new(linter): add linter for the repository

This commit adds golang-ci linter, in the makefile and in the CI

Signed-off-by: Aldo Lacuku <[email protected]>

.github/workflows/lint.yaml

@@ -0,0 +1,69 @@
+name: Linting
+on:
+  pull_request:
+
+jobs:
+  golangci:
+    name: Lint golang files
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+          repository: ${{github.event.pull_request.head.repo.full_name}}
+          persist-credentials: false
+
+      - name: Setup Go
+        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
+        with:
+          go-version-file: 'go.mod'
+          check-latest: true
+          cache: 'false'
+
+      - name: Generate the k8saudit bundle
+        run: make prepare
+
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v6.1.0
+        with:
+          only-new-issues: true
+          version: v1.61
+          args: --timeout=900s
+
+  gomodtidy:
+    name: Enforce go.mod tidiness
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        with:
+          ref: "${{ github.event.pull_request.head.sha }}"
+          repository: ${{github.event.pull_request.head.repo.full_name}}
+          persist-credentials: false
+
+      - name: Setup Go
+        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
+        with:
+          go-version-file: 'go.mod'
+          check-latest: true
+
+      - name: Generate the k8saudit bundle
+        run: make prepare
+
+      - name: Execute go mod tidy and check the outcome
+        working-directory: ./
+        run: |
+          go mod tidy
+          exit_code=$(git diff --exit-code)
+          exit ${exit_code}
+
+      - name: Print a comment in case of failure
+        run: |
+          echo "The go.mod and/or go.sum files appear not to be correctly tidied.
+
+          Please, rerun go mod tidy to fix the issues."
+          exit 1
+        if: |
+          failure() && github.event.pull_request.head.repo.full_name == github.repository

.golangci.yml

@@ -0,0 +1,138 @@
+run:
+  timeout: 10m
+
+linters-settings:
+  exhaustive:
+    check-generated: false
+    default-signifies-exhaustive: true
+
+  goheader:
+    values:
+      const:
+        AUTHORS: The Falco Authors
+    template: |-
+      SPDX-License-Identifier: Apache-2.0
+      Copyright (C) {{ YEAR }} {{ AUTHORS }}
+
+      Licensed under the Apache License, Version 2.0 (the "License");
+      you may not use this file except in compliance with the License.
+      You may obtain a copy of the License at
+
+           http://www.apache.org/licenses/LICENSE-2.0
+
+      Unless required by applicable law or agreed to in writing, software
+      distributed under the License is distributed on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+      See the License for the specific language governing permissions and
+      limitations under the License.
+
+  lll:
+    line-length: 150
+
+  gci:
+    sections:
+      - standard                          # Captures all standard packages if they do not match another section.
+      - default                           # Contains all imports that could not be matched to another section type.
+      - prefix(github.com/falcosecurity/event-generator)  # Groups all imports with the specified Prefix.
+  goconst:
+    min-len: 2
+    min-occurrences: 2
+  gocritic:
+    enabled-tags:
+      - diagnostic
+      - experimental
+      - opinionated
+      - performance
+      - style
+    disabled-checks:
+      # Conflicts with govet check-shadowing
+      - sloppyReassign
+  goimports:
+    local-prefixes: github.com/falcosecurity/event-generator
+  misspell:
+    locale: US
+  nolintlint:
+    allow-leading-space: true # don't require machine-readable nolint directives (i.e. with no leading space)
+    allow-unused: false # report any unused nolint directives
+    require-explanation: true # require an explanation for nolint directives
+    require-specific: true # require nolint directives to be specific about which linter is being skipped
+  dupl:
+    threshold: 300
+
+linters:
+  disable-all: true
+  enable:
+    - asciicheck
+    - bodyclose
+    - dogsled
+    - dupl
+    - errcheck
+    - errorlint
+    - exhaustive
+    - copyloopvar
+    # - funlen
+    # - gochecknoglobals
+    # - gochecknoinits
+    # - gocognit
+    - gci
+    - goconst
+    - gocritic
+    - gocyclo
+    - godot
+    # - godox
+    # - goerr113
+    - gofmt
+    - goheader
+    - goimports
+    - gomodguard
+    # - gomnd
+    - goprintffuncname
+    - gosec
+    - gosimple
+    - govet
+    - ineffassign
+    - lll
+    # - maligned
+    - misspell
+    - nakedret
+    # - nestif
+    - noctx
+    - nolintlint
+    # - prealloc
+    - revive
+    - rowserrcheck
+    - staticcheck
+    - stylecheck
+    # - testpackage
+    - typecheck
+    - unconvert
+    - unparam
+    - unused
+    - whitespace
+  # - wsl
+
+issues:
+  #fix: true
+
+  max-issues-per-linter: 0
+  max-same-issues: 0
+
+  # Disable the default exclude patterns (as they disable the mandatory comments)
+  exclude-use-default: false
+  exclude:
+    # errcheck: Almost all programs ignore errors on these functions and in most cases it's ok
+    - Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked
+
+  exclude-rules:
+    - linters:
+        - govet
+      text: 'declaration of "(err|ctx)" shadows declaration at'
+    - linters:
+        - errorlint
+      # Disable the check to test errors type assertion on switches.
+      text: type switch on error will fail on wrapped errors. Use errors.As to check for specific errors
+
+    # Exclude the following linters from running on tests files.
+    - path: _test\.go
+      linters:
+        - gosec

Makefile

@@ -11,6 +11,7 @@
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
 # specific language governing permissions and limitations under the License.
 #
+
 SHELL=/bin/bash -o pipefail
 
 GO ?= go
@@ -84,3 +85,47 @@ image:
 push:
 	$(DOCKER) push "$(IMAGE_NAME_BRANCH)"
 	$(DOCKER) push "$(IMAGE_NAME_COMMIT)"
+
+# Install gci if not available
+.PHONY: gci
+gci:
+ifeq (, $(shell which gci))
+	@go install github.com/daixiang0/[email protected]
+GCI=$(GOBIN)/gci
+else
+GCI=$(shell which gci)
+endif
+
+# Install addlicense if not available
+.PHONY: addlicense
+addlicense:
+ifeq (, $(shell which addlicense))
+	@go install github.com/google/[email protected]
+ADDLICENSE=$(GOBIN)/addlicense
+else
+ADDLICENSE=$(shell which addlicense)
+endif
+
+# Run go fmt against code and add the licence header
+.PHONY: fmt
+fmt: gci addlicense
+	go mod tidy
+	go fmt ./...
+	find . -type f -name '*.go' -a -exec $(GCI) write -s standard -s default -s "prefix(github.com/falcosecurity/event-generator)" {} \;
+	find . -type f -name '*.go' -exec $(ADDLICENSE) -l apache -s -c "The Falco Authors" -y "$(shell date +%Y)" {} \;
+
+# Install golangci-lint if not available
+.PHONY: golangci-lint
+golangci-lint:
+ifeq (, $(shell which golangci-lint))
+	@go install github.com/golangci/golangci-lint/cmd/[email protected]
+GOLANGCILINT=$(GOBIN)/golangci-lint
+else
+GOLANGCILINT=$(shell which golangci-lint)
+endif
+
+# It works when called in a branch different than main.
+# "--new-from-rev REV Show only new issues created after git revision REV"
+.PHONY: lint
+lint: golangci-lint
+	$(GOLANGCILINT) run --new-from-rev main