Merge branch '416-bump-go-1-13' into 'master'

Drop Go 1.12 and bump minimum Go 1.13 Closes #416 See merge request gitlab-org/gitlab-pages!301
author: Grzegorz Bizon <grzegorz@gitlab.com> 2020-07-03 09:36:41 +0300
committer: Grzegorz Bizon <grzegorz@gitlab.com> 2020-07-03 09:36:41 +0300
commit: 6809da705f3a93de6c221909991ce6d1eaf6d4dc (patch)
tree: 194d6df78163d1854c0ceb83e8b8b4a00c328e5a
parent: 8106cafb5aa5191601af99813ab7fda3bd0f1ba8 (diff)
parent: c4e8acc6d6e331a51216b4590f7a7ca6ec795a61 (diff)
6 files changed, 7 insertions, 72 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 99875ecc..0e121cb2 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -20,7 +20,7 @@ workflow:
     - if: '$CI_COMMIT_BRANCH =~ /^security\//'
 
 default:
-  image: golang:1.12
+  image: golang:1.13
   tags:
     - gitlab-org
 
@@ -122,10 +122,6 @@ code_quality:
     paths:
       - ${REPORT_FILE}
 
-test:1.12:
-  extends: .tests
-  image: golang:1.12
-
 test:1.13:
   extends: .tests
   image: golang:1.13
diff --git a/README.md b/README.md
index 0c3b0f5c..e4e42c6c 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@
 [![coverage report](https://gitlab.com/gitlab-org/gitlab-pages/badges/master/coverage.svg)](https://gitlab.com/gitlab-org/gitlab-pages/commits/master)
 
 This is a simple HTTP server written in Go, made to serve GitLab Pages with
-CNAMEs and SNI using HTTP/HTTP2. The minimum supported Go version is v1.12.
+CNAMEs and SNI using HTTP/HTTP2. The minimum supported Go version is v1.13.
 
 This is made to work in small to medium-scale environments. Start-up time scales
 with the number of projects being served, so the daemon is currently unsuitable
diff --git a/go.mod b/go.mod
index 1200d689..049b9c57 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module gitlab.com/gitlab-org/gitlab-pages
 
-go 1.12
+go 1.13
 
 require (
 	github.com/dgrijalva/jwt-go v3.2.0+incompatible
diff --git a/internal/tlsconfig/tlsconfig.go b/internal/tlsconfig/tlsconfig.go
index 1c9db71e..5d26ed52 100644
--- a/internal/tlsconfig/tlsconfig.go
+++ b/internal/tlsconfig/tlsconfig.go
@@ -3,7 +3,6 @@ package tlsconfig
 import (
 	"crypto/tls"
 	"fmt"
-	"os"
 	"sort"
 	"strings"
 )
@@ -19,6 +18,9 @@ var (
 		tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
 		tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
 		tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+		tls.TLS_AES_128_GCM_SHA256,
+		tls.TLS_AES_256_GCM_SHA384,
+		tls.TLS_CHACHA20_POLY1305_SHA256,
 	}
 
 	// AllTLSVersions has all supported flag values
@@ -28,6 +30,7 @@ var (
 		"tls1.0": tls.VersionTLS10,
 		"tls1.1": tls.VersionTLS11,
 		"tls1.2": tls.VersionTLS12,
+		"tls1.3": tls.VersionTLS13,
 	}
 )
 
@@ -79,12 +82,6 @@ func ValidateTLSVersions(min, max string) error {
 		return fmt.Errorf("Invalid maximum TLS version: %s; Should be at least %s", max, min)
 	}
 
-	// At this point values are validated so if we have tls1.3
-	// accepted we are on Go 1.12+ so let's enable it too.
-	if min == "tls1.3" || max == "tls1.3" {
-		os.Setenv("GODEBUG", os.Getenv("GODEBUG")+",tls13=1")
-	}
-
 	return nil
 }
 
diff --git a/internal/tlsconfig/tlsconfig_go1_12.go b/internal/tlsconfig/tlsconfig_go1_12.go
deleted file mode 100644
index f92bdf09..00000000
--- a/internal/tlsconfig/tlsconfig_go1_12.go
+++ /dev/null
@@ -1,17 +0,0 @@
-// +build go1.12
-
-package tlsconfig
-
-import (
-	"crypto/tls"
-)
-
-func init() {
-	AllTLSVersions["tls1.3"] = tls.VersionTLS13
-
-	preferredCipherSuites = append(preferredCipherSuites,
-		tls.TLS_AES_128_GCM_SHA256,
-		tls.TLS_AES_256_GCM_SHA384,
-		tls.TLS_CHACHA20_POLY1305_SHA256,
-	)
-}
diff --git a/internal/tlsconfig/tlsconfig_go1_12_test.go b/internal/tlsconfig/tlsconfig_go1_12_test.go
deleted file mode 100644
index 09d18284..00000000
--- a/internal/tlsconfig/tlsconfig_go1_12_test.go
+++ /dev/null
@@ -1,41 +0,0 @@
-// +build go1.12
-
-package tlsconfig
-
-import (
-	"os"
-	"testing"
-
-	"github.com/stretchr/testify/require"
-)
-
-func TestEnableTLS13(t *testing.T) {
-	tests := map[string]struct {
-		tlsMin      string
-		tlsMax      string
-		enableTLS13 bool
-	}{
-		"ask for minimum TLS 1.3": {tlsMin: "tls1.3", tlsMax: "", enableTLS13: true},
-		"ask for maximim TLS 1.3": {tlsMin: "", tlsMax: "tls1.3", enableTLS13: true},
-		"do not ask for TLS 1.3":  {tlsMin: "tls1.2", tlsMax: "tls1.2", enableTLS13: false},
-	}
-
-	// Store original GODEBUG value
-	godebug := os.Getenv("GODEBUG")
-
-	for name, tc := range tests {
-		t.Run(name, func(t *testing.T) {
-			err := ValidateTLSVersions(tc.tlsMin, tc.tlsMax)
-			require.NoError(t, err)
-
-			if tc.enableTLS13 {
-				require.Regexp(t, "tls13=1", os.Getenv("GODEBUG"))
-			} else {
-				require.NotRegexp(t, "tls13=1", godebug)
-			}
-		})
-
-		// Restore original GODEBUG value
-		os.Setenv("GODEBUG", godebug)
-	}
-}
author	Grzegorz Bizon <grzegorz@gitlab.com>	2020-07-03 09:36:41 +0300
committer	Grzegorz Bizon <grzegorz@gitlab.com>	2020-07-03 09:36:41 +0300
commit	6809da705f3a93de6c221909991ce6d1eaf6d4dc (patch)
tree	194d6df78163d1854c0ceb83e8b8b4a00c328e5a
parent	8106cafb5aa5191601af99813ab7fda3bd0f1ba8 (diff)
parent	c4e8acc6d6e331a51216b4590f7a7ca6ec795a61 (diff)