diff --git a/.golangci.yaml b/.golangci.yaml new file mode 100644 index 00000000..5d73dc4d --- /dev/null +++ b/.golangci.yaml @@ -0,0 +1,31 @@ +linters: + disable-all: true + enable: + - goimports + - gofmt + - misspell + - revive + - gosec + - prealloc +issues: + exclude-files: + - /zz_generated_ + - _generated + exclude-dirs: + - generated +run: + timeout: 5m + tests: true + build-tags: + - test +linters-settings: + gosec: + # https://github.com/securego/gosec#available-rules + excludes: + - G101 # Look for hard coded credentials + - G108 # Profiling endpoint is automatically exposed on /debug/pprof + - G401 # Use of weak cryptographic primitive + - G402 # TLS InsecureSkipVerify set true + - G505 # Blocklisted import crypto/md5: weak cryptographic primitive + config: + G306: "0644" # Poor file permissions used when writing to a new file \ No newline at end of file diff --git a/Dockerfile.dapper b/Dockerfile.dapper index 1b82dad5..d534e167 100644 --- a/Dockerfile.dapper +++ b/Dockerfile.dapper @@ -1,5 +1,5 @@ -FROM golang:1.22.7-bookworm +FROM golang:1.23-bookworm ARG DAPPER_HOST_ARCH ENV HOST_ARCH=${DAPPER_HOST_ARCH} ARCH=${DAPPER_HOST_ARCH} diff --git a/cmd/provisioner/main.go b/cmd/provisioner/main.go index 3638c5f5..e0891fd2 100644 --- a/cmd/provisioner/main.go +++ b/cmd/provisioner/main.go @@ -22,11 +22,11 @@ const ( snapshotPrefix = "lvm-snapshot-" ) -func cmdNotFound(c *cli.Context, command string) { +func cmdNotFound(_ *cli.Context, command string) { panic(fmt.Errorf("unrecognized command: %s", command)) } -func onUsageError(c *cli.Context, err error, isSubcommand bool) error { +func onUsageError(_ *cli.Context, _ error, _ bool) error { panic(fmt.Errorf("usage error, please check your command")) } diff --git a/go.mod b/go.mod index a0777bcf..4bb0164c 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/harvester/csi-driver-lvm -go 1.22.7 +go 1.23 replace ( github.com/googleapis/gnostic => github.com/googleapis/gnostic v0.3.1 diff --git a/pkg/lvm/controllerserver.go b/pkg/lvm/controllerserver.go index 5613f3b6..e46435da 100644 --- a/pkg/lvm/controllerserver.go +++ b/pkg/lvm/controllerserver.go @@ -308,10 +308,9 @@ func (cs *controllerServer) DeleteVolume(ctx context.Context, req *csi.DeleteVol if k8serror.IsNotFound(err) { klog.Infof("node %s not found anymore. Assuming volume %s is gone for good.", node, volID) return &csi.DeleteVolumeResponse{}, nil - } else { - klog.Errorf("error getting nodes: %v", err) - return nil, err } + klog.Errorf("error getting nodes: %v", err) + return nil, err } va := volumeAction{ @@ -335,13 +334,13 @@ func (cs *controllerServer) DeleteVolume(ctx context.Context, req *csi.DeleteVol return &csi.DeleteVolumeResponse{}, nil } -func (cs *controllerServer) ControllerGetCapabilities(ctx context.Context, req *csi.ControllerGetCapabilitiesRequest) (*csi.ControllerGetCapabilitiesResponse, error) { +func (cs *controllerServer) ControllerGetCapabilities(_ context.Context, _ *csi.ControllerGetCapabilitiesRequest) (*csi.ControllerGetCapabilitiesResponse, error) { return &csi.ControllerGetCapabilitiesResponse{ Capabilities: cs.caps, }, nil } -func (cs *controllerServer) ValidateVolumeCapabilities(ctx context.Context, req *csi.ValidateVolumeCapabilitiesRequest) (*csi.ValidateVolumeCapabilitiesResponse, error) { +func (cs *controllerServer) ValidateVolumeCapabilities(_ context.Context, req *csi.ValidateVolumeCapabilitiesRequest) (*csi.ValidateVolumeCapabilitiesResponse, error) { // Check arguments if len(req.GetVolumeId()) == 0 { @@ -383,7 +382,7 @@ func (cs *controllerServer) validateControllerServiceRequest(c csi.ControllerSer } func getControllerServiceCapabilities(cl []csi.ControllerServiceCapability_RPC_Type) []*csi.ControllerServiceCapability { - var csc []*csi.ControllerServiceCapability + var csc = make([]*csi.ControllerServiceCapability, len(cl)) for _, cap := range cl { klog.Infof("Enabling controller service capability: %v", cap.String()) @@ -402,19 +401,19 @@ func getControllerServiceCapabilities(cl []csi.ControllerServiceCapability_RPC_T // Following functions will never be implemented // use the "NodeXXX" versions of the nodeserver instead -func (cs *controllerServer) ControllerPublishVolume(ctx context.Context, req *csi.ControllerPublishVolumeRequest) (*csi.ControllerPublishVolumeResponse, error) { +func (cs *controllerServer) ControllerPublishVolume(_ context.Context, _ *csi.ControllerPublishVolumeRequest) (*csi.ControllerPublishVolumeResponse, error) { return nil, status.Error(codes.Unimplemented, "") } -func (cs *controllerServer) ControllerUnpublishVolume(ctx context.Context, req *csi.ControllerUnpublishVolumeRequest) (*csi.ControllerUnpublishVolumeResponse, error) { +func (cs *controllerServer) ControllerUnpublishVolume(_ context.Context, _ *csi.ControllerUnpublishVolumeRequest) (*csi.ControllerUnpublishVolumeResponse, error) { return nil, status.Error(codes.Unimplemented, "") } -func (cs *controllerServer) GetCapacity(ctx context.Context, req *csi.GetCapacityRequest) (*csi.GetCapacityResponse, error) { +func (cs *controllerServer) GetCapacity(_ context.Context, _ *csi.GetCapacityRequest) (*csi.GetCapacityResponse, error) { return nil, status.Error(codes.Unimplemented, "") } -func (cs *controllerServer) ListVolumes(ctx context.Context, req *csi.ListVolumesRequest) (*csi.ListVolumesResponse, error) { +func (cs *controllerServer) ListVolumes(_ context.Context, _ *csi.ListVolumesRequest) (*csi.ListVolumesResponse, error) { return nil, status.Error(codes.Unimplemented, "") } @@ -518,19 +517,19 @@ func (cs *controllerServer) DeleteSnapshot(ctx context.Context, req *csi.DeleteS return &csi.DeleteSnapshotResponse{}, nil } -func (cs *controllerServer) ListSnapshots(ctx context.Context, req *csi.ListSnapshotsRequest) (*csi.ListSnapshotsResponse, error) { +func (cs *controllerServer) ListSnapshots(_ context.Context, _ *csi.ListSnapshotsRequest) (*csi.ListSnapshotsResponse, error) { return nil, status.Error(codes.Unimplemented, "") } -func (cs *controllerServer) ControllerExpandVolume(ctx context.Context, req *csi.ControllerExpandVolumeRequest) (*csi.ControllerExpandVolumeResponse, error) { +func (cs *controllerServer) ControllerExpandVolume(_ context.Context, _ *csi.ControllerExpandVolumeRequest) (*csi.ControllerExpandVolumeResponse, error) { return nil, status.Error(codes.Unimplemented, "") } -func (cs *controllerServer) ControllerGetVolume(ctx context.Context, req *csi.ControllerGetVolumeRequest) (*csi.ControllerGetVolumeResponse, error) { +func (cs *controllerServer) ControllerGetVolume(_ context.Context, _ *csi.ControllerGetVolumeRequest) (*csi.ControllerGetVolumeResponse, error) { return nil, status.Error(codes.Unimplemented, "") } -func (cs *controllerServer) ControllerModifyVolume(ctx context.Context, req *csi.ControllerModifyVolumeRequest) (*csi.ControllerModifyVolumeResponse, error) { +func (cs *controllerServer) ControllerModifyVolume(_ context.Context, _ *csi.ControllerModifyVolumeRequest) (*csi.ControllerModifyVolumeResponse, error) { return nil, status.Error(codes.Unimplemented, "") } diff --git a/pkg/lvm/identityserver.go b/pkg/lvm/identityserver.go index e71eb83d..b8d4279e 100644 --- a/pkg/lvm/identityserver.go +++ b/pkg/lvm/identityserver.go @@ -36,7 +36,7 @@ func newIdentityServer(name, version string) *identityServer { } } -func (ids *identityServer) GetPluginInfo(ctx context.Context, req *csi.GetPluginInfoRequest) (*csi.GetPluginInfoResponse, error) { +func (ids *identityServer) GetPluginInfo(_ context.Context, _ *csi.GetPluginInfoRequest) (*csi.GetPluginInfoResponse, error) { klog.V(5).Infof("Using default GetPluginInfo") if ids.name == "" { @@ -53,11 +53,11 @@ func (ids *identityServer) GetPluginInfo(ctx context.Context, req *csi.GetPlugin }, nil } -func (ids *identityServer) Probe(ctx context.Context, req *csi.ProbeRequest) (*csi.ProbeResponse, error) { +func (ids *identityServer) Probe(_ context.Context, _ *csi.ProbeRequest) (*csi.ProbeResponse, error) { return &csi.ProbeResponse{}, nil } -func (ids *identityServer) GetPluginCapabilities(ctx context.Context, req *csi.GetPluginCapabilitiesRequest) (*csi.GetPluginCapabilitiesResponse, error) { +func (ids *identityServer) GetPluginCapabilities(_ context.Context, _ *csi.GetPluginCapabilitiesRequest) (*csi.GetPluginCapabilitiesResponse, error) { klog.V(5).Infof("Using default capabilities") return &csi.GetPluginCapabilitiesResponse{ Capabilities: []*csi.PluginCapability{ diff --git a/pkg/lvm/nodeserver.go b/pkg/lvm/nodeserver.go index 6a50557d..f8fef865 100644 --- a/pkg/lvm/nodeserver.go +++ b/pkg/lvm/nodeserver.go @@ -46,7 +46,7 @@ func newNodeServer(nodeID string, maxVolumesPerNode int64) *nodeServer { } } -func (ns *nodeServer) NodePublishVolume(ctx context.Context, req *csi.NodePublishVolumeRequest) (*csi.NodePublishVolumeResponse, error) { +func (ns *nodeServer) NodePublishVolume(_ context.Context, req *csi.NodePublishVolumeRequest) (*csi.NodePublishVolumeResponse, error) { // Check arguments if req.GetVolumeCapability() == nil { @@ -69,12 +69,12 @@ func (ns *nodeServer) NodePublishVolume(ctx context.Context, req *csi.NodePublis } var accessTypeMount, accessTypeBlock bool - cap := req.GetVolumeCapability() + volCap := req.GetVolumeCapability() - if cap.GetBlock() != nil { + if volCap.GetBlock() != nil { accessTypeBlock = true } - if cap.GetMount() != nil { + if volCap.GetMount() != nil { accessTypeMount = true } @@ -106,7 +106,7 @@ func (ns *nodeServer) NodePublishVolume(ctx context.Context, req *csi.NodePublis return &csi.NodePublishVolumeResponse{}, nil } -func (ns *nodeServer) NodeUnpublishVolume(ctx context.Context, req *csi.NodeUnpublishVolumeRequest) (*csi.NodeUnpublishVolumeResponse, error) { +func (ns *nodeServer) NodeUnpublishVolume(_ context.Context, req *csi.NodeUnpublishVolumeRequest) (*csi.NodeUnpublishVolumeResponse, error) { volID := req.GetVolumeId() @@ -124,7 +124,7 @@ func (ns *nodeServer) NodeUnpublishVolume(ctx context.Context, req *csi.NodeUnpu return &csi.NodeUnpublishVolumeResponse{}, nil } -func (ns *nodeServer) NodeStageVolume(ctx context.Context, req *csi.NodeStageVolumeRequest) (*csi.NodeStageVolumeResponse, error) { +func (ns *nodeServer) NodeStageVolume(_ context.Context, req *csi.NodeStageVolumeRequest) (*csi.NodeStageVolumeResponse, error) { // Check arguments if len(req.GetVolumeId()) == 0 { @@ -140,7 +140,7 @@ func (ns *nodeServer) NodeStageVolume(ctx context.Context, req *csi.NodeStageVol return &csi.NodeStageVolumeResponse{}, nil } -func (ns *nodeServer) NodeUnstageVolume(ctx context.Context, req *csi.NodeUnstageVolumeRequest) (*csi.NodeUnstageVolumeResponse, error) { +func (ns *nodeServer) NodeUnstageVolume(_ context.Context, req *csi.NodeUnstageVolumeRequest) (*csi.NodeUnstageVolumeResponse, error) { // Check arguments if len(req.GetVolumeId()) == 0 { @@ -153,7 +153,7 @@ func (ns *nodeServer) NodeUnstageVolume(ctx context.Context, req *csi.NodeUnstag return &csi.NodeUnstageVolumeResponse{}, nil } -func (ns *nodeServer) NodeGetInfo(ctx context.Context, req *csi.NodeGetInfoRequest) (*csi.NodeGetInfoResponse, error) { +func (ns *nodeServer) NodeGetInfo(_ context.Context, _ *csi.NodeGetInfoRequest) (*csi.NodeGetInfoResponse, error) { topology := &csi.Topology{ Segments: map[string]string{topologyKeyNode: ns.nodeID}, @@ -166,7 +166,7 @@ func (ns *nodeServer) NodeGetInfo(ctx context.Context, req *csi.NodeGetInfoReque }, nil } -func (ns *nodeServer) NodeGetCapabilities(ctx context.Context, req *csi.NodeGetCapabilitiesRequest) (*csi.NodeGetCapabilitiesResponse, error) { +func (ns *nodeServer) NodeGetCapabilities(_ context.Context, _ *csi.NodeGetCapabilitiesRequest) (*csi.NodeGetCapabilitiesResponse, error) { return &csi.NodeGetCapabilitiesResponse{ Capabilities: []*csi.NodeServiceCapability{ @@ -195,7 +195,7 @@ func (ns *nodeServer) NodeGetCapabilities(ctx context.Context, req *csi.NodeGetC }, nil } -func (ns *nodeServer) NodeGetVolumeStats(ctx context.Context, in *csi.NodeGetVolumeStatsRequest) (*csi.NodeGetVolumeStatsResponse, error) { +func (ns *nodeServer) NodeGetVolumeStats(_ context.Context, in *csi.NodeGetVolumeStatsRequest) (*csi.NodeGetVolumeStatsResponse, error) { var fs unix.Statfs_t @@ -228,7 +228,7 @@ func (ns *nodeServer) NodeGetVolumeStats(ctx context.Context, in *csi.NodeGetVol }, nil } -func (ns *nodeServer) NodeExpandVolume(ctx context.Context, req *csi.NodeExpandVolumeRequest) (*csi.NodeExpandVolumeResponse, error) { +func (ns *nodeServer) NodeExpandVolume(_ context.Context, req *csi.NodeExpandVolumeRequest) (*csi.NodeExpandVolumeResponse, error) { klog.Infof("NodeExpandVolume: %s", req) // Check arguments diff --git a/pkg/webhook/storageclass/validator.go b/pkg/webhook/storageclass/validator.go index fb151090..967f321f 100644 --- a/pkg/webhook/storageclass/validator.go +++ b/pkg/webhook/storageclass/validator.go @@ -109,13 +109,14 @@ func (v *Validator) validateUniqueVGType(obj runtime.Object) error { } for _, storageClass := range scList.Items { klog.Infof("Checking the SC: %v", storageClass) + scCpy := storageClass.DeepCopy() if storageClass.Provisioner != utils.LVMCSIDriver { continue } if storageClass.Name == sc.Name { continue } - targetNode := getLVMTopologyNodes(&storageClass) + targetNode := getLVMTopologyNodes(scCpy) if targetNode != creatingNodeName { continue } diff --git a/scripts/validate b/scripts/validate index 7f98128b..81fcd01e 100755 --- a/scripts/validate +++ b/scripts/validate @@ -15,7 +15,7 @@ fi echo Running validation echo Running: golangci-lint -golangci-lint run +golangci-lint run -verbose echo Running: go fmt test -z "$(go fmt ${PACKAGES} | tee /dev/stderr)"