diff options
| -rw-r--r-- | .golangci.yaml | 39 | ||||
| -rw-r--r-- | Makefile | 26 |
2 files changed, 46 insertions, 19 deletions
diff --git a/.golangci.yaml b/.golangci.yaml index 232fb42..ce734c8 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -4,7 +4,7 @@ ################################################################################ run: - deadline: 3m # 1m by default + timeout: 3m # 1m by default modules-download-mode: readonly output: @@ -20,6 +20,7 @@ issues: - path: _test\.go linters: - bodyclose + - dupl # '0' disables the following options. max-issues-per-linter: 0 max-same-issues: 0 @@ -34,13 +35,25 @@ linters-settings: # Report about not checking of errors in type assertions. check-type-assertions: true forbidigo: + analyze-types: true # required for pkg: forbid: # ioutil package has been deprecated: https://github.com/golang/go/issues/42026 - ^ioutil\..*$ # Using http.DefaultServeMux is discouraged because it's a global variable that some packages silently and magically add handlers to (esp. net/http/pprof). # Applications wishing to use http.ServeMux should obtain local instances through http.NewServeMux() instead of using the global default instance. - - ^http.DefaultServeMux$ - - ^http.Handle(?:Func)?$ + - ^http\.DefaultServeMux$ + - ^http\.Handle(?:Func)?$ + # Forbid usage of old and archived square/go-jose + - pkg: ^gopkg\.in/square/go-jose\.v2$ + msg: "gopk.in/square/go-jose is arcived and has CVEs. Replace it with gopkg.in/go-jose/go-jose.v2" + - pkg: ^github.com/coreos/go-oidc$ + msg: "github.com/coreos/go-oidc depends on gopkg.in/square/go-jose which has CVEs. Replace it with github.com/coreos/go-oidc/v3" + + - pkg: ^github.com/howeyc/gopass$ + msg: "github.com/howeyc/gopass is archived, use golang.org/x/term instead" + goconst: + ignore-tests: true + min-occurrences: 5 gocritic: enabled-checks: - boolExprSimplify @@ -76,8 +89,9 @@ linters-settings: # created file permissions are restricted by umask if necessary - G306 govet: - # Report about shadowed variables. - check-shadowing: true + enable-all: true + disable: + - fieldalignment nolintlint: require-specific: true stylecheck: @@ -90,11 +104,10 @@ linters-settings: default-rpc-path: true http-method: true http-status-code: true - os-dev-null: true - rpc-default-path: true - time-weekday: true - time-month: true + sql-isolation-level: true time-layout: true + time-month: true + time-weekday: true tls-signature-scheme: true whitespace: # Enforce newlines (or comments) after multi-line function signatures. @@ -107,15 +120,17 @@ linters: enable: - bodyclose - containedctx + - copyloopvar - dupl - dupword - durationcheck - errcheck + - errname - errorlint - - exportloopref - forbidigo - ginkgolinter - gocheckcompilerdirectives + - goconst - gocritic - gofmt - goimports @@ -123,10 +138,14 @@ linters: - gosimple - govet - ineffassign + - intrange - misspell + - nilerr - noctx - nolintlint - nosprintfhostport + - perfsprint + - predeclared - rowserrcheck - sqlclosecheck - staticcheck @@ -21,12 +21,18 @@ generate: generated.go @echo ./util/render_template.go < $< > $@ @./util/render_template.go < $< > $@.new && mv $@.new $@ || (rm $@.new; false) +prepare-static-check: FORCE + @if ! hash golangci-lint 2>/dev/null; then printf "\e[1;36m>> Installing golangci-lint (this may take a while)...\e[0m\n"; go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest; fi + GO_BUILDFLAGS = GO_LDFLAGS = GO_TESTENV = -# which packages to test with "go test" +# which packages to test with test runner GO_TESTPKGS := $(shell go list -f '{{if or .TestGoFiles .XTestGoFiles}}{{.ImportPath}}{{end}}' ./...) +ifeq ($(GO_TESTPKGS),) +GO_TESTPKGS := ./... +endif # which packages to measure coverage for GO_COVERPKGS := $(shell go list ./... | grep -Ev '/util') # to get around weird Makefile syntax restrictions, we need variables containing nothing, a space and comma @@ -37,21 +43,20 @@ comma := , check: FORCE static-check build/cover.html @printf "\e[1;32m>> All checks successful.\e[0m\n" -prepare-static-check: FORCE - @if ! hash golangci-lint 2>/dev/null; then printf "\e[1;36m>> Installing golangci-lint (this may take a while)...\e[0m\n"; go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest; fi - -static-check: FORCE prepare-static-check +run-golangci-lint: FORCE prepare-static-check @printf "\e[1;36m>> golangci-lint\e[0m\n" @golangci-lint run build/cover.out: FORCE | build - @printf "\e[1;36m>> go test\e[0m\n" - @env $(GO_TESTENV) go test $(GO_BUILDFLAGS) -ldflags '-s -w $(GO_LDFLAGS)' -shuffle=on -p 1 -coverprofile=$@ -covermode=count -coverpkg=$(subst $(space),$(comma),$(GO_COVERPKGS)) $(GO_TESTPKGS) + @printf "\e[1;36m>> Running tests\e[0m\n" + @env $(GO_TESTENV) go test -shuffle=on -p 1 -coverprofile=$@ $(GO_BUILDFLAGS) -ldflags '-s -w $(GO_LDFLAGS)' -covermode=count -coverpkg=$(subst $(space),$(comma),$(GO_COVERPKGS)) $(GO_TESTPKGS) build/cover.html: build/cover.out @printf "\e[1;36m>> go tool cover > build/cover.html\e[0m\n" @go tool cover -html $< -o $@ +static-check: FORCE run-golangci-lint + build: @mkdir $@ @@ -77,12 +82,15 @@ help: FORCE @printf " \e[36mvars\e[0m Display values of relevant Makefile variables.\n" @printf " \e[36mhelp\e[0m Display this help.\n" @printf "\n" + @printf "\e[1mPrepare\e[0m\n" + @printf " \e[36mprepare-static-check\e[0m Install any tools required by static-check. This is used in CI before dropping privileges, you should probably install all the tools using your package manager\n" + @printf "\n" @printf "\e[1mTest\e[0m\n" @printf " \e[36mcheck\e[0m Run the test suite (unit tests and golangci-lint).\n" - @printf " \e[36mprepare-static-check\e[0m Install golangci-lint. This is used in CI, you should probably install golangci-lint using your package manager.\n" - @printf " \e[36mstatic-check\e[0m Run golangci-lint.\n" + @printf " \e[36mrun-golangci-lint\e[0m Install and run golangci-lint. Installing is used in CI, but you should probably install golangci-lint using your package manager.\n" @printf " \e[36mbuild/cover.out\e[0m Run tests and generate coverage report.\n" @printf " \e[36mbuild/cover.html\e[0m Generate an HTML file with source code annotations from the coverage report.\n" + @printf " \e[36mstatic-check\e[0m Run static code checks\n" @printf "\n" @printf "\e[1mDevelopment\e[0m\n" @printf " \e[36mtidy-deps\e[0m Run go mod tidy and go mod verify.\n" |