Merge branch 'master' into ks43

codeready-toolchain · May 14, 2024 · 931a5fd · 931a5fd
2 parents bc9cd8b + 7c68f29
commit 931a5fd
Show file tree

Hide file tree

Showing 8 changed files with 62 additions and 64 deletions.
diff --git a/.github/workflows/ci-golang-sbom.yml b/.github/workflows/ci-golang-sbom.yml
@@ -23,7 +23,7 @@ jobs:
       uses: actions/checkout@v4
 
     - name: Lint
-      uses: golangci/golangci-lint-action@v5
+      uses: golangci/golangci-lint-action@v6
       with:
         version: v1.56.2
         skip-pkg-cache: true

diff --git a/OWNERS b/OWNERS
@@ -2,20 +2,19 @@
 
 approvers:
 - alexeykazakov
-- dipak-pawar
 - MatousJobanek
-- michaelkleinhenz
-- nurali-techie
 - sbryzak
 - xcoulon
-- tinakurian
+- rajivnathan
+- ranakan19
+- mfrancisc
 
 reviewers:
 - alexeykazakov
-- dipak-pawar
 - MatousJobanek
 - michaelkleinhenz
-- nurali-techie
 - sbryzak
 - xcoulon
-- tinakurian
+- rajivnathan
+- ranakan19
+- mfrancisc
diff --git a/go.mod b/go.mod
@@ -8,8 +8,8 @@ replace github.com/codeready-toolchain/toolchain-common => github.com/fbm3307/to
 
 require (
 	github.com/aws/aws-sdk-go v1.44.100
-	github.com/codeready-toolchain/api v0.0.0-20240425165440-d0a6da0060a5
-	github.com/codeready-toolchain/toolchain-common v0.0.0-20240429224949-78585f71122a
+	github.com/codeready-toolchain/api v0.0.0-20240507023248-73662d6db2c5
+	github.com/codeready-toolchain/toolchain-common v0.0.0-20240507174147-ed50ce546b3c
 	github.com/go-logr/logr v1.2.3
 	github.com/gofrs/uuid v4.2.0+incompatible
 	github.com/pkg/errors v0.9.1
@@ -29,6 +29,7 @@ require (
 	github.com/gin-contrib/static v0.0.1
 	github.com/gin-gonic/gin v1.9.1
 	github.com/golang-jwt/jwt/v5 v5.2.0
+	github.com/google/uuid v1.6.0
 	github.com/kevinburke/twilio-go v0.0.0-20220922200631-8f3f155dfe1f
 	github.com/labstack/echo/v4 v4.10.2
 	github.com/labstack/gommon v0.4.0

diff --git a/go.sum b/go.sum
@@ -286,7 +286,8 @@ github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLe
 github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/googleapis/enterprise-certificate-proxy v0.2.3 h1:yk9/cqRKtT9wXZSsRH9aurXEpJX+U6FLtpYTdC3R06k=
 github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k=
 github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=

diff --git a/pkg/auth/keymanager_test.go b/pkg/auth/keymanager_test.go
@@ -16,8 +16,8 @@ import (
 	authsupport "github.com/codeready-toolchain/toolchain-common/pkg/test/auth"
 	testconfig "github.com/codeready-toolchain/toolchain-common/pkg/test/config"
 
-	"github.com/gofrs/uuid"
 	"github.com/golang-jwt/jwt/v5"
+	"github.com/google/uuid"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/stretchr/testify/suite"
@@ -39,25 +39,25 @@ func (s *TestKeyManagerSuite) TestKeyFetching() {
 
 	// create test keys
 	tokengenerator := authsupport.NewTokenManager()
-	kid0 := uuid.Must(uuid.NewV4()).String()
+	kid0 := uuid.NewString()
 	_, err := tokengenerator.AddPrivateKey(kid0)
 	require.NoError(s.T(), err)
-	kid1 := uuid.Must(uuid.NewV4()).String()
+	kid1 := uuid.NewString()
 	_, err = tokengenerator.AddPrivateKey(kid1)
 	require.NoError(s.T(), err)
 
 	// create two test tokens, both valid
-	username0 := uuid.Must(uuid.NewV4()).String()
+	username0 := uuid.NewString()
 	identity0 := &authsupport.Identity{
-		ID:       uuid.Must(uuid.NewV4()),
+		ID:       uuid.New(),
 		Username: username0,
 	}
 	email0 := identity0.Username + "@email.tld"
 	jwt0, err := tokengenerator.GenerateSignedToken(*identity0, kid0, authsupport.WithEmailClaim(email0))
 	require.NoError(s.T(), err)
-	username1 := uuid.Must(uuid.NewV4()).String()
+	username1 := uuid.NewString()
 	identity1 := &authsupport.Identity{
-		ID:       uuid.Must(uuid.NewV4()),
+		ID:       uuid.New(),
 		Username: username1,
 	}
 	email1 := identity1.Username + "@email.tld"

diff --git a/pkg/auth/tokenparser_test.go b/pkg/auth/tokenparser_test.go
@@ -15,7 +15,7 @@ import (
 	authsupport "github.com/codeready-toolchain/toolchain-common/pkg/test/auth"
 	testconfig "github.com/codeready-toolchain/toolchain-common/pkg/test/config"
 
-	"github.com/gofrs/uuid"
+	"github.com/google/uuid"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/stretchr/testify/suite"
@@ -35,10 +35,10 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 
 	// create test keys
 	tokengenerator := authsupport.NewTokenManager()
-	kid0 := uuid.Must(uuid.NewV4()).String()
+	kid0 := uuid.NewString()
 	_, err := tokengenerator.AddPrivateKey(kid0)
 	require.NoError(s.T(), err)
-	kid1 := uuid.Must(uuid.NewV4()).String()
+	kid1 := uuid.NewString()
 	_, err = tokengenerator.AddPrivateKey(kid1)
 	require.NoError(s.T(), err)
 
@@ -71,17 +71,17 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 
 	s.Run("parse valid tokens", func() {
 		// create two test tokens, both valid
-		username0 := uuid.Must(uuid.NewV4()).String()
+		username0 := uuid.NewString()
 		identity0 := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: username0,
 		}
 		email0 := identity0.Username + "@email.tld"
 		jwt0, err := tokengenerator.GenerateSignedToken(*identity0, kid0, authsupport.WithEmailClaim(email0))
 		require.NoError(s.T(), err)
-		username1 := uuid.Must(uuid.NewV4()).String()
+		username1 := uuid.NewString()
 		identity1 := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: username1,
 		}
 		email1 := identity1.Username + "@email.tld"
@@ -110,9 +110,9 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 
 	s.Run("parse invalid token", func() {
 		// create invalid test token (wrong set of claims, no email), signed with key1
-		invalidUsername := uuid.Must(uuid.NewV4()).String()
+		invalidUsername := uuid.NewString()
 		invalidIdentity := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: invalidUsername,
 		}
 		invalidJWT, err := tokengenerator.GenerateSignedToken(*invalidIdentity, kid1)
@@ -139,13 +139,13 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 
 	s.Run("token signed by unknown key", func() {
 		// new key
-		kidX := uuid.Must(uuid.NewV4()).String()
+		kidX := uuid.NewString()
 		_, err := tokengenerator.AddPrivateKey(kidX)
 		require.NoError(s.T(), err)
 		// generate valid token
-		usernameX := uuid.Must(uuid.NewV4()).String()
+		usernameX := uuid.NewString()
 		identityX := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: usernameX,
 		}
 		emailX := identityX.Username + "@email.tld"
@@ -160,9 +160,9 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 	})
 
 	s.Run("no KID header in token", func() {
-		username0 := uuid.Must(uuid.NewV4()).String()
+		username0 := uuid.NewString()
 		identity0 := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: username0,
 		}
 		email0 := identity0.Username + "@email.tld"
@@ -179,9 +179,9 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 	})
 
 	s.Run("missing claim: preferred_username", func() {
-		username0 := uuid.Must(uuid.NewV4()).String()
+		username0 := uuid.NewString()
 		identity0 := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: username0,
 		}
 		email0 := identity0.Username + "@email.tld"
@@ -199,9 +199,9 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 	})
 
 	s.Run("missing claim: email", func() {
-		username0 := uuid.Must(uuid.NewV4()).String()
+		username0 := uuid.NewString()
 		identity0 := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: username0,
 		}
 		// generate non-serialized token
@@ -216,9 +216,9 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 	})
 
 	s.Run("missing claim: sub", func() {
-		username0 := uuid.Must(uuid.NewV4()).String()
+		username0 := uuid.NewString()
 		identity0 := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: username0,
 		}
 		email0 := identity0.Username + "@email.tld"
@@ -235,9 +235,9 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 	})
 
 	s.Run("signature is good but token expired", func() {
-		username0 := uuid.Must(uuid.NewV4()).String()
+		username0 := uuid.NewString()
 		identity0 := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: username0,
 		}
 		email0 := identity0.Username + "@email.tld"
@@ -256,9 +256,9 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 	})
 
 	s.Run("signature is good but token not valid yet", func() {
-		username0 := uuid.Must(uuid.NewV4()).String()
+		username0 := uuid.NewString()
 		identity0 := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: username0,
 		}
 		email0 := identity0.Username + "@email.tld"
@@ -277,9 +277,9 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 	})
 
 	s.Run("signature is good and token expiration is within leeway", func() {
-		username0 := uuid.Must(uuid.NewV4()).String()
+		username0 := uuid.NewString()
 		identity0 := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: username0,
 		}
 		email0 := identity0.Username + "@email.tld"
@@ -297,9 +297,9 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 	})
 
 	s.Run("token signed by known key but the signature is invalid", func() {
-		username0 := uuid.Must(uuid.NewV4()).String()
+		username0 := uuid.NewString()
 		identity0 := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: username0,
 		}
 		email0 := identity0.Username + "@email.tld"
@@ -311,7 +311,7 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 		// replace signature with garbage
 		str := strings.Split(jwt0string, ".")
 		require.Len(s.T(), str, 3)
-		str[2] = uuid.Must(uuid.NewV4()).String()
+		str[2] = uuid.NewString()
 		jwt0string = strings.Join(str, ".")
 		// validate token
 		_, err = tokenParser.FromString(jwt0string)
@@ -321,9 +321,9 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 
 	s.Run("parse valid token with original_sub claim", func() {
 		// create a test token with an original_sub claim
-		username0 := uuid.Must(uuid.NewV4()).String()
+		username0 := uuid.NewString()
 		identity0 := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: username0,
 		}
 		email0 := identity0.Username + "@email.tld"
@@ -343,9 +343,9 @@ func (s *TestTokenParserSuite) TestTokenParser() {
 	})
 
 	s.Run("parse valid token with aud claim", func() {
-		username0 := uuid.Must(uuid.NewV4()).String()
+		username0 := uuid.NewString()
 		identity0 := &authsupport.Identity{
-			ID:       uuid.Must(uuid.NewV4()),
+			ID:       uuid.New(),
 			Username: username0,
 		}
 		email0 := identity0.Username + "@email.tld"

diff --git a/pkg/middleware/middleware_test.go b/pkg/middleware/middleware_test.go
@@ -20,7 +20,7 @@ import (
 	authsupport "github.com/codeready-toolchain/toolchain-common/pkg/test/auth"
 	testconfig "github.com/codeready-toolchain/toolchain-common/pkg/test/config"
 
-	"github.com/gofrs/uuid"
+	"github.com/google/uuid"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/stretchr/testify/suite"
@@ -46,24 +46,24 @@ func (s *TestAuthMiddlewareSuite) TestAuthMiddleware() {
 func (s *TestAuthMiddlewareSuite) TestAuthMiddlewareService() {
 	// create a TokenGenerator and a key
 	tokengenerator := authsupport.NewTokenManager()
-	kid0 := uuid.Must(uuid.NewV4()).String()
+	kid0 := uuid.NewString()
 	_, err := tokengenerator.AddPrivateKey(kid0)
 	require.NoError(s.T(), err)
 
 	// create some test tokens
 	identity0 := authsupport.Identity{
-		ID:       uuid.Must(uuid.NewV4()),
-		Username: uuid.Must(uuid.NewV4()).String(),
+		ID:       uuid.New(),
+		Username: uuid.NewString(),
 	}
-	emailClaim0 := authsupport.WithEmailClaim(uuid.Must(uuid.NewV4()).String() + "@email.tld")
+	emailClaim0 := authsupport.WithEmailClaim(uuid.NewString() + "@email.tld")
 	// valid token
 	tokenValid, err := tokengenerator.GenerateSignedToken(identity0, kid0, emailClaim0)
 	require.NoError(s.T(), err)
 	// invalid token - no email
 	tokenInvalidNoEmail, err := tokengenerator.GenerateSignedToken(identity0, kid0)
 	require.NoError(s.T(), err)
 	// invalid token - garbage
-	tokenInvalidGarbage := uuid.Must(uuid.NewV4()).String()
+	tokenInvalidGarbage := uuid.NewString()
 	// invalid token - expired
 	expTime := time.Now().Add(-60 * time.Second)
 	expClaim := authsupport.WithExpClaim(expTime)

diff --git a/pkg/proxy/proxy_test.go b/pkg/proxy/proxy_test.go
@@ -35,7 +35,7 @@ import (
 	authsupport "github.com/codeready-toolchain/toolchain-common/pkg/test/auth"
 	testconfig "github.com/codeready-toolchain/toolchain-common/pkg/test/config"
 
-	"github.com/gofrs/uuid"
+	"github.com/google/uuid"
 	routev1 "github.com/openshift/api/route/v1"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -171,8 +171,7 @@ func (s *TestProxySuite) checkPlainHTTPErrors(fakeApp *fake.ProxyFakeApp) {
 			req, err := http.NewRequest("GET", "http://localhost:8081/api/mycoolworkspace/pods", nil)
 			require.NoError(s.T(), err)
 			require.NotNil(s.T(), req)
-			userID, err := uuid.NewV4()
-			require.NoError(s.T(), err)
+			userID := uuid.New()
 			req.Header.Set("Authorization", "Bearer "+s.token(userID, authsupport.WithSubClaim("")))
 			resp, err := http.DefaultClient.Do(req)
 
@@ -385,8 +384,7 @@ func (s *TestProxySuite) checkWebLogin() {
 
 func (s *TestProxySuite) checkProxyOK(fakeApp *fake.ProxyFakeApp, p *Proxy) {
 	s.Run("successfully proxy", func() {
-		userID, err := uuid.NewV4()
-		require.NoError(s.T(), err)
+		userID := uuid.New()
 
 		encodedSAToken := base64.RawURLEncoding.EncodeToString([]byte("clusterSAToken"))
 		encodedSSOToken := base64.RawURLEncoding.EncodeToString([]byte(s.token(userID)))
@@ -1158,8 +1156,7 @@ func (s *TestProxySuite) request() *http.Request {
 	req, err := http.NewRequest("GET", "http://localhost:8081/api/mycoolworkspace/pods", nil)
 	require.NoError(s.T(), err)
 	require.NotNil(s.T(), req)
-	userID, err := uuid.NewV4()
-	require.NoError(s.T(), err)
+	userID := uuid.New()
 	req.Header.Set("Authorization", "Bearer "+s.token(userID))
 
 	return req