Merge pull request #405 from meshery/fix/security-issue

Fixed the security issues

Author: Aisuko

.github/workflows/ci.yml

@@ -1,24 +1,43 @@
-name: Meshery Consul Default Workflow
+name: Meshery Consul Code Quality
 on:
   push:
     branches: [ master ] # keep it simple and reduce the abuse of CI resources    
   pull_request:
     branches: [ master ]
 jobs:
-  golangci-lint:
-    name: golangci-lint
+  lint:
+    name: lint
     runs-on: ubuntu-latest
     steps:
+      - uses: actions/setup-go@v4
+        with:
+          go-version: 1.21.x
+          cache: true
+          cache-dependency-path: go.sum
       - uses: actions/checkout@master
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v3
         with:
-          # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version.
           version: latest
-          args: --timeout 5m
+      - name: Run golangci-lint
+        run: make lint
+  tidy:
+    name: Go mod tidy
+    needs: [lint]
+    runs-on: ubuntu-22.04
+    steps:
+      - name: set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: 1.21.x
+          cache: true
+          cache-dependency-path: go.sum
+      - uses: actions/checkout@master
+      - name: tidy
+        run: make tidy
   codecov:
     # golandci-lint need to be run before codecov and succeed
-    needs: golangci-lint
+    needs: [tidy]
     name: Code Coverage
     if: github.repository == 'meshery/meshery-consul'
     runs-on: ubuntu-22.04
@@ -28,7 +47,9 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v4
         with:
-          go-version: 1.19.x
+          go-version: 1.21.x
+          cache: true
+          cache-dependency-path: go.sum
       - name: Run unit tests
         run: go test --short ./... -race -coverprofile=coverage.txt -covermode=atomic
       - name: Upload coverage to Codecov
@@ -40,7 +61,7 @@ jobs:
   build:
     name: Build check
     runs-on: ubuntu-latest
-    # needs: [lint, error_check, static_check, vet, sec_check, tests]
+    needs: [codecov]
     steps:
     - name: Check out code
       uses: actions/checkout@master
@@ -49,5 +70,7 @@ jobs:
     - name: Setup Go
       uses: actions/setup-go@v4
       with:
-        go-version: '1.19'
-    - run: GOPROXY=direct GOSUMDB=off GO111MODULE=on go build .
+        go-version: 1.21.x
+        cache: true
+        cache-dependency-path: go.sum
+    - run: make gobuild

.gitignore

@@ -21,4 +21,5 @@ log.txt
 
 **errorutil_analyze_errors.json
 **errorutil_analyze_summary.json
-**errorutil_errors_export.json
+**errorutil_errors_export.json
+bin/consul

.golangci.yml

@@ -53,6 +53,7 @@ linters:
     - testpackage
 
 run:
+  timeout: 5m
   enable-cache: true
   skip-dirs:
     - vendor

Makefile

@@ -29,7 +29,17 @@ ADAPTER=consul
 
 ## Lint check Golang
 lint:
-	golangci-lint run ./...
+	golangci-lint run -c .golangci.yml -v ./...
+
+tidy:
+	go mod tidy
+
+verify:
+	go mod verify
+
+gobuild:
+	go build -o bin/$(ADAPTER) main.go
+
 
 ## Build Adapter container image with "edge-latest" tag
 docker:
@@ -47,28 +57,3 @@ docker-run:
 run:
 	go mod tidy; \
 	DEBUG=true GOPROXY=direct GOSUMDB=off go run main.go
-
-## Build and run Adapter locally; force component registration
-run-force-dynamic-reg: dep-check
-	FORCE_DYNAMIC_REG=true DEBUG=true GOPROXY=direct GOSUMDB=off go run main.go
-
-#-----------------------------------------------------------------------------
-# Dependencies
-#-----------------------------------------------------------------------------
-.PHONY: dep-check
-#.SILENT: dep-check
-
-INSTALLED_GO_VERSION=$(shell go version)
-
-dep-check:
-	
-ifeq (,$(findstring $(GOVERSION), $(INSTALLED_GO_VERSION)))
-# Only send a warning.
-# @echo "Dependency missing: go$(GOVERSION). Ensure 'go$(GOVERSION).x' is installed and available in your 'PATH'"	
-	@echo "GOVERSION: " $(GOVERSION)
-	@echo "INSTALLED_GO_VERSION: " $(INSTALLED_GO_VERSION) 
-# Force error and stop.
-	$(error Found $(INSTALLED_GO_VERSION). \
-	 Required golang version is: 'go$(GOVERSION).x'. \
-	 Ensure go '$(GOVERSION).x' is installed and available in your 'PATH'.)
-endif

build/config.go

@@ -9,7 +9,6 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/layer5io/meshery-adapter-library/adapter"
 	"github.com/layer5io/meshery-consul/internal/config"
 
 	"github.com/layer5io/meshkit/utils"
@@ -33,11 +32,6 @@ var AllVersions []Versions
 
 var meshmodelmetadata = make(map[string]interface{})
 
-var MeshModelConfig = adapter.MeshModelConfig{ //Move to build/config.go
-	Category: "Cloud Native Network",
-	Metadata: meshmodelmetadata,
-}
-
 // NewConfig creates the configuration for creating components
 func NewConfig(version string) manifests.Config {
 	return manifests.Config{
@@ -98,5 +92,4 @@ func init() {
 	CRDnames, _ = config.GetFileNames("hashicorp", "consul-k8s", "control-plane/config/crd/bases/")
 	LatestAppVersion = AllVersions[len(AllVersions)-1].AppVersion
 	LatestVersion = AllVersions[len(AllVersions)-1].ChartVersion
-	DefaultGenerationMethod = adapter.Manifests
 }