refactor: optmize code structures and imepletations and update Workfl…

…ow/Issue templates. (#305)

Signed-off-by: SimonCqk <cqk0100@gmail.com>

.github/ISSUE_TEMPLATE/bug-report.md

@@ -3,7 +3,7 @@ name: Bug Report
 about: Create a report to help us improve
 title: "[BUG]"
 labels: ''
-assignees: jian-he, SimonCqk
+assignees: SimonCqk
 
 ---
 

.github/ISSUE_TEMPLATE/feature-request.md

@@ -3,7 +3,7 @@ name: Feature Request
 about: Suggest an idea for this project
 title: "[feature request]"
 labels: ''
-assignees: jian-he, SimonCqk
+assignees: SimonCqk
 
 ---
 

.github/workflows/ci.yaml

@@ -10,14 +10,19 @@ on:
 
 env:
   # Common versions
-  GO_VERSION: '1.17'
-  GOLANGCI_VERSION: 'v1.39'
+  GO_VERSION: '1.19'
+  GOLANGCI_VERSION: 'v1.51'
   DOCKER_BUILDX_VERSION: 'v0.4.2'
   KUSTOMIZE_VERSION: '3.9.2'
   KUBEDL_CI: 'true'
   KIND_VERSION: 'v0.11.1'
 
 jobs:
+  staticcheck:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dominikh/staticcheck-action@v1
 
   unit-tests:
     runs-on: ubuntu-latest
@@ -63,6 +68,44 @@ jobs:
           file: cover.out
       - name: Check diff
         run: '[[ -z $(git status -s) ]] || (git diff; printf "Existing modified/untracked files.\nPlease run \"make generate manifests\" and push again.\n"; exit 1)'
+  go-lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v3
+        with:
+          submodules: true
+      - name: Setup Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ env.GO_VERSION }}
+      - name: Cache Go Dependencies
+        uses: actions/cache@v2
+        with:
+          path: ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-go-
+      - name: Code generate
+        run: |
+          make generate
+      - name: Lint golang code
+        uses: golangci/golangci-lint-action@v3.7.0
+        with:
+          version: ${{ env.GOLANGCI_VERSION }}
+          args: --out-format=colored-line-number --verbose
+          skip-pkg-cache: true
+      - name: Run Trivy vulnerability scanner in repo mode
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          ignore-unfixed: true
+          format: 'sarif'
+          output: 'trivy-results.sarif'
+          severity: 'CRITICAL'
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: 'trivy-results.sarif'
   e2e-tests:
     runs-on: ubuntu-latest
     steps:

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,67 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master, release-* ]
+  schedule:
+    - cron: '20 21 * * 4'
+
+# Declare default permissions as read only.
+permissions: read-all
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 https://git.io/JvXDl
+
+      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+      #    and modify them (or add more) to build your code if your project
+      #    uses a compiled language
+
+      #- run: |
+      #   make bootstrap
+      #   make release
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

README.md

@@ -1,5 +1,6 @@
 [![License](https://img.shields.io/badge/license-Apache%202-4EB1BA.svg)](https://www.apache.org/licenses/LICENSE-2.0.html)
 [![KubeDL Action Status](https://github.com/kubedl-io/kubedl/workflows/CI/badge.svg)](https://github.com/kubedl-io}/kubedl}/actions)
+[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fkubedl-io%2Fkubedl.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fkubedl-io%2Fkubedl?ref=badge_shield)
 [![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/5072/badge)](https://bestpractices.coreinfrastructure.org/projects/5072)
 
 

apis/inference/v1alpha1/v1alpha1_suite_test.go

@@ -33,7 +33,7 @@ func TestMain(m *testing.M) {
 		log.Fatal(err)
 	}
 
-	c = fake.NewFakeClientWithScheme(scheme.Scheme)
+	c = fake.NewClientBuilder().WithScheme(scheme.Scheme).Build()
 
 	code := m.Run()
 	os.Exit(code)

apis/training/v1alpha1/v1alpha1_suite_test.go

@@ -33,7 +33,7 @@ func TestMain(m *testing.M) {
 		log.Fatal(err)
 	}
 
-	c = fake.NewFakeClientWithScheme(scheme.Scheme)
+	c = fake.NewClientBuilder().WithScheme(scheme.Scheme).Build()
 
 	code := m.Run()
 	os.Exit(code)

console/backend/pkg/auth/config_auth.go

@@ -26,15 +26,15 @@ func (auth *configAuth) Login(c *gin.Context) error {
 	data := buf[0:n]
 	if err := json.Unmarshal(data, &loginData); err != nil {
 		glog.Errorf("request form error: %v", err)
-		return LoginInvalid
+		return ErrLoginInvalid
 	}
 	userInfo, err := model.GetUserInfoFromConfigMap(loginData.Username)
 	if err != nil {
 		glog.Errorf("Get user info error: %v", err)
-		return LoginInvalid
+		return ErrLoginInvalid
 	}
 	if userInfo.Password != loginData.Password {
-		return LoginInvalid
+		return ErrLoginInvalid
 	}
 	session := sessions.Default(c)
 	session.Set(SessionKeyLoginID, userInfo.Username)
@@ -52,12 +52,12 @@ func (auth configAuth) Authorize(c *gin.Context) error {
 	v := session.Get(SessionKeyLoginID)
 	if v == nil {
 		glog.Warningf("authorize logout")
-		return LoginInvalid
+		return ErrLoginInvalid
 	}
 	_, err := model.GetUserInfoFromConfigMap(v.(string))
 	if err != nil {
 		glog.Warningf("Authorize failed")
-		return LoginInvalid
+		return ErrLoginInvalid
 	}
 	return nil
 }

console/backend/pkg/auth/oauth.go

@@ -28,8 +28,8 @@ func init() {
 var (
 	GetAuth AuthRegister
 
-	LoginInvalid = errors.New("login id is invalid")
-	GetAuthError = errors.New("get oauthInfo error")
+	ErrLoginInvalid = errors.New("login id is invalid")
+	ErrGetAuthError = errors.New("get oauthInfo error")
 )
 
 type AuthRegister func() Auth

console/backend/pkg/client/client.go

@@ -52,7 +52,7 @@ func Init() {
 
 func Start(ctx context.Context) {
 	go func() {
-		cmgr.ctrlCache.Start(ctx)
+		_ = cmgr.ctrlCache.Start(ctx)
 	}()
 }
 

console/backend/pkg/handlers/code_source.go

@@ -181,7 +181,7 @@ func getOrCreateCodeSourceConfigMap() (*v1.ConfigMap, error) {
 				CodesourceConfigMapKey: "{}",
 			},
 		}
-		clientmgr.GetCtrlClient().Create(context.TODO(), initConfigMap)
+		_ = clientmgr.GetCtrlClient().Create(context.TODO(), initConfigMap)
 		return initConfigMap, nil
 	} else if err != nil {
 		klog.Errorf("Failed to get ConfigMap, ns: %s, name: %s, err: %v", constants.KubeDLSystemNamespace, CodesourceConfigMapName, err)

console/backend/pkg/handlers/data.go

@@ -26,7 +26,7 @@ const (
 )
 
 func NewDataHandler() *DataHandler {
-	clientmgr.IndexField(&corev1.Pod{}, IndexNodeName, func(obj client.Object) []string {
+	_ = clientmgr.IndexField(&corev1.Pod{}, IndexNodeName, func(obj client.Object) []string {
 		pod, ok := obj.(*corev1.Pod)
 		if !ok {
 			return []string{}
@@ -37,7 +37,7 @@ func NewDataHandler() *DataHandler {
 		return []string{pod.Spec.NodeName}
 	})
 
-	clientmgr.IndexField(&corev1.Pod{}, IndexPhase, func(obj client.Object) []string {
+	_ = clientmgr.IndexField(&corev1.Pod{}, IndexPhase, func(obj client.Object) []string {
 		pod, ok := obj.(*corev1.Pod)
 		if !ok {
 			return []string{}

console/backend/pkg/handlers/job_presubmit_hooks.go

@@ -148,8 +148,6 @@ func pytorchJobPreSubmitAutoConvertReplicas(job runtime.Object) {
 	} else if workerReplicas > 0 {
 		pytorchJob.Spec.PyTorchReplicaSpecs[v1.PyTorchReplicaTypeWorker].Replicas = Int32(workerReplicas)
 	}
-
-	return
 }
 
 func pytorchJobPreSubmitTensorBoardDefaults(job runtime.Object) {

console/backend/pkg/middleware/auth.go

@@ -43,7 +43,7 @@ func CheckAuthMiddleware(loginAuth auth.Auth) gin.HandlerFunc {
 		err = loginAuth.Authorize(c)
 		if err == nil {
 			c.Next()
-		} else if err == auth.GetAuthError {
+		} else if err == auth.ErrGetAuthError {
 			klog.Errorf("[check auth] getOauthInfo err, url: %s, err: %v", c.FullPath(), err)
 			utils.Redirect500(c)
 			c.Abort()

console/backend/pkg/routers/api/auth.go

@@ -32,7 +32,7 @@ func (ac *authAPIsController) login(c *gin.Context) {
 	err := ac.loginAuth.Login(c)
 	if err != nil {
 		klog.Errorf("login err, err: %v, url: %s", err, c.FullPath())
-		if err == auth.LoginInvalid {
+		if err == auth.ErrLoginInvalid {
 			utils.Redirect403(c)
 		} else {
 			utils.Redirect500(c)
@@ -61,8 +61,8 @@ func (ac *authAPIsController) currentUser(c *gin.Context) {
 func (ac *authAPIsController) ingressAuth(c *gin.Context) {
 	err := ac.loginAuth.Authorize(c)
 	if err != nil {
-		if err == auth.LoginInvalid {
-			klog.Errorf("user account error, err: %v", auth.LoginInvalid)
+		if err == auth.ErrLoginInvalid {
+			klog.Errorf("user account error, err: %v", auth.ErrLoginInvalid)
 			utils.Redirect403(c)
 		} else {
 			klog.Errorf("authorize error, err: %v", err)

console/backend/pkg/routers/api/job.go

@@ -130,13 +130,13 @@ func (jc *jobAPIsController) GetJobDetail(c *gin.Context) {
 	kind = c.Query("kind")
 
 	if kind == "" {
-		Error(c, fmt.Sprintf("job kind must not be empty"))
+		Error(c, "job kind must not be empty")
 		return
 	}
 
 	if jobName != "" {
 		if namespace == "" {
-			Error(c, fmt.Sprintf("namespace should not be empty"))
+			Error(c, "namespace should not be empty")
 			return
 		}
 
@@ -280,12 +280,12 @@ func (jc *jobAPIsController) ListPVC(c *gin.Context) {
 func (jc *jobAPIsController) SubmitJob(c *gin.Context) {
 	kind := c.Query("kind")
 	if kind == "" {
-		Error(c, fmt.Sprintf("job kind is empty"))
+		Error(c, "job kind is empty")
 		return
 	}
 	data, err := c.GetRawData()
 	if err != nil {
-		Error(c, fmt.Sprintf("failed to get raw posted data from request"))
+		Error(c, "failed to get raw posted data from request")
 		return
 	}
 	if err = jc.jobHandler.SubmitJobWithKind(data, kind); err != nil {

console/backend/pkg/routers/api/notebook.go

@@ -5,12 +5,13 @@ import (
 	"strconv"
 	"time"
 
+	"github.com/gin-gonic/gin"
+	"k8s.io/klog"
+
 	"github.com/alibaba/kubedl/apis/notebook/v1alpha1"
 	"github.com/alibaba/kubedl/console/backend/pkg/handlers"
 	"github.com/alibaba/kubedl/console/backend/pkg/utils"
 	"github.com/alibaba/kubedl/pkg/storage/backends"
-	"github.com/gin-gonic/gin"
-	"k8s.io/klog"
 )
 
 func NewNotebookAPIsController(notebookHandler *handlers.NotebookHandler) *notebookAPIsController {
@@ -34,7 +35,7 @@ func (nc *notebookAPIsController) RegisterRoutes(routes *gin.RouterGroup) {
 func (nc *notebookAPIsController) SubmitNotebook(c *gin.Context) {
 	data, err := c.GetRawData()
 	if err != nil {
-		Error(c, fmt.Sprintf("failed to get raw posted data from request"))
+		Error(c, "failed to get raw posted data from request")
 		return
 	}
 	if err = nc.notebookHandler.SubmitNotebook(data); err != nil {

console/backend/pkg/routers/api/tensorboard.go

@@ -3,7 +3,6 @@ package api
 import (
 	"context"
 	"encoding/json"
-	"fmt"
 	"reflect"
 
 	networkingv1 "k8s.io/api/networking/v1"
@@ -55,7 +54,7 @@ func (tc *tensorBoardAPIsController) GetTensorBoardStatus(c *gin.Context) {
 	}
 	tbCfgBytes, ok := job.GetAnnotations()[apiv1.AnnotationTensorBoardConfig]
 	if !ok {
-		utils.Succeed(c, fmt.Sprintf("no tensorboard configured"))
+		utils.Succeed(c, "no tensorboard configured")
 		return
 	}
 	tbCfg := tb.TensorBoard{}