dev: Make Go directories writeable (#9175)

`cargo` and `go` may try to write to directories that are part
of the devcontainer's base install. This change ensures that these
directories are writeable by all users in the devcontainer.

This change also unifies a `just lint` recipe that runs all linters
including markdownlint, actionlint, and shellcheck.

Signed-off-by: Oliver Gould <ver@buoyant.io>

.devcontainer/Dockerfile

@@ -108,7 +108,7 @@ RUN apt update && apt upgrade -y --autoremove \
 RUN for p in \
     github.com/cweill/gotests/gotests@latest \
     github.com/go-delve/delve/cmd/dlv@latest \
-    github.com/golangci/golangci-lint/cmd/golangci-lint@v1.46.2 \
+    github.com/golangci/golangci-lint/cmd/golangci-lint@latest \
     github.com/fatih/gomodifytags@latest \
     github.com/haya14busa/goplay/cmd/goplay@latest \
     github.com/josharian/impl@latest \
@@ -217,49 +217,47 @@ RUN apt update && apt upgrade -y --autoremove \
         time \
         unzip \
     && apt-get clean && rm -rf /var/lib/apt/lists/*
-
-RUN sed -i 's/^# *\(en_US.UTF-8\)/\1/' /etc/locale.gen && locale-gen
-RUN (echo "LC_ALL=en_US.UTF-8" \
-    && echo "LANGUAGE=en_US.UTF-8") >/etc/default/locale
+RUN sed -i 's/^# *\(en_US.UTF-8\)/\1/' /etc/locale.gen \
+    && locale-gen \
+    && (echo "LC_ALL=en_US.UTF-8" && echo "LANGUAGE=en_US.UTF-8") >/etc/default/locale
+RUN groupadd --gid=1000 code \
+    && useradd --create-home --uid=1000 --gid=1000 code \
+    && echo "code ALL=(root) NOPASSWD:ALL" >/etc/sudoers.d/code \
+    && chmod 0440 /etc/sudoers.d/code
 
 # Copy node utilities first, because the bin directory include symlinks that we want to preserve.
-COPY --from=node /usr/local/lib/node_modules /usr/local/lib/node_modules
-COPY --from=node /usr/local/include/node /usr/local/include/node
 COPY --from=node /usr/local/man/man1/node.1 /usr/local/man/man1/
+COPY --from=node /usr/local/include/node /usr/local/include/node
+COPY --from=node /usr/local/lib/node_modules /usr/local/lib/node_modules
 COPY --from=node /usr/local/bin/ /usr/local/bin/
 
 ENV GOPATH=/go
 COPY --from=go /go/bin $GOPATH/bin
 COPY --from=go /usr/local/go /usr/local/go
-RUN chmod 777 /go
+RUN find "$GOPATH" -type d -exec chmod 777 '{}' +
 ENV PATH=/usr/local/go/bin:$GOPATH/bin:$PATH
 
 ENV CARGO_HOME=/usr/local/cargo
 ENV RUSTUP_HOME=/usr/local/rustup
 COPY --from=rust $CARGO_HOME $CARGO_HOME
 COPY --from=rust $RUSTUP_HOME $RUSTUP_HOME
+RUN find "$CARGO_HOME" "$RUSTUP_HOME" -type d -exec chmod 777 '{}' +
 ENV PATH=$CARGO_HOME/bin:$PATH
 RUN rustup component add rust-analysis rust-std
 
 COPY --from=tools /usr/local/bin/* /usr/local/bin/
-COPY --from=protoc /usr/local/include/google /usr/local/include/google
 
+COPY --from=protoc /usr/local/include/google /usr/local/include/google
 ENV PROTOC_NO_VENDOR=1
 ENV PROTOC=/usr/local/bin/protoc
 ENV PROTOC_INCLUDE=/usr/local/include
 
 ENV DOCKER_BUILDKIT=1
-RUN groupadd --gid=1000 code \
-    && useradd --create-home --uid=1000 --gid=1000 code \
-    && echo "code ALL=(root) NOPASSWD:ALL" >/etc/sudoers.d/code \
-    && chmod 0440 /etc/sudoers.d/code \
-    && scurl https://raw.githubusercontent.com/microsoft/vscode-dev-containers/main/script-library/docker-debian.sh | bash -s \
+RUN scurl https://raw.githubusercontent.com/microsoft/vscode-dev-containers/main/script-library/docker-debian.sh | bash -s \
     && apt-get clean && rm -rf /var/lib/apt/lists/*
 
-RUN chmod 777 $CARGO_HOME $RUSTUP_HOME
-ENV USER=code
 ENV HOME=/home/code
+ENV USER=code
 USER code
-
 ENTRYPOINT ["/usr/local/share/docker-init.sh"]
 CMD ["sleep", "infinity"]

.devcontainer/devcontainer.json

@@ -1,6 +1,6 @@
 {
     "name": "linkerd2",
-    "image": "ghcr.io/linkerd/dev:v26",
+    "image": "ghcr.io/linkerd/dev:v27",
     // "dockerFile": "./Dockerfile",
     // "context": "..",
     "extensions": [

.github/workflows/actions.yml

@@ -13,7 +13,7 @@ jobs:
   actionlint:
     runs-on: ubuntu-20.04
     timeout-minutes: 10
-    container: ghcr.io/linkerd/dev:v26-tools
+    container: ghcr.io/linkerd/dev:v27-tools
     steps:
       - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
       - name: Run actionlint
@@ -25,7 +25,7 @@ jobs:
 
   devcontainer-versions:
     runs-on: ubuntu-latest
-    container: ghcr.io/linkerd/dev:v26-tools
+    container: ghcr.io/linkerd/dev:v27-tools
     steps:
       - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
       - name: Scan workflows for other Devcontainer image versions

.github/workflows/go.yml

@@ -16,27 +16,25 @@ jobs:
   go-lint:
     timeout-minutes: 10
     runs-on: ubuntu-20.04
-    container: ghcr.io/linkerd/dev:v26-go
+    container: ghcr.io/linkerd/dev:v27-go
     steps:
-    - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
-    - run: golangci-lint run --verbose --timeout=10m
+      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+      - run: just go-lint --verbose
 
   go-format:
     timeout-minutes: 10
     runs-on: ubuntu-20.04
-    container: ghcr.io/linkerd/dev:v26-go
+    container: ghcr.io/linkerd/dev:v27-go
     steps:
-    - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
-    - run: bin/fmt
+      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+      - run: just go-fmt
 
   go-test:
     timeout-minutes: 10
     runs-on: ubuntu-20.04
-    container: ghcr.io/linkerd/dev:v26-go
+    container: ghcr.io/linkerd/dev:v27-go
     steps:
-    - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
-    - run: go mod download
-    - run: gotestsum -- -race -v -mod=readonly ./...
-      env:
-        LINKERD_TEST_PRETTY_DIFF: 1
+      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+      - run: just go-fetch
+      - run: just go-test
 

.github/workflows/helm.yml

@@ -15,7 +15,7 @@ jobs:
   helm-docs-diff:
     runs-on: ubuntu-20.04
     timeout-minutes: 5
-    container: ghcr.io/linkerd/dev:v26-tools
+    container: ghcr.io/linkerd/dev:v27-tools
     steps:
     - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
     - run: bin/helm-docs-diff

.github/workflows/proto.yml

@@ -15,7 +15,7 @@ jobs:
   proto-diff:
     timeout-minutes: 10
     runs-on: ubuntu-20.04
-    container: ghcr.io/linkerd/dev:v26-go
+    container: ghcr.io/linkerd/dev:v27-go
     steps:
       - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
       - run: bin/protoc-diff

.github/workflows/rust.yml

@@ -42,7 +42,7 @@ jobs:
   fmt:
     timeout-minutes: 5
     runs-on: ubuntu-latest
-    container: ghcr.io/linkerd/dev:v26-rust
+    container: ghcr.io/linkerd/dev:v27-rust
     steps:
       - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
       - run: just rs-check-fmt
@@ -50,7 +50,7 @@ jobs:
   clippy:
     timeout-minutes: 10
     runs-on: ubuntu-latest
-    container: ghcr.io/linkerd/dev:v26-rust
+    container: ghcr.io/linkerd/dev:v27-rust
     steps:
       - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
       - run: just rs-fetch
@@ -60,7 +60,7 @@ jobs:
   check:
     timeout-minutes: 20
     runs-on: ubuntu-latest
-    container: ghcr.io/linkerd/dev:v26-rust
+    container: ghcr.io/linkerd/dev:v27-rust
     steps:
       - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
       - run: just rs-fetch
@@ -70,7 +70,7 @@ jobs:
     name: test
     runs-on: ubuntu-latest
     timeout-minutes: 15
-    container: ghcr.io/linkerd/dev:v26-rust
+    container: ghcr.io/linkerd/dev:v27-rust
     steps:
       - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
       - run: just rs-fetch

.github/workflows/shell.yml

@@ -15,8 +15,8 @@ jobs:
   shellcheck:
     timeout-minutes: 10
     runs-on: ubuntu-20.04
-    container: ghcr.io/linkerd/dev:v26-tools
+    container: ghcr.io/linkerd/dev:v27-tools
     steps:
-    - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
-    - run: bin/shellcheck-all
+      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+      - run: just sh-lint
 

.golangci.yml

@@ -28,7 +28,6 @@ linters:
   - nakedret
   - revive
   - staticcheck
-  - structcheck
   - typecheck
   - unconvert
   - unparam
@@ -45,6 +44,10 @@ linters:
   # - prealloc
   # - stylecheck
 
+  # https://github.com/golangci/golangci-lint/issues/2649
+  disable:
+  - structcheck
+
 issues:
   exclude-use-default: false
   exclude-rules:

justfile

@@ -1,7 +1,22 @@
 # See https://just.systems/man/en
 
-markdownlint:
-    markdownlint-cli2 '**/*.md' '!**/node_modules' '!target'
+lint: action-lint md-lint sh-lint rs-fetch rs-clippy rs-check-fmt go-lint
+
+##
+## Go
+##
+
+go-fetch:
+    go mod download
+
+go-fmt *flags:
+    bin/fmt {{ flags }}
+
+go-lint *flags:
+    golangci-lint run {{ flags }}
+
+go-test:
+    LINKERD_TEST_PRETTY_DIFF=1 gotestsum -- -race -v -mod=readonly ./...
 
 ##
 ## Rust
@@ -449,6 +464,19 @@ _devcontainer-build tag target='':
         --target='{{ target }}' \
         --{{ if devcontainer-build-mode == "push" { "push" } else { "load" } }}
 
+##
+## Other tools...
+##
+
+action-lint:
+    actionlint .github/workflows/*.yml
+
+md-lint:
+    markdownlint-cli2 '**/*.md' '!**/node_modules' '!target'
+
+sh-lint:
+    bin/shellcheck-all
+
 ##
 ## Git
 ##