Merge branch 'develop' into feat/incr-format

# Conflicts:
#	cli/command/format.go
#	internal/task/task/bs/format.go

.github/workflows/CodeQL.yml

@@ -0,0 +1,54 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "master","develop" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "master","develop" ]
+  schedule:
+    - cron: '0 17 * * 5'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    # timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift' ]
+        # Use only 'java' to analyze code written in Java, Kotlin or both
+        # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+
+        # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+
+    # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2

.github/workflows/go.yml

@@ -7,7 +7,23 @@ on:
     branches: [ $default-branch, "develop" ]
 
 jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Setup go
+        uses: actions/setup-go@v3
+        with:
+          go-version: '1.19'
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Setup golangci-lint
+        uses: golangci/golangci-lint-action@v3.4.0
+        with:
+          version: v1.52.2
+          args: --verbose
+
   test:
+    needs: lint
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
@@ -21,15 +37,13 @@ jobs:
         run: make test
 
   build:
-    needs: test
+    needs: lint
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
           go-version: 1.19
-      - name: Set dependencies
-        run: sudo apt update && sudo apt install musl-tools
       - name: Build
-        run: make build
+        run: go build -v ./...

.golangci.yml

@@ -0,0 +1,38 @@
+run:
+  timeout: 5m
+linters:
+  enable:
+    # Simple linter to check that your code does not contain non-ASCII identifiers.
+    - asciicheck
+    # Go linter that checks if package imports are in a list of acceptable packages.
+    - depguard
+    # Checks for pointers to enclosing loop variables.
+    - exportloopref
+    # Gofmt checks whether code was gofmt-ed
+    - gofmt
+    # Inspects source code for security problems.	
+    - gosec
+    # Finds naked returns in functions greater than a specified function length.
+    - nakedret
+    # Reports ill-formed or insufficient nolint directives.
+    - nolintlint
+    # Checks for dangerous unicode character sequences.
+    - bidichk
+  disable:
+    # ignore errcheck
+    - errcheck
+linters-settings:
+  gosec:
+    # Available rules: https://github.com/securego/gosec#available-rules
+    excludes:
+      - G101	# Look for hard coded credentials
+      - G204	# Audit use of command execution
+      - G401	# Detect the usage of DES, RC4, MD5 or SHA1
+      - G403	# Ensure minimum RSA key length of 2048 bits
+      - G404	# Insecure random number source (rand)
+      - G501	# Import blocklist: crypto/md5
+      - G502	# Import blocklist: crypto/des
+      - G503	# Import blocklist: crypto/rc4
+      - G504	# Import blocklist: net/http/cgi
+      - G505	# Import blocklist: crypto/sha1
+      - G601	# Implicit memory aliasing of items from a range statement

Makefile

@@ -56,14 +56,16 @@ SERVER_PACKAGES := $(PWD)/cmd/service/main.go
 # tar
 VERSION := "unknown"
 
-build:
+build: fmt vet
 	$(GOENV) $(GO) build -o $(OUTPUT) $(BUILD_FLAGS) $(PACKAGES)
 	$(GOENV) $(GO) build -o $(SERVER_OUTPUT) $(BUILD_FLAGS) $(SERVER_PACKAGES)
 
-debug:
+
+debug: fmt vet
 	$(GOENV) $(GO) build -o $(OUTPUT) $(DEBUG_FLAGS) $(PACKAGES)
 	$(GOENV) $(GO) build -o $(SERVER_OUTPUT) $(DEBUG_FLAGS) $(SERVER_PACKAGES)
 
+
 test:
 	$(GO_TEST) $(TEST_FLAGS) ./...
 
@@ -74,3 +76,8 @@ lint:
 	go install github.com/golangci/golangci-lint/cmd/golangci-lint@$(GOLANGCILINT_VERSION)
 	$(GOBIN_GOLANGCILINT) run -v
 
+fmt:
+	go fmt ./...
+
+vet:
+	go vet ./...

cli/cli/cli.go

@@ -31,6 +31,7 @@ import (
 	"strings"
 	"time"
 
+	"github.com/kpango/glg"
 	comm "github.com/opencurve/curveadm/internal/common"
 	configure "github.com/opencurve/curveadm/internal/configure/curveadm"
 	"github.com/opencurve/curveadm/internal/configure/hosts"
@@ -94,11 +95,11 @@ func NewCurveAdm() (*CurveAdm, error) {
 
 	rootDir := fmt.Sprintf("%s/.curveadm", home)
 	curveadm := &CurveAdm{
-		rootDir:   rootDir,
-		dataDir:   path.Join(rootDir, "data"),
-		pluginDir: path.Join(rootDir, "plugins"),
-		logDir:    path.Join(rootDir, "logs"),
-		tempDir:   path.Join(rootDir, "temp"),
+		rootDir:      rootDir,
+		dataDir:      path.Join(rootDir, "data"),
+		pluginDir:    path.Join(rootDir, "plugins"),
+		logDir:       path.Join(rootDir, "logs"),
+		tempDir:      path.Join(rootDir, "temp"),
 		httpConfPath: path.Join(rootDir, "http/conf"),
 		httpLogPath:  path.Join(rootDir, "http/logs"),
 	}
@@ -248,7 +249,7 @@ func (curveadm *CurveAdm) detectVersion() {
 }
 
 func (curveadm *CurveAdm) Upgrade() (bool, error) {
-	if curveadm.config.GetAutoUpgrade() == false {
+	if !curveadm.config.GetAutoUpgrade() {
 		return false, nil
 	}
 
@@ -294,6 +295,7 @@ func (curveadm *CurveAdm) LogPath() string                   { return curveadm.l
 func (curveadm *CurveAdm) Config() *configure.CurveAdmConfig { return curveadm.config }
 func (curveadm *CurveAdm) SudoAlias() string                 { return curveadm.config.GetSudoAlias() }
 func (curveadm *CurveAdm) SSHTimeout() int                   { return curveadm.config.GetSSHTimeout() }
+func (curveadm *CurveAdm) Engine() string                    { return curveadm.config.GetEngine() }
 func (curveadm *CurveAdm) In() io.Reader                     { return curveadm.in }
 func (curveadm *CurveAdm) Out() io.Writer                    { return curveadm.out }
 func (curveadm *CurveAdm) Err() io.Writer                    { return curveadm.err }
@@ -308,6 +310,7 @@ func (curveadm *CurveAdm) ClusterName() string               { return curveadm.c
 func (curveadm *CurveAdm) ClusterTopologyData() string       { return curveadm.clusterTopologyData }
 func (curveadm *CurveAdm) ClusterPoolData() string           { return curveadm.clusterPoolData }
 func (curveadm *CurveAdm) Monitor() storage.Monitor          { return curveadm.monitor }
+func (curveadm *CurveAdm) SetDebugLevel()                    { glg.Get().SetLevel(glg.DEBG) }
 
 func (curveadm *CurveAdm) GetHost(host string) (*hosts.HostConfig, error) {
 	if len(curveadm.Hosts()) == 0 {
@@ -421,6 +424,7 @@ func (curveadm *CurveAdm) ExecOptions() module.ExecOptions {
 		ExecInLocal:    false,
 		ExecSudoAlias:  curveadm.config.GetSudoAlias(),
 		ExecTimeoutSec: curveadm.config.GetTimeout(),
+		ExecWithEngine: curveadm.config.GetEngine(),
 	}
 }
 
@@ -549,8 +553,7 @@ func (curveadm *CurveAdm) PostAudit(id int64, ec error) {
 		return
 	}
 
-	auditLog := auditLogs[0]
-	status := auditLog.Status
+	var status int
 	errorCode := 0
 	if ec == nil {
 		status = comm.AUDIT_STATUS_SUCCESS

cli/command/clean.go

@@ -121,7 +121,7 @@ func genCleanPlaybook(curveadm *cli.CurveAdm,
 			Configs: dcs,
 			Options: map[string]interface{}{
 				comm.KEY_CLEAN_ITEMS:      options.only,
-				comm.KEY_CLEAN_BY_RECYCLE: options.withoutRecycle == false,
+				comm.KEY_CLEAN_BY_RECYCLE: !options.withoutRecycle,
 			},
 		})
 	}

cli/command/client/map.go

@@ -27,7 +27,6 @@ import (
 	"strings"
 
 	"github.com/dustin/go-humanize"
-
 	"github.com/fatih/color"
 	"github.com/opencurve/curveadm/cli/cli"
 	comm "github.com/opencurve/curveadm/internal/common"

cli/command/cluster/import.go

@@ -138,10 +138,8 @@ func readDatabase(filename string) (storage.Cluster, []storage.Service, error) {
 		switch id {
 		case CLUSTER_DESCRIPTION:
 			cluster.Description = value
-			break
 		case CLUSTER_TOPOLOGY:
 			cluster.Topology = value
-			break
 		case SERVICE:
 			items := strings.Split(value, " ")
 			if len(items) != 2 {
@@ -166,7 +164,8 @@ func importCluster(storage *storage.Storage, name, dbfile string) error {
 	}
 
 	// insert cluster
-	if storage.InsertCluster(name, cluster.Description, cluster.Topology); err != nil {
+	err = storage.InsertCluster(name, cluster.Description, cluster.Topology)
+	if err != nil {
 		return err
 	}
 

cli/command/completion.go

@@ -77,7 +77,7 @@ PowerShell:
 `, "curveadm"),
 		DisableFlagsInUseLine: true,
 		ValidArgs:             []string{"bash", "zsh", "fish", "powershell"},
-		Args:                  cobra.ExactValidArgs(1),
+		Args:                  cobra.ExactArgs(1),
 		Run: func(cmd *cobra.Command, args []string) {
 			switch args[0] {
 			case "bash":