diff options
-rw-r--r-- | .gitignore | 2 | ||||
-rw-r--r-- | .gitlab-ci.yml | 26 | ||||
-rw-r--r-- | .golangci.yml | 60 | ||||
-rw-r--r-- | Makefile.build.mk | 3 | ||||
-rw-r--r-- | Makefile.util.mk | 19 | ||||
-rw-r--r-- | app.go | 6 | ||||
-rw-r--r-- | go.mod | 33 | ||||
-rw-r--r-- | go.sum | 15 | ||||
-rw-r--r-- | helpers_test.go | 13 | ||||
-rw-r--r-- | internal/artifact/artifact.go | 1 | ||||
-rw-r--r-- | internal/artifact/artifact_test.go | 2 | ||||
-rw-r--r-- | internal/auth/auth.go | 14 | ||||
-rw-r--r-- | internal/auth/auth_test.go | 27 | ||||
-rw-r--r-- | internal/serving/disk/serving.go | 6 | ||||
-rw-r--r-- | internal/source/disk/disk.go | 4 | ||||
-rw-r--r-- | main.go | 5 | ||||
-rw-r--r-- | multi_string_flag_test.go | 5 |
17 files changed, 173 insertions, 68 deletions
@@ -3,6 +3,8 @@ shared/pages/.update /gitlab-pages /vendor /gitlab-pages-config +/gl-code-quality-report.json +/coverage.html # Used by the makefile /.GOPATH diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d640f08b..01732f45 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -86,19 +86,33 @@ download deps: - go.mod - go.sum -verify: - extends: .go-mod-cache +cover: stage: test + extends: .go-mod-cache needs: ['download deps'] script: - - make setup - - make generate-mocks - - make verify - - make cover + - make setup + - make generate-mocks + - make cover artifacts: paths: - coverage.html +lint: + extends: .go-mod-cache + needs: ['download deps'] + stage: test + image: registry.gitlab.com/gitlab-org/gitlab-build-images:golangci-lint-alpine + script: + # Write the code coverage report to gl-code-quality-report.json + # and print linting issues to stdout in the format: path/to/file:line description + - golangci-lint run --out-format code-climate | tee gl-code-quality-report.json | jq -r '.[] | "\(.location.path):\(.location.lines.begin) \(.description)"' + artifacts: + reports: + codequality: gl-code-quality-report.json + paths: + - gl-code-quality-report.json + test:1.12: extends: .tests image: golang:1.12 diff --git a/.golangci.yml b/.golangci.yml new file mode 100644 index 00000000..9545dd52 --- /dev/null +++ b/.golangci.yml @@ -0,0 +1,60 @@ +run: + concurrency: 8 + deadline: 1m + issues-exit-code: 1 + modules-download-mode: vendor + tests: true + skip-dirs: + - vendor + - internal/httputil # from github.com/golang/gddo + skip-files: + - mock_*.go + +output: + format: colored-line-number + print-issued-lines: true + print-linter-name: true + +linters-settings: + gocyclo: + min-complexity: 10 + govet: + check-shadowing: false + goconst: + min-len: 3 + min-occurrences: 3 + +linters: + disable-all: true + enable: +# TODO: enable these linters on a separate MR https://gitlab.com/gitlab-org/gitlab-pages/-/issues/385#linters +# - bodyclose +# - deadcode +# - dogsled + - goconst + - gocyclo + - goimports + - golint + - gosimple + - govet + - gosec +# - ineffassign +# - misspell +# - structcheck +# - typecheck +# - unconvert +# - unused +# - varcheck +# - whitespace + fast: false + +issues: +# # Excluding configuration per-path, per-linter, per-text and per-source + exclude-rules: + - path: ".*_test.go" + linters: + - bodyclose + - gosec + - path: "internal/fixture/fixtures.go" + linters: + - gosec diff --git a/Makefile.build.mk b/Makefile.build.mk index 24c2ec39..9a40f68b 100644 --- a/Makefile.build.mk +++ b/Makefile.build.mk @@ -3,10 +3,7 @@ all: gitlab-pages setup: clean .GOPATH/.ok - go get golang.org/x/tools/cmd/goimports@v0.0.0-20191010201905-e5ffc44a6fee - go get golang.org/x/lint/golint@v0.0.0-20190930215403-16217165b5de go get github.com/wadey/gocovmerge@v0.0.0-20160331181800-b5bfa59ec0ad - go get github.com/fzipp/gocyclo@v0.0.0-20150627053110-6acd4345c835 go get github.com/golang/mock/mockgen@v1.3.1 generate-mocks: .GOPATH/.ok diff --git a/Makefile.util.mk b/Makefile.util.mk index 412b7655..dfc2c8fd 100644 --- a/Makefile.util.mk +++ b/Makefile.util.mk @@ -1,18 +1,11 @@ -.PHONY: verify fmt vet lint complexity test cover list +GOLANGCI_LINT_IMAGE := registry.gitlab.com/gitlab-org/gitlab-build-images:golangci-lint-alpine -verify: list fmt vet lint complexity +.PHONY: lint test race acceptance bench cover list deps-check deps-download -fmt: bin/goimports .GOPATH/.ok - $Q @_support/validate-formatting.sh $(allfiles) - -vet: .GOPATH/.ok - $Q go vet $(allpackages) - -lint: bin/golint - $Q ./bin/golint $(allpackages) | tee | ( ! grep -v "^$$" ) - -complexity: .GOPATH/.ok bin/gocyclo - $Q ./bin/gocyclo -over 9 $(allfiles) +lint: deps-download + docker run -v $(PWD):/app -w /app $(GOLANGCI_LINT_IMAGE) \ + sh -c "golangci-lint run --out-format code-climate | tee gl-code-quality-report.json | jq -r '.[] | \"\(.location.path):\(.location.lines.begin) \(.description)\"'" +# sh -c "golangci-lint run $(if $V,-v)" test: .GOPATH/.ok gitlab-pages go test $(if $V,-v) $(allpackages) @@ -83,7 +83,7 @@ func (a *theApp) healthCheck(w http.ResponseWriter, r *http.Request, https bool) func (a *theApp) redirectToHTTPS(w http.ResponseWriter, r *http.Request, statusCode int) { u := *r.URL - u.Scheme = "https" + u.Scheme = request.SchemeHTTPS u.Host = r.Host u.User = nil @@ -400,7 +400,7 @@ func (a *theApp) listenHTTPFD(wg *sync.WaitGroup, fd uintptr, httpHandler http.H defer wg.Done() err := listenAndServe(fd, httpHandler, a.HTTP2, nil, limiter) if err != nil { - capturingFatal(err, errortracking.WithField("listener", "http")) + capturingFatal(err, errortracking.WithField("listener", request.SchemeHTTP)) } }() } @@ -411,7 +411,7 @@ func (a *theApp) listenHTTPSFD(wg *sync.WaitGroup, fd uintptr, httpHandler http. defer wg.Done() err := listenAndServeTLS(fd, a.RootCertificate, a.RootKey, httpHandler, a.ServeTLS, a.InsecureCiphers, a.TLSMinVersion, a.TLSMaxVersion, a.HTTP2, limiter) if err != nil { - capturingFatal(err, errortracking.WithField("listener", "https")) + capturingFatal(err, errortracking.WithField("listener", request.SchemeHTTPS)) } }() } @@ -3,29 +3,60 @@ module gitlab.com/gitlab-org/gitlab-pages go 1.12 require ( + github.com/certifi/gocertifi v0.0.0-20180905225744-ee1a9a0726d2 // indirect + github.com/client9/reopen v1.0.0 // indirect + github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd // indirect github.com/dgrijalva/jwt-go v3.2.0+incompatible github.com/fzipp/gocyclo v0.0.0-20150627053110-6acd4345c835 + github.com/getsentry/raven-go v0.1.0 // indirect + github.com/getsentry/sentry-go v0.5.1 // indirect + github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1 // indirect + github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72 // indirect + github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7 // indirect github.com/golang/mock v1.3.1 + github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc // indirect github.com/gorilla/context v1.1.1 github.com/gorilla/handlers v1.4.2 github.com/gorilla/securecookie v1.1.1 github.com/gorilla/sessions v1.2.0 + github.com/grpc-ecosystem/go-grpc-middleware v1.0.0 // indirect + github.com/jstemmer/go-junit-report v0.9.1 // indirect github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 github.com/karrick/godirwalk v1.10.12 + github.com/konsorten/go-windows-terminal-sequences v1.0.2 // indirect + github.com/lightstep/lightstep-tracer-go v0.15.6 // indirect github.com/namsral/flag v1.7.4-pre + github.com/opentracing/opentracing-go v1.0.2 // indirect github.com/patrickmn/go-cache v2.1.0+incompatible + github.com/philhofer/fwd v1.0.0 // indirect github.com/prometheus/client_golang v1.1.0 + github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4 // indirect github.com/rs/cors v1.7.0 + github.com/sebest/xff v0.0.0-20160910043805-6c115e0ffa35 // indirect github.com/sirupsen/logrus v1.4.2 github.com/stretchr/testify v1.4.0 + github.com/tinylib/msgp v1.0.2 // indirect github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce + github.com/uber-go/atomic v1.3.2 // indirect + github.com/uber/jaeger-client-go v2.15.0+incompatible // indirect + github.com/uber/jaeger-lib v1.5.0 // indirect github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad - gitlab.com/gitlab-org/labkit v0.0.0-20200414155917-f06e28fff6fa + gitlab.com/gitlab-org/labkit v0.0.0-20200520155818-96e583c57891 gitlab.com/lupine/go-mimedb v0.0.0-20180307000149-e8af1d659877 + go.opencensus.io v0.22.2 // indirect + go.uber.org/atomic v1.3.2 // indirect golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f + golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee // indirect golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa + golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d // indirect + golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e // indirect golang.org/x/sys v0.0.0-20200113162924-86b910548bc1 golang.org/x/tools v0.0.0-20200117161641-43d50277825c + google.golang.org/api v0.15.0 // indirect + google.golang.org/appengine v1.6.5 // indirect + google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba // indirect + google.golang.org/grpc v1.24.0 // indirect + gopkg.in/DataDog/dd-trace-go.v1 v1.7.0 // indirect gopkg.in/yaml.v2 v2.2.8 ) @@ -6,6 +6,9 @@ cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6A cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= +cloud.google.com/go v0.47.0/go.mod h1:5p3Ky/7f3N10VBkhuR5LFtddroTiMyjZV/Kj5qOQFxU= +cloud.google.com/go v0.48.0/go.mod h1:gGOnoa/XMQYHAscREBlbdHduGchEaP9N0//OXdrPI/M= +cloud.google.com/go v0.49.0/go.mod h1:hGvAdzcWNbyuxS3nWhD7H2cIJxjRRTRLQVB0bdputVY= cloud.google.com/go v0.50.0 h1:0E3eE8MX426vUOs7aHfI7aN1BrIzzzf4ccKCSfSjGmc= cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= cloud.google.com/go/bigquery v1.0.1 h1:hL+ycaJpVE9M7nLoiXb/Pn10ENE2u+oddxbD8uu0ZVU= @@ -75,6 +78,7 @@ github.com/gin-gonic/gin v1.4.0/go.mod h1:OW2EZn3DO8Ln9oIKOvM++LBO+5UPHJJDH72/q/ github.com/go-check/check v0.0.0-20180628173108-788fd7840127/go.mod h1:9ES+weclKsC9YodN5RgxqK/VD9HM9JsCSh7rNhMZE98= github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w= github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= +github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= @@ -294,6 +298,8 @@ github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82/go.mod h1:lgjkn3NuSvDf github.com/yudai/pp v2.0.1+incompatible/go.mod h1:PuxR/8QJ7cyCkFp/aUDS+JY727OFEZkTdatxwunjIkc= gitlab.com/gitlab-org/labkit v0.0.0-20200414155917-f06e28fff6fa h1:KCrfuAvyh2XTBMUpPPXd9CtgAIhtqtuzrT72oCm4K34= gitlab.com/gitlab-org/labkit v0.0.0-20200414155917-f06e28fff6fa/go.mod h1:SNfxkfUwVNECgtmluVayv0GWFgEjjBs5AzgsowPQuo0= +gitlab.com/gitlab-org/labkit v0.0.0-20200520155818-96e583c57891 h1:WiCGS5C0B0h+/dh5O7kUJoEZt34O/tbsis9QghNB3gE= +gitlab.com/gitlab-org/labkit v0.0.0-20200520155818-96e583c57891/go.mod h1:SNfxkfUwVNECgtmluVayv0GWFgEjjBs5AzgsowPQuo0= gitlab.com/lupine/go-mimedb v0.0.0-20180307000149-e8af1d659877 h1:k5N2m0IPaMuwWmFTO9fyTK4IEnSm35GC/p1S7VRgUyM= gitlab.com/lupine/go-mimedb v0.0.0-20180307000149-e8af1d659877/go.mod h1:Es0wDVbtgNqhpEXMb+yct6JKnGMrNsUSh9oio0bqqdU= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= @@ -313,6 +319,8 @@ golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= +golang.org/x/exp v0.0.0-20191002040644-a1355ae1e2c3/go.mod h1:NOZ3BPKG0ec/BKJQgnvsSFpcKLM5xXVWnvZS97DWHgE= +golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20191227195350-da58074b4299 h1:zQpM52jfKHG6II1ISZY1ZcpygvuSFZpLwfluuF89XOg= golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= @@ -324,6 +332,8 @@ golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTk golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de h1:5hukYrvBGR8/eNkX5mdUezrA6JiaEZDtJb9Ei+1LlBs= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f h1:J5lckAjkw6qYlOZNj90mLYNTEKDvWeuc1yieZ8qUzUE= golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= @@ -411,6 +421,10 @@ golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191010171213-8abd42400456/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191010201905-e5ffc44a6fee h1:Cgj5oVkw7Gktu56MAiU0r1u0jyuT6jmtOzcAJwLj89c= +golang.org/x/tools v0.0.0-20191010201905-e5ffc44a6fee/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= @@ -443,6 +457,7 @@ google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRn google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= +google.golang.org/genproto v0.0.0-20191009194640-548a555dbc03/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba h1:pRj9OXZbwNtbtZtOB4dLwfK4u+EVRMvP+e9zKkg2grM= google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= diff --git a/helpers_test.go b/helpers_test.go index 195c3cea..60fba9f5 100644 --- a/helpers_test.go +++ b/helpers_test.go @@ -20,6 +20,7 @@ import ( "github.com/stretchr/testify/require" "gitlab.com/gitlab-org/gitlab-pages/internal/fixture" + "gitlab.com/gitlab-org/gitlab-pages/internal/request" ) type tWriter struct { @@ -116,9 +117,9 @@ type ListenSpec struct { } func (l ListenSpec) URL(suffix string) string { - scheme := "http" - if l.Type == "https" { - scheme = "https" + scheme := request.SchemeHTTP + if l.Type == request.SchemeHTTPS { + scheme = request.SchemeHTTPS } suffix = strings.TrimPrefix(suffix, "/") @@ -262,7 +263,7 @@ func getPagesArgs(t *testing.T, listeners []ListenSpec, promPort string, extraAr for _, spec := range listeners { args = append(args, "-listen-"+spec.Type, spec.JoinHostPort()) - if spec.Type == "https" { + if spec.Type == request.SchemeHTTPS { hasHTTPS = true } } @@ -362,9 +363,9 @@ func GetRedirectPage(t *testing.T, spec ListenSpec, host, urlsuffix string) (*ht } func GetProxyRedirectPageWithCookie(t *testing.T, spec ListenSpec, host string, urlsuffix string, cookie string, https bool) (*http.Response, error) { - schema := "http" + schema := request.SchemeHTTP if https { - schema = "https" + schema = request.SchemeHTTPS } header := http.Header{ "X-Forwarded-Proto": []string{schema}, diff --git a/internal/artifact/artifact.go b/internal/artifact/artifact.go index ef173d9e..d11a7ebd 100644 --- a/internal/artifact/artifact.go +++ b/internal/artifact/artifact.go @@ -121,7 +121,6 @@ func (a *Artifact) makeRequest(w http.ResponseWriter, r *http.Request, reqURL *u w.Header().Set("Content-Length", strconv.FormatInt(resp.ContentLength, 10)) w.WriteHeader(resp.StatusCode) io.Copy(w, resp.Body) - return } func addCacheHeader(w http.ResponseWriter, resp *http.Response) { diff --git a/internal/artifact/artifact_test.go b/internal/artifact/artifact_test.go index 6425f791..a55eda7b 100644 --- a/internal/artifact/artifact_test.go +++ b/internal/artifact/artifact_test.go @@ -83,7 +83,7 @@ func TestTryMakeRequest(t *testing.T) { require.Equal(t, c.ContentType, result.Header().Get("Content-Type")) require.Equal(t, c.Length, result.Header().Get("Content-Length")) require.Equal(t, c.CacheControl, result.Header().Get("Cache-Control")) - require.Equal(t, c.Content, string(result.Body.Bytes())) + require.Equal(t, c.Content, result.Body.String()) }) } diff --git a/internal/auth/auth.go b/internal/auth/auth.go index c582d96b..a89dd599 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -26,6 +26,9 @@ import ( "golang.org/x/crypto/hkdf" ) +// nolint: gosec +// gosec: G101: Potential hardcoded credentials +// auth constants, not credentials const ( apiURLUserTemplate = "%s/api/v4/user" apiURLProjectTemplate = "%s/api/v4/projects/%d/pages_access" @@ -433,10 +436,7 @@ func destroySession(session *sessions.Session, w http.ResponseWriter, r *http.Re // IsAuthSupported checks if pages is running with the authentication support func (a *Auth) IsAuthSupported() bool { - if a == nil { - return false - } - return true + return a != nil } func (a *Auth) checkAuthentication(w http.ResponseWriter, r *http.Request, projectID uint64) bool { @@ -513,11 +513,7 @@ func (a *Auth) GetTokenIfExists(w http.ResponseWriter, r *http.Request) (string, // RequireAuth will trigger authentication flow if no token exists func (a *Auth) RequireAuth(w http.ResponseWriter, r *http.Request) bool { - session := a.checkSessionIsValid(w, r) - if session == nil { - return true - } - return false + return a.checkSessionIsValid(w, r) == nil } // CheckAuthentication checks if user is authenticated and has access to the project diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index 4a5d63fa..87cc988d 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -16,6 +16,11 @@ import ( "gitlab.com/gitlab-org/gitlab-pages/internal/source" ) +const ( + testAccessToken = "abc" + apiPagesAccess = "/api/v4/projects/1000/pages_access" +) + func createAuth(t *testing.T) *Auth { return New("pages.gitlab-example.com", "something-very-secret", @@ -98,7 +103,7 @@ func testTryAuthenticateWithCodeAndState(t *testing.T, https bool) { require.Equal(t, "POST", r.Method) w.WriteHeader(http.StatusOK) fmt.Fprint(w, "{\"access_token\":\"abc\"}") - case "/api/v4/projects/1000/pages_access": + case apiPagesAccess: require.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) default: @@ -150,7 +155,7 @@ func TestTryAuthenticateWithCodeAndStateOverHTTPS(t *testing.T) { func TestCheckAuthenticationWhenAccess(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case "/api/v4/projects/1000/pages_access": + case apiPagesAccess: require.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) default: @@ -178,7 +183,7 @@ func TestCheckAuthenticationWhenAccess(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = "abc" + session.Values["access_token"] = testAccessToken session.Save(r, result) require.Equal(t, false, auth.CheckAuthentication(result, r, 1000)) @@ -188,7 +193,7 @@ func TestCheckAuthenticationWhenAccess(t *testing.T) { func TestCheckAuthenticationWhenNoAccess(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case "/api/v4/projects/1000/pages_access": + case apiPagesAccess: require.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) default: @@ -216,7 +221,7 @@ func TestCheckAuthenticationWhenNoAccess(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = "abc" + session.Values["access_token"] = testAccessToken session.Save(r, result) require.Equal(t, true, auth.CheckAuthentication(result, r, 1000)) @@ -226,7 +231,7 @@ func TestCheckAuthenticationWhenNoAccess(t *testing.T) { func TestCheckAuthenticationWhenInvalidToken(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case "/api/v4/projects/1000/pages_access": + case apiPagesAccess: require.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) fmt.Fprint(w, "{\"error\":\"invalid_token\"}") @@ -254,7 +259,7 @@ func TestCheckAuthenticationWhenInvalidToken(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = "abc" + session.Values["access_token"] = testAccessToken session.Save(r, result) require.Equal(t, true, auth.CheckAuthentication(result, r, 1000)) @@ -292,7 +297,7 @@ func TestCheckAuthenticationWithoutProject(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = "abc" + session.Values["access_token"] = testAccessToken session.Save(r, result) require.Equal(t, false, auth.CheckAuthenticationWithoutProject(result, r)) @@ -329,7 +334,7 @@ func TestCheckAuthenticationWithoutProjectWhenInvalidToken(t *testing.T) { require.NoError(t, err) r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = "abc" + session.Values["access_token"] = testAccessToken session.Save(r, result) require.Equal(t, true, auth.CheckAuthenticationWithoutProject(result, r)) @@ -358,11 +363,11 @@ func TestGetTokenIfExistsWhenTokenExists(t *testing.T) { r := &http.Request{URL: reqURL} session, _ := store.Get(r, "gitlab-pages") - session.Values["access_token"] = "abc" + session.Values["access_token"] = testAccessToken session.Save(r, result) token, err := auth.GetTokenIfExists(result, r) - require.Equal(t, "abc", token) + require.Equal(t, testAccessToken, token) } func TestGetTokenIfExistsWhenTokenDoesNotExist(t *testing.T) { diff --git a/internal/serving/disk/serving.go b/internal/serving/disk/serving.go index 682791fe..b4c1ba96 100644 --- a/internal/serving/disk/serving.go +++ b/internal/serving/disk/serving.go @@ -15,11 +15,7 @@ type Disk struct { // ServeFileHTTP serves a file from disk and returns true. It returns false // when a file could not been found. func (s *Disk) ServeFileHTTP(h serving.Handler) bool { - if s.reader.tryFile(h) == nil { - return true - } - - return false + return s.reader.tryFile(h) == nil } // ServeNotFoundHTTP tries to read a custom 404 page diff --git a/internal/source/disk/disk.go b/internal/source/disk/disk.go index b79d222d..272d6c4e 100644 --- a/internal/source/disk/disk.go +++ b/internal/source/disk/disk.go @@ -31,9 +31,7 @@ func (d *Disk) GetDomain(host string) (*domain.Domain, error) { d.lock.RLock() defer d.lock.RUnlock() - domain, _ := d.dm[host] - - return domain, nil + return d.dm[host], nil } // IsReady checks if the domains source is ready for work. The disk source is @@ -17,6 +17,7 @@ import ( "gitlab.com/gitlab-org/gitlab-pages/internal/host" "gitlab.com/gitlab-org/gitlab-pages/internal/logging" + "gitlab.com/gitlab-org/gitlab-pages/internal/request" "gitlab.com/gitlab-org/gitlab-pages/internal/tlsconfig" "gitlab.com/gitlab-org/gitlab-pages/internal/validateargs" "gitlab.com/gitlab-org/gitlab-pages/metrics" @@ -123,8 +124,8 @@ func setArtifactsServer(artifactsServer string, artifactsServerTimeout int, conf if err != nil { log.Fatal(err) } - // url.Parse ensures that the Scheme arttribute is always lower case. - if u.Scheme != "http" && u.Scheme != "https" { + // url.Parse ensures that the Scheme attribute is always lower case. + if u.Scheme != request.SchemeHTTP && u.Scheme != request.SchemeHTTPS { errortracking.Capture(err) log.Fatal(errArtifactSchemaUnsupported) } diff --git a/multi_string_flag_test.go b/multi_string_flag_test.go index 5cddac98..c09f7225 100644 --- a/multi_string_flag_test.go +++ b/multi_string_flag_test.go @@ -1,7 +1,6 @@ package main import ( - "flag" "testing" "github.com/stretchr/testify/require" @@ -9,9 +8,7 @@ import ( func TestMultiStringFlagAppendsOnSet(t *testing.T) { var concrete MultiStringFlag - var iface flag.Value - - iface = &concrete + iface := &concrete require.NoError(t, iface.Set("foo")) require.NoError(t, iface.Set("bar")) |