chore: bump go version, packages, dependencies (#227)

* chore: bump go version, packages, dependencies Signed-off-by: Bence Csati <[email protected]> chore: bump go version, packages, dependencies Signed-off-by: Bence Csati <[email protected]> chore: bump go version, packages, dependencies Signed-off-by: Bence Csati <[email protected]> chore: bump go version, packages, dependencies Signed-off-by: Bence Csati <[email protected]> chore: bump go version, packages, dependencies Signed-off-by: Bence Csati <[email protected]> chore: bump go version, packages, dependencies Signed-off-by: Bence Csati <[email protected]> chore: bump go version, packages, dependencies Signed-off-by: Bence Csati <[email protected]> feat: go get -u Signed-off-by: Bence Csati <[email protected]> * feat: turn off nix-lint for now Signed-off-by: Bence Csati <[email protected]> * refactor: remove dependency from internal Signed-off-by: Bence Csati <[email protected]> --------- Signed-off-by: Bence Csati <[email protected]>
bank-vaults · Sep 12, 2024 · 232bf6a · 232bf6a
1 parent c358166
commit 232bf6a
Show file tree

Hide file tree

Showing 18 changed files with 291 additions and 326 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -49,29 +49,6 @@ jobs:
   test:
     name: Test
     runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        vault_version: ["1.11.12", "1.12.8", "1.13.4", "1.14.1"]
-
-    services:
-      vault:
-        image: hashicorp/vault:${{ matrix.vault_version }}
-        env:
-          SKIP_SETCAP: "true"
-          VAULT_ADDR: http://127.0.0.1:8200
-          VAULT_TOKEN: 227e1cce-6bf7-30bb-2d2a-acc854318caf
-          VAULT_DEV_ROOT_TOKEN_ID: 227e1cce-6bf7-30bb-2d2a-acc854318caf
-        ports:
-          - 8200:8200
-      bao:
-        image: quay.io/openbao/openbao@sha256:a015ae0adb1af5b45b33632e29879ff87063d0878e9359584a50b2706e500e9a # 2.0.0-alpha20240329
-        env:
-          SKIP_SETCAP: "true"
-          BAO_ADDR: http://127.0.0.1:8200
-          BAO_TOKEN: 227e1cce-6bf7-30bb-2d2a-acc854318caf
-          BAO_DEV_ROOT_TOKEN_ID: 227e1cce-6bf7-30bb-2d2a-acc854318caf
-        ports:
-          - 8300:8200
 
     steps:
       - name: Checkout repository
@@ -110,30 +87,47 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
-      - name: Set up Nix
-        uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27
+      - name: Set up Go
+        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
         with:
-          extra_nix_config: |
-            access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
+          go-version: 1.23
 
-      - name: Set up magic Nix cache
-        uses: DeterminateSystems/magic-nix-cache-action@b46e247b898aa56e6d2d2e728dc6df6c84fdb738 # v7
+      - name: Install deps
+        run: make deps
 
-      - name: Set up Go cache
-        uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
+      - name: lint-go
+        uses: golangci/[email protected]
         with:
-          path: |
-            ~/.cache/go-build
-            ~/go/pkg/mod
-          key: ${{ github.job }}-${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-          restore-keys: |
-            ${{ github.job }}-${{ runner.os }}-go-
+          version: latest
 
-      - name: Prepare Nix shell
-        run: nix develop --impure .#ci
+      - name: lint-rest
+        run: make lint-yaml
+
+    # Enable this once Nix builds golangci-lint with Go 1.23
+    #   - name: Set up Nix
+    #     uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27
+    #     with:
+    #       extra_nix_config: |
+    #         access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
+
+    #   - name: Set up magic Nix cache
+    #     uses: DeterminateSystems/magic-nix-cache-action@b46e247b898aa56e6d2d2e728dc6df6c84fdb738 # v7
 
-      - name: Lint
-        run: nix develop --impure .#ci -c make lint
+    #   - name: Set up Go cache
+    #     uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
+    #     with:
+    #       path: |
+    #         ~/.cache/go-build
+    #         ~/go/pkg/mod
+    #       key: ${{ github.job }}-${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+    #       restore-keys: |
+    #         ${{ github.job }}-${{ runner.os }}-go-
+
+    #   - name: Prepare Nix shell
+    #     run: nix develop --impure .#ci
+
+    #   - name: Lint
+    #     run: nix develop --impure .#ci -c make lint
 
   license-check:
     name: License check
@@ -234,29 +228,6 @@ jobs:
   e2e-test:
     name: E2E test
     runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        vault_version: ["1.11.12", "1.12.8", "1.13.4", "1.14.1"]
-
-    services:
-      vault:
-        image: hashicorp/vault:${{ matrix.vault_version }}
-        env:
-          SKIP_SETCAP: "true"
-          VAULT_ADDR: http://127.0.0.1:8200
-          VAULT_TOKEN: 227e1cce-6bf7-30bb-2d2a-acc854318caf
-          VAULT_DEV_ROOT_TOKEN_ID: 227e1cce-6bf7-30bb-2d2a-acc854318caf
-        ports:
-          - 8200:8200
-      bao:
-        image: quay.io/openbao/openbao@sha256:a015ae0adb1af5b45b33632e29879ff87063d0878e9359584a50b2706e500e9a # 2.0.0-alpha20240329
-        env:
-          SKIP_SETCAP: "true"
-          BAO_ADDR: http://127.0.0.1:8200
-          BAO_TOKEN: 227e1cce-6bf7-30bb-2d2a-acc854318caf
-          BAO_DEV_ROOT_TOKEN_ID: 227e1cce-6bf7-30bb-2d2a-acc854318caf
-        ports:
-          - 8300:8200
 
     steps:
       - name: Checkout repository
@@ -286,5 +257,3 @@ jobs:
 
       - name: Test
         run: nix develop --impure .#ci -c make test-e2e
-        env:
-          VAULT_VERSION: ${{ matrix.vault_version }}
diff --git a/.golangci.yaml b/.golangci.yaml
@@ -12,16 +12,25 @@ linters-settings:
   misspell:
     locale: US
   nolintlint:
-    allow-leading-space: false # require machine-readable nolint directives (with no leading space)
     allow-unused: false # report any unused nolint directives
     require-specific: false # don't require nolint directives to be specific about which linter is being skipped
   revive:
     confidence: 0
 
 linters:
   enable:
+    - bodyclose
+    - errcheck
     - gci
+    - gofmt
+    - gofumpt
     - goimports
+    - gosimple
+    - ineffassign
     - misspell
     - nolintlint
     - revive
+    - unconvert
+    - unparam
+    - unused
+    - whitespace
diff --git a/Dockerfile b/Dockerfile
@@ -1,6 +1,6 @@
 FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.5.0@sha256:0c6a569797744e45955f39d4f7538ac344bfb7ebf0a54006a0a4297b153ccf0f AS xx
 
-FROM --platform=$BUILDPLATFORM golang:1.22.3-alpine3.18@sha256:d1a601b64de09e2fa38c95e55838961811d5ca11062a8f4230a5c434b3ae2a34 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.23.0-alpine3.20@sha256:d0b31558e6b3e4cc59f6011d79905835108c919143ebecc58f35965bf79948f4 AS builder
 
 COPY --from=xx / /
 

diff --git a/Makefile b/Makefile
@@ -2,13 +2,6 @@
 
 export PATH := $(abspath bin/):${PATH}
 
-# Dependency versions
-GOLANGCI_VERSION = 1.53.3
-LICENSEI_VERSION = 0.8.0
-COSIGN_VERSION = 2.2.2
-GORELEASER_VERSION = 2.0.0
-BATS_VERSION = 1.2.1
-
 ##@ General
 
 # Targets commented with ## will be visible in "make help" info.
@@ -25,10 +18,6 @@ help: ## Display this help
 up: ## Start development environment
 	docker compose up -d
 
-.PHONY: stop
-stop: ## Stop development environment
-	docker compose stop
-
 .PHONY: down
 down: ## Destroy development environment
 	docker compose down -v
@@ -50,55 +39,82 @@ container-image: ## Build container image
 
 .PHONY: binary-snapshot
 binary-snapshot: ## Build binary snapshot
-	VERSION=v${GORELEASER_VERSION} goreleaser release --clean --skip=publish --snapshot
+	VERSION=v${GORELEASER_VERSION} $(GORELEASER_BIN) release --clean --skip=publish --snapshot
 
 ##@ Checks
 
 .PHONY: check
-check: test lint ## Run checks (tests and linters)
-
-.PHONY: test
-test: ## Run tests
-	go test -race -v ./...
-
-.PHONY: test-e2e
-test-e2e: ## Run e2e tests
-	@export BATS_LIB_PATH=${PWD}/bin/bats-core/libexec/bats-core/lib && \
-	bats e2e
+check: lint test ## Run checks (tests and linters)
 
 .PHONY: lint
 lint: lint-go lint-docker lint-yaml
 lint: ## Run linters
 
 .PHONY: lint-go
 lint-go:
-	golangci-lint run $(if ${CI},--out-format github-actions,)
+	$(GOLANGCI_LINT_BIN) run $(if ${CI},--out-format colored-line-number,)
 
 .PHONY: lint-docker
 lint-docker:
-	hadolint Dockerfile
+	$(HADOLINT_BIN) Dockerfile
 
 .PHONY: lint-yaml
 lint-yaml:
-	yamllint $(if ${CI},-f github,) --no-warnings .
+	$(YAMLLINT_BIN) $(if ${CI},-f github,) --no-warnings .
+
+.PHONY: test
+test: ## Run tests
+	go test -race -v ./...
+
+.PHONY: test-e2e
+test-e2e: ## Run e2e tests
+	@export BATS_LIB_PATH=${PWD}/bin/bats-core/libexec/bats-core/lib && \
+	$(BATS_BIN) e2e
 
 .PHONY: fmt
 fmt: ## Format code
-	golangci-lint run --fix
+	$(GOLANGCI_LINT_BIN) run --fix
 
 .PHONY: license-check
 license-check: ## Run license check
-	licensei check
-	licensei header
+	$(LICENSEI_BIN) check
+	$(LICENSEI_BIN) header
 
 ##@ Dependencies
 
+# Dependency versions
+GOLANGCI_LINT_VERSION = 1.60.2
+LICENSEI_VERSION = 0.9.0
+COSIGN_VERSION = 2.4.0
+GORELEASER_VERSION = 2.2.0
+BATS_VERSION = 1.11.0
+
+# Dependency binaries
+GOLANGCI_LINT_BIN := golangci-lint
+LICENSEI_BIN := licensei
+COSIGN_BIN := cosign
+GORELEASER_BIN := goreleaser
+BATS_BIN := bats
+
+# TODO: add support for hadolint and yamllint dependencies
+HADOLINT_BIN := hadolint
+YAMLLINT_BIN := yamllint
+
+# If we have "bin" dir, use those binaries instead
+ifneq ($(wildcard ./bin/.),)
+	GOLANGCI_LINT_BIN := bin/$(GOLANGCI_LINT_BIN)
+	LICENSEI_BIN := bin/$(LICENSEI_BIN)
+	COSIGN_BIN := bin/$(COSIGN_BIN)
+	GORELEASER_BIN := bin/$(GORELEASER_BIN)
+	BATS_BIN := bin/$(BATS_BIN)
+endif
+
 deps: bin/golangci-lint bin/licensei bin/cosign bin/goreleaser bin/bats
 deps: ## Install dependencies
 
 bin/golangci-lint:
 	@mkdir -p bin
-	curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | bash -s -- v${GOLANGCI_VERSION}
+	curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | bash -s -- v${GOLANGCI_LINT_VERSION}
 
 bin/licensei:
 	@mkdir -p bin
@@ -129,7 +145,7 @@ bin/goreleaser:
 bin/bats:
 	@mkdir -p bin/bats-core
 	@mkdir -p tmpbats
-	git clone https://github.com/bats-core/bats-core.git tmpbats
+	git clone --branch v${BATS_VERSION} --depth 1 https://github.com/bats-core/bats-core.git tmpbats
 	bash tmpbats/install.sh bin/bats-core
 	@ln -sF ${PWD}/bin/bats-core/bin/bats ${PWD}/bin
 	@rm -rf tmpbats

diff --git a/docker-compose.yaml b/docker-compose.yaml
@@ -1,7 +1,7 @@
 services:
   vault:
     container_name: secret-init-vault
-    image: hashicorp/vault:1.14.1
+    image: hashicorp/vault:1.14.8
     ports:
       - 127.0.0.1:8200:8200
     environment:
@@ -12,7 +12,7 @@ services:
 
   bao:
     container_name: secret-init-bao
-    image: quay.io/openbao/openbao@sha256:a015ae0adb1af5b45b33632e29879ff87063d0878e9359584a50b2706e500e9a # 2.0.0-alpha20240329
+    image: openbao/openbao:latest
     ports:
       - 127.0.0.1:8300:8200
     environment:

diff --git a/env_store.go b/env_store.go
@@ -179,14 +179,14 @@ func (s *EnvStore) workaroundForBao(ctx context.Context, vaultPaths []string) ([
 }
 
 // ConvertProviderSecrets converts the loaded secrets to environment variables
-func (s *EnvStore) ConvertProviderSecrets(providerSecrets []provider.Secret) ([]string, error) {
+func (s *EnvStore) ConvertProviderSecrets(providerSecrets []provider.Secret) []string {
 	var secretsEnv []string
 
 	for _, secret := range providerSecrets {
 		secretsEnv = append(secretsEnv, fmt.Sprintf("%s=%s", secret.Key, secret.Value))
 	}
 
-	return secretsEnv, nil
+	return secretsEnv
 }
 
 // Returns the detected provider name and path with removed prefix

diff --git a/env_store_test.go b/env_store_test.go
@@ -240,10 +240,7 @@ func TestEnvStore_ConvertProviderSecrets(t *testing.T) {
 		t.Run(ttp.name, func(t *testing.T) {
 			createEnvsForProvider(ttp.addvault, secretFile)
 
-			secretsEnv, err := NewEnvStore(&common.Config{}).ConvertProviderSecrets(ttp.providerSecrets)
-			if err != nil {
-				assert.EqualError(t, ttp.err, err.Error(), "Unexpected error message")
-			}
+			secretsEnv := NewEnvStore(&common.Config{}).ConvertProviderSecrets(ttp.providerSecrets)
 			if ttp.wantSecretsEnv != nil {
 				assert.Equal(t, ttp.wantSecretsEnv, secretsEnv, "Unexpected secrets")
 			}
@@ -261,7 +258,7 @@ func createEnvsForProvider(addVault bool, secretFile string) {
 
 func newSecretFile(t *testing.T, content string) string {
 	dir := t.TempDir() + "/test/secrets"
-	err := os.MkdirAll(dir, 0755)
+	err := os.MkdirAll(dir, 0o755)
 	assert.Nil(t, err, "Failed to create directory")
 
 	file, err := os.CreateTemp(dir, "secret.txt")