letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Re-enable lints on go1.22 (#7412) 

We had disabled our lints on go1.22 because golangci-lint and
staticcheck didn't work with some of its updates. Re-enable them, and
fix the things which the updated linters catch now.

Fixes https://github.com/letsencrypt/boulder/issues/7229
This commit is contained in:
Aaron Gable 2024-04-04 08:14:29 -07:00 committed by GitHub
parent d509183513
commit a7b73450d5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
9 changed files with 21 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/boulder-ci.yml vendored
View File

@ -36,7 +36,7 @@ jobs:
matrix: matrix:
# Add additional docker image tags here and all tests will be run with the additional image. # Add additional docker image tags here and all tests will be run with the additional image.
BOULDER_TOOLS_TAG: BOULDER_TOOLS_TAG:
- go1.22.2_2024-04-03 - go1.22.2_2024-04-04
# Tests command definitions. Use the entire "docker compose" command you want to run. # Tests command definitions. Use the entire "docker compose" command you want to run.
tests: tests:
# Run ./test.sh --help for a description of each of the flags. # Run ./test.sh --help for a description of each of the flags.

1
.golangci.yml
View File

@ -57,3 +57,4 @@ linters-settings:
- G404 # Use of weak random number generator (math/rand instead of crypto/rand) - G404 # Use of weak random number generator (math/rand instead of crypto/rand)
- G501 # Blacklisted import `crypto/md5`: weak cryptographic primitive - G501 # Blacklisted import `crypto/md5`: weak cryptographic primitive
- G505 # Blacklisted import `crypto/sha1`: weak cryptographic primitive - G505 # Blacklisted import `crypto/sha1`: weak cryptographic primitive
- G601 # Implicit memory aliasing in for loop (this is fixed by go1.22)

8
.typos.toml
View File

@ -9,11 +9,9 @@ ignore-hidden = false
[default] [default]
extend-ignore-re = [ extend-ignore-re = [
# PEM # Anything base64 or base64url longer than 36 chars is probably encoded.
"\\s*[+/0-9=A-Za-z]{64}\\s*", '\b[0-9A-Za-z+/]{36,}\b',
' := `\{"[0-9A-Z_a-z-]{36,}"\}`', '\b[0-9A-Za-z_-]{36,}\b',
'"(csr|d|dp|n|protected|qi|signature|y)": ?"[0-9=A-Z_a-z-]{36,}"',
'bigIntFromB64\("[0-9=A-Z_a-z-]{36,}"\)',
"0002a4ba3cf408927759", "0002a4ba3cf408927759",
"65CuDAA", "65CuDAA",
'"sql_warnings", "TrUe"', '"sql_warnings", "TrUe"',

2
crl/idp/idp.go
View File

@ -23,7 +23,7 @@ type issuingDistributionPoint struct {
// others are omitted. // others are omitted.
type distributionPointName struct { type distributionPointName struct {
// Technically, FullName is of type GeneralNames, which is of type SEQUENCE OF // Technically, FullName is of type GeneralNames, which is of type SEQUENCE OF
// GeneralName. But GeneralName itself is of type CHOICE, and the ans1.Marhsal // GeneralName. But GeneralName itself is of type CHOICE, and the asn1.Marhsal
// function doesn't support marshalling structs to CHOICEs, so we have to use // function doesn't support marshalling structs to CHOICEs, so we have to use
// asn1.RawValue and encode the GeneralName ourselves. // asn1.RawValue and encode the GeneralName ourselves.
FullName []asn1.RawValue `asn1:"optional,tag:0"` FullName []asn1.RawValue `asn1:"optional,tag:0"`

2
publisher/publisher.go
View File

@ -402,7 +402,7 @@ func CreateTestingSignedSCT(req []string, k *ecdsa.PrivateKey, precert bool, tim
// GetCTBundleForChain takes a slice of *issuance.Certificate(s) // GetCTBundleForChain takes a slice of *issuance.Certificate(s)
// representing a certificate chain and returns a slice of // representing a certificate chain and returns a slice of
// ct.ANS1Cert(s) in the same order // ct.ASN1Cert(s) in the same order
func GetCTBundleForChain(chain []*issuance.Certificate) []ct.ASN1Cert { func GetCTBundleForChain(chain []*issuance.Certificate) []ct.ASN1Cert {
var ctBundle []ct.ASN1Cert var ctBundle []ct.ASN1Cert
for _, cert := range chain { for _, cert := range chain {

2
ratelimits/bucket.go
View File

@ -43,7 +43,7 @@ func newIPv6RangeCIDRBucketKey(name Name, ip net.IP) (string, error) {
return joinWithColon(name.EnumString(), id), nil return joinWithColon(name.EnumString(), id), nil
} }
// newRegIdBucketKey validates ands returns a bucketKey for limits that use the // newRegIdBucketKey validates and returns a bucketKey for limits that use the
// 'enum:regId' bucket key format. // 'enum:regId' bucket key format.
func newRegIdBucketKey(name Name, regId int64) (string, error) { func newRegIdBucketKey(name Name, regId int64) (string, error) {
id := strconv.FormatInt(regId, 10) id := strconv.FormatInt(regId, 10)

2
sa/sa_test.go
View File

@ -3737,7 +3737,7 @@ func TestGetRevokedCertsByShard(t *testing.T) {
test.AssertNotError(t, err, "zero rows shouldn't result in error") test.AssertNotError(t, err, "zero rows shouldn't result in error")
test.AssertEquals(t, count, 0) test.AssertEquals(t, count, 0)
// Asking for revoked certs from a different shard should return zero reults. // Asking for revoked certs from a different shard should return zero results.
expiresAfter = time.Date(2023, time.March, 1, 0, 0, 0, 0, time.UTC) expiresAfter = time.Date(2023, time.March, 1, 0, 0, 0, 0, time.UTC)
revokedBefore = time.Date(2023, time.April, 1, 0, 0, 0, 0, time.UTC) revokedBefore = time.Date(2023, time.April, 1, 0, 0, 0, 0, time.UTC)
count, err = countRevokedCerts(&sapb.GetRevokedCertsRequest{ count, err = countRevokedCerts(&sapb.GetRevokedCertsRequest{

25
test.sh
View File

@ -207,21 +207,16 @@ print_heading "Starting..."
# #
STAGE="lints" STAGE="lints"
if [[ "${RUN[@]}" =~ "$STAGE" ]] ; then if [[ "${RUN[@]}" =~ "$STAGE" ]] ; then
# TODO(#7229): Remove this conditional and globally re-enable this test. print_heading "Running Lints"
if [[ $(go version) == *go1.22* ]] ; then golangci-lint run --timeout 9m ./...
print_heading "Skipping Lints" # Implicitly loads staticcheck.conf from the root of the boulder repository
else staticcheck ./...
print_heading "Running Lints" python3 test/grafana/lint.py
golangci-lint run --timeout 9m ./... # Check for common spelling errors using typos.
# Implicitly loads staticcheck.conf from the root of the boulder repository # Update .typos.toml if you find false positives
staticcheck ./... run_and_expect_silence typos
python3 test/grafana/lint.py # Check test JSON configs are formatted consistently
# Check for common spelling errors using typos. run_and_expect_silence ./test/format-configs.py 'test/config*/*.json'
# Update .typos.toml if you find false positives
run_and_expect_silence typos
# Check test JSON configs are formatted consistently
run_and_expect_silence ./test/format-configs.py 'test/config*/*.json'
fi
fi fi
# #

4
test/boulder-tools/Dockerfile
View File

@ -13,8 +13,8 @@ RUN go install github.com/rubenv/sql-migrate/sql-migrate@v1.1.2
RUN go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.28.0 RUN go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.28.0
RUN go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.2.0 RUN go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.2.0
RUN go install github.com/letsencrypt/pebble/v2/cmd/pebble-challtestsrv@66511d8 RUN go install github.com/letsencrypt/pebble/v2/cmd/pebble-challtestsrv@66511d8
RUN go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.53.3 RUN go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.57.2
RUN go install honnef.co/go/tools/cmd/staticcheck@2023.1.5 RUN go install honnef.co/go/tools/cmd/staticcheck@2023.1.7
FROM rust:bullseye as rustdeps FROM rust:bullseye as rustdeps
# Provided automatically by docker build. # Provided automatically by docker build.