Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CI: Add CLA check, Linting and security scanning #31

Merged

Conversation

rebornplusplus
Copy link
Member

@rebornplusplus rebornplusplus commented Sep 27, 2022

@woky woky requested a review from niemeyer January 12, 2023 09:14
@woky woky self-requested a review January 12, 2023 09:14
Copy link
Contributor

@niemeyer niemeyer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks Rafid, here is a first pass.

.github/workflows/linter.yml Outdated Show resolved Hide resolved
.github/workflows/cla-check.yml Outdated Show resolved Hide resolved
.github/workflows/linter.yml Outdated Show resolved Hide resolved
Copy link
Contributor

@niemeyer niemeyer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks Rafid, here is a first pass.

@rebornplusplus rebornplusplus marked this pull request as draft June 2, 2023 03:34
@rebornplusplus rebornplusplus changed the title CI: Added CLA Check and Linting Support including Security Scanning CI: Add CLA check, Linting and security scanning Jun 2, 2023
@rebornplusplus rebornplusplus marked this pull request as ready for review June 2, 2023 04:53
@rebornplusplus rebornplusplus requested review from niemeyer and woky June 2, 2023 05:37
@rebornplusplus
Copy link
Member Author

Please note that the "Lint" tests are failing because some of the files we currently have, seem not to be appropriately formatted.
go fmt ./... produces the diff here: link to GH workflow run log.

Additionally, I ran errcheck, staticcheck and unused on my workstation in the repo(main) and found the following warnings:

Toggle to see log
$ golangci-lint run --disable-all --enable errcheck,staticcheck,unused
internal/strdist/log.go:47:22: Error return value of `globalLogger.Output` is not checked (errcheck)
		globalLogger.Output(2, fmt.Sprintf(format, args...))
		                   ^
internal/strdist/log.go:58:22: Error return value of `globalLogger.Output` is not checked (errcheck)
		globalLogger.Output(2, fmt.Sprintf(format, args...))
		                   ^
internal/strdist/log.go:43:6: func `logf` is unused (unused)
func logf(format string, args ...interface{}) {
     ^
internal/strdist/strdist.go:24:2: field `private` is unused (unused)
	private struct{}
	^
internal/control/control_test.go:91:22: Error return value of `control.ParseString` is not checked (errcheck)
		control.ParseString("Package", content)
		                   ^
internal/fsutil/log.go:40:22: Error return value of `globalLogger.Output` is not checked (errcheck)
		globalLogger.Output(2, fmt.Sprintf(format, args...))
		                   ^
internal/setup/fetch.go:47:25: Error return value of `lockFile.Unlock` is not checked (errcheck)
			defer lockFile.Unlock()
			                     ^
internal/archive/archive_test.go:117:16: Error return value of `release.Render` is not checked (errcheck)
	release.Render(base.Path, s.responses)
	              ^
internal/archive/archive_test.go:232:15: Error return value of `release.Walk` is not checked (errcheck)
		release.Walk(func(item testarchive.Item) error {
		            ^
internal/archive/archive_test.go:239:17: Error return value of `release.Render` is not checked (errcheck)
		release.Render("/ubuntu", s.responses)
		              ^
cmd/chisel/cmd_help.go:105:9: Error return value of `io.Copy` is not checked (errcheck)
	io.Copy(Stdout, strings.NewReader(str))
	       ^
cmd/chisel/main.go:167:16: Error return value is not checked (errcheck)
		printVersions()
		             ^
cmd/chisel/main.go:181:9: Error return value is not checked (errcheck)
	addHelp(parser)
	       ^
internal/fsutil/log.go:36:6: func `logf` is unused (unused)
func logf(format string, args ...interface{}) {
     ^
internal/deb/log.go:17:5: var `globalDebug` is unused (unused)
var globalDebug bool
    ^
internal/deb/log.go:47:6: func `debugf` is unused (unused)
func debugf(format string, args ...interface{}) {
     ^
internal/deb/version.go:86:6: func `matchEpoch` is unused (unused)
func matchEpoch(a string) bool {
     ^
internal/deb/version.go:99:6: func `atMostOneDash` is unused (unused)
func atMostOneDash(a string) bool {
     ^
internal/scripts/log.go:16:5: var `globalLogger` is unused (unused)
var globalLogger log_Logger
    ^
internal/scripts/log.go:17:5: var `globalDebug` is unused (unused)
var globalDebug bool
    ^
internal/scripts/log.go:36:6: func `logf` is unused (unused)
func logf(format string, args ...interface{}) {
     ^
internal/scripts/log.go:47:6: func `debugf` is unused (unused)
func debugf(format string, args ...interface{}) {
     ^
internal/jsonwall/log.go:16:5: var `globalLogger` is unused (unused)
var globalLogger log_Logger
    ^
internal/jsonwall/log.go:17:5: var `globalDebug` is unused (unused)
var globalDebug bool
    ^
internal/jsonwall/log.go:47:6: func `debugf` is unused (unused)
func debugf(format string, args ...interface{}) {
     ^
internal/setup/setup_test.go:17:2: field `slices` is unused (unused)
	slices    map[string]*setup.Slice
	^
internal/slicer/log.go:16:5: var `globalLogger` is unused (unused)
var globalLogger log_Logger
    ^
cmd/chisel/main.go:40:7: const `defaultChiselDir` is unused (unused)
const defaultChiselDir = "/var/lib/chisel/default"
      ^
cmd/chisel/main.go:91:6: func `addDebugCommand` is unused (unused)
func addDebugCommand(name, shortHelp, longHelp string, builder func() flags.Commander, optDescs map[string]string, argDescs []argDesc) *cmdInfo {
     ^
cmd/chisel/main_test.go:73:6: func `fakeArgs` is unused (unused)
func fakeArgs(args ...string) (restore func()) {
     ^
internal/testutil/pkgdata.go:229:2: SA4006: this value of `err` is never used (staticcheck)
	writer, err := zstd.NewWriter(&buf)
	^
internal/testutil/pkgdata_test.go:346:2: SA4006: this value of `err` is never used (staticcheck)
	zstdReader, err := zstd.NewReader(&tarZstdBuf)
	^
cmd/chisel/main.go:15:2: SA1019: "golang.org/x/crypto/ssh/terminal" is deprecated: this package moved to golang.org/x/term. (staticcheck)
	"golang.org/x/crypto/ssh/terminal"
	^
cmd/chisel/main_test.go:8:2: SA1019: "golang.org/x/crypto/ssh/terminal" is deprecated: this package moved to golang.org/x/term. (staticcheck)
	"golang.org/x/crypto/ssh/terminal"
	^

We should probably refactor these files for the tests to pass.

Copy link
Member

@jnsgruk jnsgruk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given that the job fails due to formatting - can you add another commit that actually fixes those changes? That way we should have one commit introducing everything you have so far, and another to address the linting differences which means we don't need to merge a broken PR :)

.github/workflows/security.yaml Outdated Show resolved Hide resolved
@rebornplusplus rebornplusplus force-pushed the ROCKS-313-continuous-integration branch from 5614a61 to f39d70d Compare August 17, 2023 12:12
@rebornplusplus
Copy link
Member Author

This PR being very old, I have rebased the commits onto the current main and later squashed the commits into one.

Given that the job fails due to formatting - can you add another commit that actually fixes those changes? That way we should have one commit introducing everything you have so far, and another to address the linting differences which means we don't need to merge a broken PR :)

I have fixed the formatting issues in 020f62b. However, the lint workflow will still fail due to the linters we are running (errcheck, unused, staticcheck). Fixing this will need some (minor I am hoping) refactoring. I will add another commit addressing those issues.

@cjdcordeiro
Copy link
Collaborator

cjdcordeiro commented Aug 17, 2023

Thanks @rebornplusplus ;) if you feel that refactoring will require significant changes, feel free to leave it for a future pulse so that we can plan it properly

@rebornplusplus
Copy link
Member Author

if you feel that refactoring will require significant changes, feel free to leave it for a future pulse so that we can plan it properly

A'ight. I will leave it for next pulse then.

@rebornplusplus rebornplusplus force-pushed the ROCKS-313-continuous-integration branch from 020f62b to 609960b Compare September 25, 2023 11:15
rebornplusplus and others added 6 commits September 25, 2023 17:28
This commit adds the following github workflows:

  - CLA check: Check if Canonical's Contributor License Agreement has
    been signed by the PR author(s).
  - Lint: Ensure fomatting changes using ``gofmt`` and run errcheck,
    unused, staticcheck linters using golangci-lint.
  - Security: Run Trivy vulnerability scanner to check for known
    vulnerabilities.

Co-authored-by: Cristovao Cordeiro <[email protected]>
This commit removes unused code (variables, functions etc.) across the
codebase, with a few exceptions. Namely the unused functions from
``log.go`` in various packages are kept for future use. Additionally
the ``addDebugCommand`` function in `cmd/chisel/main.go` is kept too.
The ``io/ioutil`` package has been deprecated since Go 1.19. Usage of
this package have been removed appropriately.

The ``golang.org/x/crypto/ssh/terminal`` package has been deprecated and
moved to ``golang.org/x/term`` package. Usage have been updated likewise.
This commit adds a config file ``.golangci.yaml`` for the lint workflow.
It removes the previous arguments passed to golangci-lint in favor of
the new configuration file.
@rebornplusplus rebornplusplus force-pushed the ROCKS-313-continuous-integration branch from 609960b to 04a90d7 Compare September 25, 2023 11:31
@cjdcordeiro
Copy link
Collaborator

Thanks for the update. This should be ready to review now. The failure on the spread tests is related to Kinetic reaching EOL (which is being addressed elsewhere)

@rebornplusplus rebornplusplus force-pushed the ROCKS-313-continuous-integration branch 2 times, most recently from ab6a974 to 04a90d7 Compare September 26, 2023 04:23
@rebornplusplus
Copy link
Member Author

rebornplusplus commented Sep 26, 2023

Indeed, it is ready for review. #97 is merged already, tests are passing. Please take a look.

Copy link
Member

@jnsgruk jnsgruk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Changes requested by Gustavo seem to have been addressed, and the other code changes are all stylistic or of very low consequence.

@jnsgruk jnsgruk merged commit 379ddae into canonical:main Sep 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants