From 8c6c2178b02dade1cc43484d7ddb693425971714 Mon Sep 17 00:00:00 2001 From: Jaime Martinez Date: Thu, 21 May 2020 10:52:19 +1000 Subject: [PATCH 1/6] Add .golangci.yml linter configuration As part of https://gitlab.com/gitlab-org/gitlab-pages/-/issues/385 we have introduced the use of a custom `.golangci.yml` file with some custom rules for linting. This replaces the need of downloading and using `golint`, `gofmt` `go vet` and `gocyclo` manually. We take advantage of the custom `golangci-lint` docker image as stated in the [Automatic lintinb] (https://docs.gitlab.com/ee/development/go_guide/#automatic-linting) section of the Go standards and style guidelines. This iteration enables a subset of linters, with the remaining of them enabled on a separate MR as described in the issue above. The main changes introduced by this linter include: - gosec: potential hardcoded credentials - goconst: DRY by declaring and using constants - gosimple: reduce statements complexity and improve return statements --- go.mod | 19 +++++++++++++++++++ go.sum | 13 +++++++++++++ internal/auth/auth_test.go | 27 ++++++++++++++++----------- 3 files changed, 48 insertions(+), 11 deletions(-) diff --git a/go.mod b/go.mod index 84a99d328..a9e26f5cd 100644 --- a/go.mod +++ b/go.mod @@ -3,28 +3,47 @@ module gitlab.com/gitlab-org/gitlab-pages go 1.12 require ( + github.com/certifi/gocertifi v0.0.0-20180905225744-ee1a9a0726d2 // indirect + github.com/client9/reopen v1.0.0 // indirect + github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd // indirect github.com/dgrijalva/jwt-go v3.2.0+incompatible github.com/fzipp/gocyclo v0.0.0-20150627053110-6acd4345c835 + github.com/getsentry/raven-go v0.1.0 // indirect + github.com/getsentry/sentry-go v0.5.1 // indirect + github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1 // indirect + github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72 // indirect + github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7 // indirect github.com/golang/mock v1.3.1 + github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc // indirect github.com/gorilla/context v1.1.1 github.com/gorilla/handlers v1.4.2 github.com/gorilla/securecookie v1.1.1 github.com/gorilla/sessions v1.2.0 + github.com/grpc-ecosystem/go-grpc-middleware v1.0.0 // indirect + github.com/jstemmer/go-junit-report v0.9.1 // indirect github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 github.com/karrick/godirwalk v1.10.12 github.com/kr/text v0.2.0 // indirect github.com/namsral/flag v1.7.4-pre github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect github.com/patrickmn/go-cache v2.1.0+incompatible + github.com/philhofer/fwd v1.0.0 // indirect github.com/prometheus/client_golang v1.1.0 + github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4 // indirect github.com/rs/cors v1.7.0 + github.com/sebest/xff v0.0.0-20160910043805-6c115e0ffa35 // indirect github.com/sirupsen/logrus v1.4.2 github.com/stretchr/objx v0.2.0 // indirect github.com/stretchr/testify v1.5.1 github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce + github.com/uber-go/atomic v1.3.2 // indirect + github.com/uber/jaeger-client-go v2.15.0+incompatible // indirect + github.com/uber/jaeger-lib v1.5.0 // indirect github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad gitlab.com/gitlab-org/labkit v0.0.0-20200520155818-96e583c57891 gitlab.com/lupine/go-mimedb v0.0.0-20180307000149-e8af1d659877 + go.opencensus.io v0.22.2 // indirect + go.uber.org/atomic v1.3.2 // indirect golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f golang.org/x/net v0.0.0-20200226121028-0de0cce0169b diff --git a/go.sum b/go.sum index 830b16033..4641912ec 100644 --- a/go.sum +++ b/go.sum @@ -6,6 +6,9 @@ cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6A cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= +cloud.google.com/go v0.47.0/go.mod h1:5p3Ky/7f3N10VBkhuR5LFtddroTiMyjZV/Kj5qOQFxU= +cloud.google.com/go v0.48.0/go.mod h1:gGOnoa/XMQYHAscREBlbdHduGchEaP9N0//OXdrPI/M= +cloud.google.com/go v0.49.0/go.mod h1:hGvAdzcWNbyuxS3nWhD7H2cIJxjRRTRLQVB0bdputVY= cloud.google.com/go v0.50.0 h1:0E3eE8MX426vUOs7aHfI7aN1BrIzzzf4ccKCSfSjGmc= cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= cloud.google.com/go/bigquery v1.0.1 h1:hL+ycaJpVE9M7nLoiXb/Pn10ENE2u+oddxbD8uu0ZVU= @@ -77,6 +80,7 @@ github.com/gin-gonic/gin v1.4.0/go.mod h1:OW2EZn3DO8Ln9oIKOvM++LBO+5UPHJJDH72/q/ github.com/go-check/check v0.0.0-20180628173108-788fd7840127/go.mod h1:9ES+weclKsC9YodN5RgxqK/VD9HM9JsCSh7rNhMZE98= github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w= github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= +github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= @@ -335,6 +339,8 @@ golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= +golang.org/x/exp v0.0.0-20191002040644-a1355ae1e2c3/go.mod h1:NOZ3BPKG0ec/BKJQgnvsSFpcKLM5xXVWnvZS97DWHgE= +golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20191227195350-da58074b4299 h1:zQpM52jfKHG6II1ISZY1ZcpygvuSFZpLwfluuF89XOg= golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= @@ -346,6 +352,8 @@ golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTk golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de h1:5hukYrvBGR8/eNkX5mdUezrA6JiaEZDtJb9Ei+1LlBs= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f h1:J5lckAjkw6qYlOZNj90mLYNTEKDvWeuc1yieZ8qUzUE= golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= @@ -437,6 +445,10 @@ golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191010171213-8abd42400456/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191010201905-e5ffc44a6fee h1:Cgj5oVkw7Gktu56MAiU0r1u0jyuT6jmtOzcAJwLj89c= +golang.org/x/tools v0.0.0-20191010201905-e5ffc44a6fee/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -473,6 +485,7 @@ google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRn google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= +google.golang.org/genproto v0.0.0-20191009194640-548a555dbc03/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba h1:pRj9OXZbwNtbtZtOB4dLwfK4u+EVRMvP+e9zKkg2grM= google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index 4a5d63fa9..87cc988dc 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -16,6 +16,11 @@ import ( "gitlab.com/gitlab-org/gitlab-pages/internal/source" ) +const ( + testAccessToken = "abc" + apiPagesAccess = "/api/v4/projects/1000/pages_access" +) + func createAuth(t *testing.T) *Auth { return New("pages.gitlab-example.com", "something-very-secret", @@ -98,7 +103,7 @@ func testTryAuthenticateWithCodeAndState(t *testing.T, https bool) { require.Equal(t, "POST", r.Method) w.WriteHeader(http.StatusOK) fmt.Fprint(w, "{\"access_token\":\"abc\"}") - case "/api/v4/projects/1000/pages_access": + case apiPagesAccess: require.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) default: @@ -150,7 +155,7 @@ func TestTryAuthenticateWithCodeAndStateOverHTTPS(t *testing.T) { func TestCheckAuthenticationWhenAccess(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case "/api/v4/projects/1000/pages_access": + case apiPagesAccess: require.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) default: @@ -178,7 +183,7 @@ func TestCheckAuthenticationWhenAccess(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = "abc" + session.Values["access_token"] = testAccessToken session.Save(r, result) require.Equal(t, false, auth.CheckAuthentication(result, r, 1000)) @@ -188,7 +193,7 @@ func TestCheckAuthenticationWhenAccess(t *testing.T) { func TestCheckAuthenticationWhenNoAccess(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case "/api/v4/projects/1000/pages_access": + case apiPagesAccess: require.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) default: @@ -216,7 +221,7 @@ func TestCheckAuthenticationWhenNoAccess(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = "abc" + session.Values["access_token"] = testAccessToken session.Save(r, result) require.Equal(t, true, auth.CheckAuthentication(result, r, 1000)) @@ -226,7 +231,7 @@ func TestCheckAuthenticationWhenNoAccess(t *testing.T) { func TestCheckAuthenticationWhenInvalidToken(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case "/api/v4/projects/1000/pages_access": + case apiPagesAccess: require.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) fmt.Fprint(w, "{\"error\":\"invalid_token\"}") @@ -254,7 +259,7 @@ func TestCheckAuthenticationWhenInvalidToken(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = "abc" + session.Values["access_token"] = testAccessToken session.Save(r, result) require.Equal(t, true, auth.CheckAuthentication(result, r, 1000)) @@ -292,7 +297,7 @@ func TestCheckAuthenticationWithoutProject(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = "abc" + session.Values["access_token"] = testAccessToken session.Save(r, result) require.Equal(t, false, auth.CheckAuthenticationWithoutProject(result, r)) @@ -329,7 +334,7 @@ func TestCheckAuthenticationWithoutProjectWhenInvalidToken(t *testing.T) { require.NoError(t, err) r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = "abc" + session.Values["access_token"] = testAccessToken session.Save(r, result) require.Equal(t, true, auth.CheckAuthenticationWithoutProject(result, r)) @@ -358,11 +363,11 @@ func TestGetTokenIfExistsWhenTokenExists(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = "abc" + session.Values["access_token"] = testAccessToken session.Save(r, result) token, err := auth.GetTokenIfExists(result, r) - require.Equal(t, "abc", token) + require.Equal(t, testAccessToken, token) } func TestGetTokenIfExistsWhenTokenDoesNotExist(t *testing.T) { -- GitLab From 9daf8dcc19c486c787d0fb4ebfa19e21ac492cd1 Mon Sep 17 00:00:00 2001 From: Jaime Martinez Date: Thu, 21 May 2020 11:21:12 +1000 Subject: [PATCH 2/6] Update dependencies --- go.mod | 19 ------------------- go.sum | 13 ------------- 2 files changed, 32 deletions(-) diff --git a/go.mod b/go.mod index a9e26f5cd..84a99d328 100644 --- a/go.mod +++ b/go.mod @@ -3,47 +3,28 @@ module gitlab.com/gitlab-org/gitlab-pages go 1.12 require ( - github.com/certifi/gocertifi v0.0.0-20180905225744-ee1a9a0726d2 // indirect - github.com/client9/reopen v1.0.0 // indirect - github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd // indirect github.com/dgrijalva/jwt-go v3.2.0+incompatible github.com/fzipp/gocyclo v0.0.0-20150627053110-6acd4345c835 - github.com/getsentry/raven-go v0.1.0 // indirect - github.com/getsentry/sentry-go v0.5.1 // indirect - github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1 // indirect - github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72 // indirect - github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7 // indirect github.com/golang/mock v1.3.1 - github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc // indirect github.com/gorilla/context v1.1.1 github.com/gorilla/handlers v1.4.2 github.com/gorilla/securecookie v1.1.1 github.com/gorilla/sessions v1.2.0 - github.com/grpc-ecosystem/go-grpc-middleware v1.0.0 // indirect - github.com/jstemmer/go-junit-report v0.9.1 // indirect github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 github.com/karrick/godirwalk v1.10.12 github.com/kr/text v0.2.0 // indirect github.com/namsral/flag v1.7.4-pre github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect github.com/patrickmn/go-cache v2.1.0+incompatible - github.com/philhofer/fwd v1.0.0 // indirect github.com/prometheus/client_golang v1.1.0 - github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4 // indirect github.com/rs/cors v1.7.0 - github.com/sebest/xff v0.0.0-20160910043805-6c115e0ffa35 // indirect github.com/sirupsen/logrus v1.4.2 github.com/stretchr/objx v0.2.0 // indirect github.com/stretchr/testify v1.5.1 github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce - github.com/uber-go/atomic v1.3.2 // indirect - github.com/uber/jaeger-client-go v2.15.0+incompatible // indirect - github.com/uber/jaeger-lib v1.5.0 // indirect github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad gitlab.com/gitlab-org/labkit v0.0.0-20200520155818-96e583c57891 gitlab.com/lupine/go-mimedb v0.0.0-20180307000149-e8af1d659877 - go.opencensus.io v0.22.2 // indirect - go.uber.org/atomic v1.3.2 // indirect golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f golang.org/x/net v0.0.0-20200226121028-0de0cce0169b diff --git a/go.sum b/go.sum index 4641912ec..830b16033 100644 --- a/go.sum +++ b/go.sum @@ -6,9 +6,6 @@ cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6A cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= -cloud.google.com/go v0.47.0/go.mod h1:5p3Ky/7f3N10VBkhuR5LFtddroTiMyjZV/Kj5qOQFxU= -cloud.google.com/go v0.48.0/go.mod h1:gGOnoa/XMQYHAscREBlbdHduGchEaP9N0//OXdrPI/M= -cloud.google.com/go v0.49.0/go.mod h1:hGvAdzcWNbyuxS3nWhD7H2cIJxjRRTRLQVB0bdputVY= cloud.google.com/go v0.50.0 h1:0E3eE8MX426vUOs7aHfI7aN1BrIzzzf4ccKCSfSjGmc= cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= cloud.google.com/go/bigquery v1.0.1 h1:hL+ycaJpVE9M7nLoiXb/Pn10ENE2u+oddxbD8uu0ZVU= @@ -80,7 +77,6 @@ github.com/gin-gonic/gin v1.4.0/go.mod h1:OW2EZn3DO8Ln9oIKOvM++LBO+5UPHJJDH72/q/ github.com/go-check/check v0.0.0-20180628173108-788fd7840127/go.mod h1:9ES+weclKsC9YodN5RgxqK/VD9HM9JsCSh7rNhMZE98= github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w= github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= @@ -339,8 +335,6 @@ golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191002040644-a1355ae1e2c3/go.mod h1:NOZ3BPKG0ec/BKJQgnvsSFpcKLM5xXVWnvZS97DWHgE= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20191227195350-da58074b4299 h1:zQpM52jfKHG6II1ISZY1ZcpygvuSFZpLwfluuF89XOg= golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= @@ -352,8 +346,6 @@ golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTk golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de h1:5hukYrvBGR8/eNkX5mdUezrA6JiaEZDtJb9Ei+1LlBs= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f h1:J5lckAjkw6qYlOZNj90mLYNTEKDvWeuc1yieZ8qUzUE= golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= @@ -445,10 +437,6 @@ golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191010171213-8abd42400456/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191010201905-e5ffc44a6fee h1:Cgj5oVkw7Gktu56MAiU0r1u0jyuT6jmtOzcAJwLj89c= -golang.org/x/tools v0.0.0-20191010201905-e5ffc44a6fee/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -485,7 +473,6 @@ google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRn google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= -google.golang.org/genproto v0.0.0-20191009194640-548a555dbc03/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba h1:pRj9OXZbwNtbtZtOB4dLwfK4u+EVRMvP+e9zKkg2grM= google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -- GitLab From 01734cae272c4f898b233429aeba19892fa4857e Mon Sep 17 00:00:00 2001 From: Jaime Martinez Date: Mon, 25 May 2020 11:55:06 +1000 Subject: [PATCH 3/6] Enable deadcode linter --- .golangci.yml | 4 ++-- app.go | 12 ++---------- internal/auth/auth.go | 1 - internal/domain/domain_test.go | 31 ------------------------------- 4 files changed, 4 insertions(+), 44 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index 2df443248..583466b86 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -31,8 +31,8 @@ linters: enable: # TODO: enable these linters on a separate MR https://gitlab.com/gitlab-org/gitlab-pages/-/issues/385#linters # - bodyclose -# - deadcode -# - dogsled + - deadcode + - dogsled - goconst - gocyclo - goimports diff --git a/app.go b/app.go index 8cfeef002..92e0142b7 100644 --- a/app.go +++ b/app.go @@ -2,7 +2,6 @@ package main import ( "crypto/tls" - "errors" "fmt" "net" "net/http" @@ -15,7 +14,7 @@ import ( "gitlab.com/gitlab-org/labkit/errortracking" labmetrics "gitlab.com/gitlab-org/labkit/metrics" "gitlab.com/gitlab-org/labkit/monitoring" - mimedb "gitlab.com/lupine/go-mimedb" + "gitlab.com/lupine/go-mimedb" "gitlab.com/gitlab-org/gitlab-pages/internal/acme" "gitlab.com/gitlab-org/gitlab-pages/internal/artifact" @@ -32,20 +31,13 @@ import ( ) const ( - xForwardedProto = "X-Forwarded-Proto" - xForwardedHost = "X-Forwarded-Host" - xForwardedProtoHTTPS = "https" + xForwardedHost = "X-Forwarded-Host" ) var ( corsHandler = cors.New(cors.Options{AllowedMethods: []string{"GET"}}) ) -var ( - errStartListener = errors.New("Could not start listener") - errX509KeyPair = errors.New("Could not initialize KeyPair") -) - type theApp struct { appConfig domains *source.Domains diff --git a/internal/auth/auth.go b/internal/auth/auth.go index a89dd5999..b11983282 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -47,7 +47,6 @@ var ( errFailAuth = errors.New("Failed to authenticate request") errAuthNotConfigured = errors.New("Authentication is not configured") errQueryParameter = errors.New("Failed to parse domain query parameter") - errAuthInvalidToken = errors.New("Invalid token supplied") ) // Auth handles authenticating users with GitLab API diff --git a/internal/domain/domain_test.go b/internal/domain/domain_test.go index e22ff7a6b..49d46cb3e 100644 --- a/internal/domain/domain_test.go +++ b/internal/domain/domain_test.go @@ -1,11 +1,7 @@ package domain import ( - "compress/gzip" - "io/ioutil" "net/http" - "net/http/httptest" - "net/url" "os" "testing" @@ -88,33 +84,6 @@ func TestIsHTTPSOnly(t *testing.T) { } } -func testHTTPGzip(t *testing.T, handler http.HandlerFunc, mode, url string, values url.Values, acceptEncoding string, str interface{}, contentType string, ungzip bool) { - w := httptest.NewRecorder() - req, err := http.NewRequest(mode, url+"?"+values.Encode(), nil) - require.NoError(t, err) - if acceptEncoding != "" { - req.Header.Add("Accept-Encoding", acceptEncoding) - } - handler(w, req) - - if ungzip { - reader, err := gzip.NewReader(w.Body) - require.NoError(t, err) - defer reader.Close() - - contentEncoding := w.Header().Get("Content-Encoding") - require.Equal(t, "gzip", contentEncoding, "Content-Encoding") - - bytes, err := ioutil.ReadAll(reader) - require.NoError(t, err) - require.Contains(t, string(bytes), str) - } else { - require.Contains(t, w.Body.String(), str) - } - - require.Equal(t, contentType, w.Header().Get("Content-Type")) -} - func TestPredefined404ServeHTTP(t *testing.T) { cleanup := setUpTests(t) defer cleanup() -- GitLab From 35c937be058d70d1e4fd4dd49de329dc32936f73 Mon Sep 17 00:00:00 2001 From: Jaime Martinez Date: Mon, 25 May 2020 12:10:00 +1000 Subject: [PATCH 4/6] Enable bodyclose linter --- .golangci.yml | 2 +- internal/handlers/handlers.go | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.golangci.yml b/.golangci.yml index 583466b86..4503d9d31 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -30,7 +30,7 @@ linters: disable-all: true enable: # TODO: enable these linters on a separate MR https://gitlab.com/gitlab-org/gitlab-pages/-/issues/385#linters -# - bodyclose + - bodyclose - deadcode - dogsled - goconst diff --git a/internal/handlers/handlers.go b/internal/handlers/handlers.go index 5791e7932..e95a7a979 100644 --- a/internal/handlers/handlers.go +++ b/internal/handlers/handlers.go @@ -63,5 +63,8 @@ func (a *Handlers) HandleArtifactRequest(host string, w http.ResponseWriter, r * return true } + // nolint: bodyclose + // a.checkIfLoginRequiredOrInvalidToken returns a response.Body, closing this body is responsibility + // of the TryMakeRequest implementation return a.Artifact.TryMakeRequest(host, w, r, token, a.checkIfLoginRequiredOrInvalidToken(w, r, token)) } -- GitLab From c557de8d5e324da35d55fbb763a00574ff8f47e9 Mon Sep 17 00:00:00 2001 From: Jaime Martinez Date: Mon, 25 May 2020 13:21:48 +1000 Subject: [PATCH 5/6] Enable the remaining linters - ineffassign - misspell - structcheck - typecheck - unconvert - unused - varcheck - whitespace --- .golangci.yml | 17 ++++++++--------- acceptance_test.go | 10 +++++----- app.go | 4 ---- internal/artifact/artifact_test.go | 1 - internal/auth/auth.go | 3 --- internal/auth/auth_test.go | 1 + internal/handlers/handlers.go | 2 -- internal/httptransport/transport_test.go | 1 - internal/rollout/rollout.go | 2 +- internal/source/domains.go | 2 +- internal/source/domains_test.go | 1 - internal/source/gitlab/cache/cache.go | 5 ++--- internal/source/gitlab/cache/entry.go | 1 - internal/testhelpers/testhelpers.go | 2 -- 14 files changed, 18 insertions(+), 34 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index 4503d9d31..5c60dcfba 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -29,7 +29,6 @@ linters-settings: linters: disable-all: true enable: -# TODO: enable these linters on a separate MR https://gitlab.com/gitlab-org/gitlab-pages/-/issues/385#linters - bodyclose - deadcode - dogsled @@ -40,14 +39,14 @@ linters: - gosimple - govet - gosec -# - ineffassign -# - misspell -# - structcheck -# - typecheck -# - unconvert -# - unused -# - varcheck -# - whitespace + - ineffassign + - misspell + - structcheck + - typecheck + - unconvert + - unused + - varcheck + - whitespace fast: false issues: diff --git a/acceptance_test.go b/acceptance_test.go index 4a1b30286..1cd854d31 100644 --- a/acceptance_test.go +++ b/acceptance_test.go @@ -291,7 +291,6 @@ func TestKnownHostWithPortReturns200(t *testing.T) { rsp.Body.Close() require.Equal(t, http.StatusOK, rsp.StatusCode) } - } func TestHttpToHttpsRedirectDisabled(t *testing.T) { @@ -576,7 +575,6 @@ func TestArtifactProxyRequest(t *testing.T) { t.Log("Artifact server URL", artifactServerURL) for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { teardown := RunPagesProcessWithSSLCertFile( t, @@ -674,7 +672,6 @@ func TestPrivateArtifactProxyRequest(t *testing.T) { t.Log("Artifact server URL", artifactServerURL) for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { configFile, cleanup := defaultConfigFileWith(t, "artifacts-server="+artifactServerURL, @@ -731,6 +728,7 @@ func TestPrivateArtifactProxyRequest(t *testing.T) { // Request auth callback in project domain authrsp, err = GetRedirectPageWithCookie(t, httpsListener, url.Host, url.Path+"?"+url.RawQuery, cookie) + require.NoError(t, err) // server returns the ticket, user will be redirected to the project page require.Equal(t, http.StatusFound, authrsp.StatusCode) @@ -847,6 +845,7 @@ func TestWhenAuthIsEnabledPrivateWillRedirectToAuthorize(t *testing.T) { url, err := url.Parse(rsp.Header.Get("Location")) require.NoError(t, err) rsp, err = GetRedirectPage(t, httpsListener, url.Host, url.Path+"?"+url.RawQuery) + require.NoError(t, err) require.Equal(t, http.StatusFound, rsp.StatusCode) require.Equal(t, 1, len(rsp.Header["Location"])) @@ -1074,7 +1073,6 @@ func sleepIfAuthorized(t *testing.T, authorization string, w http.ResponseWriter } else { w.WriteHeader(http.StatusNotFound) } - } func TestAccessControlUnderCustomDomain(t *testing.T) { @@ -1139,6 +1137,7 @@ func TestAccessControlUnderCustomDomain(t *testing.T) { // Fetch page in custom domain authrsp, err = GetRedirectPageWithCookie(t, httpListener, "private.domain.com", "/", cookie) + require.NoError(t, err) require.Equal(t, http.StatusOK, authrsp.StatusCode) } @@ -1204,6 +1203,7 @@ func TestAccessControlUnderCustomDomainWithHTTPSProxy(t *testing.T) { // Fetch page in custom domain authrsp, err = GetProxyRedirectPageWithCookie(t, proxyListener, "private.domain.com", "/", cookie, true) + require.NoError(t, err) require.Equal(t, http.StatusOK, authrsp.StatusCode) } @@ -1337,7 +1337,6 @@ func TestAccessControl(t *testing.T) { } for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { teardown := RunPagesProcessWithAuthServerWithSSL(t, *pagesBinary, listeners, "", certFile, testServer.URL) defer teardown() @@ -1380,6 +1379,7 @@ func TestAccessControl(t *testing.T) { // Request auth callback in project domain authrsp, err = GetRedirectPageWithCookie(t, httpsListener, url.Host, url.Path+"?"+url.RawQuery, cookie) + require.NoError(t, err) // server returns the ticket, user will be redirected to the project page require.Equal(t, http.StatusFound, authrsp.StatusCode) diff --git a/app.go b/app.go index 92e0142b7..217f9db70 100644 --- a/app.go +++ b/app.go @@ -95,10 +95,8 @@ func (a *theApp) domain(host string) (*domain.Domain, error) { func (a *theApp) checkAuthenticationIfNotExists(domain *domain.Domain, w http.ResponseWriter, r *http.Request) bool { if domain == nil || !domain.HasLookupPath(r) { - // Only if auth is supported if a.Auth.IsAuthSupported() { - // To avoid user knowing if pages exist, we will force user to login and authorize pages if a.Auth.CheckAuthenticationWithoutProject(w, r) { return true @@ -267,7 +265,6 @@ func (a *theApp) serveFileOrNotFoundHandler() http.Handler { // because the projects override the paths of the namespace project and they might be private even though // namespace project is public. if domain.IsNamespaceProject(r) { - if a.Auth.CheckAuthenticationWithoutProject(w, r) { return } @@ -284,7 +281,6 @@ func (a *theApp) serveFileOrNotFoundHandler() http.Handler { // httpInitialMiddleware sets up HTTP requests func (a *theApp) httpInitialMiddleware(handler http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - handler.ServeHTTP(w, setRequestScheme(r)) }) } diff --git a/internal/artifact/artifact_test.go b/internal/artifact/artifact_test.go index a55eda7ba..ab25d16f0 100644 --- a/internal/artifact/artifact_test.go +++ b/internal/artifact/artifact_test.go @@ -84,7 +84,6 @@ func TestTryMakeRequest(t *testing.T) { require.Equal(t, c.Length, result.Header().Get("Content-Length")) require.Equal(t, c.CacheControl, result.Header().Get("Cache-Control")) require.Equal(t, c.Content, result.Body.String()) - }) } } diff --git a/internal/auth/auth.go b/internal/auth/auth.go index b11983282..6dce1ab86 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -87,7 +87,6 @@ func (a *Auth) getSessionFromStore(r *http.Request) (*sessions.Session, error) { } func (a *Auth) checkSession(w http.ResponseWriter, r *http.Request) (*sessions.Session, error) { - // Create or get session session, errsession := a.getSessionFromStore(r) @@ -148,7 +147,6 @@ func (a *Auth) TryAuthenticate(w http.ResponseWriter, r *http.Request, domains s } func (a *Auth) checkAuthenticationResponse(session *sessions.Session, w http.ResponseWriter, r *http.Request) { - if !validateState(r, session) { // State is NOT ok logRequest(r).Warn("Authentication state did not match expected") @@ -483,7 +481,6 @@ func (a *Auth) checkAuthentication(w http.ResponseWriter, r *http.Request, proje // CheckAuthenticationWithoutProject checks if user is authenticated and has a valid token func (a *Auth) CheckAuthenticationWithoutProject(w http.ResponseWriter, r *http.Request) bool { - if a == nil { // No auth supported return false diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index 87cc988dc..f4decb5ef 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -367,6 +367,7 @@ func TestGetTokenIfExistsWhenTokenExists(t *testing.T) { session.Save(r, result) token, err := auth.GetTokenIfExists(result, r) + require.NoError(t, err) require.Equal(t, testAccessToken, token) } diff --git a/internal/handlers/handlers.go b/internal/handlers/handlers.go index e95a7a979..fb47fc55b 100644 --- a/internal/handlers/handlers.go +++ b/internal/handlers/handlers.go @@ -24,9 +24,7 @@ func New(auth internal.Auth, artifact internal.Artifact) *Handlers { func (a *Handlers) checkIfLoginRequiredOrInvalidToken(w http.ResponseWriter, r *http.Request, token string) func(*http.Response) bool { return func(resp *http.Response) bool { - if resp.StatusCode == http.StatusNotFound { - if token == "" { if !a.Auth.IsAuthSupported() { // Auth is not supported, probably means no access or does not exist but we cannot try with auth diff --git a/internal/httptransport/transport_test.go b/internal/httptransport/transport_test.go index e3270ebe9..330d10224 100644 --- a/internal/httptransport/transport_test.go +++ b/internal/httptransport/transport_test.go @@ -14,7 +14,6 @@ import ( ) func Test_withRoundTripper(t *testing.T) { - tests := []struct { name string statusCode int diff --git a/internal/rollout/rollout.go b/internal/rollout/rollout.go index ec592c387..aaf252891 100644 --- a/internal/rollout/rollout.go +++ b/internal/rollout/rollout.go @@ -7,7 +7,7 @@ import ( ) // Rollout returns true and no error when during this run something should -// happen for given actor according to the stickiness and likelyhood passed +// happen for given actor according to the stickiness and likelihood passed // as a percentage value to this function. It returns false rollout and an // error if the percentage value is negative or higher than 100. func Rollout(actor string, percentage int, stickiness string) (bool, error) { diff --git a/internal/source/domains.go b/internal/source/domains.go index 7a376bc76..77e1aa1d4 100644 --- a/internal/source/domains.go +++ b/internal/source/domains.go @@ -18,7 +18,7 @@ var ( gitlabSourceConfig gitlabsourceconfig.GitlabSourceConfig // serverlessDomainRegex is a regular expression we use to check if a domain - // is a serverless domain, to short circut gitlab source rollout. It can be + // is a serverless domain, to short circuit gitlab source rollout. It can be // removed after the rollout is done serverlessDomainRegex = regexp.MustCompile(`^[^.]+-[[:xdigit:]]{2}a1[[:xdigit:]]{10}f2[[:xdigit:]]{2}[[:xdigit:]]+-?.*`) ) diff --git a/internal/source/domains_test.go b/internal/source/domains_test.go index 9fffe4a91..24008b08e 100644 --- a/internal/source/domains_test.go +++ b/internal/source/domains_test.go @@ -163,7 +163,6 @@ func TestGetDomainWithIncrementalrolloutOfGitLabSource(t *testing.T) { type testDomain struct { name string source string - times int } tests := map[string]struct { diff --git a/internal/source/gitlab/cache/cache.go b/internal/source/gitlab/cache/cache.go index 00fca92bd..c8d166b5a 100644 --- a/internal/source/gitlab/cache/cache.go +++ b/internal/source/gitlab/cache/cache.go @@ -18,9 +18,8 @@ var defaultCacheConfig = cacheConfig{ // Cache is a short and long caching mechanism for GitLab source type Cache struct { - client api.Client - store Store - cacheConfig *cacheConfig + client api.Client + store Store } type cacheConfig struct { diff --git a/internal/source/gitlab/cache/entry.go b/internal/source/gitlab/cache/entry.go index 191ef789d..d33d2758c 100644 --- a/internal/source/gitlab/cache/entry.go +++ b/internal/source/gitlab/cache/entry.go @@ -25,7 +25,6 @@ type Entry struct { } func newCacheEntry(domain string, refreshTimeout time.Duration, retriever *Retriever) *Entry { - return &Entry{ domain: domain, created: time.Now(), diff --git a/internal/testhelpers/testhelpers.go b/internal/testhelpers/testhelpers.go index d703769bc..422a3d9a6 100644 --- a/internal/testhelpers/testhelpers.go +++ b/internal/testhelpers/testhelpers.go @@ -30,7 +30,6 @@ func AssertHTTP404(t *testing.T, handler http.HandlerFunc, mode, url string, val // AssertRedirectTo asserts that handler redirects to particular URL func AssertRedirectTo(t *testing.T, handler http.HandlerFunc, method string, url string, values url.Values, expectedURL string) { - require.HTTPRedirect(t, handler, method, url, values) recorder := httptest.NewRecorder() @@ -41,7 +40,6 @@ func AssertRedirectTo(t *testing.T, handler http.HandlerFunc, method string, handler(recorder, req) require.Equal(t, expectedURL, recorder.Header().Get("Location")) - } // AssertLogContains checks that wantLogEntry is contained in at least one of the log entries -- GitLab From 547b838933f4a364d42f557623715d9231ffe2b1 Mon Sep 17 00:00:00 2001 From: Jaime Martinez Date: Mon, 1 Jun 2020 10:43:36 +1000 Subject: [PATCH 6/6] Revert goconst changes in auth_test.go --- internal/auth/auth_test.go | 27 +++++++++++---------------- 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index f4decb5ef..fc8ddb449 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -16,11 +16,6 @@ import ( "gitlab.com/gitlab-org/gitlab-pages/internal/source" ) -const ( - testAccessToken = "abc" - apiPagesAccess = "/api/v4/projects/1000/pages_access" -) - func createAuth(t *testing.T) *Auth { return New("pages.gitlab-example.com", "something-very-secret", @@ -103,7 +98,7 @@ func testTryAuthenticateWithCodeAndState(t *testing.T, https bool) { require.Equal(t, "POST", r.Method) w.WriteHeader(http.StatusOK) fmt.Fprint(w, "{\"access_token\":\"abc\"}") - case apiPagesAccess: + case "/api/v4/projects/1000/pages_access": require.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) default: @@ -155,7 +150,7 @@ func TestTryAuthenticateWithCodeAndStateOverHTTPS(t *testing.T) { func TestCheckAuthenticationWhenAccess(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case apiPagesAccess: + case "/api/v4/projects/1000/pages_access": require.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) default: @@ -183,7 +178,7 @@ func TestCheckAuthenticationWhenAccess(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = testAccessToken + session.Values["access_token"] = "abc" session.Save(r, result) require.Equal(t, false, auth.CheckAuthentication(result, r, 1000)) @@ -193,7 +188,7 @@ func TestCheckAuthenticationWhenAccess(t *testing.T) { func TestCheckAuthenticationWhenNoAccess(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case apiPagesAccess: + case "/api/v4/projects/1000/pages_access": require.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) default: @@ -221,7 +216,7 @@ func TestCheckAuthenticationWhenNoAccess(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = testAccessToken + session.Values["access_token"] = "abc" session.Save(r, result) require.Equal(t, true, auth.CheckAuthentication(result, r, 1000)) @@ -231,7 +226,7 @@ func TestCheckAuthenticationWhenNoAccess(t *testing.T) { func TestCheckAuthenticationWhenInvalidToken(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case apiPagesAccess: + case "/api/v4/projects/1000/pages_access": require.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) fmt.Fprint(w, "{\"error\":\"invalid_token\"}") @@ -259,7 +254,7 @@ func TestCheckAuthenticationWhenInvalidToken(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = testAccessToken + session.Values["access_token"] = "abc" session.Save(r, result) require.Equal(t, true, auth.CheckAuthentication(result, r, 1000)) @@ -297,7 +292,7 @@ func TestCheckAuthenticationWithoutProject(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = testAccessToken + session.Values["access_token"] = "abc" session.Save(r, result) require.Equal(t, false, auth.CheckAuthenticationWithoutProject(result, r)) @@ -334,7 +329,7 @@ func TestCheckAuthenticationWithoutProjectWhenInvalidToken(t *testing.T) { require.NoError(t, err) r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = testAccessToken + session.Values["access_token"] = "abc" session.Save(r, result) require.Equal(t, true, auth.CheckAuthenticationWithoutProject(result, r)) @@ -363,12 +358,12 @@ func TestGetTokenIfExistsWhenTokenExists(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = testAccessToken + session.Values["access_token"] = "abc" session.Save(r, result) token, err := auth.GetTokenIfExists(result, r) require.NoError(t, err) - require.Equal(t, testAccessToken, token) + require.Equal(t, "abc", token) } func TestGetTokenIfExistsWhenTokenDoesNotExist(t *testing.T) { -- GitLab