diff --git a/.golangci.yaml b/.golangci.yaml index 1dee826a6..bf48f711d 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -1,11 +1,10 @@ run: timeout: 5m - skip-dirs: +issues: + exclude-dirs: - internal - pkg/registry - -issues: exclude-rules: - path: test # Excludes /test, *_test.go etc. linters: @@ -35,6 +34,8 @@ linters: linters-settings: depguard: - include-go-root: true - packages-with-error-message: - - crypto/sha256: "use crypto.SHA256 instead" + rules: + main: + deny: + - pkg: "crypto/sha256" + desc: use crypto.SHA256 instead diff --git a/cmd/crane/cmd/append.go b/cmd/crane/cmd/append.go index 3555a7864..f00a00a27 100644 --- a/cmd/crane/cmd/append.go +++ b/cmd/crane/cmd/append.go @@ -45,7 +45,7 @@ If the base image is a Windows base image (i.e., its config.OS is "windows"), the contents of the tarballs will be modified to be suitable for a Windows container image.`, Args: cobra.NoArgs, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(cmd *cobra.Command, _ []string) error { var base v1.Image var err error diff --git a/cmd/crane/cmd/auth.go b/cmd/crane/cmd/auth.go index 433d4195b..cd2b2897d 100644 --- a/cmd/crane/cmd/auth.go +++ b/cmd/crane/cmd/auth.go @@ -211,7 +211,7 @@ func NewCmdAuthLogin(argv ...string) *cobra.Command { Short: "Log in to a registry", Example: eg, Args: cobra.ExactArgs(1), - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { reg, err := name.NewRegistry(args[0]) if err != nil { return err @@ -285,7 +285,7 @@ func NewCmdAuthLogout(argv ...string) *cobra.Command { Short: "Log out of a registry", Example: eg, Args: cobra.ExactArgs(1), - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { reg, err := name.NewRegistry(args[0]) if err != nil { return err diff --git a/cmd/crane/cmd/root.go b/cmd/crane/cmd/root.go index 8fc8ccefa..abfd1dc99 100644 --- a/cmd/crane/cmd/root.go +++ b/cmd/crane/cmd/root.go @@ -56,7 +56,7 @@ func New(use, short string, options []crane.Option) *cobra.Command { RunE: func(cmd *cobra.Command, _ []string) error { return cmd.Usage() }, DisableAutoGenTag: true, SilenceUsage: true, - PersistentPreRun: func(cmd *cobra.Command, args []string) { + PersistentPreRun: func(cmd *cobra.Command, _ []string) { options = append(options, crane.WithContext(cmd.Context())) // TODO(jonjohnsonjr): crane.Verbose option? if verbose { diff --git a/cmd/crane/cmd/validate.go b/cmd/crane/cmd/validate.go index 411772f52..c26da6baa 100644 --- a/cmd/crane/cmd/validate.go +++ b/cmd/crane/cmd/validate.go @@ -33,8 +33,8 @@ func NewCmdValidate(options *[]crane.Option) *cobra.Command { validateCmd := &cobra.Command{ Use: "validate", Short: "Validate that an image is well-formed", - Args: cobra.ExactArgs(0), - RunE: func(cmd *cobra.Command, args []string) error { + Args: cobra.NoArgs, + RunE: func(cmd *cobra.Command, _ []string) error { if tarballPath != "" { img, err := tarball.ImageFromPath(tarballPath, nil) if err != nil { diff --git a/pkg/authn/keychain.go b/pkg/authn/keychain.go index f4c452bdc..6e8814d80 100644 --- a/pkg/authn/keychain.go +++ b/pkg/authn/keychain.go @@ -84,7 +84,7 @@ func (dk *defaultKeychain) Resolve(target Resource) (Authenticator, error) { } // Resolve implements Keychain. -func (dk *defaultKeychain) ResolveContext(ctx context.Context, target Resource) (Authenticator, error) { +func (dk *defaultKeychain) ResolveContext(_ context.Context, target Resource) (Authenticator, error) { dk.mu.Lock() defer dk.mu.Unlock() @@ -204,7 +204,7 @@ func (w wrapper) Resolve(r Resource) (Authenticator, error) { return w.ResolveContext(context.Background(), r) } -func (w wrapper) ResolveContext(ctx context.Context, r Resource) (Authenticator, error) { +func (w wrapper) ResolveContext(_ context.Context, r Resource) (Authenticator, error) { u, p, err := w.h.Get(r.RegistryStr()) if err != nil { return Anonymous, nil diff --git a/pkg/name/ref.go b/pkg/name/ref.go index 912ab3301..0a0486772 100644 --- a/pkg/name/ref.go +++ b/pkg/name/ref.go @@ -44,7 +44,7 @@ func ParseReference(s string, opts ...Option) (Reference, error) { if d, err := NewDigest(s, opts...); err == nil { return d, nil } - return nil, newErrBadName("could not parse reference: " + s) + return nil, newErrBadName("could not parse reference: %s", s) } type stringConst string diff --git a/pkg/v1/partial/index_test.go b/pkg/v1/partial/index_test.go index c28975812..4a3518665 100644 --- a/pkg/v1/partial/index_test.go +++ b/pkg/v1/partial/index_test.go @@ -105,9 +105,7 @@ func TestFindIndexes(t *testing.T) { } // just see if it finds all of the indexes - matcher := func(desc v1.Descriptor) bool { - return true - } + matcher := func(v1.Descriptor) bool { return true } index := mutate.AppendManifests(base, adds...) idxes, err := partial.FindIndexes(index, matcher) switch { diff --git a/pkg/v1/remote/error_roundtrip_test.go b/pkg/v1/remote/error_roundtrip_test.go index 5b81ee50d..9396dac43 100644 --- a/pkg/v1/remote/error_roundtrip_test.go +++ b/pkg/v1/remote/error_roundtrip_test.go @@ -36,7 +36,7 @@ func TestStatusCodeReturned(t *testing.T) { Handler http.Handler }{{ Description: "Only returns teapot status", - Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + Handler: http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.WriteHeader(http.StatusTeapot) }), }, { diff --git a/pkg/v1/remote/transport/basic_test.go b/pkg/v1/remote/transport/basic_test.go index 68dd90e0c..fe6c266af 100644 --- a/pkg/v1/remote/transport/basic_test.go +++ b/pkg/v1/remote/transport/basic_test.go @@ -46,9 +46,7 @@ func TestBasicTransport(t *testing.T) { defer server.Close() inner := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } basic := &authn.Basic{Username: username, Password: password} @@ -96,9 +94,7 @@ func TestBasicTransportRegistryToken(t *testing.T) { defer server.Close() inner := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } client := http.Client{Transport: &basicTransport{inner: inner, auth: tc.auth, target: "gcr.io"}} @@ -125,9 +121,7 @@ func TestBasicTransportWithEmptyAuthnCred(t *testing.T) { defer server.Close() inner := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } client := http.Client{Transport: &basicTransport{inner: inner, auth: authn.Anonymous, target: "gcr.io"}} diff --git a/pkg/v1/remote/transport/ping_test.go b/pkg/v1/remote/transport/ping_test.go index 36d79ab20..3c0c5b981 100644 --- a/pkg/v1/remote/transport/ping_test.go +++ b/pkg/v1/remote/transport/ping_test.go @@ -33,12 +33,12 @@ var ( func TestPingNoChallenge(t *testing.T) { server := httptest.NewServer( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.WriteHeader(http.StatusOK) })) defer server.Close() tprt := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } @@ -57,15 +57,13 @@ func TestPingNoChallenge(t *testing.T) { func TestPingBasicChallengeNoParams(t *testing.T) { server := httptest.NewServer( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.Header().Set("WWW-Authenticate", `BASIC`) http.Error(w, "Unauthorized", http.StatusUnauthorized) })) defer server.Close() tprt := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } pr, err := Ping(context.Background(), testRegistry, tprt) @@ -82,15 +80,13 @@ func TestPingBasicChallengeNoParams(t *testing.T) { func TestPingBearerChallengeWithParams(t *testing.T) { server := httptest.NewServer( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.Header().Set("WWW-Authenticate", `Bearer realm="http://auth.example.com/token"`) http.Error(w, "Unauthorized", http.StatusUnauthorized) })) defer server.Close() tprt := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } pr, err := Ping(context.Background(), testRegistry, tprt) @@ -107,16 +103,14 @@ func TestPingBearerChallengeWithParams(t *testing.T) { func TestPingMultipleChallenges(t *testing.T) { server := httptest.NewServer( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.Header().Add("WWW-Authenticate", "Negotiate") w.Header().Add("WWW-Authenticate", `Basic realm="http://auth.example.com/token"`) http.Error(w, "Unauthorized", http.StatusUnauthorized) })) defer server.Close() tprt := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } pr, err := Ping(context.Background(), testRegistry, tprt) @@ -133,16 +127,14 @@ func TestPingMultipleChallenges(t *testing.T) { func TestPingMultipleNotSupportedChallenges(t *testing.T) { server := httptest.NewServer( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.Header().Add("WWW-Authenticate", "Negotiate") w.Header().Add("WWW-Authenticate", "Digest") http.Error(w, "Unauthorized", http.StatusUnauthorized) })) defer server.Close() tprt := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } pr, err := Ping(context.Background(), testRegistry, tprt) @@ -156,15 +148,13 @@ func TestPingMultipleNotSupportedChallenges(t *testing.T) { func TestUnsupportedStatus(t *testing.T) { server := httptest.NewServer( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.Header().Set("WWW-Authenticate", `Bearer realm="http://auth.example.com/token`) http.Error(w, "Forbidden", http.StatusForbidden) })) defer server.Close() tprt := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } pr, err := Ping(context.Background(), testRegistry, tprt) @@ -206,9 +196,7 @@ func TestPingHttpFallback(t *testing.T) { defer server.Close() tprt := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } fallbackDelay = 2 * time.Millisecond diff --git a/pkg/v1/remote/transport/retry_test.go b/pkg/v1/remote/transport/retry_test.go index dc65f0836..33011d193 100644 --- a/pkg/v1/remote/transport/retry_test.go +++ b/pkg/v1/remote/transport/retry_test.go @@ -145,7 +145,7 @@ func TestRetryDefaults(t *testing.T) { func TestTimeoutContext(t *testing.T) { tr := NewRetry(http.DefaultTransport) - slowServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + slowServer := httptest.NewServer(http.HandlerFunc(func(http.ResponseWriter, *http.Request) { // hanging request time.Sleep(time.Second * 1) })) diff --git a/pkg/v1/remote/transport/transport_test.go b/pkg/v1/remote/transport/transport_test.go index 18625c081..fb5c33f22 100644 --- a/pkg/v1/remote/transport/transport_test.go +++ b/pkg/v1/remote/transport/transport_test.go @@ -35,15 +35,13 @@ var ( func TestTransportNoActionIfTransportIsAlreadyWrapper(t *testing.T) { server := httptest.NewServer( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.Header().Set("WWW-Authenticate", `Bearer realm="http://foo.io"`) http.Error(w, "Should not contact the server", http.StatusBadRequest) })) defer server.Close() tprt := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } wTprt := &Wrapper{inner: tprt} @@ -89,15 +87,13 @@ func TestTransportSelectionAnonymous(t *testing.T) { func TestTransportSelectionBasic(t *testing.T) { server := httptest.NewServer( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.Header().Set("WWW-Authenticate", `Basic`) http.Error(w, "Unauthorized", http.StatusUnauthorized) })) defer server.Close() tprt := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } basic := &authn.Basic{Username: "foo", Password: "bar"} @@ -121,15 +117,13 @@ func (a *badAuth) Authorization() (*authn.AuthConfig, error) { func TestTransportBadAuth(t *testing.T) { server := httptest.NewServer( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.Header().Set("WWW-Authenticate", `Bearer realm="http://foo.io"`) http.Error(w, "Unauthorized", http.StatusUnauthorized) })) defer server.Close() tprt := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } if _, err := NewWithContext(context.Background(), testReference.Context().Registry, &badAuth{}, tprt, []string{testReference.Scope(PullScope)}); err == nil { @@ -167,9 +161,7 @@ func TestTransportSelectionBearer(t *testing.T) { })) defer server.Close() tprt := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } basic := &authn.Basic{Username: "foo", Password: "bar"} @@ -186,15 +178,13 @@ func TestTransportSelectionBearer(t *testing.T) { func TestTransportSelectionBearerMissingRealm(t *testing.T) { server := httptest.NewServer( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.Header().Set("WWW-Authenticate", `Bearer service="gcr.io"`) http.Error(w, "Unauthorized", http.StatusUnauthorized) })) defer server.Close() tprt := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } basic := &authn.Basic{Username: "foo", Password: "bar"} @@ -207,7 +197,7 @@ func TestTransportSelectionBearerMissingRealm(t *testing.T) { func TestTransportSelectionBearerAuthError(t *testing.T) { request := 0 server := httptest.NewServer( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { request++ switch request { case 1: @@ -219,9 +209,7 @@ func TestTransportSelectionBearerAuthError(t *testing.T) { })) defer server.Close() tprt := &http.Transport{ - Proxy: func(req *http.Request) (*url.URL, error) { - return url.Parse(server.URL) - }, + Proxy: func(*http.Request) (*url.URL, error) { return url.Parse(server.URL) }, } basic := &authn.Basic{Username: "foo", Password: "bar"} @@ -236,7 +224,7 @@ func TestTransportAlwaysTriesHttps(t *testing.T) { // This ensures that we try https even for local registries. count := 0 server := httptest.NewTLSServer( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { count++ w.Write([]byte(`{"token": "dfskdjhfkhsjdhfkjhsdf"}`)) }))