Add .golangci.yml linter configuration

As part of https://gitlab.com/gitlab-org/gitlab-pages/-/issues/385 we have introduced the use of a custom `.golangci.yml` file with some custom rules for linting. This replaces the need of downloading and using `golint`, `gofmt` `go vet` and `gocyclo` manually. We take advantage of the custom `golangci-lint` docker image as stated in the [Automatic lintinb] (https://docs.gitlab.com/ee/development/go_guide/#automatic-linting) section of the Go standards and style guidelines. This iteration enables a subset of linters, with the remaining of them enabled on a separate MR as described in the issue above. The main changes introduced by this linter include: - gosec: potential hardcoded credentials - goconst: DRY by declaring and using constants - gosimple: reduce statements complexity and improve return statements
author: Jaime Martinez <jmartinez@gitlab.com> 2020-05-21 03:52:19 +0300
committer: Jaime Martinez <jmartinez@gitlab.com> 2020-05-28 04:10:14 +0300
commit: f6dfa5d0043aeaa616c16f8babb64c0d0e8f72dd (patch)
tree: f8cbab7f2c4a30c07f827a50d7877c388e18616f
parent: 559311801a1e9114f8dee71faa388dcefab3dcbe (diff)
17 files changed, 173 insertions, 68 deletions
diff --git a/.gitignore b/.gitignore
index 7c50688b..ef404e9f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,6 +3,8 @@ shared/pages/.update
 /gitlab-pages
 /vendor
 /gitlab-pages-config
+/gl-code-quality-report.json
+/coverage.html
 
 # Used by the makefile
 /.GOPATH
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index d640f08b..01732f45 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -86,19 +86,33 @@ download deps:
       - go.mod
       - go.sum
 
-verify:
-  extends: .go-mod-cache
+cover:
   stage: test
+  extends: .go-mod-cache
   needs: ['download deps']
   script:
-    - make setup
-    - make generate-mocks
-    - make verify
-    - make cover
+      - make setup
+      - make generate-mocks
+      - make cover
   artifacts:
     paths:
       - coverage.html
 
+lint:
+  extends: .go-mod-cache
+  needs: ['download deps']
+  stage: test
+  image: registry.gitlab.com/gitlab-org/gitlab-build-images:golangci-lint-alpine
+  script:
+    # Write the code coverage report to gl-code-quality-report.json
+    # and print linting issues to stdout in the format: path/to/file:line description
+    - golangci-lint run --out-format code-climate | tee gl-code-quality-report.json | jq -r '.[] | "\(.location.path):\(.location.lines.begin) \(.description)"'
+  artifacts:
+     reports:
+      codequality: gl-code-quality-report.json
+     paths:
+       - gl-code-quality-report.json
+
 test:1.12:
   extends: .tests
   image: golang:1.12
diff --git a/.golangci.yml b/.golangci.yml
new file mode 100644
index 00000000..9545dd52
--- /dev/null
+++ b/.golangci.yml
@@ -0,0 +1,60 @@
+run:
+  concurrency: 8
+  deadline: 1m
+  issues-exit-code: 1
+  modules-download-mode: vendor
+  tests: true
+  skip-dirs:
+    - vendor
+    - internal/httputil # from github.com/golang/gddo
+  skip-files:
+    - mock_*.go
+
+output:
+  format: colored-line-number
+  print-issued-lines: true
+  print-linter-name: true
+
+linters-settings:
+  gocyclo:
+    min-complexity: 10
+  govet:
+    check-shadowing: false
+  goconst:
+    min-len: 3
+    min-occurrences: 3
+
+linters:
+  disable-all: true
+  enable:
+# TODO: enable these linters on a separate MR  https://gitlab.com/gitlab-org/gitlab-pages/-/issues/385#linters
+#    - bodyclose
+#    - deadcode
+#    - dogsled
+    - goconst
+    - gocyclo
+    - goimports
+    - golint
+    - gosimple
+    - govet
+    - gosec
+#    - ineffassign
+#    - misspell
+#    - structcheck
+#    - typecheck
+#    - unconvert
+#    - unused
+#    - varcheck
+#    - whitespace
+  fast: false
+
+issues:
+#  # Excluding configuration per-path, per-linter, per-text and per-source
+  exclude-rules:
+    - path: ".*_test.go"
+      linters:
+        - bodyclose
+        - gosec
+    - path: "internal/fixture/fixtures.go"
+      linters:
+        - gosec
diff --git a/Makefile.build.mk b/Makefile.build.mk
index 24c2ec39..9a40f68b 100644
--- a/Makefile.build.mk
+++ b/Makefile.build.mk
@@ -3,10 +3,7 @@
 all: gitlab-pages
 
 setup: clean .GOPATH/.ok
-	go get golang.org/x/tools/cmd/goimports@v0.0.0-20191010201905-e5ffc44a6fee
-	go get golang.org/x/lint/golint@v0.0.0-20190930215403-16217165b5de
 	go get github.com/wadey/gocovmerge@v0.0.0-20160331181800-b5bfa59ec0ad
-	go get github.com/fzipp/gocyclo@v0.0.0-20150627053110-6acd4345c835
 	go get github.com/golang/mock/mockgen@v1.3.1
 
 generate-mocks: .GOPATH/.ok
diff --git a/Makefile.util.mk b/Makefile.util.mk
index 412b7655..dfc2c8fd 100644
--- a/Makefile.util.mk
+++ b/Makefile.util.mk
@@ -1,18 +1,11 @@
-.PHONY: verify fmt vet lint complexity test cover list
+GOLANGCI_LINT_IMAGE := registry.gitlab.com/gitlab-org/gitlab-build-images:golangci-lint-alpine
 
-verify: list fmt vet lint complexity
+.PHONY: lint test race acceptance bench cover list deps-check deps-download
 
-fmt: bin/goimports .GOPATH/.ok
-	$Q @_support/validate-formatting.sh $(allfiles)
-
-vet: .GOPATH/.ok
-	$Q go vet $(allpackages)
-
-lint: bin/golint
-	$Q ./bin/golint $(allpackages) | tee | ( ! grep -v "^$$" )
-
-complexity: .GOPATH/.ok bin/gocyclo
-	$Q ./bin/gocyclo -over 9 $(allfiles)
+lint: deps-download
+	docker run -v $(PWD):/app -w /app $(GOLANGCI_LINT_IMAGE) \
+	sh -c "golangci-lint run --out-format code-climate | tee gl-code-quality-report.json | jq -r '.[] | \"\(.location.path):\(.location.lines.begin) \(.description)\"'"
+#		sh -c "golangci-lint run  $(if $V,-v)"
 
 test: .GOPATH/.ok gitlab-pages
 	go test $(if $V,-v) $(allpackages)
diff --git a/app.go b/app.go
index fa8dc04f..8cfeef00 100644
--- a/app.go
+++ b/app.go
@@ -83,7 +83,7 @@ func (a *theApp) healthCheck(w http.ResponseWriter, r *http.Request, https bool)
 
 func (a *theApp) redirectToHTTPS(w http.ResponseWriter, r *http.Request, statusCode int) {
 	u := *r.URL
-	u.Scheme = "https"
+	u.Scheme = request.SchemeHTTPS
 	u.Host = r.Host
 	u.User = nil
 
@@ -400,7 +400,7 @@ func (a *theApp) listenHTTPFD(wg *sync.WaitGroup, fd uintptr, httpHandler http.H
 		defer wg.Done()
 		err := listenAndServe(fd, httpHandler, a.HTTP2, nil, limiter)
 		if err != nil {
-			capturingFatal(err, errortracking.WithField("listener", "http"))
+			capturingFatal(err, errortracking.WithField("listener", request.SchemeHTTP))
 		}
 	}()
 }
@@ -411,7 +411,7 @@ func (a *theApp) listenHTTPSFD(wg *sync.WaitGroup, fd uintptr, httpHandler http.
 		defer wg.Done()
 		err := listenAndServeTLS(fd, a.RootCertificate, a.RootKey, httpHandler, a.ServeTLS, a.InsecureCiphers, a.TLSMinVersion, a.TLSMaxVersion, a.HTTP2, limiter)
 		if err != nil {
-			capturingFatal(err, errortracking.WithField("listener", "https"))
+			capturingFatal(err, errortracking.WithField("listener", request.SchemeHTTPS))
 		}
 	}()
 }
diff --git a/go.mod b/go.mod
index d33140f7..876c7c34 100644
--- a/go.mod
+++ b/go.mod
@@ -3,29 +3,60 @@ module gitlab.com/gitlab-org/gitlab-pages
 go 1.12
 
 require (
+	github.com/certifi/gocertifi v0.0.0-20180905225744-ee1a9a0726d2 // indirect
+	github.com/client9/reopen v1.0.0 // indirect
+	github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd // indirect
 	github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/fzipp/gocyclo v0.0.0-20150627053110-6acd4345c835
+	github.com/getsentry/raven-go v0.1.0 // indirect
+	github.com/getsentry/sentry-go v0.5.1 // indirect
+	github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1 // indirect
+	github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72 // indirect
+	github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7 // indirect
 	github.com/golang/mock v1.3.1
+	github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc // indirect
 	github.com/gorilla/context v1.1.1
 	github.com/gorilla/handlers v1.4.2
 	github.com/gorilla/securecookie v1.1.1
 	github.com/gorilla/sessions v1.2.0
+	github.com/grpc-ecosystem/go-grpc-middleware v1.0.0 // indirect
+	github.com/jstemmer/go-junit-report v0.9.1 // indirect
 	github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0
 	github.com/karrick/godirwalk v1.10.12
+	github.com/konsorten/go-windows-terminal-sequences v1.0.2 // indirect
+	github.com/lightstep/lightstep-tracer-go v0.15.6 // indirect
 	github.com/namsral/flag v1.7.4-pre
+	github.com/opentracing/opentracing-go v1.0.2 // indirect
 	github.com/patrickmn/go-cache v2.1.0+incompatible
+	github.com/philhofer/fwd v1.0.0 // indirect
 	github.com/prometheus/client_golang v1.1.0
+	github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4 // indirect
 	github.com/rs/cors v1.7.0
+	github.com/sebest/xff v0.0.0-20160910043805-6c115e0ffa35 // indirect
 	github.com/sirupsen/logrus v1.4.2
 	github.com/stretchr/testify v1.4.0
+	github.com/tinylib/msgp v1.0.2 // indirect
 	github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce
+	github.com/uber-go/atomic v1.3.2 // indirect
+	github.com/uber/jaeger-client-go v2.15.0+incompatible // indirect
+	github.com/uber/jaeger-lib v1.5.0 // indirect
 	github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad
-	gitlab.com/gitlab-org/labkit v0.0.0-20200414155917-f06e28fff6fa
+	gitlab.com/gitlab-org/labkit v0.0.0-20200520155818-96e583c57891
 	gitlab.com/lupine/go-mimedb v0.0.0-20180307000149-e8af1d659877
+	go.opencensus.io v0.22.2 // indirect
+	go.uber.org/atomic v1.3.2 // indirect
 	golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550
 	golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f
+	golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee // indirect
 	golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa
+	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d // indirect
+	golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e // indirect
 	golang.org/x/sys v0.0.0-20200113162924-86b910548bc1
 	golang.org/x/tools v0.0.0-20200117161641-43d50277825c
+	google.golang.org/api v0.15.0 // indirect
+	google.golang.org/appengine v1.6.5 // indirect
+	google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba // indirect
+	google.golang.org/grpc v1.24.0 // indirect
+	gopkg.in/DataDog/dd-trace-go.v1 v1.7.0 // indirect
 	gopkg.in/yaml.v2 v2.2.8
 )
diff --git a/go.sum b/go.sum
index 6031c75f..6e4ce1fd 100644
--- a/go.sum
+++ b/go.sum
@@ -6,6 +6,9 @@ cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6A
 cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
 cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc=
 cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0=
+cloud.google.com/go v0.47.0/go.mod h1:5p3Ky/7f3N10VBkhuR5LFtddroTiMyjZV/Kj5qOQFxU=
+cloud.google.com/go v0.48.0/go.mod h1:gGOnoa/XMQYHAscREBlbdHduGchEaP9N0//OXdrPI/M=
+cloud.google.com/go v0.49.0/go.mod h1:hGvAdzcWNbyuxS3nWhD7H2cIJxjRRTRLQVB0bdputVY=
 cloud.google.com/go v0.50.0 h1:0E3eE8MX426vUOs7aHfI7aN1BrIzzzf4ccKCSfSjGmc=
 cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To=
 cloud.google.com/go/bigquery v1.0.1 h1:hL+ycaJpVE9M7nLoiXb/Pn10ENE2u+oddxbD8uu0ZVU=
@@ -75,6 +78,7 @@ github.com/gin-gonic/gin v1.4.0/go.mod h1:OW2EZn3DO8Ln9oIKOvM++LBO+5UPHJJDH72/q/
 github.com/go-check/check v0.0.0-20180628173108-788fd7840127/go.mod h1:9ES+weclKsC9YodN5RgxqK/VD9HM9JsCSh7rNhMZE98=
 github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w=
 github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
+github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
 github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
 github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
@@ -294,6 +298,8 @@ github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82/go.mod h1:lgjkn3NuSvDf
 github.com/yudai/pp v2.0.1+incompatible/go.mod h1:PuxR/8QJ7cyCkFp/aUDS+JY727OFEZkTdatxwunjIkc=
 gitlab.com/gitlab-org/labkit v0.0.0-20200414155917-f06e28fff6fa h1:KCrfuAvyh2XTBMUpPPXd9CtgAIhtqtuzrT72oCm4K34=
 gitlab.com/gitlab-org/labkit v0.0.0-20200414155917-f06e28fff6fa/go.mod h1:SNfxkfUwVNECgtmluVayv0GWFgEjjBs5AzgsowPQuo0=
+gitlab.com/gitlab-org/labkit v0.0.0-20200520155818-96e583c57891 h1:WiCGS5C0B0h+/dh5O7kUJoEZt34O/tbsis9QghNB3gE=
+gitlab.com/gitlab-org/labkit v0.0.0-20200520155818-96e583c57891/go.mod h1:SNfxkfUwVNECgtmluVayv0GWFgEjjBs5AzgsowPQuo0=
 gitlab.com/lupine/go-mimedb v0.0.0-20180307000149-e8af1d659877 h1:k5N2m0IPaMuwWmFTO9fyTK4IEnSm35GC/p1S7VRgUyM=
 gitlab.com/lupine/go-mimedb v0.0.0-20180307000149-e8af1d659877/go.mod h1:Es0wDVbtgNqhpEXMb+yct6JKnGMrNsUSh9oio0bqqdU=
 go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
@@ -313,6 +319,8 @@ golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
 golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek=
+golang.org/x/exp v0.0.0-20191002040644-a1355ae1e2c3/go.mod h1:NOZ3BPKG0ec/BKJQgnvsSFpcKLM5xXVWnvZS97DWHgE=
+golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
 golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
 golang.org/x/exp v0.0.0-20191227195350-da58074b4299 h1:zQpM52jfKHG6II1ISZY1ZcpygvuSFZpLwfluuF89XOg=
 golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
@@ -324,6 +332,8 @@ golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTk
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20190930215403-16217165b5de h1:5hukYrvBGR8/eNkX5mdUezrA6JiaEZDtJb9Ei+1LlBs=
+golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f h1:J5lckAjkw6qYlOZNj90mLYNTEKDvWeuc1yieZ8qUzUE=
 golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
 golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
@@ -411,6 +421,10 @@ golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgw
 golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
 golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191010171213-8abd42400456/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191010201905-e5ffc44a6fee h1:Cgj5oVkw7Gktu56MAiU0r1u0jyuT6jmtOzcAJwLj89c=
+golang.org/x/tools v0.0.0-20191010201905-e5ffc44a6fee/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
@@ -443,6 +457,7 @@ google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRn
 google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
 google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
 google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
+google.golang.org/genproto v0.0.0-20191009194640-548a555dbc03/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
 google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
 google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba h1:pRj9OXZbwNtbtZtOB4dLwfK4u+EVRMvP+e9zKkg2grM=
 google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
diff --git a/helpers_test.go b/helpers_test.go
index 195c3cea..60fba9f5 100644
--- a/helpers_test.go
+++ b/helpers_test.go
@@ -20,6 +20,7 @@ import (
 	"github.com/stretchr/testify/require"
 
 	"gitlab.com/gitlab-org/gitlab-pages/internal/fixture"
+	"gitlab.com/gitlab-org/gitlab-pages/internal/request"
 )
 
 type tWriter struct {
@@ -116,9 +117,9 @@ type ListenSpec struct {
 }
 
 func (l ListenSpec) URL(suffix string) string {
-	scheme := "http"
-	if l.Type == "https" {
-		scheme = "https"
+	scheme := request.SchemeHTTP
+	if l.Type == request.SchemeHTTPS {
+		scheme = request.SchemeHTTPS
 	}
 
 	suffix = strings.TrimPrefix(suffix, "/")
@@ -262,7 +263,7 @@ func getPagesArgs(t *testing.T, listeners []ListenSpec, promPort string, extraAr
 	for _, spec := range listeners {
 		args = append(args, "-listen-"+spec.Type, spec.JoinHostPort())
 
-		if spec.Type == "https" {
+		if spec.Type == request.SchemeHTTPS {
 			hasHTTPS = true
 		}
 	}
@@ -362,9 +363,9 @@ func GetRedirectPage(t *testing.T, spec ListenSpec, host, urlsuffix string) (*ht
 }
 
 func GetProxyRedirectPageWithCookie(t *testing.T, spec ListenSpec, host string, urlsuffix string, cookie string, https bool) (*http.Response, error) {
-	schema := "http"
+	schema := request.SchemeHTTP
 	if https {
-		schema = "https"
+		schema = request.SchemeHTTPS
 	}
 	header := http.Header{
 		"X-Forwarded-Proto": []string{schema},
diff --git a/internal/artifact/artifact.go b/internal/artifact/artifact.go
index ef173d9e..d11a7ebd 100644
--- a/internal/artifact/artifact.go
+++ b/internal/artifact/artifact.go
@@ -121,7 +121,6 @@ func (a *Artifact) makeRequest(w http.ResponseWriter, r *http.Request, reqURL *u
 	w.Header().Set("Content-Length", strconv.FormatInt(resp.ContentLength, 10))
 	w.WriteHeader(resp.StatusCode)
 	io.Copy(w, resp.Body)
-	return
 }
 
 func addCacheHeader(w http.ResponseWriter, resp *http.Response) {
diff --git a/internal/artifact/artifact_test.go b/internal/artifact/artifact_test.go
index 6425f791..a55eda7b 100644
--- a/internal/artifact/artifact_test.go
+++ b/internal/artifact/artifact_test.go
@@ -83,7 +83,7 @@ func TestTryMakeRequest(t *testing.T) {
 			require.Equal(t, c.ContentType, result.Header().Get("Content-Type"))
 			require.Equal(t, c.Length, result.Header().Get("Content-Length"))
 			require.Equal(t, c.CacheControl, result.Header().Get("Cache-Control"))
-			require.Equal(t, c.Content, string(result.Body.Bytes()))
+			require.Equal(t, c.Content, result.Body.String())
 
 		})
 	}
diff --git a/internal/auth/auth.go b/internal/auth/auth.go
index c582d96b..a89dd599 100644
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -26,6 +26,9 @@ import (
 	"golang.org/x/crypto/hkdf"
 )
 
+// nolint: gosec
+// gosec: G101: Potential hardcoded credentials
+// auth constants, not credentials
 const (
 	apiURLUserTemplate     = "%s/api/v4/user"
 	apiURLProjectTemplate  = "%s/api/v4/projects/%d/pages_access"
@@ -433,10 +436,7 @@ func destroySession(session *sessions.Session, w http.ResponseWriter, r *http.Re
 
 // IsAuthSupported checks if pages is running with the authentication support
 func (a *Auth) IsAuthSupported() bool {
-	if a == nil {
-		return false
-	}
-	return true
+	return a != nil
 }
 
 func (a *Auth) checkAuthentication(w http.ResponseWriter, r *http.Request, projectID uint64) bool {
@@ -513,11 +513,7 @@ func (a *Auth) GetTokenIfExists(w http.ResponseWriter, r *http.Request) (string,
 
 // RequireAuth will trigger authentication flow if no token exists
 func (a *Auth) RequireAuth(w http.ResponseWriter, r *http.Request) bool {
-	session := a.checkSessionIsValid(w, r)
-	if session == nil {
-		return true
-	}
-	return false
+	return a.checkSessionIsValid(w, r) == nil
 }
 
 // CheckAuthentication checks if user is authenticated and has access to the project
diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go
index 4a5d63fa..87cc988d 100644
--- a/internal/auth/auth_test.go
+++ b/internal/auth/auth_test.go
@@ -16,6 +16,11 @@ import (
 	"gitlab.com/gitlab-org/gitlab-pages/internal/source"
 )
 
+const (
+	testAccessToken = "abc"
+	apiPagesAccess  = "/api/v4/projects/1000/pages_access"
+)
+
 func createAuth(t *testing.T) *Auth {
 	return New("pages.gitlab-example.com",
 		"something-very-secret",
@@ -98,7 +103,7 @@ func testTryAuthenticateWithCodeAndState(t *testing.T, https bool) {
 			require.Equal(t, "POST", r.Method)
 			w.WriteHeader(http.StatusOK)
 			fmt.Fprint(w, "{\"access_token\":\"abc\"}")
-		case "/api/v4/projects/1000/pages_access":
+		case apiPagesAccess:
 			require.Equal(t, "Bearer abc", r.Header.Get("Authorization"))
 			w.WriteHeader(http.StatusOK)
 		default:
@@ -150,7 +155,7 @@ func TestTryAuthenticateWithCodeAndStateOverHTTPS(t *testing.T) {
 func TestCheckAuthenticationWhenAccess(t *testing.T) {
 	apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		switch r.URL.Path {
-		case "/api/v4/projects/1000/pages_access":
+		case apiPagesAccess:
 			require.Equal(t, "Bearer abc", r.Header.Get("Authorization"))
 			w.WriteHeader(http.StatusOK)
 		default:
@@ -178,7 +183,7 @@ func TestCheckAuthenticationWhenAccess(t *testing.T) {
 	r := &http.Request{URL: reqURL}
 
 	session, _ := store.Get(r, "gitlab-pages")
-	session.Values["access_token"] = "abc"
+	session.Values["access_token"] = testAccessToken
 	session.Save(r, result)
 
 	require.Equal(t, false, auth.CheckAuthentication(result, r, 1000))
@@ -188,7 +193,7 @@ func TestCheckAuthenticationWhenAccess(t *testing.T) {
 func TestCheckAuthenticationWhenNoAccess(t *testing.T) {
 	apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		switch r.URL.Path {
-		case "/api/v4/projects/1000/pages_access":
+		case apiPagesAccess:
 			require.Equal(t, "Bearer abc", r.Header.Get("Authorization"))
 			w.WriteHeader(http.StatusUnauthorized)
 		default:
@@ -216,7 +221,7 @@ func TestCheckAuthenticationWhenNoAccess(t *testing.T) {
 	r := &http.Request{URL: reqURL}
 
 	session, _ := store.Get(r, "gitlab-pages")
-	session.Values["access_token"] = "abc"
+	session.Values["access_token"] = testAccessToken
 	session.Save(r, result)
 
 	require.Equal(t, true, auth.CheckAuthentication(result, r, 1000))
@@ -226,7 +231,7 @@ func TestCheckAuthenticationWhenNoAccess(t *testing.T) {
 func TestCheckAuthenticationWhenInvalidToken(t *testing.T) {
 	apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		switch r.URL.Path {
-		case "/api/v4/projects/1000/pages_access":
+		case apiPagesAccess:
 			require.Equal(t, "Bearer abc", r.Header.Get("Authorization"))
 			w.WriteHeader(http.StatusUnauthorized)
 			fmt.Fprint(w, "{\"error\":\"invalid_token\"}")
@@ -254,7 +259,7 @@ func TestCheckAuthenticationWhenInvalidToken(t *testing.T) {
 	r := &http.Request{URL: reqURL}
 
 	session, _ := store.Get(r, "gitlab-pages")
-	session.Values["access_token"] = "abc"
+	session.Values["access_token"] = testAccessToken
 	session.Save(r, result)
 
 	require.Equal(t, true, auth.CheckAuthentication(result, r, 1000))
@@ -292,7 +297,7 @@ func TestCheckAuthenticationWithoutProject(t *testing.T) {
 	r := &http.Request{URL: reqURL}
 
 	session, _ := store.Get(r, "gitlab-pages")
-	session.Values["access_token"] = "abc"
+	session.Values["access_token"] = testAccessToken
 	session.Save(r, result)
 
 	require.Equal(t, false, auth.CheckAuthenticationWithoutProject(result, r))
@@ -329,7 +334,7 @@ func TestCheckAuthenticationWithoutProjectWhenInvalidToken(t *testing.T) {
 	require.NoError(t, err)
 	r := &http.Request{URL: reqURL}
 	session, _ := store.Get(r, "gitlab-pages")
-	session.Values["access_token"] = "abc"
+	session.Values["access_token"] = testAccessToken
 	session.Save(r, result)
 
 	require.Equal(t, true, auth.CheckAuthenticationWithoutProject(result, r))
@@ -358,11 +363,11 @@ func TestGetTokenIfExistsWhenTokenExists(t *testing.T) {
 	r := &http.Request{URL: reqURL}
 
 	session, _ := store.Get(r, "gitlab-pages")
-	session.Values["access_token"] = "abc"
+	session.Values["access_token"] = testAccessToken
 	session.Save(r, result)
 
 	token, err := auth.GetTokenIfExists(result, r)
-	require.Equal(t, "abc", token)
+	require.Equal(t, testAccessToken, token)
 }
 
 func TestGetTokenIfExistsWhenTokenDoesNotExist(t *testing.T) {
diff --git a/internal/serving/disk/serving.go b/internal/serving/disk/serving.go
index 682791fe..b4c1ba96 100644
--- a/internal/serving/disk/serving.go
+++ b/internal/serving/disk/serving.go
@@ -15,11 +15,7 @@ type Disk struct {
 // ServeFileHTTP serves a file from disk and returns true. It returns false
 // when a file could not been found.
 func (s *Disk) ServeFileHTTP(h serving.Handler) bool {
-	if s.reader.tryFile(h) == nil {
-		return true
-	}
-
-	return false
+	return s.reader.tryFile(h) == nil
 }
 
 // ServeNotFoundHTTP tries to read a custom 404 page
diff --git a/internal/source/disk/disk.go b/internal/source/disk/disk.go
index b79d222d..272d6c4e 100644
--- a/internal/source/disk/disk.go
+++ b/internal/source/disk/disk.go
@@ -31,9 +31,7 @@ func (d *Disk) GetDomain(host string) (*domain.Domain, error) {
 	d.lock.RLock()
 	defer d.lock.RUnlock()
 
-	domain, _ := d.dm[host]
-
-	return domain, nil
+	return d.dm[host], nil
 }
 
 // IsReady checks if the domains source is ready for work. The disk source is
diff --git a/main.go b/main.go
index 010fbbdd..75578913 100644
--- a/main.go
+++ b/main.go
@@ -17,6 +17,7 @@ import (
 
 	"gitlab.com/gitlab-org/gitlab-pages/internal/host"
 	"gitlab.com/gitlab-org/gitlab-pages/internal/logging"
+	"gitlab.com/gitlab-org/gitlab-pages/internal/request"
 	"gitlab.com/gitlab-org/gitlab-pages/internal/tlsconfig"
 	"gitlab.com/gitlab-org/gitlab-pages/internal/validateargs"
 	"gitlab.com/gitlab-org/gitlab-pages/metrics"
@@ -123,8 +124,8 @@ func setArtifactsServer(artifactsServer string, artifactsServerTimeout int, conf
 	if err != nil {
 		log.Fatal(err)
 	}
-	// url.Parse ensures that the Scheme arttribute is always lower case.
-	if u.Scheme != "http" && u.Scheme != "https" {
+	// url.Parse ensures that the Scheme attribute is always lower case.
+	if u.Scheme != request.SchemeHTTP && u.Scheme != request.SchemeHTTPS {
 		errortracking.Capture(err)
 		log.Fatal(errArtifactSchemaUnsupported)
 	}
diff --git a/multi_string_flag_test.go b/multi_string_flag_test.go
index 5cddac98..c09f7225 100644
--- a/multi_string_flag_test.go
+++ b/multi_string_flag_test.go
@@ -1,7 +1,6 @@
 package main
 
 import (
-	"flag"
 	"testing"
 
 	"github.com/stretchr/testify/require"
@@ -9,9 +8,7 @@ import (
 
 func TestMultiStringFlagAppendsOnSet(t *testing.T) {
 	var concrete MultiStringFlag
-	var iface flag.Value
-
-	iface = &concrete
+	iface := &concrete
 
 	require.NoError(t, iface.Set("foo"))
 	require.NoError(t, iface.Set("bar"))
author	Jaime Martinez <jmartinez@gitlab.com>	2020-05-21 03:52:19 +0300
committer	Jaime Martinez <jmartinez@gitlab.com>	2020-05-28 04:10:14 +0300
commit	f6dfa5d0043aeaa616c16f8babb64c0d0e8f72dd (patch)
tree	f8cbab7f2c4a30c07f827a50d7877c388e18616f
parent	559311801a1e9114f8dee71faa388dcefab3dcbe (diff)