Merge branch 'main' into user/jirenugo/aks-ee

microsoft · Dec 19, 2024 · eba854f · eba854f
2 parents 5b5c1ef + 1a32f82
commit eba854f
Show file tree

Hide file tree

Showing 12 changed files with 104 additions and 20 deletions.
diff --git a/.golangci.yml b/.golangci.yml
@@ -0,0 +1,21 @@
+run:
+  timeout: 15m
+  tests: false  # Exclude test files from linting
+
+# Linter options and descriptions: https://golangci-lint.run/usage/linters/
+linters:
+  enable:
+    - errcheck
+    - govet
+    - ineffassign
+    - staticcheck
+  disable:
+    # Disabling these two default linters for now as their checks are not a priority
+    - gosimple
+    - unused
+
+linters-settings:
+  staticcheck:
+    checks:
+      - all
+      - -SA1019 # Ignore pkg deprecation warnings from staticcheck
diff --git a/.pipelines/build.yaml b/.pipelines/build.yaml
@@ -63,3 +63,47 @@ jobs:
 
   - publish: $(System.DefaultWorkingDirectory)/manifest
     artifact: manifest
+
+- job: Lint
+  displayName: 'Lint'
+
+  pool:
+    vmImage: 'ubuntu-latest'
+
+  variables:
+  - group: moc-build
+  - name: GO111MODULE
+    value: 'on'
+
+  steps:
+  - task: GoTool@0
+    inputs:
+      version: '1.22.5'
+
+  - task: InstallSSHKey@0
+    inputs:
+      knownHostsEntry: |
+        $(KNOWN_HOST_GITHUB)
+        $(KNOWN_HOST_GITHUB_ECDSA)
+        $(KNOWN_HOST_GITHUB_Ed25519)
+      sshPublicKey: '$(SSH_PUBLIC_KEY)'
+      sshKeySecureFile: 'azure-pipelines-ssh-key-new'
+
+  - task: AzureCLI@2
+    inputs:
+      azureSubscription: 'kva-azuredevops-gcm'
+      scriptType: 'bash'
+      scriptLocation: 'inlineScript'
+      inlineScript: |
+        # Obtain Azure DevOps access token
+        aadToken=$(az account get-access-token --query accessToken --resource 499b84ac-1321-427f-aa17-267ca6975798 -o tsv)
+
+        # Set git configuration for authentication
+        git config --global http.extraheader "AUTHORIZATION: bearer $aadToken"
+        git config --global url."ssh://[email protected]/".insteadOf "https://github.com/"
+    displayName: 'Set git config'
+
+  - script: |
+      make golangci-lint
+    displayName: 'Run GolangCI-Lint'
+    workingDirectory: '$(System.DefaultWorkingDirectory)'
diff --git a/Makefile b/Makefile
@@ -5,6 +5,7 @@ GOBUILD=$(GOCMD) build -v #-mod=vendor
 GOTEST=$(GOCMD) test -v 
 GOHOSTOS=$(strip $(shell $(GOCMD) env get GOHOSTOS))
 MOCKGEN=$(shell command -v mockgen 2> /dev/null)
+GOPATH_BIN := $(shell go env GOPATH)/bin
 
 # Private repo workaround
 export GOPRIVATE = github.com/microsoft
@@ -51,3 +52,7 @@ mocks:
 	go get github.com/golang/[email protected]
 	go generate ./...
 
+golangci-lint:
+	$(GOCMD) install github.com/golangci/golangci-lint/cmd/golangci-lint@latest
+	$(GOPATH_BIN)/golangci-lint run --config .golangci.yml
+
diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/microsoft/moc
 
-go 1.22
+go 1.22.4
 
 require (
 	github.com/golang-jwt/jwt v3.2.2+incompatible

diff --git a/pkg/auth/auth_env.go b/pkg/auth/auth_env.go
@@ -81,13 +81,14 @@ func GetWssdConfigLocation() string {
 		// Create the default config path and set the
 		// env variable
 		defaultPath = filepath.Join(wd, DefaultWSSDFolder)
-		os.Setenv(AccessFileDirPath, defaultPath)
+		os.Setenv(AccessFileDirPath, defaultPath) //nolint:golint,errcheck
 	}
 
 	if execName, err := getExecutableName(); err == nil {
 		defaultPath = filepath.Join(defaultPath, execName)
 	}
-	os.MkdirAll(defaultPath, os.ModePerm)
+	// needs to be fixed later since a large number of repos use this
+	os.MkdirAll(defaultPath, os.ModePerm) //nolint:golint,errcheck
 	accessFilePath := filepath.Join(defaultPath, AccessFileDefaultName)
 	return accessFilePath
 }
@@ -108,9 +109,9 @@ func GetMocConfigLocationName(subfolder, filename string) string {
 		// Create the default config path and set the
 		// env variable
 		defaultPath := filepath.Join(wd, DefaultWSSDFolder, subfolder)
-		os.MkdirAll(defaultPath, os.ModePerm)
+		os.MkdirAll(defaultPath, os.ModePerm) //nolint:golint,errcheck
 		wssdConfigPath = filepath.Join(defaultPath, file)
-		os.Setenv(WssdConfigPath, wssdConfigPath)
+		os.Setenv(WssdConfigPath, wssdConfigPath) //nolint:golint,errcheck
 	}
 	return wssdConfigPath
 }
@@ -126,9 +127,9 @@ func getClientTokenLocation() string {
 		// Create the default token path and set the
 		// env variable
 		defaultPath := filepath.Join(wd, DefaultWSSDFolder)
-		os.MkdirAll(defaultPath, os.ModePerm)
+		os.MkdirAll(defaultPath, os.ModePerm) //nolint:golint,errcheck
 		clientTokenPath = filepath.Join(defaultPath, ClientTokenName)
-		os.Setenv(ClientTokenPath, clientTokenPath)
+		os.Setenv(ClientTokenPath, clientTokenPath) //nolint:golint,errcheck
 	}
 	return clientTokenPath
 }
diff --git a/pkg/auth/utils.go b/pkg/auth/utils.go
@@ -67,6 +67,9 @@ func GenerateClientCsr(loginconfig LoginConfig) (string, WssdConfig, error) {
 		return "", WssdConfig{}, err
 	}
 	accessFile, err := readAccessFile(GetWssdConfigLocation())
+	if err != nil {
+		return "", WssdConfig{}, err
+	}
 	cloudAgentIpAddress, err := wssdnet.GetIPAddress()
 	if err != nil {
 		return "", WssdConfig{}, err

diff --git a/pkg/certs/certificateAuthority.go b/pkg/certs/certificateAuthority.go
@@ -176,6 +176,9 @@ func (ca *CertificateAuthority) SignRequest(csrPem []byte, oldCertPem []byte, co
 			return nil, errors.Wrapf(errors.InvalidInput, "Old certificate verification failed : %v", err)
 		}
 		oldCert, err = DecodeCertPEM(oldCertPem)
+		if err != nil {
+			return
+		}
 	}
 	err = csr.CheckSignature()
 	if err != nil {
@@ -302,7 +305,9 @@ func (ca *CertificateAuthority) SignRequest(csrPem []byte, oldCertPem []byte, co
 			if ext.Id.Equal(oidOriginalCertificate) {
 				origCertDER = ext.Value
 			} else if ext.Id.Equal(oidRenewCount) {
-				asn1.Unmarshal(ext.Value, &renewCount)
+				if _, err := asn1.Unmarshal(ext.Value, &renewCount); err != nil {
+					return nil, errors.Wrapf(err, "Failed to unmarshall renew count")
+				}
 			}
 		}
 

diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -154,7 +154,9 @@ func MarshalOutput(data interface{}, query string, outputType string) ([]byte, e
 	if err != nil {
 		return nil, err
 	}
-	marshal.FromJSONBytes(jsonByte, &queryTarget)
+	if err := marshal.FromJSONBytes(jsonByte, &queryTarget); err != nil {
+		return nil, err
+	}
 	if query != "" {
 		result, err = jmespath.Search(query, queryTarget)
 		if err != nil {

diff --git a/pkg/logging/loggingRedirect.go b/pkg/logging/loggingRedirect.go
@@ -20,7 +20,9 @@ var (
 
 func createLogFile(logFileAbsolutePath string, logFileName string) (*os.File, error) {
 	// Create log path
-	os.MkdirAll(logFileAbsolutePath, os.ModeDir)
+	if err := os.MkdirAll(logFileAbsolutePath, os.ModeDir); err != nil {
+		return nil, err
+	}
 
 	err := path.CheckPath(logFileAbsolutePath)
 	if err != nil {
@@ -40,7 +42,9 @@ func createLogFile(logFileAbsolutePath string, logFileName string) (*os.File, er
 	// If there are contents in the file already, move the file and replace it.
 	if st.Size() > 0 {
 		logFile.Close()
-		os.Rename(path, path+".old")
+		if err := os.Rename(path, path+".old"); err != nil {
+			return nil, err
+		}
 		logFile, err = os.Create(path)
 		if err != nil {
 			return nil, err

diff --git a/pkg/logging/redirectstderr_linux.go b/pkg/logging/redirectstderr_linux.go
@@ -10,7 +10,6 @@ import (
 
 func RedirectStdErr(file *os.File) {
 	err := syscall.Dup3(int(file.Fd()), int(os.Stderr.Fd()), 0)
-	if err != nil {
+	if err != nil { //nolint:golint,staticcheck
 	}
-	return
 }
diff --git a/pkg/status/status.go b/pkg/status/status.go
@@ -171,27 +171,27 @@ func GetFromStatuses(statuses map[string]*string) (status *common.Status) {
 	status = &common.Status{}
 	if val, ok := statuses["ProvisionState"]; ok {
 		ps := new(common.ProvisionStatus)
-		proto.UnmarshalText(*val, ps)
+		proto.UnmarshalText(*val, ps) //nolint:golint,errcheck
 		status.ProvisioningStatus = ps
 	}
 	if val, ok := statuses["HealthState"]; ok {
 		ps := new(common.Health)
-		proto.UnmarshalText(*val, ps)
+		proto.UnmarshalText(*val, ps) //nolint:golint,errcheck
 		status.Health = ps
 	}
 	if val, ok := statuses["Error"]; ok {
 		ps := new(common.Error)
-		proto.UnmarshalText(*val, ps)
+		proto.UnmarshalText(*val, ps) //nolint:golint,errcheck
 		status.LastError = ps
 	}
 	if val, ok := statuses["DownloadStatus"]; ok {
 		ps := new(common.DownloadStatus)
-		proto.UnmarshalText(*val, ps)
+		proto.UnmarshalText(*val, ps) //nolint:golint,errcheck
 		status.DownloadStatus = ps
 	}
 	if val, ok := statuses["PlacementStatus"]; ok {
 		ps := new(common.PlacementStatus)
-		proto.UnmarshalText(*val, ps)
+		proto.UnmarshalText(*val, ps) //nolint:golint,errcheck
 		status.PlacementStatus = ps
 	}
 

diff --git a/pkg/validations/proxy_validation.go b/pkg/validations/proxy_validation.go
@@ -18,7 +18,7 @@ func ValidateProxyURL(proxyURL string) (*url.URL, error) {
 	parsedURL, err := url.ParseRequestURI(proxyURL)
 
 	if err != nil {
-		return nil, errors.Wrapf(errors.InvalidInput, err.Error())
+		return nil, errors.Wrapf(errors.InvalidInput, "%s", err.Error())
 	}
 
 	// Check if url scheme is http or https
@@ -54,7 +54,7 @@ func TestProxyUrlConnection(parsedURL *url.URL, certContent string, getRequestUr
 	// Test the HTTP GET request
 	response, err := client.Get(getRequestUrl)
 	if err != nil {
-		return errors.Wrapf(errors.InvalidInput, err.Error())
+		return errors.Wrapf(errors.InvalidInput, "%s", err.Error())
 	} else {
 		defer response.Body.Close()
 		fmt.Println("Connected successfully to the proxy server")