Merge pull request #879 from 99designs/add-golangci-lint

Add golangci-lint and fix linting issues
99designs · Mar 8, 2022 · 9a93123 · 9a93123
2 parents d1c30c3 + 9090470
commit 9a93123
Show file tree

Hide file tree

Showing 27 changed files with 125 additions and 109 deletions.
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
@@ -1,36 +1,35 @@
 name: Continuous Integration
-
 on:
   push:
   pull_request:
     branches:
-    - master
-
+      - master
 jobs:
-
-  build:
-    name: Build
+  test:
+    name: test
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest]
     runs-on: ${{ matrix.os }}
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: 1.17
+      - uses: actions/checkout@v3
+      - name: Run tests
+        run: go test -race ./...
+  lint:
+    name: lint
     strategy:
       matrix:
-        os: [ubuntu-latest, macOS-latest]
-
+        os: [macos-latest, ubuntu-latest]
+    runs-on: ${{ matrix.os }}
     steps:
-
-    - name: Set up Go 1.17
-      uses: actions/setup-go@v3
-      with:
-        go-version: 1.17
-      id: go
-
-    - name: Check out code into the Go module directory
-      uses: actions/checkout@v3
-
-    - name: Run tests
-      run: go test -race ./...
-
-    - name: Check go vet
-      run: go vet ./...
-
-    - name: Check go fmt
-      run: diff -u <(echo -n) <(gofmt -s -d .)
+      - uses: actions/setup-go@v3
+        with:
+          go-version: 1.17
+      - uses: actions/checkout@v3
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v2
+        with:
+          version: v1.44.2
diff --git a/.golangci.yml b/.golangci.yml
@@ -0,0 +1,38 @@
+linters:
+  enable:
+    - bodyclose
+    - contextcheck
+    - deadcode
+    - depguard
+    - durationcheck
+    - dupl
+    - errcheck
+    - errchkjson
+    - errname
+    - exhaustive
+    - exportloopref
+    - gofmt
+    - goimports
+    - gosimple
+    - govet
+    - ineffassign
+    - makezero
+    - misspell
+    - nakedret
+    - nilerr
+    - nilnil
+    - noctx
+    - prealloc
+    - revive
+    - rowserrcheck
+    - staticcheck
+    - structcheck
+    - thelper
+    - tparallel
+    - typecheck
+    - unconvert
+    - unparam
+    - unused
+    - varcheck
+    - wastedassign
+    - whitespace
diff --git a/cli/add.go b/cli/add.go
@@ -50,7 +50,7 @@ func ConfigureAddCommand(app *kingpin.Application, a *AwsVault) {
 }
 
 func AddCommand(input AddCommandInput, keyring keyring.Keyring, awsConfigFile *vault.ConfigFile) error {
-	var accessKeyId, secretKey string
+	var accessKeyID, secretKey string
 
 	p, _ := awsConfigFile.ProfileSection(input.ProfileName)
 	if p.SourceProfile != "" {
@@ -59,23 +59,23 @@ func AddCommand(input AddCommandInput, keyring keyring.Keyring, awsConfigFile *v
 	}
 
 	if input.FromEnv {
-		if accessKeyId = os.Getenv("AWS_ACCESS_KEY_ID"); accessKeyId == "" {
+		if accessKeyID = os.Getenv("AWS_ACCESS_KEY_ID"); accessKeyID == "" {
 			return fmt.Errorf("Missing value for AWS_ACCESS_KEY_ID")
 		}
 		if secretKey = os.Getenv("AWS_SECRET_ACCESS_KEY"); secretKey == "" {
 			return fmt.Errorf("Missing value for AWS_SECRET_ACCESS_KEY")
 		}
 	} else {
 		var err error
-		if accessKeyId, err = prompt.TerminalPrompt("Enter Access Key ID: "); err != nil {
+		if accessKeyID, err = prompt.TerminalPrompt("Enter Access Key ID: "); err != nil {
 			return err
 		}
 		if secretKey, err = prompt.TerminalSecretPrompt("Enter Secret Access Key: "); err != nil {
 			return err
 		}
 	}
 
-	creds := aws.Credentials{AccessKeyID: accessKeyId, SecretAccessKey: secretKey}
+	creds := aws.Credentials{AccessKeyID: accessKeyID, SecretAccessKey: secretKey}
 
 	ckr := &vault.CredentialKeyring{Keyring: keyring}
 	if err := ckr.Set(input.ProfileName, creds); err != nil {

diff --git a/cli/exec.go b/cli/exec.go
@@ -53,10 +53,10 @@ func (input ExecCommandInput) validate() error {
 		return fmt.Errorf("Can't use --ecs-server with --no-session")
 	}
 	if input.StartEcsServer && input.Config.MfaPromptMethod == "terminal" {
-		return fmt.Errorf("Can't use --prompt=terminal with --ecs-server. Specifiy a different prompt driver")
+		return fmt.Errorf("Can't use --prompt=terminal with --ecs-server. Specify a different prompt driver")
 	}
 	if input.StartEc2Server && input.Config.MfaPromptMethod == "terminal" {
-		return fmt.Errorf("Can't use --prompt=terminal with --ec2-server. Specifiy a different prompt driver")
+		return fmt.Errorf("Can't use --prompt=terminal with --ec2-server. Specify a different prompt driver")
 	}
 
 	return nil
@@ -172,7 +172,7 @@ func ExecCommand(input ExecCommandInput, f *vault.ConfigFile, keyring keyring.Ke
 	}
 
 	if input.CredentialHelper {
-		return execCredentialHelper(input, config, credsProvider)
+		return execCredentialHelper(input, credsProvider)
 	}
 
 	return execEnvironment(input, config, credsProvider)
@@ -225,14 +225,13 @@ func execEcsServer(input ExecCommandInput, config *vault.Config, credsProvider a
 	log.Println("Setting subprocess env AWS_CONTAINER_CREDENTIALS_FULL_URI, AWS_CONTAINER_AUTHORIZATION_TOKEN")
 	env := environ(os.Environ())
 	env = updateEnvForAwsVault(env, input.ProfileName, config.Region)
-	env.Set("AWS_CONTAINER_CREDENTIALS_FULL_URI", ecsServer.BaseUrl())
+	env.Set("AWS_CONTAINER_CREDENTIALS_FULL_URI", ecsServer.BaseURL())
 	env.Set("AWS_CONTAINER_AUTHORIZATION_TOKEN", ecsServer.AuthToken())
 
 	return execCmd(input.Command, input.Args, env)
 }
 
-func execCredentialHelper(input ExecCommandInput, config *vault.Config, credsProvider aws.CredentialsProvider) error {
-
+func execCredentialHelper(input ExecCommandInput, credsProvider aws.CredentialsProvider) error {
 	// AwsCredentialHelperData is metadata for AWS CLI credential process
 	// See https://docs.aws.amazon.com/cli/latest/topic/config-vars.html#sourcing-credentials-from-external-processes
 	type AwsCredentialHelperData struct {

diff --git a/cli/global.go b/cli/global.go
@@ -10,7 +10,7 @@ import (
 	"github.com/99designs/aws-vault/v6/vault"
 	"github.com/99designs/keyring"
 	"github.com/alecthomas/kingpin"
-	"golang.org/x/crypto/ssh/terminal"
+	"golang.org/x/term"
 )
 
 var keyringConfigDefaults = keyring.Config{
@@ -138,7 +138,7 @@ func fileKeyringPassphrasePrompt(prompt string) (string, error) {
 	}
 
 	fmt.Fprintf(os.Stderr, "%s: ", prompt)
-	b, err := terminal.ReadPassword(int(os.Stdin.Fd()))
+	b, err := term.ReadPassword(int(os.Stdin.Fd()))
 	if err != nil {
 		return "", err
 	}

diff --git a/cli/login.go b/cli/login.go
@@ -132,7 +132,7 @@ func LoginCommand(input LoginCommandInput, f *vault.ConfigFile, keyring keyring.
 
 	loginURLPrefix, destination := generateLoginURL(config.Region, input.Path)
 
-	req, err := http.NewRequest("GET", loginURLPrefix, nil)
+	req, err := http.NewRequestWithContext(context.TODO(), "GET", loginURLPrefix, nil)
 	if err != nil {
 		return err
 	}
@@ -164,7 +164,7 @@ func LoginCommand(input LoginCommandInput, f *vault.ConfigFile, keyring keyring.
 
 	var respParsed map[string]string
 
-	err = json.Unmarshal([]byte(body), &respParsed)
+	err = json.Unmarshal(body, &respParsed)
 	if err != nil {
 		return err
 	}

diff --git a/cli/proxy.go b/cli/proxy.go
@@ -23,10 +23,9 @@ func ConfigureProxyCommand(app *kingpin.Application, a *AwsVault) {
 		if stop {
 			server.StopProxy()
 			return nil
-		} else {
-			handleSigTerm()
-			return server.StartProxy()
 		}
+		handleSigTerm()
+		return server.StartProxy()
 	})
 }
 

diff --git a/cli/rotate.go b/cli/rotate.go
@@ -162,7 +162,7 @@ func retry(maxTime time.Duration, sleep time.Duration, f func() error) (err erro
 
 		err = f()
 		if err == nil {
-			return
+			return // nolint
 		}
 
 		elapsed := time.Since(t0)
@@ -184,7 +184,7 @@ func getUsernameIfAssumingRole(awsCfg aws.Config, config *vault.Config) (*string
 		log.Printf("Found IAM username '%s'", n)
 		return &n, nil
 	}
-	return nil, nil
+	return nil, nil //nolint
 }
 
 func getProfilesInChain(profileName string, configLoader *vault.ConfigLoader) (profileNames []string, err error) {

diff --git a/go.mod b/go.mod
@@ -12,9 +12,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.11.0
 	github.com/aws/aws-sdk-go-v2/service/sts v1.15.0
 	github.com/google/go-cmp v0.5.7
-	github.com/gorilla/handlers v1.5.1
 	github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966
-	golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838
 	golang.org/x/sys v0.0.0-20220204135822-1c1b9b1eba6a
 	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
 	gopkg.in/ini.v1 v1.66.4
@@ -33,7 +31,6 @@ require (
 	github.com/aws/smithy-go v1.11.0 // indirect
 	github.com/danieljoos/wincred v1.1.2 // indirect
 	github.com/dvsekhvalnov/jose2go v1.5.0 // indirect
-	github.com/felixge/httpsnoop v1.0.2 // indirect
 	github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2 // indirect
 	github.com/gsterjov/go-libsecret v0.0.0-20161001094733-a6f4afe4910c // indirect
 	github.com/mtibben/percent v0.2.1 // indirect

diff --git a/go.sum b/go.sum
@@ -43,15 +43,10 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dvsekhvalnov/jose2go v1.5.0 h1:3j8ya4Z4kMCwT5nXIKFSV84YS+HdqSSO0VsTQxaLAeM=
 github.com/dvsekhvalnov/jose2go v1.5.0/go.mod h1:QsHjhyTlD/lAVqn/NSbVZmSCGeDehTB/mPZadG+mhXU=
-github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
-github.com/felixge/httpsnoop v1.0.2 h1:+nS9g82KMXccJ/wp0zyRW9ZBHFETmMGtkk+2CTTrW4o=
-github.com/felixge/httpsnoop v1.0.2/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2 h1:ZpnhV/YsD2/4cESfV5+Hoeu/iUR3ruzNvZ+yQfO03a0=
 github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4=
 github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o=
 github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
-github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4=
-github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q=
 github.com/gsterjov/go-libsecret v0.0.0-20161001094733-a6f4afe4910c h1:6rhixN/i8ZofjG1Y75iExal34USq5p+wiN1tpie8IrU=
 github.com/gsterjov/go-libsecret v0.0.0-20161001094733-a6f4afe4910c/go.mod h1:NMPJylDgVpX0MLRlPy15sqSwOFv/U1GZ2m21JhFfek0=
 github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
@@ -75,20 +70,12 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838 h1:71vQrMauZZhcTVK6KdYM+rklehEEwb3E+ZhaE5jrPrE=
-golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210819135213-f52c844e1c1c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220204135822-1c1b9b1eba6a h1:ppl5mZgokTT8uPkmYOyEUmPTr3ypaKkg5eFOGrAmxxE=
 golang.org/x/sys v0.0.0-20220204135822-1c1b9b1eba6a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

diff --git a/prompt/prompt.go b/prompt/prompt.go
@@ -5,9 +5,9 @@ import (
 	"sort"
 )
 
-type PromptFunc func(string) (string, error)
+type Func func(string) (string, error)
 
-var Methods = map[string]PromptFunc{}
+var Methods = map[string]Func{}
 
 func Available() []string {
 	methods := []string{}
@@ -18,7 +18,7 @@ func Available() []string {
 	return methods
 }
 
-func Method(s string) PromptFunc {
+func Method(s string) Func {
 	m, ok := Methods[s]
 	if !ok {
 		panic(fmt.Sprintf("Prompt method %q doesn't exist", s))

diff --git a/server/ec2proxy.go b/server/ec2proxy.go
@@ -60,7 +60,7 @@ func Shutdown() {
 
 // StopProxy stops the http proxy server on the standard EC2 Instance Metadata endpoint
 func StopProxy() {
-	_, _ = http.Get(fmt.Sprintf("http://%s/stop", ec2MetadataEndpointAddr))
+	_, _ = http.Get(fmt.Sprintf("http://%s/stop", ec2MetadataEndpointAddr)) //nolint
 }
 
 func awsVaultExecutable() string {

diff --git a/server/ec2server.go b/server/ec2server.go
@@ -35,7 +35,6 @@ func StartEc2CredentialsServer(credsProvider aws.CredentialsProvider, region str
 }
 
 func startEc2CredentialsServer(credsProvider aws.CredentialsProvider, region string) {
-
 	log.Printf("Starting EC2 Instance Metadata server on %s", ec2CredentialsServerAddr)
 	router := http.NewServeMux()
 

diff --git a/server/ecsserver.go b/server/ecsserver.go
@@ -98,7 +98,7 @@ func NewEcsServer(baseCredsProvider aws.CredentialsProvider, config *vault.Confi
 	return e, nil
 }
 
-func (e *EcsServer) BaseUrl() string {
+func (e *EcsServer) BaseURL() string {
 	return fmt.Sprintf("http://%s", e.listener.Addr().String())
 }
 func (e *EcsServer) AuthToken() string {

diff --git a/vault/assumeroleprovider.go b/vault/assumeroleprovider.go
@@ -26,7 +26,7 @@ type AssumeRoleProvider struct {
 
 // Retrieve generates a new set of temporary credentials using STS AssumeRole
 func (p *AssumeRoleProvider) Retrieve(ctx context.Context) (aws.Credentials, error) {
-	role, err := p.assumeRole()
+	role, err := p.assumeRole(ctx)
 	if err != nil {
 		return aws.Credentials{}, err
 	}
@@ -49,7 +49,7 @@ func (p *AssumeRoleProvider) roleSessionName() string {
 	return p.RoleSessionName
 }
 
-func (p *AssumeRoleProvider) assumeRole() (*ststypes.Credentials, error) {
+func (p *AssumeRoleProvider) assumeRole(ctx context.Context) (*ststypes.Credentials, error) {
 	var err error
 
 	input := &sts.AssumeRoleInput{
@@ -89,7 +89,7 @@ func (p *AssumeRoleProvider) assumeRole() (*ststypes.Credentials, error) {
 		input.SourceIdentity = aws.String(p.SourceIdentity)
 	}
 
-	resp, err := p.StsClient.AssumeRole(context.TODO(), input)
+	resp, err := p.StsClient.AssumeRole(ctx, input)
 	if err != nil {
 		return nil, err
 	}

diff --git a/vault/assumerolewithwebidentityprovider.go b/vault/assumerolewithwebidentityprovider.go
@@ -29,7 +29,7 @@ type AssumeRoleWithWebIdentityProvider struct {
 
 // Retrieve generates a new set of temporary credentials using STS AssumeRoleWithWebIdentity
 func (p *AssumeRoleWithWebIdentityProvider) Retrieve(ctx context.Context) (aws.Credentials, error) {
-	creds, err := p.assumeRole()
+	creds, err := p.assumeRole(ctx)
 	if err != nil {
 		return aws.Credentials{}, err
 	}
@@ -52,15 +52,15 @@ func (p *AssumeRoleWithWebIdentityProvider) roleSessionName() string {
 	return p.RoleSessionName
 }
 
-func (p *AssumeRoleWithWebIdentityProvider) assumeRole() (*ststypes.Credentials, error) {
+func (p *AssumeRoleWithWebIdentityProvider) assumeRole(ctx context.Context) (*ststypes.Credentials, error) {
 	var err error
 
 	webIdentityToken, err := p.webIdentityToken()
 	if err != nil {
 		return nil, err
 	}
 
-	resp, err := p.StsClient.AssumeRoleWithWebIdentity(context.TODO(), &sts.AssumeRoleWithWebIdentityInput{
+	resp, err := p.StsClient.AssumeRoleWithWebIdentity(ctx, &sts.AssumeRoleWithWebIdentityInput{
 		RoleArn:          aws.String(p.RoleARN),
 		RoleSessionName:  aws.String(p.roleSessionName()),
 		DurationSeconds:  aws.Int32(int32(p.Duration.Seconds())),