diff --git a/.github/workflows/lint-code.yaml b/.github/workflows/lint-code.yaml index e143e0a..ffd9643 100644 --- a/.github/workflows/lint-code.yaml +++ b/.github/workflows/lint-code.yaml @@ -11,10 +11,15 @@ jobs: name: lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 + - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 #v5.0.0 + with: + go-version-file: go.mod - name: Run golangci-lint uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0 with: - version: v1.55.2 + version: v1.62.2 only-new-issues: false args: --config .golangci.yml --timeout=5m diff --git a/.github/workflows/scan-code.yml b/.github/workflows/scan-code.yml index ecbe6a3..d91e8ec 100644 --- a/.github/workflows/scan-code.yml +++ b/.github/workflows/scan-code.yml @@ -18,7 +18,10 @@ jobs: steps: - name: Checkout Source uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 #v5.0.0 + with: + go-version-file: go.mod - name: Run Gosec Security Scanner - uses: securego/gosec@55d79496019a560e16e73e1948dee20a1fad631a # v2.18.2 + uses: securego/gosec@d4617f51baf75f4f809066386a4f9d27b3ac3e46 # v2.21.4 with: args: ./... diff --git a/.golangci.yml b/.golangci.yml index cc82f7c..3643505 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -30,22 +30,14 @@ linters-settings: template: |- Copyright 2020-2024 Project Capsule Authors. SPDX-License-Identifier: Apache-2.0 - govet: - check-shadowing: true - maligned: - suggest-new: true linters: enable-all: true disable: - - interfacer + - exportloopref - godox - - golint - - scopelint - - maligned - gochecknoglobals - gochecknoinits - - exhaustivestruct - exhaustruct - ireturn - lll diff --git a/Makefile b/Makefile index 04f4250..2bd6200 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,12 @@ SRC_ROOT = $(shell git rev-parse --show-toplevel) -GINKGO ?= $(shell command -v ginkgo) -GOLANGCI_LINT ?= $(shell command -v golangci-lint) +## Location to install dependencies to +LOCALBIN ?= $(SRC_ROOT)/bin +$(LOCALBIN): + mkdir -p $(LOCALBIN) + +GINKGO ?= $(LOCALBIN)/ginkgo +GOLANGCI_LINT ?= $(LOCALBIN)/golangci-lint .PHONY: build build: @@ -20,12 +25,14 @@ e2e/charts: ginkgo @$(GINKGO) -v -tags e2e $(SRC_ROOT)/e2e/charts .PHONY: golangci-lint -golangci-lint: - @hash ginkgo 2>/dev/null || go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.55.2 +golangci-lint: $(GOLANGCI_LINT) ## Download golangci-lint locally if necessary. +$(GOLANGCI_LINT): $(LOCALBIN) + test -s $(LOCALBIN)/golangci-lint || GOBIN=$(LOCALBIN) go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.62.2 .PHONY: ginkgo -ginkgo: - @hash ginkgo 2>/dev/null || go install github.com/onsi/ginkgo/v2/ginkgo@v2.13.2 +ginkgo: $(GINKGO) ## Download ginkgo locally if necessary. +$(GINKGO): $(LOCALBIN) + test -s $(LOCALBIN)/ginkgo || GOBIN=$(LOCALBIN) go install github.com/onsi/ginkgo/v2/ginkgo helm-lint: CT_VERSION := v3.3.1 helm-lint: docker diff --git a/go.mod b/go.mod index a98e5a9..c367422 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,7 @@ module github.com/projectcapsule/capsule-addon-flux -go 1.21 +go 1.23 + require ( github.com/go-logr/logr v1.4.2 github.com/onsi/ginkgo/v2 v2.20.0 diff --git a/pkg/controller/serviceaccount/tokens.go b/pkg/controller/serviceaccount/tokens.go index c3d2099..d061279 100644 --- a/pkg/controller/serviceaccount/tokens.go +++ b/pkg/controller/serviceaccount/tokens.go @@ -59,7 +59,6 @@ func (r *ServiceAccountReconciler) getSATokenSecret(ctx context.Context, saName, var tokenSecret *corev1.Secret for _, v := range saTokenList.Items { - v := v if v.Type == corev1.SecretTypeServiceAccountToken { if v.Namespace == saNamespace && v.Annotations[corev1.ServiceAccountNameKey] == saName { return &v, nil