7 @@ linters: # - containedctx # containedctx is a linter that detects struct contained context.Context field # - contextcheck # check the function whether use a non-inherited context # - decorder # check declaration order and count of types, constants, variables and functions + # - depguard # Go linter that checks if package imports are in a list of acceptable packages # - dogsled # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f()) # - durationcheck # check for two durations multiplied together # - errcheck # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases @@ -71,6 +91,7 @@ linters: # - exportloopref # checks for pointers to enclosing loop variables # - forcetypeassert # finds forced type assertions # - funlen # Tool for detection of long functions + # - ginkgolinter # enforces standards of using ginkgo and gomega # - gochecknoinits # Checks that no init functions are present in Go code # - godot # Check if comments end in a period # - gofmt # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification @@ -164,7 +185,7 @@ linters: issues: max-issues-per-linter: 0 - max-same-issues: 10 + max-same-issues: 0 exclude-rules: # `err` is often shadowed, we may continue to do it - linters: diff --git a/cmd/root.go b/cmd/root.go index 7172c4fa..fe08914f 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -18,11 +18,12 @@ import ( "golang.org/x/exp/slices" "golang.org/x/sync/errgroup" - "github.com/crowdsecurity/crowdsec/pkg/models" csbouncer "github.com/crowdsecurity/go-cs-bouncer" "github.com/crowdsecurity/go-cs-lib/csdaemon" "github.com/crowdsecurity/go-cs-lib/version" + "github.com/crowdsecurity/crowdsec/pkg/models" + "github.com/crowdsecurity/cs-firewall-bouncer/pkg/backend" "github.com/crowdsecurity/cs-firewall-bouncer/pkg/cfg" "github.com/crowdsecurity/cs-firewall-bouncer/pkg/metrics" diff --git a/pkg/iptables/iptables.go b/pkg/iptables/iptables.go index 65762459..fcc31145 100644 --- a/pkg/iptables/iptables.go +++ b/pkg/iptables/iptables.go @@ -28,8 +28,6 @@ type iptables struct { } func NewIPTables(config *cfg.BouncerConfig) (types.Backend, error) { - var err error - ret := &iptables{} ipv4Ctx := &ipTablesContext{ diff --git a/pkg/iptables/iptables_context.go b/pkg/iptables/iptables_context.go index 3c3ba0eb..2f23148f 100644 --- a/pkg/iptables/iptables_context.go +++ b/pkg/iptables/iptables_context.go @@ -31,12 +31,10 @@ type ipTablesContext struct { } func (ctx *ipTablesContext) CheckAndCreate() error { - var err error - log.Infof("Checking existing set") /* check if the set already exist */ cmd := exec.Command(ctx.ipsetBin, "-L", ctx.SetName) - if _, err = cmd.CombinedOutput(); err != nil { // it doesn't exist + if _, err := cmd.CombinedOutput(); err != nil { // it doesn't exist if ctx.ipsetContentOnly { /*if we manage ipset content only, error*/ log.Errorf("set %s doesn't exist, can't manage content", ctx.SetName) diff --git a/pkg/pf/pf_context.go b/pkg/pf/pf_context.go index 27fa8558..11f1d2d2 100644 --- a/pkg/pf/pf_context.go +++ b/pkg/pf/pf_context.go @@ -8,8 +8,9 @@ import ( log "github.com/sirupsen/logrus" - "github.com/crowdsecurity/crowdsec/pkg/models" "github.com/crowdsecurity/go-cs-lib/slicetools" + + "github.com/crowdsecurity/crowdsec/pkg/models" ) type pfContext struct {