Use Go 1.20 and update dependencies (#359)

Signed-off-by: Tamal Saha <tamal@appscode.com>
kubeguard · Mar 7, 2023 · e0840f9 · e0840f9
1 parent 823e473
commit e0840f9
Show file tree

Hide file tree

Showing 2,838 changed files with 391,491 additions and 217,624 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -7,20 +7,21 @@ on:
   push:
     branches:
       - master
-
   workflow_dispatch:
+
 concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
   cancel-in-progress: true
+
 jobs:
   build:
     name: Build
     runs-on: ubuntu-20.04
     steps:
-      - name: Set up Go 1.18
+      - name: Set up Go 1.20
         uses: actions/setup-go@v2
         with:
-          go-version: 1.18
+          go-version: '1.20'
         id: go
 
       - uses: actions/checkout@v1

diff --git a/.github/workflows/release-tracker.yml b/.github/workflows/release-tracker.yml
@@ -4,9 +4,11 @@ on:
   pull_request:
     types: [closed]
   workflow_dispatch:
+
 concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
   cancel-in-progress: true
+
 jobs:
   build:
     runs-on: ubuntu-20.04

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -4,11 +4,12 @@ on:
   push:
     tags:
       - "*.*"
-
   workflow_dispatch:
+
 concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
   cancel-in-progress: true
+
 jobs:
   build:
     name: Build

diff --git a/Makefile b/Makefile
@@ -12,7 +12,6 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-
 SHELL=/bin/bash -o pipefail
 
 GO_PKG   := go.kubeguard.dev
@@ -67,7 +66,7 @@ TAG              := $(VERSION)_$(OS)_$(ARCH)
 TAG_PROD         := $(TAG)
 TAG_DBG          := $(VERSION)-dbg_$(OS)_$(ARCH)
 
-GO_VERSION       ?= 1.18
+GO_VERSION       ?= 1.20
 BUILD_IMAGE      ?= appscode/golang-dev:$(GO_VERSION)
 
 OUTBIN = bin/$(BIN)-$(OS)-$(ARCH)

diff --git a/auth/providers/azure/azure_test.go b/auth/providers/azure/azure_test.go
@@ -31,8 +31,8 @@ import (
 
 	"go.kubeguard.dev/guard/auth/providers/azure/graph"
 
-	"github.com/appscode/pat"
 	"github.com/coreos/go-oidc"
+	"github.com/go-chi/chi/v5"
 	jsoniter "github.com/json-iterator/go"
 	"github.com/stretchr/testify/assert"
 	"gopkg.in/square/go-jose.v2"
@@ -141,7 +141,7 @@ func serverSetup(loginResp string, loginStatus int, jwkResp, groupIds, groupList
 	}
 	addr := listener.Addr().String()
 
-	m := pat.New()
+	m := chi.NewRouter()
 
 	m.Post("/login", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(loginStatus)
@@ -193,21 +193,23 @@ func serverSetup(loginResp string, loginStatus int, jwkResp, groupIds, groupList
 
 /*
 goups id format:
-{
-   "value":[
-      "1"
-   ]
-}
+
+	{
+	   "value":[
+	      "1"
+	   ]
+	}
 
 groupList formate:
-{
-   "value":[
-      {
-         "displayName":"group1",
-         "id":"1"
-      }
-   ]
-}
+
+	{
+	   "value":[
+	      {
+	         "displayName":"group1",
+	         "id":"1"
+	      }
+	   ]
+	}
 */
 func getGroupsAndIds(t *testing.T, groupSz int) ([]byte, []byte) {
 	groupId := struct {

diff --git a/auth/providers/azure/graph/aks_tokenprovider.go b/auth/providers/azure/graph/aks_tokenprovider.go
@@ -18,7 +18,7 @@ package graph
 
 import (
 	"bytes"
-	"io/ioutil"
+	"io"
 	"net/http"
 
 	"go.kubeguard.dev/guard/util/httpclient"
@@ -72,7 +72,7 @@ func (u *aksTokenProvider) Acquire(token string) (AuthResponse, error) {
 	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusOK {
-		data, _ := ioutil.ReadAll(resp.Body)
+		data, _ := io.ReadAll(resp.Body)
 		return authResp, errors.Errorf("request failed with status code: %d and response: %s", resp.StatusCode, string(data))
 	}
 	err = json.NewDecoder(resp.Body).Decode(&authResp)

diff --git a/auth/providers/azure/graph/clientcredential_tokenprovider.go b/auth/providers/azure/graph/clientcredential_tokenprovider.go
@@ -17,7 +17,7 @@ limitations under the License.
 package graph
 
 import (
-	"io/ioutil"
+	"io"
 	"net/http"
 	"net/url"
 	"strings"
@@ -78,7 +78,7 @@ func (u *clientCredentialTokenProvider) Acquire(token string) (AuthResponse, err
 	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusOK {
-		data, _ := ioutil.ReadAll(resp.Body)
+		data, _ := io.ReadAll(resp.Body)
 		return authResp, errors.Errorf("request %s failed with status code: %d and response: %s", req.URL.Path, resp.StatusCode, string(data))
 	}
 	err = json.NewDecoder(resp.Body).Decode(&authResp)

diff --git a/auth/providers/azure/graph/graph.go b/auth/providers/azure/graph/graph.go
@@ -19,7 +19,7 @@ package graph
 import (
 	"bytes"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"net/url"
 	"path"
@@ -89,7 +89,7 @@ func (u *UserInfo) getGroupIDs(userPrincipal string) ([]string, error) {
 	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusOK {
-		data, _ := ioutil.ReadAll(resp.Body)
+		data, _ := io.ReadAll(resp.Body)
 		return nil, errors.Errorf("request %s failed with status code: %d and response: %s", req.URL.Path, resp.StatusCode, string(data))
 	}
 
@@ -137,7 +137,7 @@ func (u *UserInfo) getExpandedGroups(ids []string) (*GroupList, error) {
 	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusOK {
-		data, _ := ioutil.ReadAll(resp.Body)
+		data, _ := io.ReadAll(resp.Body)
 		return nil, errors.Errorf("request %s failed with status code: %d and response: %s", req.URL.Path, resp.StatusCode, string(data))
 	}
 

diff --git a/auth/providers/azure/graph/obo_tokenprovider.go b/auth/providers/azure/graph/obo_tokenprovider.go
@@ -17,7 +17,7 @@ limitations under the License.
 package graph
 
 import (
-	"io/ioutil"
+	"io"
 	"net/http"
 	"net/url"
 	"strings"
@@ -80,7 +80,7 @@ func (u *oboTokenProvider) Acquire(token string) (AuthResponse, error) {
 	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusOK {
-		data, _ := ioutil.ReadAll(resp.Body)
+		data, _ := io.ReadAll(resp.Body)
 		return authResp, errors.Errorf("request %s failed with status code: %d and response: %s", req.URL.Path, resp.StatusCode, string(data))
 	}
 	err = json.NewDecoder(resp.Body).Decode(&authResp)

diff --git a/auth/providers/github/github.go b/auth/providers/github/github.go
@@ -22,7 +22,7 @@ import (
 
 	"go.kubeguard.dev/guard/auth"
 
-	"github.com/google/go-github/v25/github"
+	"github.com/google/go-github/v50/github"
 	"github.com/pkg/errors"
 	"golang.org/x/oauth2"
 	authv1 "k8s.io/api/authentication/v1"

diff --git a/auth/providers/github/github_test.go b/auth/providers/github/github_test.go
@@ -26,7 +26,7 @@ import (
 	"strconv"
 	"testing"
 
-	"github.com/appscode/pat"
+	"github.com/go-chi/chi/v5"
 	jsoniter "github.com/json-iterator/go"
 	"github.com/stretchr/testify/assert"
 	v1 "k8s.io/api/authentication/v1"
@@ -47,6 +47,7 @@ const (
 type teamRespFunc func(u *url.URL) (int, string)
 
 // return string format
+//
 //	[
 //		{
 //			"organization":{
@@ -55,6 +56,7 @@ type teamRespFunc func(u *url.URL) (int, string)
 //			"name":"team1"
 //		}
 //	]
+//
 // team name format : team[teamNo]
 func getTeamList(size int, startTeamNo int) ([]byte, error) {
 	type team struct {
@@ -104,26 +106,26 @@ func min(a, b int) int {
 // body, or a JSON response body that maps to ErrorResponse. Any other
 // response body will be silently ignored.
 //
-//An ErrorResponse reports one or more errors caused by an API request.
+// An ErrorResponse reports one or more errors caused by an API request.
 //
-//GitHub API docs: https://developer.github.com/v3/#client-errors
+// GitHub API docs: https://developer.github.com/v3/#client-errors
 //
-//type ErrorResponse struct {
-//	Response *http.Response // HTTP response that caused this error
-//	Message  string         `json:"message"` // error message
-//	Errors   []Error        `json:"errors"`  // more detail on individual errors
-//	// Block is only populated on certain types of errors such as code 451.
-//	// See https://developer.github.com/changes/2016-03-17-the-451-status-code-is-now-supported/
-//	// for more information.
-//	Block *struct {
-//		Reason    string     `json:"reason,omitempty"`
-//		CreatedAt *Timestamp `json:"created_at,omitempty"`
-//	} `json:"block,omitempty"`
-//	// Most errors will also include a documentation_url field pointing
-//	// to some content that might help you resolve the error, see
-//	// https://developer.github.com/v3/#client-errors
-//	DocumentationURL string `json:"documentation_url,omitempty"`
-//}
+//	type ErrorResponse struct {
+//		Response *http.Response // HTTP response that caused this error
+//		Message  string         `json:"message"` // error message
+//		Errors   []Error        `json:"errors"`  // more detail on individual errors
+//		// Block is only populated on certain types of errors such as code 451.
+//		// See https://developer.github.com/changes/2016-03-17-the-451-status-code-is-now-supported/
+//		// for more information.
+//		Block *struct {
+//			Reason    string     `json:"reason,omitempty"`
+//			CreatedAt *Timestamp `json:"created_at,omitempty"`
+//		} `json:"block,omitempty"`
+//		// Most errors will also include a documentation_url field pointing
+//		// to some content that might help you resolve the error, see
+//		// https://developer.github.com/v3/#client-errors
+//		DocumentationURL string `json:"documentation_url,omitempty"`
+//	}
 func getErrorMessage(err error) []byte {
 	//{{{err.Error()}}}
 	errMsg := `{ "message": "{{{` + err.Error() + `}}}" }`
@@ -197,40 +199,41 @@ func assertUserInfo(t *testing.T, info *v1.UserInfo, teamSize int) {
 }
 
 func githubServerSetup(githubOrg string, memberResp string, memberStatusCode int, genTeamRespn teamRespFunc) *httptest.Server {
-	m := pat.New()
+	m := chi.NewRouter()
+	m.Route("/api/v3", func(m chi.Router) {
+		m.Get(fmt.Sprintf("/user/memberships/orgs/%v", githubOrg), http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			err := verifyAuthorization(r)
+			if err != nil {
+				w.WriteHeader(http.StatusUnauthorized)
+				_, _ = w.Write(getErrorMessage(err))
+				return
+			}
+			w.WriteHeader(memberStatusCode)
+			_, _ = w.Write([]byte(memberResp))
+		}))
 
-	m.Get(fmt.Sprintf("/user/memberships/orgs/%v", githubOrg), http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		err := verifyAuthorization(r)
-		if err != nil {
+		m.Get("/user/memberships/orgs/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			w.WriteHeader(http.StatusUnauthorized)
-			_, _ = w.Write(getErrorMessage(err))
-			return
-		}
-		w.WriteHeader(memberStatusCode)
-		_, _ = w.Write([]byte(memberResp))
-	}))
-
-	m.Get("/user/memberships/orgs/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.WriteHeader(http.StatusUnauthorized)
-		_, _ = w.Write(getErrorMessage(errors.New("Authorization: invalid token")))
-	}))
+			_, _ = w.Write(getErrorMessage(errors.New("Authorization: invalid token")))
+		}))
 
-	m.Get("/user/teams", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		err := verifyAuthorization(r)
-		if err != nil {
-			w.WriteHeader(http.StatusUnauthorized)
-			_, _ = w.Write(getErrorMessage(err))
-			return
-		}
+		m.Get("/user/teams", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			err := verifyAuthorization(r)
+			if err != nil {
+				w.WriteHeader(http.StatusUnauthorized)
+				_, _ = w.Write(getErrorMessage(err))
+				return
+			}
 
-		status, resp := genTeamRespn(r.URL)
-		w.WriteHeader(status)
-		if status != http.StatusOK {
-			_, _ = w.Write(getErrorMessage(errors.New(resp)))
-			return
-		}
-		_, _ = w.Write([]byte(resp))
-	}))
+			status, resp := genTeamRespn(r.URL)
+			w.WriteHeader(status)
+			if status != http.StatusOK {
+				_, _ = w.Write(getErrorMessage(errors.New(resp)))
+				return
+			}
+			_, _ = w.Write([]byte(resp))
+		}))
+	})
 
 	srv := httptest.NewServer(m)
 	return srv