chore(lint): updated linting [TAU-298]

chore(deps): udpated deps

test: enabled -race tests,
fix: fixed race conditions in forwarding middleware

NOTE: boltDB does not support race testing

Signed-off-by: Frédéric BIDON <[email protected]>

Author: fredbi

.circleci/config.yml

@@ -16,17 +16,17 @@ jobs:
           name: Run linter
           environment:
           command: |
-            golangci-lint run --timeout 10m --new-from-rev oneconcern-release
+            golangci-lint run --timeout 2m --new-from-rev oneconcern-release
 
   test:
     working_directory: /go/src/github.com/oneconcern/keycloak-gatekeeper
     docker:
-      - image: circleci/golang:latest
+      - image: golang:1.19
     steps:
       - checkout
       - run:
           name: Run unit tests
-          command: GO111MODULE=on go test -v -covermode=atomic -coverprofile=cover.out
+          command: go test -v -race -covermode=atomic -coverprofile=cover.out
           no_output_timeout: 30m
 
   build_image:
@@ -44,7 +44,6 @@ jobs:
             echo $GCLOUD_SERVICE_KEY | gcloud auth activate-service-account --key-file=-
             gcloud --quiet config set project ${GOOGLE_PROJECT_ID}
             gcloud --quiet config set compute/region ${GOOGLE_COMPUTE_REGION}
-            #gcloud --quiet config set container/new_scopes_behavior true
             gcloud --quiet container clusters get-credentials ${CLUSTER} --region ${GOOGLE_COMPUTE_REGION}
       - checkout
       - setup_remote_docker:

.golangci.yml

@@ -21,23 +21,56 @@ linters-settings:
 
 linters:
   enable:
-    - gofmt
-    - goimports
+    #- nolintlint
+    #- unparam
     - bodyclose
     - dupl
     - forbidigo
     - gocognit
     - gocritic
+    - gofmt
+    - goimports
     - goimports
     - gosec
     - nakedret
-    - nolintlint
     - revive
     - stylecheck
     - unconvert
-    #- unparam
   disable:
-    - maligned
-    - lll
-    - gochecknoinits
+    #- gocognit
+    - errorlint
+    - exhaustive
+    - exhaustivestruct
+    - exhaustruct
+    - funlen
+    - gci
     - gochecknoglobals
+    - gochecknoinits
+    - gocyclo
+    - godot
+    - godox
+    - goerr113
+    - gofumpt
+    - golint
+    - gomnd
+    - gomoddirectives
+    - ifshort
+    - interfacer
+    - ireturn
+    - lll
+    - maintidx
+    - maligned
+    - nestif
+    - nlreturn
+    - nolintlint
+    - nonamedreturns
+    - paralleltest
+    - scopelint
+    - tagliatelle
+    - testpackage
+    - thelper
+    - unparam
+    - varnamelen
+    - whitespace
+    - wrapcheck
+    - wsl

admin_test.go

@@ -16,7 +16,7 @@ limitations under the License.
 package main
 
 import (
-	"io/ioutil"
+	"io"
 	"log"
 	"net/http"
 	"net/url"
@@ -72,14 +72,14 @@ func testBuildAdminConfig() *Config {
 	config.Resources = []*Resource{
 		{
 			URL:         "/fake",
-			Methods:     []string{"GET", "POST", "DELETE"},
+			Methods:     []string{http.MethodGet, http.MethodPost, http.MethodDelete},
 			WhiteListed: false,
 			EnableCSRF:  false,
 		},
 	}
 	config.Resources = append(config.Resources, &Resource{
 		URL:         "/another-fake",
-		Methods:     []string{"GET", "POST", "DELETE"},
+		Methods:     []string{http.MethodGet, http.MethodPost, http.MethodDelete},
 		WhiteListed: false,
 		EnableCSRF:  false,
 	})
@@ -88,7 +88,7 @@ func testBuildAdminConfig() *Config {
 }
 
 func TestAdmin(t *testing.T) {
-	log.SetOutput(ioutil.Discard)
+	log.SetOutput(io.Discard)
 	config := testBuildAdminConfig()
 	if !assert.NoError(t, config.isValid()) {
 		t.FailNow()
@@ -127,7 +127,7 @@ func TestAdmin(t *testing.T) {
 	h.Set("Content-Type", "application/json")
 	h.Add("Accept", "application/json")
 	req := &http.Request{
-		Method: "GET",
+		Method: http.MethodGet,
 		URL:    u,
 		Header: h,
 	}
@@ -139,14 +139,14 @@ func TestAdmin(t *testing.T) {
 	}()
 
 	assert.Equal(t, http.StatusOK, resp.StatusCode)
-	buf, erb := ioutil.ReadAll(resp.Body)
+	buf, erb := io.ReadAll(resp.Body)
 	assert.NoError(t, erb)
 	assert.Equal(t, `{"status":"OK"}`, string(buf)) // check this is our test resource being called
 
 	// test prometheus metrics endpoint
 	u, _ = url.Parse("http://" + e2eAdminEndpointListener + "/oauth/metrics")
 	req = &http.Request{
-		Method: "GET",
+		Method: http.MethodGet,
 		URL:    u,
 		Header: h,
 	}
@@ -157,14 +157,14 @@ func TestAdmin(t *testing.T) {
 	}
 
 	assert.Equal(t, http.StatusOK, resp.StatusCode)
-	buf, erb = ioutil.ReadAll(resp.Body)
+	buf, erb = io.ReadAll(resp.Body)
 	assert.NoError(t, erb)
 	assert.Contains(t, string(buf), `proxy_request_duration_seconds`)
 
 	// test profiling/debug endpoint
 	u, _ = url.Parse("http://" + e2eAdminEndpointListener + debugURL + "/symbol")
 	req = &http.Request{
-		Method: "GET",
+		Method: http.MethodGet,
 		URL:    u,
 		Header: h,
 	}
@@ -176,7 +176,7 @@ func TestAdmin(t *testing.T) {
 	}()
 
 	assert.Equal(t, http.StatusOK, resp.StatusCode)
-	buf, erb = ioutil.ReadAll(resp.Body)
+	buf, erb = io.ReadAll(resp.Body)
 	assert.NoError(t, erb)
 	assert.Contains(t, string(buf), "num_symbols: 1\n")
 
@@ -194,7 +194,7 @@ func TestAdmin(t *testing.T) {
 	// test health status endpoint, unauthenticated
 	u, _ = url.Parse("http://" + e2eAdminProxyListener2 + "/oauth/health")
 	req = &http.Request{
-		Method: "GET",
+		Method: http.MethodGet,
 		URL:    u,
 		Header: h,
 	}
@@ -205,14 +205,14 @@ func TestAdmin(t *testing.T) {
 	}()
 
 	assert.Equal(t, http.StatusOK, resp.StatusCode)
-	buf, erb = ioutil.ReadAll(resp.Body)
+	buf, erb = io.ReadAll(resp.Body)
 	assert.NoError(t, erb)
 	assert.Contains(t, string(buf), `OK`)
 
 	// test metrics
 	u, _ = url.Parse("http://" + e2eAdminProxyListener2 + "/oauth/metrics")
 	req = &http.Request{
-		Method: "GET",
+		Method: http.MethodGet,
 		URL:    u,
 		Header: h,
 	}
@@ -223,7 +223,7 @@ func TestAdmin(t *testing.T) {
 	}
 
 	assert.Equal(t, http.StatusOK, resp.StatusCode)
-	buf, erb = ioutil.ReadAll(resp.Body)
+	buf, erb = io.ReadAll(resp.Body)
 	assert.NoError(t, erb)
 	assert.Contains(t, string(buf), `proxy_request_duration_seconds`)
 }

config.go

@@ -199,6 +199,7 @@ func checkTLSVersion(config *tlsAdvancedConfig, parsed *tlsSettings) error {
 	return nil
 }
 
+//nolint:nosnakecase
 func checkTLSCipher(config *tlsAdvancedConfig, parsed *tlsSettings) error {
 	if !config.tlsUseModernSettings && len(config.tlsCipherSuites) == 0 {
 		return nil
@@ -249,6 +250,7 @@ func checkTLSCipher(config *tlsAdvancedConfig, parsed *tlsSettings) error {
 	return nil
 }
 
+//nolint:nosnakecase
 func parseTLSCipher(cipher string) (uint16, error) {
 	switch cipher {
 	case "TLS_FALLBACK_SCSV":

config_test.go

@@ -383,6 +383,7 @@ func TestIsConfigValid(t *testing.T) {
 	}
 }
 
+//nolint:nosnakecase
 func TestParseTLS(t *testing.T) {
 	tlsConfigFixture := tlsAdvancedConfig{
 		tlsPreferServerCipherSuites: true,

cors_test.go

@@ -16,7 +16,7 @@ limitations under the License.
 package main
 
 import (
-	"io/ioutil"
+	"io"
 	"log"
 	"net/http"
 	"net/url"
@@ -47,15 +47,15 @@ func testBuildCorsConfig() *Config {
 	config.Resources = []*Resource{
 		{
 			URL:         e2eCorsUpstreamURL,
-			Methods:     []string{"GET"},
+			Methods:     []string{http.MethodGet},
 			WhiteListed: true,
 		},
 	}
 	return config
 }
 
 func TestCorsWithUpstream(t *testing.T) {
-	log.SetOutput(ioutil.Discard)
+	log.SetOutput(io.Discard)
 
 	config := testBuildCorsConfig()
 
@@ -76,7 +76,7 @@ func TestCorsWithUpstream(t *testing.T) {
 	h.Add("Origin", "myorigin.com")
 
 	resp, err := client.Do(&http.Request{
-		Method: "GET",
+		Method: http.MethodGet,
 		URL:    u,
 		Header: h,
 	})
@@ -85,7 +85,7 @@ func TestCorsWithUpstream(t *testing.T) {
 		_ = resp.Body.Close()
 	}()
 
-	buf, erb := ioutil.ReadAll(resp.Body)
+	buf, erb := io.ReadAll(resp.Body)
 	assert.NoError(t, erb)
 	assert.Contains(t, string(buf), `"message": "test"`) // check this is our test resource
 	if assert.NotEmpty(t, resp.Header) && assert.Contains(t, resp.Header, "Access-Control-Allow-Origin") {

csrf_test.go

@@ -19,7 +19,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/url"
 	"path"
@@ -163,7 +162,7 @@ func getUpstreamTest(t *testing.T, config *Config, cookies []*http.Cookie, expec
 	h := make(http.Header, 10)
 	h.Set("Content-Type", "application/json")
 	req := &http.Request{
-		Method: "GET",
+		Method: http.MethodGet,
 		URL:    u,
 		Header: h,
 	}
@@ -173,7 +172,7 @@ func getUpstreamTest(t *testing.T, config *Config, cookies []*http.Cookie, expec
 
 	assert.NoError(t, err)
 	assert.Equal(t, http.StatusOK, resp.StatusCode)
-	buf, erb := ioutil.ReadAll(resp.Body)
+	buf, erb := io.ReadAll(resp.Body)
 	assert.NoError(t, erb)
 	assert.JSONEq(t, `{"message":"test"}`, string(buf)) // check this is our test resource being called
 
@@ -224,7 +223,7 @@ func getTokenTest(t *testing.T, config *Config, cookies []*http.Cookie, expectCS
 	h := make(http.Header, 10)
 	h.Set("Content-Type", "application/json")
 	req := &http.Request{
-		Method: "GET",
+		Method: http.MethodGet,
 		URL:    u,
 		Header: h,
 	}
@@ -234,7 +233,7 @@ func getTokenTest(t *testing.T, config *Config, cookies []*http.Cookie, expectCS
 
 	assert.NoError(t, err)
 	assert.Equal(t, http.StatusOK, resp.StatusCode)
-	buf, erb := ioutil.ReadAll(resp.Body)
+	buf, erb := io.ReadAll(resp.Body)
 	assert.NoError(t, erb)
 	assert.NotEmpty(t, buf)
 
@@ -274,7 +273,7 @@ func postUpstreamTest(t *testing.T, config *Config, cookies []*http.Cookie, csrf
 	h.Set("Content-Type", "application/json")
 	h.Add(config.CSRFHeader, csrfToken)
 	req := &http.Request{
-		Method: "POST",
+		Method: http.MethodPost,
 		URL:    u,
 		Header: h,
 	}
@@ -287,7 +286,7 @@ func postUpstreamTest(t *testing.T, config *Config, cookies []*http.Cookie, csrf
 	var csrfNewToken string
 	if !expectedFailure {
 		assert.Equal(t, http.StatusOK, resp.StatusCode)
-		buf, erb := ioutil.ReadAll(resp.Body)
+		buf, erb := io.ReadAll(resp.Body)
 
 		// checking response to POST
 		assert.NoError(t, erb)
@@ -317,7 +316,7 @@ func postUpstreamWithAccessTokenTest(t *testing.T, config *Config, cookies []*ht
 	h.Set("Content-Type", "application/json")
 	h.Add("Authorization", "Bearer "+accessToken)
 	req := &http.Request{
-		Method: "POST",
+		Method: http.MethodPost,
 		URL:    u,
 		Header: h,
 	}
@@ -329,7 +328,7 @@ func postUpstreamWithAccessTokenTest(t *testing.T, config *Config, cookies []*ht
 
 	var csrfNewToken string
 	assert.Equal(t, http.StatusOK, resp.StatusCode)
-	buf, erb := ioutil.ReadAll(resp.Body)
+	buf, erb := io.ReadAll(resp.Body)
 
 	// checking response to POST
 	assert.NoError(t, erb)
@@ -351,7 +350,7 @@ func postUpstream2Test(t *testing.T, config *Config, cookies []*http.Cookie) (st
 	h := make(http.Header, 10)
 	h.Set("Content-Type", "application/json")
 	req := &http.Request{
-		Method: "POST",
+		Method: http.MethodPost,
 		URL:    u,
 		Header: h,
 	}
@@ -363,7 +362,7 @@ func postUpstream2Test(t *testing.T, config *Config, cookies []*http.Cookie) (st
 
 	var csrfNewToken string
 	assert.Equal(t, http.StatusOK, resp.StatusCode)
-	buf, erb := ioutil.ReadAll(resp.Body)
+	buf, erb := io.ReadAll(resp.Body)
 
 	// checking response to POST
 	assert.NoError(t, erb)
@@ -404,7 +403,7 @@ func TestCSRF(t *testing.T) {
 	config.Resources = []*Resource{
 		{
 			URL:         e2eCsrfUpstreamURL2,
-			Methods:     []string{"GET", "POST", "DELETE"},
+			Methods:     []string{http.MethodGet, http.MethodPost, http.MethodDelete},
 			WhiteListed: false,
 			EnableCSRF:  false,
 		},
@@ -416,7 +415,7 @@ func TestCSRF(t *testing.T) {
 
 	config.Resources = append(config.Resources, &Resource{
 		URL:         e2eCsrfUpstreamURL,
-		Methods:     []string{"GET", "POST", "DELETE"},
+		Methods:     []string{http.MethodGet, http.MethodPost, http.MethodDelete},
 		WhiteListed: false,
 		EnableCSRF:  true,
 	})