Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix gosec linter issues and enable linter #117

Merged
merged 1 commit into from
May 7, 2024
Merged

Fix gosec linter issues and enable linter #117

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 0 additions & 5 deletions .golangci.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,3 @@
issues:
exclude-rules:
- linters:
- gosec
text: ".*"
linters:
# Explicitly define all enabled linters
disable-all: true
Expand Down
16 changes: 8 additions & 8 deletions conditions/certificaterequest_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ func randomTime() time.Time {
max := time.Date(2070, 1, 0, 0, 0, 0, 0, time.UTC).Unix()
delta := max - min

sec := rand.Int63n(delta) + min
sec := rand.Int63n(delta) + min // #nosec: G404 -- The random time does not have to be secure.
return time.Unix(sec, 0)
}

Expand All @@ -51,7 +51,7 @@ func TestSetCertificateRequestStatusCondition(t *testing.T) {
conditionType cmapi.CertificateRequestConditionType
status cmmeta.ConditionStatus

expectedCondition *cmapi.CertificateRequestCondition
expectedCondition cmapi.CertificateRequestCondition
expectNewEntry bool
}

Expand All @@ -75,7 +75,7 @@ func TestSetCertificateRequestStatusCondition(t *testing.T) {
conditionType: cmapi.CertificateRequestConditionReady,
status: cmmeta.ConditionTrue,

expectedCondition: &cmapi.CertificateRequestCondition{
expectedCondition: cmapi.CertificateRequestCondition{
Type: cmapi.CertificateRequestConditionReady,
Status: cmmeta.ConditionTrue,
LastTransitionTime: &fakeTimeObj1,
Expand All @@ -94,7 +94,7 @@ func TestSetCertificateRequestStatusCondition(t *testing.T) {
conditionType: cmapi.CertificateRequestConditionReady,
status: cmmeta.ConditionFalse,

expectedCondition: &cmapi.CertificateRequestCondition{
expectedCondition: cmapi.CertificateRequestCondition{
Type: cmapi.CertificateRequestConditionReady,
Status: cmmeta.ConditionFalse,
LastTransitionTime: &fakeTimeObj2,
Expand All @@ -118,7 +118,7 @@ func TestSetCertificateRequestStatusCondition(t *testing.T) {
conditionType: cmapi.CertificateRequestConditionReady,
status: cmmeta.ConditionTrue,

expectedCondition: &cmapi.CertificateRequestCondition{
expectedCondition: cmapi.CertificateRequestCondition{
Type: cmapi.CertificateRequestConditionReady,
Status: cmmeta.ConditionTrue,
LastTransitionTime: &fakeTimeObj1,
Expand All @@ -142,7 +142,7 @@ func TestSetCertificateRequestStatusCondition(t *testing.T) {
conditionType: cmapi.CertificateRequestConditionApproved,
status: cmmeta.ConditionTrue,

expectedCondition: &cmapi.CertificateRequestCondition{
expectedCondition: cmapi.CertificateRequestCondition{
Type: cmapi.CertificateRequestConditionApproved,
Status: cmmeta.ConditionTrue,
LastTransitionTime: &fakeTimeObj2,
Expand Down Expand Up @@ -193,7 +193,7 @@ func TestSetCertificateRequestStatusCondition(t *testing.T) {
}
test.expectedCondition.Reason = "NewReason"
test.expectedCondition.Message = "NewMessage"
require.Equal(t, test.expectedCondition, cond)
require.Equal(t, test.expectedCondition, *cond)
require.Equal(t, &fakeTimeObj2, time)

// Check that the patchConditions slice got a new entry if expected
Expand All @@ -206,7 +206,7 @@ func TestSetCertificateRequestStatusCondition(t *testing.T) {
// Make sure only the expected condition in the patchConditions slice got updated
for _, c := range patchConditions {
if c.Type == test.conditionType {
require.Equal(t, test.expectedCondition, &c)
require.Equal(t, test.expectedCondition, c)
continue
}

Expand Down
14 changes: 7 additions & 7 deletions conditions/certificatesigningrequest_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ func TestSetCertificateSigningRequestStatusCondition(t *testing.T) {
conditionType certificatesv1.RequestConditionType
status v1.ConditionStatus

expectedCondition *certificatesv1.CertificateSigningRequestCondition
expectedCondition certificatesv1.CertificateSigningRequestCondition
expectNewEntry bool
}

Expand All @@ -59,7 +59,7 @@ func TestSetCertificateSigningRequestStatusCondition(t *testing.T) {
conditionType: certificatesv1.CertificateApproved,
status: v1.ConditionTrue,

expectedCondition: &certificatesv1.CertificateSigningRequestCondition{
expectedCondition: certificatesv1.CertificateSigningRequestCondition{
Type: certificatesv1.CertificateApproved,
Status: v1.ConditionTrue,
LastTransitionTime: fakeTimeObj1,
Expand All @@ -78,7 +78,7 @@ func TestSetCertificateSigningRequestStatusCondition(t *testing.T) {
conditionType: certificatesv1.CertificateApproved,
status: v1.ConditionFalse,

expectedCondition: &certificatesv1.CertificateSigningRequestCondition{
expectedCondition: certificatesv1.CertificateSigningRequestCondition{
Type: certificatesv1.CertificateApproved,
Status: v1.ConditionFalse,
LastTransitionTime: fakeTimeObj2,
Expand All @@ -102,7 +102,7 @@ func TestSetCertificateSigningRequestStatusCondition(t *testing.T) {
conditionType: certificatesv1.CertificateApproved,
status: v1.ConditionTrue,

expectedCondition: &certificatesv1.CertificateSigningRequestCondition{
expectedCondition: certificatesv1.CertificateSigningRequestCondition{
Type: certificatesv1.CertificateApproved,
Status: v1.ConditionTrue,
LastTransitionTime: fakeTimeObj1,
Expand All @@ -126,7 +126,7 @@ func TestSetCertificateSigningRequestStatusCondition(t *testing.T) {
conditionType: certificatesv1.CertificateDenied,
status: v1.ConditionTrue,

expectedCondition: &certificatesv1.CertificateSigningRequestCondition{
expectedCondition: certificatesv1.CertificateSigningRequestCondition{
Type: certificatesv1.CertificateDenied,
Status: v1.ConditionTrue,
LastTransitionTime: fakeTimeObj2,
Expand Down Expand Up @@ -181,7 +181,7 @@ func TestSetCertificateSigningRequestStatusCondition(t *testing.T) {
test.expectedCondition.LastUpdateTime = fakeTimeObj2
test.expectedCondition.Reason = "NewReason"
test.expectedCondition.Message = "NewMessage"
require.Equal(t, test.expectedCondition, cond)
require.Equal(t, test.expectedCondition, *cond)
require.Equal(t, &fakeTimeObj2, time)

// Check that the patchConditions slice got a new entry if expected
Expand All @@ -194,7 +194,7 @@ func TestSetCertificateSigningRequestStatusCondition(t *testing.T) {
// Make sure only the expected condition in the patchConditions slice got updated
for _, c := range patchConditions {
if c.Type == test.conditionType {
require.Equal(t, test.expectedCondition, &c)
require.Equal(t, test.expectedCondition, c)
continue
}

Expand Down
14 changes: 7 additions & 7 deletions conditions/issuer_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ func TestSetIssuerStatusCondition(t *testing.T) {
conditionType cmapi.IssuerConditionType
status cmmeta.ConditionStatus

expectedCondition *cmapi.IssuerCondition
expectedCondition cmapi.IssuerCondition
expectNewEntry bool
}

Expand All @@ -59,7 +59,7 @@ func TestSetIssuerStatusCondition(t *testing.T) {
conditionType: cmapi.IssuerConditionReady,
status: cmmeta.ConditionTrue,

expectedCondition: &cmapi.IssuerCondition{
expectedCondition: cmapi.IssuerCondition{
Type: cmapi.IssuerConditionReady,
Status: cmmeta.ConditionTrue,
LastTransitionTime: &fakeTimeObj1,
Expand All @@ -78,7 +78,7 @@ func TestSetIssuerStatusCondition(t *testing.T) {
conditionType: cmapi.IssuerConditionReady,
status: cmmeta.ConditionFalse,

expectedCondition: &cmapi.IssuerCondition{
expectedCondition: cmapi.IssuerCondition{
Type: cmapi.IssuerConditionReady,
Status: cmmeta.ConditionFalse,
LastTransitionTime: &fakeTimeObj2,
Expand All @@ -102,7 +102,7 @@ func TestSetIssuerStatusCondition(t *testing.T) {
conditionType: cmapi.IssuerConditionReady,
status: cmmeta.ConditionTrue,

expectedCondition: &cmapi.IssuerCondition{
expectedCondition: cmapi.IssuerCondition{
Type: cmapi.IssuerConditionReady,
Status: cmmeta.ConditionTrue,
LastTransitionTime: &fakeTimeObj1,
Expand All @@ -126,7 +126,7 @@ func TestSetIssuerStatusCondition(t *testing.T) {
conditionType: cmapi.IssuerConditionType("AnotherCondition"),
status: cmmeta.ConditionTrue,

expectedCondition: &cmapi.IssuerCondition{
expectedCondition: cmapi.IssuerCondition{
Type: cmapi.IssuerConditionType("AnotherCondition"),
Status: cmmeta.ConditionTrue,
LastTransitionTime: &fakeTimeObj2,
Expand Down Expand Up @@ -182,7 +182,7 @@ func TestSetIssuerStatusCondition(t *testing.T) {
test.expectedCondition.Reason = "NewReason"
test.expectedCondition.Message = "NewMessage"
test.expectedCondition.ObservedGeneration = 8
require.Equal(t, test.expectedCondition, cond)
require.Equal(t, test.expectedCondition, *cond)
require.Equal(t, &fakeTimeObj2, time)

// Check that the patchConditions slice got a new entry if expected
Expand All @@ -195,7 +195,7 @@ func TestSetIssuerStatusCondition(t *testing.T) {
// Make sure only the expected condition in the patchConditions slice got updated
for _, c := range patchConditions {
if c.Type == test.conditionType {
require.Equal(t, test.expectedCondition, &c)
require.Equal(t, test.expectedCondition, c)
continue
}

Expand Down
2 changes: 1 addition & 1 deletion controllers/issuer_controller_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ func randomTime() time.Time {
max := time.Date(2070, 1, 0, 0, 0, 0, 0, time.UTC).Unix()
delta := max - min

sec := rand.Int63n(delta) + min
sec := rand.Int63n(delta) + min // #nosec: G404 -- The random time does not have to be secure.
return time.Unix(sec, 0)
}

Expand Down
14 changes: 2 additions & 12 deletions internal/kubeutil/watch.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,12 @@ package kubeutil
import (
"context"
"fmt"
"math/rand"

"github.com/go-logr/logr"
apimeta "k8s.io/apimachinery/pkg/api/meta"
"k8s.io/apimachinery/pkg/fields"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/util/rand"
"k8s.io/client-go/util/workqueue"
"sigs.k8s.io/controller-runtime/pkg/cache"
"sigs.k8s.io/controller-runtime/pkg/client"
Expand Down Expand Up @@ -73,7 +73,7 @@ func NewLinkedResourceHandler(
addToQueue func(q workqueue.RateLimitingInterface, req reconcile.Request),
) (handler.EventHandler, error) {
// a random index name prevents collisions with other indexes
refField := fmt.Sprintf(".x-index.%s", randStringRunes(10))
refField := fmt.Sprintf(".x-index.%s", rand.String(10))

if err := SetGroupVersionKind(scheme, objType); err != nil {
return nil, err
Expand Down Expand Up @@ -142,16 +142,6 @@ func (r *linkedResourceHandler) findObjectsForKind(ctx context.Context, object c
return requests
}

var letterRunes = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")

func randStringRunes(n int) string {
b := make([]rune, n)
for i := range b {
b[i] = letterRunes[rand.Intn(len(letterRunes))]
}
return string(b)
}

// Based on https://github.com/kubernetes-sigs/controller-runtime/blob/00f2425ce068525e0ff674dba51c3e76ee6ad2da/pkg/handler/enqueue_mapped.go
// Copied to this linkedResourceHandler type such that dependencies can be injected.

Expand Down
14 changes: 2 additions & 12 deletions internal/tests/testresource/kube.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ import (
"context"
"errors"
"fmt"
"math/rand"
goruntime "runtime"
"testing"
"time"
Expand All @@ -33,6 +32,7 @@ import (
apierrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/util/rand"
"k8s.io/apimachinery/pkg/watch"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/rest"
Expand Down Expand Up @@ -205,20 +205,10 @@ func (k *OwnedKubeClients) StartObjectWatch(
}
}

const letterBytes = "abcdefghijklmnopqrstuvwxyz"

func randStringBytes(n int) string {
b := make([]byte, n)
for i := range b {
b[i] = letterBytes[rand.Intn(len(letterBytes))]
}
return string(b)
}

func (k *OwnedKubeClients) SetupNamespace(tb testing.TB, ctx context.Context) (string, context.CancelFunc) {
tb.Helper()

namespace := randStringBytes(15)
namespace := rand.String(15)

removeNamespace := func(cleanupCtx context.Context) (bool, error) {
err := k.KubeClient.CoreV1().Namespaces().Delete(cleanupCtx, namespace, metav1.DeleteOptions{})
Expand Down