Feature golangci lint (#39)

* add lint check

* add action

* update code

* update code

* update CodeQL Analysis

* update workflow

---------

Co-authored-by: tangxinxing <[email protected]>

Author: tiancandevloper

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,71 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ main,release-* ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ main,release-* ]
+  schedule:
+    - cron: '27 21 * * 2'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 https://git.io/JvXDl
+
+      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+      #    and modify them (or add more) to build your code if your project
+      #    uses a compiled language
+
+      #- run: |
+      #   make bootstrap
+      #   make release
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

.github/workflows/lint-ci.yml

@@ -0,0 +1,26 @@
+name: Makefile CI
+
+on:
+  push:
+    branches:
+      - main
+      - release-*
+    tags:
+      - v*
+  pull_request:
+    branches:
+      - main
+      - release-*
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up Go 1.15
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.15
+        id: go
+      - uses: actions/checkout@v2
+      - name: Run golangci-lint
+        run: make lint

Makefile

@@ -35,4 +35,18 @@ docker-build-webconsole:  #test ## Build docker image with the manager.
 
 docker-build-webconsole-multi-arch:  #test
 	MULTI_ARCH=true
-	docker buildx build -f ./Dockerfile -t ${IMG} --platform=linux/arm,linux/arm64,linux/amd64 . --push
+	docker buildx build -f ./Dockerfile -t ${IMG} --platform=linux/arm,linux/arm64,linux/amd64 . --push
+
+lint: golangci-lint ## Run golangci-lint
+	$(GOLANGCI-LINT) run --timeout=10m
+
+GOLANGCI-LINT = ./bin/golangci-lint
+golangci-lint: ## Download golangci-lint locally if necessary.
+	$(call get-golangci-lint,$(GOLANGCI-LINT))
+
+define get-golangci-lint
+@[ -f $(1) ] || { \
+set -e ;\
+curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.45.2 ;\
+}
+endef

errdef/handler.go

@@ -34,12 +34,12 @@ func HandleInternalError(response *restful.Response, err error) {
 		statusCode = int(statusError.Status().Code)
 	}
 	response.AddHeader("Content-Type", "text/plain")
-	response.WriteErrorString(statusCode, err.Error()+"\n")
+	_ = response.WriteErrorString(statusCode, err.Error()+"\n")
 }
 
 func HandleInternalErrorByCode(response *restful.Response, errCode ErrorInfo) {
 	clog.Error("%v", errCode)
 	response.AddHeader("Content-Type", "text/plain")
 	msg, _ := json.Marshal(errCode)
-	response.WriteErrorString(errCode.Code, string(msg))
+	_ = response.WriteErrorString(errCode.Code, string(msg))
 }

handler/apihandler.go

@@ -115,7 +115,7 @@ func handleExecShell(request *restful.Request, response *restful.Response) {
 	}
 	cacheConnInfo(sessionId, cInfo)
 
-	response.WriteHeaderAndEntity(http.StatusOK, TerminalResponse{Id: sessionId})
+	_ = response.WriteHeaderAndEntity(http.StatusOK, TerminalResponse{Id: sessionId})
 }
 
 func cacheConnInfo(sessionId string, info *ConnInfo) {

handler/auth.go

@@ -59,13 +59,13 @@ func PodAuthorityVerify(request *restful.Request, response *restful.Response, ch
 	// 2. determine whether the operated pod belongs to the namespace
 	if !isAuthValid(request) {
 		clog.Info("user has no permission to operate the pod or the pod does not belong to the namespace")
-		response.WriteHeaderAndEntity(http.StatusUnauthorized, TerminalResponse{Message: "permission denied"})
+		_ = response.WriteHeaderAndEntity(http.StatusUnauthorized, TerminalResponse{Message: "permission denied"})
 		return
 	}
 	if isNsOrPodBelongToNamespace(request) {
 		chain.ProcessFilter(request, response)
 	} else {
-		response.WriteHeaderAndEntity(http.StatusUnauthorized, TerminalResponse{Message: "the pod is not found"})
+		_ = response.WriteHeaderAndEntity(http.StatusUnauthorized, TerminalResponse{Message: "the pod is not found"})
 	}
 }
 
@@ -122,8 +122,11 @@ func isNsOrPodBelongToNamespace(request *restful.Request) bool {
 	clusterName := request.PathParameter("cluster")
 	pivotClient := clients.Interface().Kubernetes(constants.LocalCluster)
 	memberCluster := v1.Cluster{}
-	pivotClient.Cache().Get(request.Request.Context(), types.NamespacedName{Name: clusterName}, &memberCluster)
-
+	err := pivotClient.Cache().Get(request.Request.Context(), types.NamespacedName{Name: clusterName}, &memberCluster)
+	if err != nil {
+		clog.Error("get cluster list error: %s", err)
+		return false
+	}
 	config := memberCluster.Spec.KubeConfig
 	kubeConfig, err := kubeconfig.LoadKubeConfigFromBytes(config)
 	if err != nil {

handler/cloudShellHandler.go

@@ -38,6 +38,11 @@ func handleCloudShellExec(request *restful.Request, response *restful.Response)
 	// check cluster exists
 	clusterName := request.PathParameter("cluster")
 	clusterInfo, err := GetClusterInfoByName(clusterName)
+	if err != nil {
+		clog.Warn("get cluster failed. Error msg: " + err.Error())
+		errdef.HandleInternalError(response, err)
+		return
+	}
 	ctrlCluster, err := GetPivotCluster()
 	if err != nil {
 		clog.Error("get pivot cluster failed. Error msg: " + err.Error())
@@ -116,7 +121,7 @@ func handleCloudShellExec(request *restful.Request, response *restful.Response)
 
 	// save container-connect info to memory
 	connMap.Store(sessionId, string(connInfoBytes))
-	response.WriteHeaderAndEntity(http.StatusOK, TerminalResponse{Id: sessionId})
+	_ = response.WriteHeaderAndEntity(http.StatusOK, TerminalResponse{Id: sessionId})
 }
 
 func fetchRandomRunningPod(podArr []v12.Pod) *v12.Pod {

handler/cluster.go

@@ -57,7 +57,7 @@ func GetPivotCluster() (*clusterv1.Cluster, error) {
 	}
 
 	for _, cluster := range list.Items {
-		if cluster.Spec.IsMemberCluster == false {
+		if !cluster.Spec.IsMemberCluster {
 			pivotCluster = &cluster
 			clog.Info("found pivot cluster %v", pivotCluster.Name)
 			return pivotCluster, nil

utils/token.go

@@ -50,7 +50,7 @@ func GetTokenFromReq(request *restful.Request) string {
 
 	// parse bearer token
 	parts := strings.Split(bearerToken, string(bearerToken[6]))
-	if len(parts) < 2 || strings.ToLower(parts[0]) != strings.ToLower(bearerTokenPrefix) {
+	if len(parts) < 2 || !strings.EqualFold(parts[0], bearerTokenPrefix) {
 		return ""
 	}
 	return parts[1]