diff --git a/Makefile b/Makefile index b8d019d7aa6..6973f644ee6 100644 --- a/Makefile +++ b/Makefile @@ -23,7 +23,6 @@ else COWSQL_PATH=$(GOPATH)/deps/cowsql endif - # raft .PHONY: default default: build @@ -56,6 +55,7 @@ incus-migrate: .PHONY: deps deps: + # raft @if [ ! -e "$(RAFT_PATH)" ]; then \ git clone --depth=1 "https://github.com/cowsql/raft" "$(RAFT_PATH)"; \ elif [ -e "$(RAFT_PATH)/.git" ]; then \ diff --git a/cmd/incus/admin_recover.go b/cmd/incus/admin_recover.go index c229ec739d9..98a4bc343bc 100644 --- a/cmd/incus/admin_recover.go +++ b/cmd/incus/admin_recover.go @@ -10,7 +10,7 @@ import ( "golang.org/x/text/cases" "golang.org/x/text/language" - "github.com/lxc/incus/v6/client" + incus "github.com/lxc/incus/v6/client" cli "github.com/lxc/incus/v6/internal/cmd" "github.com/lxc/incus/v6/internal/i18n" "github.com/lxc/incus/v6/internal/recover" @@ -241,7 +241,8 @@ func (c *cmdAdminRecover) Run(cmd *cobra.Command, args []string) error { // Send /internal/recover/import request to the daemon. // Don't lint next line with gosimple. It says we should convert reqValidate directly to an RecoverImportPost // because their types are identical. This is less clear and will not work if either type changes in the future. - reqImport := recover.ImportPost{ //nolint:gosimple + //nolint:all + reqImport := recover.ImportPost{ //lint:ignore S1016 for reason above Pools: reqValidate.Pools, } diff --git a/cmd/incus/completion.go b/cmd/incus/completion.go index 1852070fc27..e8ebb6389e4 100644 --- a/cmd/incus/completion.go +++ b/cmd/incus/completion.go @@ -496,7 +496,6 @@ func (g *cmdGlobal) cmpNetworkForwardConfigs(networkName string, listenAddress s } func (g *cmdGlobal) cmpNetworkForwards(networkName string) ([]string, cobra.ShellCompDirective) { - results := []string{} cmpDirectives := cobra.ShellCompDirectiveNoFileComp resources, _ := g.ParseServers(networkName) @@ -516,7 +515,6 @@ func (g *cmdGlobal) cmpNetworkForwards(networkName string) ([]string, cobra.Shel } func (g *cmdGlobal) cmpNetworkLoadBalancers(networkName string) ([]string, cobra.ShellCompDirective) { - results := []string{} cmpDirectives := cobra.ShellCompDirectiveNoFileComp resources, _ := g.ParseServers(networkName) @@ -560,7 +558,6 @@ func (g *cmdGlobal) cmpNetworkPeerConfigs(networkName string, peerName string) ( } func (g *cmdGlobal) cmpNetworkPeers(networkName string) ([]string, cobra.ShellCompDirective) { - results := []string{} cmpDirectives := cobra.ShellCompDirectiveNoFileComp resources, _ := g.ParseServers(networkName) @@ -742,7 +739,6 @@ func (g *cmdGlobal) cmpNetworkZoneRecordConfigs(zoneName string, recordName stri } func (g *cmdGlobal) cmpNetworkZoneRecords(zoneName string) ([]string, cobra.ShellCompDirective) { - results := []string{} cmpDirectives := cobra.ShellCompDirectiveNoFileComp resources, _ := g.ParseServers(zoneName) diff --git a/cmd/incus/snapshot.go b/cmd/incus/snapshot.go index 9add06ba835..622676e6f5e 100644 --- a/cmd/incus/snapshot.go +++ b/cmd/incus/snapshot.go @@ -12,7 +12,7 @@ import ( "github.com/spf13/cobra" "gopkg.in/yaml.v2" - "github.com/lxc/incus/v6/client" + incus "github.com/lxc/incus/v6/client" cli "github.com/lxc/incus/v6/internal/cmd" "github.com/lxc/incus/v6/internal/i18n" "github.com/lxc/incus/v6/internal/instance" @@ -514,8 +514,6 @@ func (c *cmdSnapshotRestore) Run(cmd *cobra.Command, args []string) error { type cmdSnapshotShow struct { global *cmdGlobal snapshot *cmdSnapshot - - flagExpanded bool } func (c *cmdSnapshotShow) Command() *cobra.Command { diff --git a/cmd/incusd/dev_incus.go b/cmd/incusd/dev_incus.go index fb12fc26efb..0ce9c78ca3c 100644 --- a/cmd/incusd/dev_incus.go +++ b/cmd/incusd/dev_incus.go @@ -278,7 +278,7 @@ func hoistReq(f func(*Daemon, instance.Instance, http.ResponseWriter, *http.Requ conn := ucred.GetConnFromContext(r.Context()) cred, ok := pidMapper.m[conn.(*net.UnixConn)] if !ok { - http.Error(w, pidNotInContainerErr.Error(), http.StatusInternalServerError) + http.Error(w, errPidNotInContainer.Error(), http.StatusInternalServerError) return } @@ -390,7 +390,7 @@ func (m *ConnPidMapper) ConnStateHandler(conn net.Conn, state http.ConnState) { } } -var pidNotInContainerErr = fmt.Errorf("pid not in container?") +var errPidNotInContainer = fmt.Errorf("pid not in container?") func findContainerForPid(pid int32, s *state.State) (instance.Container, error) { /* @@ -496,5 +496,5 @@ func findContainerForPid(pid int32, s *state.State) (instance.Container, error) } } - return nil, pidNotInContainerErr + return nil, errPidNotInContainer } diff --git a/cmd/incusd/dev_incus_test.go b/cmd/incusd/dev_incus_test.go index c0795a8af1a..8b6c4c77a3b 100644 --- a/cmd/incusd/dev_incus_test.go +++ b/cmd/incusd/dev_incus_test.go @@ -169,7 +169,7 @@ func TestHttpRequest(t *testing.T) { t.Fatal(err) } - if !strings.Contains(string(resp), pidNotInContainerErr.Error()) { + if !strings.Contains(string(resp), errPidNotInContainer.Error()) { t.Fatal("resp error not expected: ", string(resp)) } } diff --git a/cmd/incusd/instance.go b/cmd/incusd/instance.go index 9b7b654bd99..ca03a100c59 100644 --- a/cmd/incusd/instance.go +++ b/cmd/incusd/instance.go @@ -427,7 +427,9 @@ func instanceCreateAsCopy(s *state.State, opts instanceCreateAsCopyOpts, op *ope "path": "/", "pool": instRootDiskDevice["pool"], } - } else { //nolint:staticcheck // (keep the empty branch for the comment) + //nolint:all + //lint:ignore SA9003 keep the empty branch for the comment + } else { //nolint:all // Snapshot has multiple root disk devices, we can't automatically fix this so // leave alone so we don't prevent copy. } diff --git a/internal/server/cluster/membership.go b/internal/server/cluster/membership.go index b1745ecf80a..34cb81d671b 100644 --- a/internal/server/cluster/membership.go +++ b/internal/server/cluster/membership.go @@ -26,10 +26,10 @@ import ( "github.com/lxc/incus/v6/shared/util" ) -// clusterBusyError is returned by dqlite if attempting attempting to join a cluster at the same time as a role-change. +// errClusterBusy is returned by dqlite if attempting attempting to join a cluster at the same time as a role-change. // This error tells us we can retry and probably join the cluster or fail due to something else. // The error code here is SQLITE_BUSY. -var clusterBusyError = fmt.Errorf("A configuration change is already in progress (5)") +var errClusterBusy = fmt.Errorf("A configuration change is already in progress (5)") // Bootstrap turns a non-clustered server into the first (and leader) // member of a new cluster. @@ -447,7 +447,7 @@ func Join(state *state.State, gateway *Gateway, networkCert *localtls.CertInfo, return fmt.Errorf("Failed to join cluster: %w", ctx.Err()) default: err = client.Add(ctx, info.NodeInfo) - if err != nil && err.Error() == clusterBusyError.Error() { + if err != nil && err.Error() == errClusterBusy.Error() { // If the cluster is busy with a role change, sleep a second and then keep trying to join. time.Sleep(1 * time.Second) continue @@ -593,6 +593,8 @@ func NotifyHeartbeat(state *state.State, gateway *Gateway) { // Wait for heartbeat to finish and then release. // Ignore staticcheck "SA2001: empty critical section" because we want to wait for the lock. gateway.HeartbeatLock.Lock() + //nolint:all + //lint:ignore SA2001 we want to wait for the lock gateway.HeartbeatLock.Unlock() //nolint:staticcheck } diff --git a/internal/server/db/cluster/certificate_projects.mapper.go b/internal/server/db/cluster/certificate_projects.mapper.go index f8e054b54f0..a86246625ca 100644 --- a/internal/server/db/cluster/certificate_projects.mapper.go +++ b/internal/server/db/cluster/certificate_projects.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/certificates.mapper.go b/internal/server/db/cluster/certificates.mapper.go index 9338f587d84..fc207de9caa 100644 --- a/internal/server/db/cluster/certificates.mapper.go +++ b/internal/server/db/cluster/certificates.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/cluster_groups.mapper.go b/internal/server/db/cluster/cluster_groups.mapper.go index 2427794a3ff..f2f86e50eb3 100644 --- a/internal/server/db/cluster/cluster_groups.mapper.go +++ b/internal/server/db/cluster/cluster_groups.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/config.mapper.go b/internal/server/db/cluster/config.mapper.go index 91d68b67e68..d0122efbeaf 100644 --- a/internal/server/db/cluster/config.mapper.go +++ b/internal/server/db/cluster/config.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/devices.mapper.go b/internal/server/db/cluster/devices.mapper.go index c9c84e75cf5..7a0d8c9f3cf 100644 --- a/internal/server/db/cluster/devices.mapper.go +++ b/internal/server/db/cluster/devices.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/images.mapper.go b/internal/server/db/cluster/images.mapper.go index 5e94d157595..ec1b108fffd 100644 --- a/internal/server/db/cluster/images.mapper.go +++ b/internal/server/db/cluster/images.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/instance_profiles.mapper.go b/internal/server/db/cluster/instance_profiles.mapper.go index eed5674beb4..facf0391766 100644 --- a/internal/server/db/cluster/instance_profiles.mapper.go +++ b/internal/server/db/cluster/instance_profiles.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/instances.mapper.go b/internal/server/db/cluster/instances.mapper.go index 2dfd0ffa3c7..b115406f58b 100644 --- a/internal/server/db/cluster/instances.mapper.go +++ b/internal/server/db/cluster/instances.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/networks_integrations.mapper.go b/internal/server/db/cluster/networks_integrations.mapper.go index 1767c4c6b87..b9a282a774b 100644 --- a/internal/server/db/cluster/networks_integrations.mapper.go +++ b/internal/server/db/cluster/networks_integrations.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/nodes.mapper.go b/internal/server/db/cluster/nodes.mapper.go index 6e7632e9913..620e6d8b331 100644 --- a/internal/server/db/cluster/nodes.mapper.go +++ b/internal/server/db/cluster/nodes.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/nodes_cluster_groups.mapper.go b/internal/server/db/cluster/nodes_cluster_groups.mapper.go index d0e7c854b70..222cf0aa5bd 100644 --- a/internal/server/db/cluster/nodes_cluster_groups.mapper.go +++ b/internal/server/db/cluster/nodes_cluster_groups.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/operations.mapper.go b/internal/server/db/cluster/operations.mapper.go index 307836be002..00e6fda2ce5 100644 --- a/internal/server/db/cluster/operations.mapper.go +++ b/internal/server/db/cluster/operations.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/profiles.mapper.go b/internal/server/db/cluster/profiles.mapper.go index af127df140e..8f506e1f15b 100644 --- a/internal/server/db/cluster/profiles.mapper.go +++ b/internal/server/db/cluster/profiles.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/projects.mapper.go b/internal/server/db/cluster/projects.mapper.go index 23c59363e2e..8be1da7453a 100644 --- a/internal/server/db/cluster/projects.mapper.go +++ b/internal/server/db/cluster/projects.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/snapshots.mapper.go b/internal/server/db/cluster/snapshots.mapper.go index 094b68c9072..b76a81bcce1 100644 --- a/internal/server/db/cluster/snapshots.mapper.go +++ b/internal/server/db/cluster/snapshots.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/cluster/warnings.mapper.go b/internal/server/db/cluster/warnings.mapper.go index 3b8818cc520..2c054bc2fe9 100644 --- a/internal/server/db/cluster/warnings.mapper.go +++ b/internal/server/db/cluster/warnings.mapper.go @@ -3,6 +3,7 @@ package cluster // The code below was generated by incus-generate - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( "context" diff --git a/internal/server/db/generate/file/write.go b/internal/server/db/generate/file/write.go index 81ff0f088a4..bcfc27f653d 100644 --- a/internal/server/db/generate/file/write.go +++ b/internal/server/db/generate/file/write.go @@ -28,6 +28,7 @@ func Reset(path string, imports []string, buildComment string, iface bool) error content := fmt.Sprintf(`%spackage %s // The code below was generated by %s - DO NOT EDIT! +//lint:file-ignore U1000,SA4006 Ignore staticcheck import ( `, buildComment, os.Getenv("GOPACKAGE"), os.Args[0]) diff --git a/internal/server/network/ovs/utils.go b/internal/server/network/ovs/utils.go deleted file mode 100644 index 68b910bfb44..00000000000 --- a/internal/server/network/ovs/utils.go +++ /dev/null @@ -1,16 +0,0 @@ -package ovs - -import ( - "strconv" - "strings" -) - -// unquote passes s through strconv.Unquote if the first character is a ", otherwise returns s unmodified. -// This is useful as openvswitch's tools can sometimes return values double quoted if they start with a number. -func unquote(s string) (string, error) { - if strings.HasPrefix(s, `"`) { - return strconv.Unquote(s) - } - - return s, nil -} diff --git a/internal/server/response/swagger.go b/internal/server/response/swagger.go index 1ce745d57d8..f36f81f0cc1 100644 --- a/internal/server/response/swagger.go +++ b/internal/server/response/swagger.go @@ -1,6 +1,8 @@ // Package response contains helpers for rendering HTTP responses. // -//nolint:deadcode,unused +//nolint:all +//lint:file-ignore U1000 Ignore unused + package response import ( diff --git a/internal/server/scriptlet/load/load.go b/internal/server/scriptlet/load/load.go index d6cb86998d4..ede6ee6870b 100644 --- a/internal/server/scriptlet/load/load.go +++ b/internal/server/scriptlet/load/load.go @@ -6,6 +6,7 @@ import ( "sync" "go.starlark.net/starlark" + "go.starlark.net/syntax" ) // nameInstancePlacement is the name used in Starlark for the instance placement scriptlet. @@ -30,7 +31,7 @@ func InstancePlacementCompile(src string) (*starlark.Program, error) { } // Parse, resolve, and compile a Starlark source file. - _, mod, err := starlark.SourceProgram(nameInstancePlacement, src, isPreDeclared) + _, mod, err := starlark.SourceProgramOptions(syntax.LegacyFileOptions(), nameInstancePlacement, src, isPreDeclared) if err != nil { return nil, err } diff --git a/internal/server/util/http.go b/internal/server/util/http.go index 686b986ffde..eddce0a6768 100644 --- a/internal/server/util/http.go +++ b/internal/server/util/http.go @@ -174,7 +174,7 @@ func CheckTrustState(cert x509.Certificate, trustedCerts map[string]x509.Certifi return false, "" // CRL not signed by CA } - for _, revoked := range crl.RevokedCertificates { + for _, revoked := range crl.RevokedCertificateEntries { if cert.SerialNumber.Cmp(revoked.SerialNumber) == 0 { return false, "" // Certificate is revoked, so not trusted anymore. } diff --git a/shared/cliconfig/remote.go b/shared/cliconfig/remote.go index 001f5850f8a..54330963d24 100644 --- a/shared/cliconfig/remote.go +++ b/shared/cliconfig/remote.go @@ -17,7 +17,7 @@ import ( "github.com/zitadel/oidc/v3/pkg/oidc" "golang.org/x/crypto/ssh" - "github.com/lxc/incus/v6/client" + incus "github.com/lxc/incus/v6/client" "github.com/lxc/incus/v6/shared/api" "github.com/lxc/incus/v6/shared/util" ) @@ -332,6 +332,8 @@ func (c *Config) getConnectionArgs(name string) (*incus.ConnectionArgs, error) { // Golang has deprecated all methods relating to PEM encryption due to a vulnerability. // However, the weakness does not make PEM unsafe for our purposes as it pertains to password protection on the // key file (client.key is only readable to the user in any case), so we'll ignore deprecation. + //nolint:all + //lint:ignore SA1019 see above for reason isEncrypted := x509.IsEncryptedPEMBlock(pemKey) //nolint:staticcheck isSSH := pemKey.Type == "OPENSSH PRIVATE KEY" if isEncrypted || isSSH { @@ -366,6 +368,8 @@ func (c *Config) getConnectionArgs(name string) (*incus.ConnectionArgs, error) { return nil, fmt.Errorf("Unsupported key type: %T", sshKey) } } else { + //nolint:all + //lint:ignore SA1019 see above for reason derKey, err := x509.DecryptPEMBlock(pemKey, []byte(password)) //nolint:staticcheck if err != nil { return nil, err diff --git a/test/mini-oidc/main.go b/test/mini-oidc/main.go index 5855281daae..1dc69623b44 100644 --- a/test/mini-oidc/main.go +++ b/test/mini-oidc/main.go @@ -47,7 +47,7 @@ func main() { }, } - provider, err := op.NewOpenIDProvider(issuer, config, storage, op.WithAllowInsecure()) + provider, err := op.NewProvider(config, storage, op.StaticIssuer(issuer), op.WithAllowInsecure()) if err != nil { fmt.Fprintf(os.Stderr, "Error: %v\n", err) os.Exit(1) @@ -93,8 +93,6 @@ func userCodeHandler(storage *storage.Storage, w http.ResponseWriter, r *http.Re } fmt.Printf("%s => %s\n", userCode, name) - - return } func username() string { diff --git a/test/mini-oidc/storage/storage_dynamic.go b/test/mini-oidc/storage/storage_dynamic.go index d112d712b4f..b2e1e6fd5d0 100644 --- a/test/mini-oidc/storage/storage_dynamic.go +++ b/test/mini-oidc/storage/storage_dynamic.go @@ -98,7 +98,7 @@ func (s *multiStorage) CreateAccessToken(ctx context.Context, request op.TokenRe // CreateAccessAndRefreshTokens implements the op.Storage interface // it will be called for all requests able to return an access and refresh token (Authorization Code Flow, Refresh Token Request) -func (s *multiStorage) CreateAccessAndRefreshTokens(ctx context.Context, request op.TokenRequest, currentRefreshToken string) (accessTokenID string, newRefreshToken string, expiration time.Time, err error) { +func (s *multiStorage) CreateAccessAndRefreshTokens(ctx context.Context, request op.TokenRequest, currentRefreshToken string) (string, string, time.Time, error) { storage, err := s.storageFromContext(ctx) if err != nil { return "", "", time.Time{}, err @@ -128,7 +128,7 @@ func (s *multiStorage) TerminateSession(ctx context.Context, userID string, clie // GetRefreshTokenInfo looks up a refresh token and returns the token id and user id. // If given something that is not a refresh token, it must return error. -func (s *multiStorage) GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (userID string, tokenID string, err error) { +func (s *multiStorage) GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (string, string, error) { storage, err := s.storageFromContext(ctx) if err != nil { return "", "", err @@ -239,7 +239,7 @@ func (s *multiStorage) SetIntrospectionFromToken(ctx context.Context, introspect // GetPrivateClaimsFromScopes implements the op.Storage interface // it will be called for the creation of a JWT access token to assert claims for custom scopes -func (s *multiStorage) GetPrivateClaimsFromScopes(ctx context.Context, userID, clientID string, scopes []string) (claims map[string]any, err error) { +func (s *multiStorage) GetPrivateClaimsFromScopes(ctx context.Context, userID, clientID string, scopes []string) (map[string]any, error) { storage, err := s.storageFromContext(ctx) if err != nil { return nil, err