-
Notifications
You must be signed in to change notification settings - Fork 242
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update golangci t0 1.61.0 #4360
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This introduces new linting failures.
pkg/os/shell/shell_windows.go
Outdated
@@ -30,6 +30,7 @@ func getProcessEntry(pid int) (pe *syscall.ProcessEntry32, err error) { | |||
} | |||
|
|||
for { | |||
//#nosec G115 -- pid is coming from os.Getppid() as int |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the os.Getppid()
call is 2 level above getProcessEntry
in the call chain. Nothing guarantees that in the future we are not going to reuse this function with a pid
value coming from something different.
I'd prefer to change the getProcessEntry(pid int)
to getProcessEntry(pid uint32)
, and to change detect
to convert the value returned by os.Getppid()
to uint32
pkg/crc/machine/start.go
Outdated
@@ -265,8 +265,8 @@ func configureSharedDirs(vm *virtualMachine, sshRunner *crcssh.Runner) error { | |||
|
|||
func (client *client) Start(ctx context.Context, startConfig types.StartConfig) (*types.StartResult, error) { | |||
telemetry.SetCPUs(ctx, startConfig.CPUs) | |||
telemetry.SetMemory(ctx, uint64(startConfig.Memory)*1024*1024) | |||
telemetry.SetDiskSize(ctx, uint64(startConfig.DiskSize)*1024*1024*1024) | |||
telemetry.SetMemory(ctx, uint64(startConfig.Memory)*1024*1024) //#nosec G115 -- validation make sure memory value is not negative |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
actually I haven't been able to find such >=0 checks in the validation code?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
for memory as part of validation we use the base memory as default preset one (in case of OCP it is 10752 and for microshift 4096
// ValidateMemory checks if provided Memory count is valid
func ValidateMemory(value int, preset crcpreset.Preset) error {
if value < constants.GetDefaultMemory(preset) {
return fmt.Errorf("requires memory in MiB >= %d", constants.GetDefaultMemory(preset))
}
return ValidateEnoughMemory(value)
pkg/drivers/hyperv/hyperv_windows.go
Outdated
@@ -74,6 +74,7 @@ func (d *Driver) UpdateConfigRaw(rawConfig []byte) error { | |||
} | |||
} | |||
if newDriver.DiskCapacity != d.DiskCapacity { | |||
//#nosec G115 -- validation make sure disk value is in range |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd prefer if code in pkg/drivers
did not make assumptions regarding how it's used, and in particular that we don't rely on code in pkg/crc
having to be used before passing data to the drivers.
Moreover, I'm not sure we have the needed range check in validation
4f2e533
to
dd235a1
Compare
dd235a1
to
1371826
Compare
@cfergeau Can you take another look to this PR, it have machine update and also golint ci update. |
1371826
to
bdbe6e5
Compare
return SettingValue{ | ||
Invalid: true, | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unrelated to this PR, but wondering if we could use go generics to have a generic 'cast' function instead of switching over the types.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right, that would be a good exercise, we can put a tracker issue for it.
pkg/os/shell/shell_windows_test.go
Outdated
assert.NoError(t, err) | ||
} | ||
|
||
func TestGetNameAndItsPpidOfParent(t *testing.T) { | ||
shell, _, err := getNameAndItsPpid(os.Getppid()) | ||
//#nosec G115 -- pid is coming from os.Getppid() as int |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same comment as before for these 3 ignores
pkg/drivers/vfkit/driver_darwin.go
Outdated
@@ -97,20 +97,21 @@ func (d *Driver) getDiskPath() string { | |||
return d.ResolveStorePath(fmt.Sprintf("%s.img", d.MachineName)) | |||
} | |||
|
|||
func (d *Driver) resize(newSize int64) error { | |||
func (d *Driver) resize(newSize uint64) error { | |||
newSizeInt64 := int64(newSize) //#nosec G115 -- os.stat provide the size as int64 and os.Truncate use int64 as arg |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This explains why there's a warning, but this should be explaining why it's ok to ignore it. This needs range checks before doing the cast.
85ef8d0
to
bdff643
Compare
pkg/os/shell/shell_windows.go
Outdated
if pid < 0 || pid > math.MaxUint32 { | ||
return "", fmt.Errorf("integer overflow for pid: %v", pid) | ||
} | ||
//#nosec G115 -- Above pid is checked for integer overflow and an error is returned |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
With the range check above, the #nosec directive is not needed.
pkg/os/shell/shell_windows_test.go
Outdated
if pid < 0 || pid > math.MaxUint32 { | ||
assert.Fail(t, "integer overflow detected") | ||
} | ||
//#nosec G115 -- Above pid is checked for integer overflow and fail the test |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And same here
pkg/drivers/vfkit/driver_darwin.go
Outdated
if newSize > math.MaxInt64 { | ||
return fmt.Errorf("integer overflow detected for resize: %v", newSize) | ||
} | ||
//#nosec G115 -- os.stat provide the size as int64 and os.Truncate use int64 as arg. Also range is checked (above) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
#nosec G115
is not needed since you added the range check. You can keep the rest of the comment if you think it's useful.
bdff643
to
829ce5f
Compare
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cfergeau The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/hold
|
With this update type of memory and cpu is changed to uint from int which will allow us to fix some of interter overflow issue with latest golint ci.
It help us to fix integer overflow issue with latest version of golint-ci.
Looks like it is just the to pass value if command is shown or not and `int32` can handle it. Also it will fix the following golanglint error. ``` pkg/os/windows/win32/shell32_windows.go:40:77: G115: integer overflow conversion int -> int32 (gosec) return windows.ShellExecute(hwnd, op, toUint16ptr(file), params, dir, int32(showCmd)) ```
With that we don't need to do type conversion and avoid following golint error. ``` pkg/drivers/vfkit/driver_darwin.go:407:40: G115: integer overflow conversion int -> int32 (gosec) exists, err := process.PidExists(int32(pid)) ^ pkg/drivers/vfkit/driver_darwin.go:414:36: G115: integer overflow conversion int -> int32 (gosec) p, err := process.NewProcess(int32(pid)) ^ ```
829ce5f
to
d7f74fd
Compare
New changes are detected. LGTM label has been removed. |
@praveenkumar: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
os.Getppid() return int value but syscall.ProcessEntry32 struct have `ProcessID` as uint32 so we are doing the type conversion as part of `os.Getppid()` instead later in stage. It will fix following golint error. ``` pkg/os/shell/shell_windows.go:33:38: G115: integer overflow conversion int -> uint32 (gosec) if processEntry.ProcessID == uint32(pid) { ```
It will reduce following error for golint ci. ``` pkg/drivers/libhvee/libhvee_windows.go:92:31: G115: integer overflow conversion uint64 -> int64 (gosec) if err := d.resizeDisk(int64(update.DiskCapacity)); err != nil { ^ pkg/drivers/libhvee/libhvee_windows.go:196:27: G115: integer overflow conversion uint64 -> int64 (gosec) return d.resizeDisk(int64(d.DiskCapacity)) ^ pkg/drivers/libhvee/libhvee_windows.go:288:26: G115: integer overflow conversion int64 -> uint64 (gosec) newSize := strongunits.B(newSizeBytes) ```
It will fix following golint ci error ``` pkg/drivers/vfkit/driver_darwin.go:135:23: G115: integer overflow conversion uint64 -> int64 (gosec) return d.resize(int64(d.DiskCapacity)) ^ pkg/drivers/vfkit/driver_darwin.go:176:7: G115: integer overflow conversion int -> uint (gosec) uint(d.CPU), ^ pkg/drivers/vfkit/driver_darwin.go:177:9: G115: integer overflow conversion int -> uint64 (gosec) uint64(d.Memory), ^ ```
This will fix follow golint ci warning ``` pkg/crc/machine/kubeconfig.go:189:29: G115: integer overflow conversion uint -> int (gosec) port = strconv.Itoa(int(ingressHTTPSPort)) ```
Latest release of golangci-lint uses `go 1.22.1` as part of go mod file so when our tooling try to consume this version then following is added for `tools/go.mod` because in our mod file we mention minimum required go version is `1.22.0` and as per go toolchain guideline it should run in in newer toolchain ``` go 1.22.0 toolchain go1.22.5 ``` snip from: https://go.dev/doc/toolchain ``` When the go or toolchain line is newer than the bundled toolchain, the go command runs the newer toolchain instead. For example, when using the go command bundled with Go 1.21.3 in a main module that says go 1.21.9, the go command finds and runs Go 1.21.9 instead. It first looks in the PATH for a program named go1.21.9 and otherwise downloads and caches a copy of the Go 1.21.9 toolchain. ``` - https://github.com/golangci/golangci-lint/blob/v1.61.0/go.mod#L3
Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) from 1.59.1 to 1.61.0. - [Release notes](https://github.com/golangci/golangci-lint/releases) - [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md) - [Commits](golangci/golangci-lint@v1.59.1...v1.61.0) --- updated-dependencies: - dependency-name: github.com/golangci/golangci-lint dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
d7f74fd
to
0a39b01
Compare
No description provided.