kubernetes · thockin · Jun 9, 2024 · Jun 9, 2024 · Jun 9, 2024 · Jun 9, 2024
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -19,7 +19,7 @@ jobs:
       - name: Set up go
         uses: actions/setup-go@v5
         with:
-          go-version: '1.20.6'
+          go-version: '1.22.4'
 
       - uses: actions/checkout@v4
         with:
@@ -36,7 +36,7 @@ jobs:
       - name: Set up go
         uses: actions/setup-go@v5
         with:
-          go-version: '1.20.6'
+          go-version: '1.22.4'
 
       - uses: actions/checkout@v4
         with:
@@ -53,7 +53,7 @@ jobs:
       - name: Set up go
         uses: actions/setup-go@v5
         with:
-          go-version: '1.20.6'
+          go-version: '1.22.4'
 
       - uses: actions/checkout@v4
         with:
@@ -67,7 +67,7 @@ jobs:
         uses: golangci/golangci-lint-action@v6
         with:
           working-directory: git-sync
-          version: v1.53.3
+          version: v1.59.0
 
       - name: make lint
         working-directory: git-sync

diff --git a/Makefile b/Makefile
@@ -281,6 +281,6 @@ lint-staticcheck:
 	go run honnef.co/go/tools/cmd/staticcheck@2023.1.3
 
 lint-golangci-lint:
-	go run github.com/golangci/golangci-lint/cmd/golangci-lint@v1.53.3 run
+	go run github.com/golangci/golangci-lint/cmd/golangci-lint@v1.59.0 run
 
 lint: lint-staticcheck lint-golangci-lint
diff --git a/_test_tools/httpd/Dockerfile b/_test_tools/httpd/Dockerfile
@@ -42,6 +42,8 @@ RUN htpasswd -b -c /etc/htpasswd testuser testpass
 
 # Callers should mount a directory with git repos here.
 VOLUME /git
+# sshd runs as root, and the repo directory might be owned by anyone.
+RUN git config --system safe.directory '*'
 
 COPY nginx.conf /etc/nginx/
 COPY run.sh /

diff --git a/_test_tools/sshd/Dockerfile b/_test_tools/sshd/Dockerfile
@@ -49,6 +49,8 @@ VOLUME /dot_ssh
 
 # Callers should mount a directory with git repos here.
 VOLUME /git
+# sshd runs as root, and the repo directory might be owned by anyone.
+RUN git config --system safe.directory '*'
 
 # Callers can SSH as user "test"
 RUN echo "test:x:65533:65533::/home/test:/usr/bin/git-shell" >> /etc/passwd

diff --git a/main.go b/main.go
@@ -142,7 +142,7 @@ func main() {
 	flVersion := pflag.Bool("version", false, "print the version and exit")
 	flHelp := pflag.BoolP("help", "h", false, "print help text and exit")
 	pflag.BoolVarP(flHelp, "__?", "?", false, "print help text and exit") // support -? as an alias to -h
-	pflag.CommandLine.MarkHidden("__?")
+	mustMarkHidden("__?")
 	flManual := pflag.Bool("man", false, "print the full manual and exit")
 
 	flVerbose := pflag.IntP("verbose", "v",
@@ -923,6 +923,16 @@ func mustMarkDeprecated(name string, usageMessage string) {
 	}
 }
 
+// mustMarkHidden is a helper around pflag.CommandLine.MarkHidden.
+// It panics if there is an error (as these indicate a coding issue).
+// This makes it easier to keep the linters happy.
+func mustMarkHidden(name string) {
+	err := pflag.CommandLine.MarkHidden(name)
+	if err != nil {
+		panic(fmt.Sprintf("error marking flag %q as hidden: %v", name, err))
+	}
+}
+
 // makeAbsPath makes an absolute path from a path which might be absolute
 // or relative.  If the path is already absolute, it will be used.  If it is
 // not absolute, it will be joined with the provided root. If the path is