diff --git a/.gitignore b/.gitignore index 7c50688bf6e526304d7a108f3631684b6a2c694a..ef404e9f5a60cb86224d0a3fb68532bebe946f0a 100644 --- a/.gitignore +++ b/.gitignore @@ -3,6 +3,8 @@ shared/pages/.update /gitlab-pages /vendor /gitlab-pages-config +/gl-code-quality-report.json +/coverage.html # Used by the makefile /.GOPATH diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d640f08b56d8130b2925c2710623aeb84568a530..82878f16b28d1b05c035e6f673f65301453e7898 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -86,19 +86,37 @@ download deps: - go.mod - go.sum -verify: +cover: extends: .go-mod-cache stage: test needs: ['download deps'] script: - make setup - make generate-mocks - - make verify - make cover + coverage: '/total:.+\(statements\).+\d+\.\d+/' artifacts: paths: - coverage.html +code_quality: + stage: test + needs: ['download deps'] + extends: .go-mod-cache + image: golangci/golangci-lint:v1.27.0 + variables: + REPORT_FILE: gl-code-quality-report.json + LINT_FLAGS: "--color never --deadline 15m" + OUT_FORMAT: code-climate + script: + - golangci-lint run ./... --out-format ${OUT_FORMAT} ${LINT_FLAGS} | tee ${REPORT_FILE} + timeout: 15 minutes + artifacts: + reports: + codequality: ${REPORT_FILE} + paths: + - ${REPORT_FILE} + test:1.12: extends: .tests image: golang:1.12 diff --git a/.golangci.yml b/.golangci.yml new file mode 100644 index 0000000000000000000000000000000000000000..2df4432484a47762e2a266fe95115e1246344826 --- /dev/null +++ b/.golangci.yml @@ -0,0 +1,63 @@ +run: + concurrency: 8 + deadline: 1m + issues-exit-code: 1 + modules-download-mode: readonly + tests: true + skip-dirs: + - vendor + - internal/httputil # from github.com/golang/gddo + skip-files: + - mock_*.go + +output: + format: colored-line-number + print-issued-lines: true + print-linter-name: true + +linters-settings: + gocyclo: + min-complexity: 10 + govet: + check-shadowing: false + goconst: + min-len: 3 + min-occurrences: 3 + goimports: + local-prefixes: gitlab.com/gitlab-org/gitlab-pages + +linters: + disable-all: true + enable: +# TODO: enable these linters on a separate MR https://gitlab.com/gitlab-org/gitlab-pages/-/issues/385#linters +# - bodyclose +# - deadcode +# - dogsled + - goconst + - gocyclo + - goimports + - golint + - gosimple + - govet + - gosec +# - ineffassign +# - misspell +# - structcheck +# - typecheck +# - unconvert +# - unused +# - varcheck +# - whitespace + fast: false + +issues: +# # Excluding configuration per-path, per-linter, per-text and per-source + exclude-rules: + - path: ".*_test.go" + linters: + - bodyclose + - gosec + - goconst + - path: "internal/fixture/fixtures.go" + linters: + - gosec diff --git a/Makefile.build.mk b/Makefile.build.mk index 24c2ec39dd25736ad2e4fdba4e43ee74ece30de4..9cfcf69bea901d9596042c0db2b8784a71c5f849 100644 --- a/Makefile.build.mk +++ b/Makefile.build.mk @@ -1,13 +1,13 @@ +GOLANGCI_LINT_VERSION := v1.27.0 # version used by $GOLANGCI_LINT_IMAGE + .PHONY: all setup generate-mocks build clean all: gitlab-pages setup: clean .GOPATH/.ok - go get golang.org/x/tools/cmd/goimports@v0.0.0-20191010201905-e5ffc44a6fee - go get golang.org/x/lint/golint@v0.0.0-20190930215403-16217165b5de go get github.com/wadey/gocovmerge@v0.0.0-20160331181800-b5bfa59ec0ad - go get github.com/fzipp/gocyclo@v0.0.0-20150627053110-6acd4345c835 go get github.com/golang/mock/mockgen@v1.3.1 + go get github.com/golangci/golangci-lint/cmd/golangci-lint@$(GOLANGCI_LINT_VERSION) generate-mocks: .GOPATH/.ok $Q bin/mockgen -source=internal/interface.go -destination=internal/mocks/mocks.go -package=mocks diff --git a/Makefile.internal.mk b/Makefile.internal.mk index e7d0e8fe955411cfd8000e95298b40dc62e14297..a33634fd319fc8cd6e3e443dd6102b5b23e1ae76 100644 --- a/Makefile.internal.mk +++ b/Makefile.internal.mk @@ -34,16 +34,12 @@ Q := $(if $V,,@) $Q ln -s ../bin .GOPATH/bin $Q touch $@ -.PHONY: bin/gocovmerge bin/goimports bin/gocyclo bin/golint +.PHONY: bin/gocovmerge bin/golangci-lint bin/gocovmerge: .GOPATH/.ok @test -x $@ || \ { echo "Vendored gocovmerge not found, try running 'make setup'..."; exit 1; } -bin/gocyclo: .GOPATH/.ok - @test -x $@ || \ - { echo "Vendored gocyclo not found, try running 'make setup'..."; exit 1; } -bin/goimports: .GOPATH/.ok - @test -x $@ || \ - { echo "Vendored goimports not found, try running 'make setup'..."; exit 1; } -bin/golint: .GOPATH/.ok + +bin/golangci-lint: .GOPATH/.ok @test -x $@ || \ - { echo "Vendored golint not found, try running 'make setup'..."; exit 1; } + { echo "Vendored golangci-lint not found, try running 'make setup'..."; exit 1; } + diff --git a/Makefile.util.mk b/Makefile.util.mk index 412b765504500580a7748bcb5cbe4d68e2f0222b..ea465fbf2fe7fbe5ba37b1fc2cad09135529e92d 100644 --- a/Makefile.util.mk +++ b/Makefile.util.mk @@ -1,18 +1,13 @@ -.PHONY: verify fmt vet lint complexity test cover list +GOLANGCI_LINT_IMAGE := golangci/golangci-lint:$(GOLANGCI_LINT_VERSION) -verify: list fmt vet lint complexity +.PHONY: lint test race acceptance bench cover list deps-check deps-download -fmt: bin/goimports .GOPATH/.ok - $Q @_support/validate-formatting.sh $(allfiles) +OUT_FORMAT ?= colored-line-number +LINT_FLAGS ?= $(if $V,-v) +REPORT_FILE ?= -vet: .GOPATH/.ok - $Q go vet $(allpackages) - -lint: bin/golint - $Q ./bin/golint $(allpackages) | tee | ( ! grep -v "^$$" ) - -complexity: .GOPATH/.ok bin/gocyclo - $Q ./bin/gocyclo -over 9 $(allfiles) +lint: .GOPATH/.ok bin/golangci-lint + $Q ./bin/golangci-lint run ./... --out-format $(OUT_FORMAT) $(LINT_FLAGS) | tee ${REPORT_FILE} test: .GOPATH/.ok gitlab-pages go test $(if $V,-v) $(allpackages) diff --git a/_support/validate-formatting.sh b/_support/validate-formatting.sh deleted file mode 100755 index 38f546617b5827c4534c36d1dfa63fe0e393a28d..0000000000000000000000000000000000000000 --- a/_support/validate-formatting.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -set -eu - -IMPORT_RESULT=$(./bin/goimports -e -local "gitlab.com/gitlab-org/gitlab-pages" -l "$@") - -if [ -n "${IMPORT_RESULT}" ]; then - echo >&2 "Please run ./bin/goimports -w -local gitlab.com/gitlab-org/gitlab-pages -l $@" - echo "${IMPORT_RESULT}" - exit 1 -fi diff --git a/app.go b/app.go index fa8dc04f227e68f212079c26e6e1faec7b461bc8..8cfeef00222cd0bf8dc0c592186a578a06531500 100644 --- a/app.go +++ b/app.go @@ -83,7 +83,7 @@ func (a *theApp) healthCheck(w http.ResponseWriter, r *http.Request, https bool) func (a *theApp) redirectToHTTPS(w http.ResponseWriter, r *http.Request, statusCode int) { u := *r.URL - u.Scheme = "https" + u.Scheme = request.SchemeHTTPS u.Host = r.Host u.User = nil @@ -400,7 +400,7 @@ func (a *theApp) listenHTTPFD(wg *sync.WaitGroup, fd uintptr, httpHandler http.H defer wg.Done() err := listenAndServe(fd, httpHandler, a.HTTP2, nil, limiter) if err != nil { - capturingFatal(err, errortracking.WithField("listener", "http")) + capturingFatal(err, errortracking.WithField("listener", request.SchemeHTTP)) } }() } @@ -411,7 +411,7 @@ func (a *theApp) listenHTTPSFD(wg *sync.WaitGroup, fd uintptr, httpHandler http. defer wg.Done() err := listenAndServeTLS(fd, a.RootCertificate, a.RootKey, httpHandler, a.ServeTLS, a.InsecureCiphers, a.TLSMinVersion, a.TLSMaxVersion, a.HTTP2, limiter) if err != nil { - capturingFatal(err, errortracking.WithField("listener", "https")) + capturingFatal(err, errortracking.WithField("listener", request.SchemeHTTPS)) } }() } diff --git a/go.mod b/go.mod index d33140f732c63c1f535d84eddeec3b2c477a27d2..84a99d3287165a710866097cf83e9160fc8735c6 100644 --- a/go.mod +++ b/go.mod @@ -12,20 +12,25 @@ require ( github.com/gorilla/sessions v1.2.0 github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 github.com/karrick/godirwalk v1.10.12 + github.com/kr/text v0.2.0 // indirect github.com/namsral/flag v1.7.4-pre + github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect github.com/patrickmn/go-cache v2.1.0+incompatible github.com/prometheus/client_golang v1.1.0 github.com/rs/cors v1.7.0 github.com/sirupsen/logrus v1.4.2 - github.com/stretchr/testify v1.4.0 + github.com/stretchr/objx v0.2.0 // indirect + github.com/stretchr/testify v1.5.1 github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad - gitlab.com/gitlab-org/labkit v0.0.0-20200414155917-f06e28fff6fa + gitlab.com/gitlab-org/labkit v0.0.0-20200520155818-96e583c57891 gitlab.com/lupine/go-mimedb v0.0.0-20180307000149-e8af1d659877 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f - golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa + golang.org/x/net v0.0.0-20200226121028-0de0cce0169b golang.org/x/sys v0.0.0-20200113162924-86b910548bc1 - golang.org/x/tools v0.0.0-20200117161641-43d50277825c + golang.org/x/tools v0.0.0-20200502202811-ed308ab3e770 + gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect gopkg.in/yaml.v2 v2.2.8 + honnef.co/go/tools v0.0.1-2020.1.3 // indirect ) diff --git a/go.sum b/go.sum index 6031c75f7cd9353d1175bc8ae72a366473b9f732..830b160336677460b695c9bffad4e3db6aefa3db 100644 --- a/go.sum +++ b/go.sum @@ -49,6 +49,7 @@ github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -62,6 +63,7 @@ github.com/etcd-io/bbolt v1.3.3/go.mod h1:ZF2nL25h33cCyBtcyWeZ2/I3HQOfTP+0PIEvHj github.com/fasthttp-contrib/websocket v0.0.0-20160511215533-1f3b11f56072/go.mod h1:duJ4Jxv5lDcvg4QuQr0oowTf7dz4/CR8NtyCooz9HL8= github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= github.com/flosch/pongo2 v0.0.0-20190707114632-bbf5a6c351f4/go.mod h1:T9YF2M40nIgbVgp3rreNmTged+9HrbNTIQf1PsaIiTA= +github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fzipp/gocyclo v0.0.0-20150627053110-6acd4345c835 h1:roDmqJ4Qes7hrDOsWsMCce0vQHz3xiMPjJ9m4c2eeNs= github.com/fzipp/gocyclo v0.0.0-20150627053110-6acd4345c835/go.mod h1:BjL/N0+C+j9uNX+1xcNuM9vdSIcXCZrQZUYbXOFbgN8= @@ -134,10 +136,12 @@ github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmg github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imkira/go-interpol v1.1.0/go.mod h1:z0h2/2T3XF8kyEPpRgJ3kmNv+C43p+I/CoI+jC3w2iA= +github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/iris-contrib/blackfriday v2.0.0+incompatible/go.mod h1:UzZ2bDEoaSGPbkg6SAB4att1aAwTmVIx/5gCVqeyUdI= github.com/iris-contrib/go.uuid v2.0.0+incompatible/go.mod h1:iz2lgM/1UnEf1kP0L/+fafWORmlnuysV2EMP8MW+qe0= @@ -162,6 +166,7 @@ github.com/kataras/golog v0.0.9/go.mod h1:12HJgwBIZFNGL0EJnMRhmvGA0PQGx8VFwrZtM4 github.com/kataras/iris/v12 v12.0.1/go.mod h1:udK4vLQKkdDqMGJJVd/msuMtN6hpYJhg/lSzuxjhO+U= github.com/kataras/neffos v0.0.10/go.mod h1:ZYmJC07hQPW67eKuzlfY7SO3bC0mw83A3j6im82hfqw= github.com/kataras/pio v0.0.0-20190103105442-ea782b38602d/go.mod h1:NV88laa9UiiDuX9AhMbDPkGYSPugBOV6yTZB1l2K9Z0= +github.com/kisielk/gotool v1.0.0 h1:AV2c/EiW3KqPNT9ZKl07ehoAGi4C5/01Cfbblndcapg= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.8.2/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= github.com/klauspost/compress v1.9.0/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= @@ -175,6 +180,8 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/labstack/echo/v4 v4.1.11/go.mod h1:i541M3Fj6f76NZtHSj7TXnyM8n2gaodfvfxNnFqi74g= github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k= github.com/lightstep/lightstep-tracer-go v0.15.6/go.mod h1:6AMpwZpsyCFwSovxzM78e+AsYxE8sGwiM6C3TytaWeI= @@ -182,6 +189,7 @@ github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czP github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= +github.com/mattn/go-isatty v0.0.9 h1:d5US/mDsogSGW37IV293h//ZFaeajb69h+EHFsv2xGg= github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ= github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw= github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= @@ -189,7 +197,9 @@ github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5 github.com/mediocregopher/mediocre-go-lib v0.0.0-20181029021733-cb65787f37ed/go.mod h1:dSsfyI2zABAdhcbvkXqgxOxrCsbYeHCPgrZkku60dSg= github.com/mediocregopher/radix/v3 v3.3.0/go.mod h1:EmfVyvspXz1uZEyPBMyGK+kjWiKQGvsUt6O3Pj+LDCQ= github.com/microcosm-cc/bluemonday v1.0.2/go.mod h1:iVP4YcDBq+n/5fb23BhYFvIMq/leAFZyRl6bYmGDlGc= +github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -202,12 +212,15 @@ github.com/namsral/flag v1.7.4-pre/go.mod h1:OXldTctbM6SWH1K899kPZcf65KxJiD7Msce github.com/nats-io/nats.go v1.8.1/go.mod h1:BrFz9vVn0fU3AcH9Vn4Kd7W0NpJ651tD5omQ3M8LwxM= github.com/nats-io/nkeys v0.0.2/go.mod h1:dab7URMsZm6Z/jp9Z5UGa87Uutgc2mVpXLC4B7TDb/4= github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc= github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ= +github.com/pelletier/go-toml v1.2.0 h1:T5zMGML61Wp+FlcbWjRDT7yAxhJNAiPPLOFECq181zc= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/philhofer/fwd v1.0.0/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU= github.com/pingcap/errors v0.11.4 h1:lFuQV/oaUMGcD2tqt+01ROSmJs75VG1ToEOkZIZ4nE4= @@ -253,20 +266,28 @@ github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4 github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= +github.com/spf13/afero v1.1.2 h1:m8/z1t7/fwjysjQRYbP0RD+bUIF/8tJwPdEZsI83ACI= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= +github.com/spf13/cast v1.3.0 h1:oget//CVOEoFewqQxwr0Ej5yjygnqGkvggSE/gB35Q8= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cobra v0.0.5 h1:f0B+LkLX6DtmRH1isoNA9VTtNUK9K8xYd28JNNfOv/s= github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= +github.com/spf13/jwalterweatherman v1.0.0 h1:XHEdyB+EcvlqZamSM4ZOMGlc93t6AcsBEu9Gc1vn7yk= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1 h1:2vfRuCMp5sSVIDSqO8oNnWJq7mPa6KVP3iPIwFBuy8A= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.2.0 h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48= +github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/tinylib/msgp v1.0.2/go.mod h1:+d+yLhGm8mzTaHzB+wgMYrodPfmZrzkirds8fDWklFE= github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce h1:fb190+cK2Xz/dvi9Hv8eCYJYvIGUTN2/KLq1pT6CjEc= github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce/go.mod h1:o8v6yHRoik09Xen7gje4m9ERNah1d1PPsVq1VEx9vE4= @@ -292,8 +313,9 @@ github.com/yalp/jsonpath v0.0.0-20180802001716-5cc68e5049a0/go.mod h1:/LWChgwKmv github.com/yudai/gojsondiff v1.0.0/go.mod h1:AY32+k2cwILAkW1fbgxQ5mUmMiZFgLIV+FBNExI05xg= github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82/go.mod h1:lgjkn3NuSvDfVJdfcVVdX+jpBxNmX4rDAzaS45IcYoM= github.com/yudai/pp v2.0.1+incompatible/go.mod h1:PuxR/8QJ7cyCkFp/aUDS+JY727OFEZkTdatxwunjIkc= -gitlab.com/gitlab-org/labkit v0.0.0-20200414155917-f06e28fff6fa h1:KCrfuAvyh2XTBMUpPPXd9CtgAIhtqtuzrT72oCm4K34= -gitlab.com/gitlab-org/labkit v0.0.0-20200414155917-f06e28fff6fa/go.mod h1:SNfxkfUwVNECgtmluVayv0GWFgEjjBs5AzgsowPQuo0= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +gitlab.com/gitlab-org/labkit v0.0.0-20200520155818-96e583c57891 h1:WiCGS5C0B0h+/dh5O7kUJoEZt34O/tbsis9QghNB3gE= +gitlab.com/gitlab-org/labkit v0.0.0-20200520155818-96e583c57891/go.mod h1:SNfxkfUwVNECgtmluVayv0GWFgEjjBs5AzgsowPQuo0= gitlab.com/lupine/go-mimedb v0.0.0-20180307000149-e8af1d659877 h1:k5N2m0IPaMuwWmFTO9fyTK4IEnSm35GC/p1S7VRgUyM= gitlab.com/lupine/go-mimedb v0.0.0-20180307000149-e8af1d659877/go.mod h1:Es0wDVbtgNqhpEXMb+yct6JKnGMrNsUSh9oio0bqqdU= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= @@ -331,6 +353,8 @@ golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCc golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.2.0 h1:KU7oHjnv3XNWfa5COkzUifxZmxp1TyI7ImMXqFxLwvQ= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -352,6 +376,8 @@ golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa h1:F+8P+gmewFQYRk6JoLQLwjBCTu3mcIURZfNkVweuRKA= golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b h1:0mm1VjtFUOIlE1SbDlwjYaDxZVDP2S5ou6y0gSgXHu8= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be h1:vEDujvNQGv4jgYKudGeI/+DAX4Jffq6hpD55MmoEvKs= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -412,10 +438,14 @@ golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200117161641-43d50277825c h1:2EA2K0k9bcvvEDlqD8xdlOhCOqq+O/p9Voqi4x9W1YU= golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200502202811-ed308ab3e770 h1:M9Fif0OxNji8w+HvmhVQ8KJtiZOsjU9RgslJGhn95XE= +golang.org/x/tools v0.0.0-20200502202811-ed308ab3e770/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= @@ -457,6 +487,8 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE= @@ -475,4 +507,6 @@ honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.1-2019.2.3 h1:3JgtbtFHMiCmsznwGVTUWbgGov+pVqnlf1dEJTNAXeM= honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= +honnef.co/go/tools v0.0.1-2020.1.3 h1:sXmLre5bzIR6ypkjXCDI3jHPssRhc8KD/Ome589sc3U= +honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= diff --git a/helpers_test.go b/helpers_test.go index 195c3cea8709dead30246e095bce98ac1d9d6ba1..60fba9f5a3736d2a05ef9291360d733d0f2541a6 100644 --- a/helpers_test.go +++ b/helpers_test.go @@ -20,6 +20,7 @@ import ( "github.com/stretchr/testify/require" "gitlab.com/gitlab-org/gitlab-pages/internal/fixture" + "gitlab.com/gitlab-org/gitlab-pages/internal/request" ) type tWriter struct { @@ -116,9 +117,9 @@ type ListenSpec struct { } func (l ListenSpec) URL(suffix string) string { - scheme := "http" - if l.Type == "https" { - scheme = "https" + scheme := request.SchemeHTTP + if l.Type == request.SchemeHTTPS { + scheme = request.SchemeHTTPS } suffix = strings.TrimPrefix(suffix, "/") @@ -262,7 +263,7 @@ func getPagesArgs(t *testing.T, listeners []ListenSpec, promPort string, extraAr for _, spec := range listeners { args = append(args, "-listen-"+spec.Type, spec.JoinHostPort()) - if spec.Type == "https" { + if spec.Type == request.SchemeHTTPS { hasHTTPS = true } } @@ -362,9 +363,9 @@ func GetRedirectPage(t *testing.T, spec ListenSpec, host, urlsuffix string) (*ht } func GetProxyRedirectPageWithCookie(t *testing.T, spec ListenSpec, host string, urlsuffix string, cookie string, https bool) (*http.Response, error) { - schema := "http" + schema := request.SchemeHTTP if https { - schema = "https" + schema = request.SchemeHTTPS } header := http.Header{ "X-Forwarded-Proto": []string{schema}, diff --git a/internal/artifact/artifact.go b/internal/artifact/artifact.go index ef173d9e70f82635243c2fe140e297b3c5f5f938..d11a7ebd33b2f073a093df8ba0f9f261e96a6453 100644 --- a/internal/artifact/artifact.go +++ b/internal/artifact/artifact.go @@ -121,7 +121,6 @@ func (a *Artifact) makeRequest(w http.ResponseWriter, r *http.Request, reqURL *u w.Header().Set("Content-Length", strconv.FormatInt(resp.ContentLength, 10)) w.WriteHeader(resp.StatusCode) io.Copy(w, resp.Body) - return } func addCacheHeader(w http.ResponseWriter, resp *http.Response) { diff --git a/internal/artifact/artifact_test.go b/internal/artifact/artifact_test.go index 6425f79151372f5d33daf73fd78a145a50ba1dcc..a55eda7ba91cd3aa11b6af4968edd531443e8b3b 100644 --- a/internal/artifact/artifact_test.go +++ b/internal/artifact/artifact_test.go @@ -83,7 +83,7 @@ func TestTryMakeRequest(t *testing.T) { require.Equal(t, c.ContentType, result.Header().Get("Content-Type")) require.Equal(t, c.Length, result.Header().Get("Content-Length")) require.Equal(t, c.CacheControl, result.Header().Get("Cache-Control")) - require.Equal(t, c.Content, string(result.Body.Bytes())) + require.Equal(t, c.Content, result.Body.String()) }) } diff --git a/internal/auth/auth.go b/internal/auth/auth.go index c582d96b2e95022cef3db46539c7637b49092c52..a89dd5999611a35534f1b21b89ba0ae657db56d3 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -26,6 +26,9 @@ import ( "golang.org/x/crypto/hkdf" ) +// nolint: gosec +// gosec: G101: Potential hardcoded credentials +// auth constants, not credentials const ( apiURLUserTemplate = "%s/api/v4/user" apiURLProjectTemplate = "%s/api/v4/projects/%d/pages_access" @@ -433,10 +436,7 @@ func destroySession(session *sessions.Session, w http.ResponseWriter, r *http.Re // IsAuthSupported checks if pages is running with the authentication support func (a *Auth) IsAuthSupported() bool { - if a == nil { - return false - } - return true + return a != nil } func (a *Auth) checkAuthentication(w http.ResponseWriter, r *http.Request, projectID uint64) bool { @@ -513,11 +513,7 @@ func (a *Auth) GetTokenIfExists(w http.ResponseWriter, r *http.Request) (string, // RequireAuth will trigger authentication flow if no token exists func (a *Auth) RequireAuth(w http.ResponseWriter, r *http.Request) bool { - session := a.checkSessionIsValid(w, r) - if session == nil { - return true - } - return false + return a.checkSessionIsValid(w, r) == nil } // CheckAuthentication checks if user is authenticated and has access to the project diff --git a/internal/serving/disk/serving.go b/internal/serving/disk/serving.go index 682791fe30bb2b60aeff9fc06283ebb21a5f3f06..b4c1ba969348d11d8bd74b2f1ff3239744a06f66 100644 --- a/internal/serving/disk/serving.go +++ b/internal/serving/disk/serving.go @@ -15,11 +15,7 @@ type Disk struct { // ServeFileHTTP serves a file from disk and returns true. It returns false // when a file could not been found. func (s *Disk) ServeFileHTTP(h serving.Handler) bool { - if s.reader.tryFile(h) == nil { - return true - } - - return false + return s.reader.tryFile(h) == nil } // ServeNotFoundHTTP tries to read a custom 404 page diff --git a/internal/source/disk/disk.go b/internal/source/disk/disk.go index b79d222de9b3030c663f5d5ecfc308646bcbdf09..272d6c4eee111da87b1b4737b86f247529b97aa8 100644 --- a/internal/source/disk/disk.go +++ b/internal/source/disk/disk.go @@ -31,9 +31,7 @@ func (d *Disk) GetDomain(host string) (*domain.Domain, error) { d.lock.RLock() defer d.lock.RUnlock() - domain, _ := d.dm[host] - - return domain, nil + return d.dm[host], nil } // IsReady checks if the domains source is ready for work. The disk source is diff --git a/main.go b/main.go index 010fbbdd15e2d13e2d6cf7a40bb49abe1b1fe5b1..7557891382e568ff01dc6bc56c2502149eed73ae 100644 --- a/main.go +++ b/main.go @@ -17,6 +17,7 @@ import ( "gitlab.com/gitlab-org/gitlab-pages/internal/host" "gitlab.com/gitlab-org/gitlab-pages/internal/logging" + "gitlab.com/gitlab-org/gitlab-pages/internal/request" "gitlab.com/gitlab-org/gitlab-pages/internal/tlsconfig" "gitlab.com/gitlab-org/gitlab-pages/internal/validateargs" "gitlab.com/gitlab-org/gitlab-pages/metrics" @@ -123,8 +124,8 @@ func setArtifactsServer(artifactsServer string, artifactsServerTimeout int, conf if err != nil { log.Fatal(err) } - // url.Parse ensures that the Scheme arttribute is always lower case. - if u.Scheme != "http" && u.Scheme != "https" { + // url.Parse ensures that the Scheme attribute is always lower case. + if u.Scheme != request.SchemeHTTP && u.Scheme != request.SchemeHTTPS { errortracking.Capture(err) log.Fatal(errArtifactSchemaUnsupported) } diff --git a/multi_string_flag_test.go b/multi_string_flag_test.go index 5cddac98c7c19351bb7a07e06096c9c9fbf1c52d..c09f7225cc68ba2145d59a45e8abbfad0ead096f 100644 --- a/multi_string_flag_test.go +++ b/multi_string_flag_test.go @@ -1,7 +1,6 @@ package main import ( - "flag" "testing" "github.com/stretchr/testify/require" @@ -9,9 +8,7 @@ import ( func TestMultiStringFlagAppendsOnSet(t *testing.T) { var concrete MultiStringFlag - var iface flag.Value - - iface = &concrete + iface := &concrete require.NoError(t, iface.Set("foo")) require.NoError(t, iface.Set("bar"))