Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CI: Add CLA check, Linting and security scanning #31

Merged
merged 6 commits into from
Sep 26, 2023
Merged

CI: Add CLA check, Linting and security scanning #31

merged 6 commits into from
Sep 26, 2023

Conversation

rebornplusplus
Copy link
Member

@rebornplusplus rebornplusplus commented Sep 27, 2022
edited
Loading

@woky woky requested a review from niemeyer January 12, 2023 09:14
@woky woky self-requested a review January 12, 2023 09:14
niemeyer
niemeyer requested changes May 29, 2023
View reviewed changes
Copy link
Contributor

@niemeyer niemeyer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks Rafid, here is a first pass.

.github/workflows/linter.yml Outdated Show resolved Hide resolved
.github/workflows/cla-check.yml Outdated Show resolved Hide resolved
.github/workflows/linter.yml Outdated Show resolved Hide resolved
niemeyer
niemeyer requested changes May 29, 2023
View reviewed changes
Copy link
Contributor

@niemeyer niemeyer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks Rafid, here is a first pass.

@rebornplusplus rebornplusplus marked this pull request as draft June 2, 2023 03:34
@rebornplusplus rebornplusplus changed the title CI: Added CLA Check and Linting Support including Security Scanning CI: Add CLA check, Linting and security scanning Jun 2, 2023
@rebornplusplus rebornplusplus marked this pull request as ready for review June 2, 2023 04:53
@rebornplusplus
Copy link
Member Author

Please note that the "Lint" tests are failing because some of the files we currently have, seem not to be appropriately formatted.
go fmt ./... produces the diff here: link to GH workflow run log.

Additionally, I ran errcheck, staticcheck and unused on my workstation in the repo(main) and found the following warnings:

Toggle to see log 
$ golangci-lint run --disable-all --enable errcheck,staticcheck,unused
internal/strdist/log.go:47:22: Error return value of `globalLogger.Output` is not checked (errcheck)
		globalLogger.Output(2, fmt.Sprintf(format, args...))
		                   ^
internal/strdist/log.go:58:22: Error return value of `globalLogger.Output` is not checked (errcheck)
		globalLogger.Output(2, fmt.Sprintf(format, args...))
		                   ^
internal/strdist/log.go:43:6: func `logf` is unused (unused)
func logf(format string, args ...interface{}) {
     ^
internal/strdist/strdist.go:24:2: field `private` is unused (unused)
	private struct{}
	^
internal/control/control_test.go:91:22: Error return value of `control.ParseString` is not checked (errcheck)
		control.ParseString("Package", content)
		                   ^
internal/fsutil/log.go:40:22: Error return value of `globalLogger.Output` is not checked (errcheck)
		globalLogger.Output(2, fmt.Sprintf(format, args...))
		                   ^
internal/setup/fetch.go:47:25: Error return value of `lockFile.Unlock` is not checked (errcheck)
			defer lockFile.Unlock()
			                     ^
internal/archive/archive_test.go:117:16: Error return value of `release.Render` is not checked (errcheck)
	release.Render(base.Path, s.responses)
	              ^
internal/archive/archive_test.go:232:15: Error return value of `release.Walk` is not checked (errcheck)
		release.Walk(func(item testarchive.Item) error {
		            ^
internal/archive/archive_test.go:239:17: Error return value of `release.Render` is not checked (errcheck)
		release.Render("/ubuntu", s.responses)
		              ^
cmd/chisel/cmd_help.go:105:9: Error return value of `io.Copy` is not checked (errcheck)
	io.Copy(Stdout, strings.NewReader(str))
	       ^
cmd/chisel/main.go:167:16: Error return value is not checked (errcheck)
		printVersions()
		             ^
cmd/chisel/main.go:181:9: Error return value is not checked (errcheck)
	addHelp(parser)
	       ^
internal/fsutil/log.go:36:6: func `logf` is unused (unused)
func logf(format string, args ...interface{}) {
     ^
internal/deb/log.go:17:5: var `globalDebug` is unused (unused)
var globalDebug bool
    ^
internal/deb/log.go:47:6: func `debugf` is unused (unused)
func debugf(format string, args ...interface{}) {
     ^
internal/deb/version.go:86:6: func `matchEpoch` is unused (unused)
func matchEpoch(a string) bool {
     ^
internal/deb/version.go:99:6: func `atMostOneDash` is unused (unused)
func atMostOneDash(a string) bool {
     ^
internal/scripts/log.go:16:5: var `globalLogger` is unused (unused)
var globalLogger log_Logger
    ^
internal/scripts/log.go:17:5: var `globalDebug` is unused (unused)
var globalDebug bool
    ^
internal/scripts/log.go:36:6: func `logf` is unused (unused)
func logf(format string, args ...interface{}) {
     ^
internal/scripts/log.go:47:6: func `debugf` is unused (unused)
func debugf(format string, args ...interface{}) {
     ^
internal/jsonwall/log.go:16:5: var `globalLogger` is unused (unused)
var globalLogger log_Logger
    ^
internal/jsonwall/log.go:17:5: var `globalDebug` is unused (unused)
var globalDebug bool
    ^
internal/jsonwall/log.go:47:6: func `debugf` is unused (unused)
func debugf(format string, args ...interface{}) {
     ^
internal/setup/setup_test.go:17:2: field `slices` is unused (unused)
	slices    map[string]*setup.Slice
	^
internal/slicer/log.go:16:5: var `globalLogger` is unused (unused)
var globalLogger log_Logger
    ^
cmd/chisel/main.go:40:7: const `defaultChiselDir` is unused (unused)
const defaultChiselDir = "/var/lib/chisel/default"
      ^
cmd/chisel/main.go:91:6: func `addDebugCommand` is unused (unused)
func addDebugCommand(name, shortHelp, longHelp string, builder func() flags.Commander, optDescs map[string]string, argDescs []argDesc) *cmdInfo {
     ^
cmd/chisel/main_test.go:73:6: func `fakeArgs` is unused (unused)
func fakeArgs(args ...string) (restore func()) {
     ^
internal/testutil/pkgdata.go:229:2: SA4006: this value of `err` is never used (staticcheck)
	writer, err := zstd.NewWriter(&buf)
	^
internal/testutil/pkgdata_test.go:346:2: SA4006: this value of `err` is never used (staticcheck)
	zstdReader, err := zstd.NewReader(&tarZstdBuf)
	^
cmd/chisel/main.go:15:2: SA1019: "golang.org/x/crypto/ssh/terminal" is deprecated: this package moved to golang.org/x/term. (staticcheck)
	"golang.org/x/crypto/ssh/terminal"
	^
cmd/chisel/main_test.go:8:2: SA1019: "golang.org/x/crypto/ssh/terminal" is deprecated: this package moved to golang.org/x/term. (staticcheck)
	"golang.org/x/crypto/ssh/terminal"
	^

We should probably refactor these files for the tests to pass.

jnsgruk
jnsgruk reviewed Aug 16, 2023
View reviewed changes
Copy link
Member

@jnsgruk jnsgruk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given that the job fails due to formatting - can you add another commit that actually fixes those changes? That way we should have one commit introducing everything you have so far, and another to address the linting differences which means we don't need to merge a broken PR :)

.github/workflows/security.yaml Outdated Show resolved Hide resolved
@rebornplusplus rebornplusplus force-pushed the ROCKS-313-continuous-integration branch from 5614a61 to f39d70d Compare August 17, 2023 12:12
@rebornplusplus
Copy link
Member Author

This PR being very old, I have rebased the commits onto the current main and later squashed the commits into one.

Given that the job fails due to formatting - can you add another commit that actually fixes those changes? That way we should have one commit introducing everything you have so far, and another to address the linting differences which means we don't need to merge a broken PR :)

I have fixed the formatting issues in 020f62b. However, the lint workflow will still fail due to the linters we are running (errcheck, unused, staticcheck). Fixing this will need some (minor I am hoping) refactoring. I will add another commit addressing those issues.

@cjdcordeiro
Copy link
Collaborator

cjdcordeiro commented Aug 17, 2023
edited
Loading

Thanks @rebornplusplus ;) if you feel that refactoring will require significant changes, feel free to leave it for a future pulse so that we can plan it properly

@rebornplusplus
Copy link
Member Author

if you feel that refactoring will require significant changes, feel free to leave it for a future pulse so that we can plan it properly

A'ight. I will leave it for next pulse then.

rebornplusplus and others added 6 commits September 25, 2023 17:28
@rebornplusplus @cjdcordeiro
ci: add cla-check, lint and security scan workflows
055f9eb 
This commit adds the following github workflows:

  - CLA check: Check if Canonical's Contributor License Agreement has
    been signed by the PR author(s).
  - Lint: Ensure fomatting changes using ``gofmt`` and run errcheck,
    unused, staticcheck linters using golangci-lint.
  - Security: Run Trivy vulnerability scanner to check for known
    vulnerabilities.

Co-authored-by: Cristovao Cordeiro <[email protected]>
@rebornplusplus
refactor: format with go fmt ./...
3dbf218
@rebornplusplus
refactor: remove unused code
98d8c25 
This commit removes unused code (variables, functions etc.) across the
codebase, with a few exceptions. Namely the unused functions from
``log.go`` in various packages are kept for future use. Additionally
the ``addDebugCommand`` function in `cmd/chisel/main.go` is kept too.
@rebornplusplus
refactor: remove deprecated (imported) packages
22e8b8d 
The ``io/ioutil`` package has been deprecated since Go 1.19. Usage of
this package have been removed appropriately.

The ``golang.org/x/crypto/ssh/terminal`` package has been deprecated and
moved to ``golang.org/x/term`` package. Usage have been updated likewise.
@rebornplusplus
refactor: always check errors
8e05dc3
@rebornplusplus
ci: configure linters
04a90d7 
This commit adds a config file ``.golangci.yaml`` for the lint workflow.
It removes the previous arguments passed to golangci-lint in favor of
the new configuration file.
@cjdcordeiro
Copy link
Collaborator

Thanks for the update. This should be ready to review now. The failure on the spread tests is related to Kinetic reaching EOL (which is being addressed elsewhere)

@rebornplusplus rebornplusplus force-pushed the ROCKS-313-continuous-integration branch 2 times, most recently from ab6a974 to 04a90d7 Compare September 26, 2023 04:23
@rebornplusplus
Copy link
Member Author

rebornplusplus commented Sep 26, 2023
edited
Loading

Indeed, it is ready for review. #97 is merged already, tests are passing. Please take a look.

jnsgruk
jnsgruk approved these changes Sep 26, 2023
View reviewed changes
Copy link
Member

@jnsgruk jnsgruk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Changes requested by Gustavo seem to have been addressed, and the other code changes are all stylistic or of very low consequence.

@jnsgruk jnsgruk merged commit 379ddae into canonical:main Sep 26, 2023
40 of 42 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jnsgruk jnsgruk jnsgruk approved these changes

@niemeyer niemeyer Awaiting requested review from niemeyer

@woky woky Awaiting requested review from woky

@cjdcordeiro cjdcordeiro Awaiting requested review from cjdcordeiro

Assignees

@niemeyer niemeyer

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@rebornplusplus @cjdcordeiro @niemeyer @woky @jnsgruk