update Go and linter (#27)

Signed-off-by: Steve Kriss <[email protected]>

.github/workflows/pr.yaml

@@ -11,7 +11,7 @@ jobs:
     - uses: actions/checkout@v2
     - uses: actions/setup-go@v2
       with:
-        go-version: ^1.14
+        go-version: ^1.20
     - run: go mod download
     - name: build
       run: make build

Dockerfile

@@ -2,7 +2,7 @@
 #
 # Note that this is not used for releasing, since goreleaser handles that.
 
-FROM golang:1.14 as base
+FROM golang:1.20 as base
 
 ENV GO111MODULE=on
 

Makefile

@@ -58,18 +58,7 @@ vet: ## Run go vet against code
 
 .PHONY: lint
 lint: ## Run linters
-lint:
-	@if command -v golangci-lint > /dev/null 2>&1 ; then \
-		golangci-lint run -v --exclude-use-default=false ; \
-	else \
-		docker run \
-			--rm \
-			--volume $$(pwd):/app \
-			--workdir /app \
-			--env GO111MODULE \
-			golangci/golangci-lint:v1.39.0 \
-			golangci-lint run -v --exclude-use-default=false ; \
-	fi
+	go run github.com/golangci/golangci-lint/cmd/[email protected] run -v --exclude-use-default=false
 
 .PHONY: docker-build
 docker-build: ## Build the docker image

go.mod

@@ -1,6 +1,6 @@
 module github.com/projectcontour/contour-authserver
 
-go 1.17
+go 1.20
 
 require (
 	github.com/allegro/bigcache v1.2.1

go.sum

@@ -71,7 +71,6 @@ github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnweb
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
 github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
-github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko=
 github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
 github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
 github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
@@ -87,7 +86,6 @@ github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoC
 github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI=
 github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
 github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
-github.com/coreos/go-oidc v2.1.0+incompatible h1:sdJrfw8akMnCuUlaZU3tE/uYXFgfqom8DBE9so9EBsM=
 github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc=
 github.com/coreos/go-oidc/v3 v3.1.0 h1:6avEvcdvTa1qYsOZ6I5PRkSYHzpTNWgKYmaJfaYbrRw=
 github.com/coreos/go-oidc/v3 v3.1.0/go.mod h1:rEJ/idjfUyfkBit1eI1fvyr+64/g9dcKpAm8MJMesvo=

pkg/auth/htpasswd_test.go

@@ -127,7 +127,7 @@ func TestHtpasswdAuth(t *testing.T) {
 	require.NoError(t, err, "check should not have failed")
 	assert.Equal(t, http.StatusUnauthorized, response.Response.StatusCode)
 	// Note that this isn't canonical as per CanonicalMIMEHeaderKey :-(
-	assert.NotEmpty(t, response.Response.Header["WWW-Authenticate"]) //nolint(staticcheck)
+	assert.NotEmpty(t, response.Response.Header["WWW-Authenticate"]) //nolint:staticcheck
 
 	// Check an authorized response.
 	response, err = auth.Check(context.TODO(), &Request{

pkg/auth/oidc_connect.go

@@ -237,7 +237,7 @@ func (o *OIDCConnect) isValidStateToken(ctx context.Context, state *store.OIDCSt
 	return true
 }
 
-//getStateFromCookie retrieve state token from cookie header and return the value as OIDCState.
+// getStateFromCookie retrieve state token from cookie header and return the value as OIDCState.
 func (o *OIDCConnect) getStateFromCookie(req *Request) (*store.OIDCState, error) {
 	var state *store.OIDCState
 
@@ -262,7 +262,7 @@ func (o *OIDCConnect) getStateFromCookie(req *Request) (*store.OIDCState, error)
 	return nil, fmt.Errorf("no %q cookie", oauthTokenName)
 }
 
-//initProvider initialize oidc provide with ths given issuer URL. return oidc.Provider.
+// initProvider initialize oidc provide with ths given issuer URL. return oidc.Provider.
 func (o *OIDCConnect) initProvider(ctx context.Context) (*oidc.Provider, error) {
 	provider, err := oidc.NewProvider(ctx, o.OidcConfig.IssuerURL)
 	if err != nil {

pkg/auth/server.go

@@ -17,19 +17,19 @@ import (
 	"context"
 	"crypto/tls"
 	"crypto/x509"
-	"io/ioutil"
 	"net"
+	"os"
 
 	envoy_service_auth_v2 "github.com/envoyproxy/go-control-plane/envoy/service/auth/v2"
 	envoy_service_auth_v3 "github.com/envoyproxy/go-control-plane/envoy/service/auth/v3"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials"
 )
 
-type CheckRequestV2 = envoy_service_auth_v2.CheckRequest   //nolint(golint)
-type CheckResponseV2 = envoy_service_auth_v2.CheckResponse //nolint(golint)
-type CheckRequestV3 = envoy_service_auth_v3.CheckRequest   //nolint(golint)
-type CheckResponseV3 = envoy_service_auth_v3.CheckResponse //nolint(golint)
+type CheckRequestV2 = envoy_service_auth_v2.CheckRequest   //nolint:golint
+type CheckResponseV2 = envoy_service_auth_v2.CheckResponse //nolint:golint
+type CheckRequestV3 = envoy_service_auth_v3.CheckRequest   //nolint:golint
+type CheckResponseV3 = envoy_service_auth_v3.CheckResponse //nolint:golint
 
 // Checker is an implementation of the Envoy External Auth API.
 //
@@ -108,7 +108,7 @@ func NewServerCredentials(certPath string, keyPath string, caPath string) (crede
 	p := x509.NewCertPool()
 
 	if caPath != "" {
-		ca, err := ioutil.ReadFile(caPath) //nolint(gosec)
+		ca, err := os.ReadFile(caPath) //nolint:gosec
 		if err != nil {
 			return nil, err
 		}

pkg/cli/err.go

@@ -20,22 +20,22 @@ type ExitCode int
 
 const (
 	// EX_FAIL is an exit code indicating an unspecified error.
-	EX_FAIL ExitCode = 1 //nolint(golint)
+	EX_FAIL ExitCode = 1 //nolint:golint
 
 	// EX_USAGE is an exit code indicating invalid invocation syntax.
-	EX_USAGE ExitCode = 65 //nolint(golint)
+	EX_USAGE ExitCode = 65 //nolint:golint
 
 	// EX_NOINPUT is an exit code indicating missing input data.
-	EX_NOINPUT ExitCode = 66 //nolint(golint)
+	EX_NOINPUT ExitCode = 66 //nolint:golint
 
 	// EX_DATAERR means the input data was incorrect in some
 	// way.  This should only be used for user's data and not
 	// system files.
-	EX_DATAERR ExitCode = 65 //nolint(golint)
+	EX_DATAERR ExitCode = 65 //nolint:golint
 
 	// EX_CONFIG means that something was found in an unconfigured
 	// or misconfigured state.
-	EX_CONFIG ExitCode = 78 //nolint(golint)
+	EX_CONFIG ExitCode = 78 //nolint:golint
 )
 
 // ExitError captures an ExitCode and its associated error message.

pkg/cli/htpasswd.go

@@ -36,7 +36,7 @@ func NewHtpasswdCommand() *cobra.Command {
 			log := ctrl.Log.WithName("auth.htpasswd")
 			s := runtime.NewScheme()
 
-			scheme.AddToScheme(s) //nolint(errcheck)
+			scheme.AddToScheme(s) //nolint:gosec,errcheck
 
 			var cacheFunc cache.NewCacheFunc
 

pkg/cli/oidc_connect.go

@@ -27,7 +27,7 @@ import (
 	ctrl "sigs.k8s.io/controller-runtime"
 )
 
-//NewOIDCConnect - start server as OIDC and take in 'config' file as parameter...
+// NewOIDCConnect - start server as OIDC and take in 'config' file as parameter...
 func NewOIDCConnect() *cobra.Command {
 	cmd := cobra.Command{
 		Use:   "oidc Server [OPTIONS]",

pkg/config/config.go

@@ -15,7 +15,7 @@ package config
 
 import (
 	"fmt"
-	"io/ioutil"
+	"os"
 	"path/filepath"
 
 	"gopkg.in/yaml.v2"
@@ -52,7 +52,7 @@ func NewConfig(configFile string) (*OIDCConfig, error) {
 	}
 
 	if configFile != "" {
-		data, err := ioutil.ReadFile(filepath.Clean(configFile))
+		data, err := os.ReadFile(filepath.Clean(configFile))
 		if err != nil {
 			return nil, err
 		}