Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update golangci t0 1.61.0 #4360

Merged
merged 10 commits into from
Oct 8, 2024
Merged

Conversation

praveenkumar
Copy link
Member

No description provided.

Copy link
Contributor

@cfergeau cfergeau left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This introduces new linting failures.

update-go-version.sh Show resolved Hide resolved
@@ -30,6 +30,7 @@ func getProcessEntry(pid int) (pe *syscall.ProcessEntry32, err error) {
}

for {
//#nosec G115 -- pid is coming from os.Getppid() as int
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the os.Getppid() call is 2 level above getProcessEntry in the call chain. Nothing guarantees that in the future we are not going to reuse this function with a pid value coming from something different.
I'd prefer to change the getProcessEntry(pid int) to getProcessEntry(pid uint32), and to change detect to convert the value returned by os.Getppid() to uint32

@@ -265,8 +265,8 @@ func configureSharedDirs(vm *virtualMachine, sshRunner *crcssh.Runner) error {

func (client *client) Start(ctx context.Context, startConfig types.StartConfig) (*types.StartResult, error) {
telemetry.SetCPUs(ctx, startConfig.CPUs)
telemetry.SetMemory(ctx, uint64(startConfig.Memory)*1024*1024)
telemetry.SetDiskSize(ctx, uint64(startConfig.DiskSize)*1024*1024*1024)
telemetry.SetMemory(ctx, uint64(startConfig.Memory)*1024*1024) //#nosec G115 -- validation make sure memory value is not negative
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

actually I haven't been able to find such >=0 checks in the validation code?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for memory as part of validation we use the base memory as default preset one (in case of OCP it is 10752 and for microshift 4096

// ValidateMemory checks if provided Memory count is valid
func ValidateMemory(value int, preset crcpreset.Preset) error {
	if value < constants.GetDefaultMemory(preset) {
		return fmt.Errorf("requires memory in MiB >= %d", constants.GetDefaultMemory(preset))
	}
	return ValidateEnoughMemory(value)

@@ -74,6 +74,7 @@ func (d *Driver) UpdateConfigRaw(rawConfig []byte) error {
}
}
if newDriver.DiskCapacity != d.DiskCapacity {
//#nosec G115 -- validation make sure disk value is in range
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd prefer if code in pkg/drivers did not make assumptions regarding how it's used, and in particular that we don't rely on code in pkg/crc having to be used before passing data to the drivers.
Moreover, I'm not sure we have the needed range check in validation

@praveenkumar
Copy link
Member Author

@cfergeau Can you take another look to this PR, it have machine update and also golint ci update.

return SettingValue{
Invalid: true,
}
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unrelated to this PR, but wondering if we could use go generics to have a generic 'cast' function instead of switching over the types.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right, that would be a good exercise, we can put a tracker issue for it.

cmd/crc/cmd/start.go Outdated Show resolved Hide resolved
cmd/crc/cmd/start.go Outdated Show resolved Hide resolved
pkg/crc/machine/config/config.go Outdated Show resolved Hide resolved
tools/go.mod Show resolved Hide resolved
pkg/os/shell/shell_windows.go Outdated Show resolved Hide resolved
assert.NoError(t, err)
}

func TestGetNameAndItsPpidOfParent(t *testing.T) {
shell, _, err := getNameAndItsPpid(os.Getppid())
//#nosec G115 -- pid is coming from os.Getppid() as int
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same comment as before for these 3 ignores

@@ -97,20 +97,21 @@ func (d *Driver) getDiskPath() string {
return d.ResolveStorePath(fmt.Sprintf("%s.img", d.MachineName))
}

func (d *Driver) resize(newSize int64) error {
func (d *Driver) resize(newSize uint64) error {
newSizeInt64 := int64(newSize) //#nosec G115 -- os.stat provide the size as int64 and os.Truncate use int64 as arg
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This explains why there's a warning, but this should be explaining why it's ok to ignore it. This needs range checks before doing the cast.

pkg/crc/machine/kubeconfig.go Show resolved Hide resolved
@praveenkumar praveenkumar force-pushed the update_golangci branch 2 times, most recently from 85ef8d0 to bdff643 Compare October 1, 2024 09:26
pkg/crc/api/api_client_test.go Show resolved Hide resolved
if pid < 0 || pid > math.MaxUint32 {
return "", fmt.Errorf("integer overflow for pid: %v", pid)
}
//#nosec G115 -- Above pid is checked for integer overflow and an error is returned
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With the range check above, the #nosec directive is not needed.

pkg/os/shell/shell_windows_test.go Outdated Show resolved Hide resolved
if pid < 0 || pid > math.MaxUint32 {
assert.Fail(t, "integer overflow detected")
}
//#nosec G115 -- Above pid is checked for integer overflow and fail the test
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And same here

if newSize > math.MaxInt64 {
return fmt.Errorf("integer overflow detected for resize: %v", newSize)
}
//#nosec G115 -- os.stat provide the size as int64 and os.Truncate use int64 as arg. Also range is checked (above)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#nosec G115 is not needed since you added the range check. You can keep the rest of the comment if you think it's useful.

Copy link

openshift-ci bot commented Oct 3, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cfergeau

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved label Oct 3, 2024
@praveenkumar
Copy link
Member Author

/hold

make check on windows failing, need to check what's happening.

With this update type of memory and cpu is changed to uint from int
which will allow us to fix some of interter overflow issue with latest
golint ci.
It help us to fix integer overflow issue with latest version of
golint-ci.
Looks like it is just the to pass value if command is shown or not and
`int32` can handle it. Also it will fix the following golanglint error.

```
pkg/os/windows/win32/shell32_windows.go:40:77: G115: integer overflow conversion int -> int32 (gosec)
	return windows.ShellExecute(hwnd, op, toUint16ptr(file), params, dir, int32(showCmd))

```
With that we don't need to do type conversion and avoid following
golint error.

```
pkg/drivers/vfkit/driver_darwin.go:407:40: G115: integer overflow conversion int -> int32 (gosec)
	exists, err := process.PidExists(int32(pid))
	                                      ^
pkg/drivers/vfkit/driver_darwin.go:414:36: G115: integer overflow conversion int -> int32 (gosec)
	p, err := process.NewProcess(int32(pid))
	                                  ^
```
Copy link

openshift-ci bot commented Oct 8, 2024

New changes are detected. LGTM label has been removed.

Copy link

openshift-ci bot commented Oct 8, 2024

@praveenkumar: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/e2e-crc d7f74fd link true /test e2e-crc
ci/prow/integration-crc d7f74fd link true /test integration-crc
ci/prow/e2e-microshift-crc d7f74fd link true /test e2e-microshift-crc

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

praveenkumar and others added 6 commits October 8, 2024 15:17
os.Getppid() return int value but syscall.ProcessEntry32 struct have
`ProcessID` as uint32 so we are doing the type conversion as part of
`os.Getppid()` instead later in stage. It will fix following golint
error.
```
pkg/os/shell/shell_windows.go:33:38: G115: integer overflow conversion int -> uint32 (gosec)
                    if processEntry.ProcessID == uint32(pid) {
```
It will reduce following error for golint ci.
```
pkg/drivers/libhvee/libhvee_windows.go:92:31: G115: integer overflow conversion uint64 -> int64 (gosec)
		if err := d.resizeDisk(int64(update.DiskCapacity)); err != nil {
		                            ^
pkg/drivers/libhvee/libhvee_windows.go:196:27: G115: integer overflow conversion uint64 -> int64 (gosec)
	return d.resizeDisk(int64(d.DiskCapacity))
	                         ^
pkg/drivers/libhvee/libhvee_windows.go:288:26: G115: integer overflow conversion int64 -> uint64 (gosec)
	newSize := strongunits.B(newSizeBytes)
```
It will fix following golint ci error
```
pkg/drivers/vfkit/driver_darwin.go:135:23: G115: integer overflow conversion uint64 -> int64 (gosec)
	return d.resize(int64(d.DiskCapacity))
	                     ^
pkg/drivers/vfkit/driver_darwin.go:176:7: G115: integer overflow conversion int -> uint (gosec)
		uint(d.CPU),
		    ^
pkg/drivers/vfkit/driver_darwin.go:177:9: G115: integer overflow conversion int -> uint64 (gosec)
		uint64(d.Memory),
		      ^
```
This will fix follow golint ci warning
```
pkg/crc/machine/kubeconfig.go:189:29: G115: integer overflow conversion uint -> int (gosec)
					port = strconv.Itoa(int(ingressHTTPSPort))
```
Latest release of golangci-lint uses `go 1.22.1` as part of go mod file
so when our tooling try to consume this version then following is added
for `tools/go.mod` because in our mod file we mention minimum required
go version is `1.22.0` and as per go toolchain guideline it should run
in in newer toolchain

```
go 1.22.0
toolchain go1.22.5
```

snip from: https://go.dev/doc/toolchain
```
When the go or toolchain line is newer than the bundled toolchain,
the go command runs the newer toolchain instead. For example, when
using the go command bundled with Go 1.21.3 in a main module that
says go 1.21.9, the go command finds and runs Go 1.21.9 instead. It
first looks in the PATH for a program named go1.21.9 and otherwise
downloads and caches a copy of the Go 1.21.9 toolchain.
```

- https://github.com/golangci/golangci-lint/blob/v1.61.0/go.mod#L3
Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) from 1.59.1 to 1.61.0.
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md)
- [Commits](golangci/golangci-lint@v1.59.1...v1.61.0)

---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@praveenkumar praveenkumar merged commit f5cec01 into crc-org:main Oct 8, 2024
21 of 32 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

3 participants