Closed olivierlemasle closed 1 year ago
Same comment as in https://github.com/kubernetes-sigs/custom-metrics-apiserver/pull/111#issuecomment-1323555943, I'd very much prefer if we used golangci-lint.
PR updated to use golangci-lint.
In the Makefile
, two changes are made in addition to adding golangci-lint:
verify
does not depend on test
any more;verify-generated
depends on update-generated
.Most other changes are formatting / style / naming.
Notable changes are:
MinVersion: tls.VersionTLS12
to TLSClientConfig
.
Current code was reported by gosec as G402 (CWE-295): TLS MinVersion too low
I used MinVersion: tls.VersionTLS12
because it's what client-go uses.pkg/client/api.go
, req.WithContext(ctx)
did not set the request's context, because WithContext
is a pure function. This is fixed by using http.NewRequestWithContext
.Thank you @olivierlemasle, the PR looks good to me overall. Just a small nitpick, would you mind doing the TLS MinVersion
change in a separate PR? It is important enough in my opinion to have its own changelog entry. In the meantime, you can silence the report in this PR.
@dgrisonnet Done. I'll create the follow-up PR with the TLS change after this is merged.
Thanks!
/lgtm /approve
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: dgrisonnet, olivierlemasle
The full list of commands accepted by this bot can be found here.
The pull request process is described here
Since Go 1.19,
gofmt
formats comments. This causedmake verify
fail when using Go 1.19 with some license header comments.gofmt
output format also changes with Go 1.19, sohack/gofmt-all.sh
is modified to be more robust. I took this opportunity to slighty improve this script.Also, I modified
Makefile
:verify
should not depend oftest
(it should be static analysis only)verify-generated
should depend ofupdate-generated
(otherwise, it always succeeds)PR updated: use golangci-lint