diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index f4f2820e..706d3713 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-18T04:34:01Z by kres 15ff2fd. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -93,7 +93,7 @@ jobs: make base - name: Retrieve PR labels id: retrieve-pr-labels - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # version: v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # version: v9.0.0 with: retries: "3" script: | @@ -179,7 +179,7 @@ jobs: make release-notes - name: Release if: startsWith(github.ref, 'refs/tags/') - uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # version: v2.6.1 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # version: v3.0.0 with: body_path: _out/RELEASE_NOTES.md draft: "true" @@ -190,7 +190,7 @@ jobs: e2e-backups: runs-on: group: large - if: contains(fromJSON(needs.default.outputs.labels), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-backups') + if: contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-backups') needs: - integration-talemu - integration-qemu @@ -251,7 +251,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu-e2e-backups path: ${{ github.workspace }}/integration-test @@ -260,7 +260,7 @@ jobs: e2e-cluster-import: runs-on: group: large - if: contains(fromJSON(needs.default.outputs.labels), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-cluster-import') + if: contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-cluster-import') needs: - integration-talemu - integration-qemu @@ -323,7 +323,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu-e2e-cluster-import path: ${{ github.workspace }}/integration-test @@ -332,7 +332,7 @@ jobs: e2e-forced-removal: runs-on: group: large - if: contains(fromJSON(needs.default.outputs.labels), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-forced-removal') + if: contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-forced-removal') needs: - integration-talemu - integration-qemu @@ -393,7 +393,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu-e2e-forced-removal path: ${{ github.workspace }}/integration-test @@ -461,7 +461,7 @@ jobs: sudo -E make run-integration-test - name: save-e2e-helm-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: e2e-helm path: ${{ github.workspace }}/integration-test @@ -469,7 +469,7 @@ jobs: e2e-minor-talos-upgrade: runs-on: group: large - if: contains(fromJSON(needs.default.outputs.labels), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-upgrades') + if: contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-upgrades') needs: - integration-talemu - integration-qemu @@ -531,7 +531,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu-e2e-minor-talos-upgrade path: ${{ github.workspace }}/integration-test @@ -540,7 +540,7 @@ jobs: e2e-misc-upgrades: runs-on: group: large - if: contains(fromJSON(needs.default.outputs.labels), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-upgrades') || contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-misc-upgrades') + if: contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-upgrades') || contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-misc-upgrades') needs: - integration-talemu - integration-qemu @@ -601,7 +601,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu-e2e-misc-upgrades path: ${{ github.workspace }}/integration-test @@ -610,7 +610,7 @@ jobs: e2e-omni-upgrade: runs-on: group: large - if: contains(fromJSON(needs.default.outputs.labels), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-omni-upgrade') + if: contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-omni-upgrade') needs: - integration-talemu - integration-qemu @@ -673,7 +673,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu-e2e-omni-upgrade path: ${{ github.workspace }}/integration-test @@ -741,7 +741,7 @@ jobs: sudo -E make run-integration-test - name: save-e2e-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: e2e-qemu path: ${{ github.workspace }}/integration-test @@ -749,7 +749,7 @@ jobs: e2e-rotate-ca: runs-on: group: large - if: contains(fromJSON(needs.default.outputs.labels), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-rotate-ca') + if: contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-rotate-ca') needs: - integration-talemu - integration-qemu @@ -812,7 +812,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu-e2e-rotate-ca path: ${{ github.workspace }}/integration-test @@ -821,7 +821,7 @@ jobs: e2e-scaling: runs-on: group: large - if: contains(fromJSON(needs.default.outputs.labels), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-scaling') + if: contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-scaling') needs: - integration-talemu - integration-qemu @@ -882,7 +882,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu-e2e-scaling path: ${{ github.workspace }}/integration-test @@ -891,7 +891,7 @@ jobs: e2e-short: runs-on: group: large - if: contains(fromJSON(needs.default.outputs.labels), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-short') + if: contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-short') needs: - integration-talemu - integration-qemu @@ -952,7 +952,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu-e2e-short path: ${{ github.workspace }}/integration-test @@ -961,7 +961,7 @@ jobs: e2e-short-secureboot: runs-on: group: large - if: contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-short-secureboot') + if: contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-short-secureboot') needs: - integration-talemu - integration-qemu @@ -1023,7 +1023,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu-e2e-short-secureboot path: ${{ github.workspace }}/integration-test @@ -1091,7 +1091,7 @@ jobs: sudo -E make run-integration-test - name: save-e2e-talemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: e2e-talemu path: ${{ github.workspace }}/integration-test @@ -1106,7 +1106,7 @@ jobs: e2e-templates: runs-on: group: large - if: contains(fromJSON(needs.default.outputs.labels), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-templates') + if: contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-templates') needs: - integration-talemu - integration-qemu @@ -1167,7 +1167,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu-e2e-templates path: ${{ github.workspace }}/integration-test @@ -1176,7 +1176,7 @@ jobs: e2e-upgrades: runs-on: group: large - if: contains(fromJSON(needs.default.outputs.labels), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-upgrades') + if: contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-upgrades') needs: - integration-talemu - integration-qemu @@ -1237,7 +1237,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu-e2e-upgrades path: ${{ github.workspace }}/integration-test @@ -1246,7 +1246,7 @@ jobs: e2e-workload-proxy: runs-on: group: large - if: contains(fromJSON(needs.default.outputs.labels), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels), 'integration/e2e-workload-proxy') + if: contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e') || contains(fromJSON(needs.default.outputs.labels || '[]'), 'integration/e2e-workload-proxy') needs: - integration-talemu - integration-qemu @@ -1307,7 +1307,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu-e2e-workload-proxy path: ${{ github.workspace }}/integration-test @@ -1378,7 +1378,7 @@ jobs: run: | find _out -type f -executable > _out/executable-artifacts - name: save-artifacts - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: artifacts path: |- @@ -1388,7 +1388,7 @@ jobs: retention-days: "5" - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test @@ -1463,7 +1463,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-talemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-talemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/e2e-backups-cron.yaml b/.github/workflows/e2e-backups-cron.yaml index 477c7eed..1d2d6872 100644 --- a/.github/workflows/e2e-backups-cron.yaml +++ b/.github/workflows/e2e-backups-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -67,7 +67,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/e2e-cluster-import-cron.yaml b/.github/workflows/e2e-cluster-import-cron.yaml index f60aae90..7c53b071 100644 --- a/.github/workflows/e2e-cluster-import-cron.yaml +++ b/.github/workflows/e2e-cluster-import-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -69,7 +69,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/e2e-forced-removal-cron.yaml b/.github/workflows/e2e-forced-removal-cron.yaml index ad539fba..b1896970 100644 --- a/.github/workflows/e2e-forced-removal-cron.yaml +++ b/.github/workflows/e2e-forced-removal-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -67,7 +67,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/e2e-minor-talos-upgrade-cron.yaml b/.github/workflows/e2e-minor-talos-upgrade-cron.yaml index 4b0170ce..630d5cad 100644 --- a/.github/workflows/e2e-minor-talos-upgrade-cron.yaml +++ b/.github/workflows/e2e-minor-talos-upgrade-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -68,7 +68,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/e2e-misc-upgrades-cron.yaml b/.github/workflows/e2e-misc-upgrades-cron.yaml index 17546f22..4a22de3f 100644 --- a/.github/workflows/e2e-misc-upgrades-cron.yaml +++ b/.github/workflows/e2e-misc-upgrades-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -67,7 +67,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/e2e-omni-upgrade-cron.yaml b/.github/workflows/e2e-omni-upgrade-cron.yaml index 54f3af8c..c1762326 100644 --- a/.github/workflows/e2e-omni-upgrade-cron.yaml +++ b/.github/workflows/e2e-omni-upgrade-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -69,7 +69,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/e2e-rotate-ca-cron.yaml b/.github/workflows/e2e-rotate-ca-cron.yaml index aa359452..f0ec4c1d 100644 --- a/.github/workflows/e2e-rotate-ca-cron.yaml +++ b/.github/workflows/e2e-rotate-ca-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -69,7 +69,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/e2e-scaling-cron.yaml b/.github/workflows/e2e-scaling-cron.yaml index ae17dfde..30bde3cc 100644 --- a/.github/workflows/e2e-scaling-cron.yaml +++ b/.github/workflows/e2e-scaling-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -67,7 +67,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/e2e-short-cron.yaml b/.github/workflows/e2e-short-cron.yaml index 439b083f..4a3e6b09 100644 --- a/.github/workflows/e2e-short-cron.yaml +++ b/.github/workflows/e2e-short-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -67,7 +67,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/e2e-short-secureboot-cron.yaml b/.github/workflows/e2e-short-secureboot-cron.yaml index 2628a24c..4dd93a7a 100644 --- a/.github/workflows/e2e-short-secureboot-cron.yaml +++ b/.github/workflows/e2e-short-secureboot-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -68,7 +68,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/e2e-templates-cron.yaml b/.github/workflows/e2e-templates-cron.yaml index f08f321f..5b46760d 100644 --- a/.github/workflows/e2e-templates-cron.yaml +++ b/.github/workflows/e2e-templates-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -67,7 +67,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/e2e-upgrades-cron.yaml b/.github/workflows/e2e-upgrades-cron.yaml index 5f271c45..0f42990e 100644 --- a/.github/workflows/e2e-upgrades-cron.yaml +++ b/.github/workflows/e2e-upgrades-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -67,7 +67,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/e2e-workload-proxy-cron.yaml b/.github/workflows/e2e-workload-proxy-cron.yaml index f637384b..88972d83 100644 --- a/.github/workflows/e2e-workload-proxy-cron.yaml +++ b/.github/workflows/e2e-workload-proxy-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -67,7 +67,7 @@ jobs: sudo -E make run-integration-test - name: save-integration-qemu-artifacts if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # version: v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # version: v7.0.1 with: name: integration-qemu path: ${{ github.workspace }}/integration-test diff --git a/.github/workflows/slack-notify-ci-failure.yaml b/.github/workflows/slack-notify-ci-failure.yaml index 460e8714..49a97ace 100644 --- a/.github/workflows/slack-notify-ci-failure.yaml +++ b/.github/workflows/slack-notify-ci-failure.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-07T14:45:56Z by kres 4e3b74d. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. "on": workflow_run: @@ -31,7 +31,7 @@ jobs: if: github.event.workflow_run.conclusion == 'failure' && github.event.workflow_run.event != 'pull_request' steps: - name: Slack Notify - uses: slackapi/slack-github-action@af78098f536edbc4de71162a307590698245be95 # version: v3.0.1 + uses: slackapi/slack-github-action@03ea5433c137af7c0495bc0cad1af10403fc800c # version: v3.0.2 with: method: chat.postMessage payload: | diff --git a/.github/workflows/slack-notify.yaml b/.github/workflows/slack-notify.yaml index 32da11bf..733c85ac 100644 --- a/.github/workflows/slack-notify.yaml +++ b/.github/workflows/slack-notify.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-07T14:45:56Z by kres 4e3b74d. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. "on": workflow_run: @@ -36,7 +36,7 @@ jobs: run: | echo pull_request_number=$(gh pr view -R ${{ github.repository }} ${{ github.event.workflow_run.head_repository.owner.login }}:${{ github.event.workflow_run.head_branch }} --json number --jq .number) >> $GITHUB_OUTPUT - name: Slack Notify - uses: slackapi/slack-github-action@af78098f536edbc4de71162a307590698245be95 # version: v3.0.1 + uses: slackapi/slack-github-action@03ea5433c137af7c0495bc0cad1af10403fc800c # version: v3.0.2 with: method: chat.postMessage payload: | diff --git a/.golangci.yml b/.golangci.yml index c2ebb110..e85c250c 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T18:20:53Z by kres 7359c62. version: "2" @@ -9,7 +9,7 @@ run: modules-download-mode: readonly issues-exit-code: 1 tests: true - build-tags: [] + build-tags: ["integration","sidero.tools"] # output configuration options output: diff --git a/.kres.yaml b/.kres.yaml index 889c631a..36e3a990 100644 --- a/.kres.yaml +++ b/.kres.yaml @@ -673,6 +673,9 @@ spec: --- kind: golang.GolangciLint spec: + buildTags: + - integration + - sidero.tools depguardExtraRules: prevent_sync_errgroup: list-mode: lax diff --git a/Dockerfile b/Dockerfile index aa21ac5d..ed06a61f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-16T13:44:23Z by kres b6d29bf. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. ARG JS_TOOLCHAIN ARG TOOLCHAIN=scratch @@ -13,9 +13,9 @@ ARG HELMDOCS_VERSION RUN --mount=type=cache,target=/root/.cache/go-build,id=omni/root/.cache/go-build --mount=type=cache,target=/go/pkg,id=omni/go/pkg go install github.com/norwoodj/helm-docs/cmd/helm-docs@${HELMDOCS_VERSION} \ && mv /go/bin/helm-docs /bin/helm-docs -FROM ghcr.io/siderolabs/ca-certificates:v1.12.0 AS image-ca-certificates +FROM ghcr.io/siderolabs/ca-certificates:v1.13.0 AS image-ca-certificates -FROM ghcr.io/siderolabs/fhs:v1.12.0 AS image-fhs +FROM ghcr.io/siderolabs/fhs:v1.13.0 AS image-fhs # base toolchain image FROM --platform=${BUILDPLATFORM} ${JS_TOOLCHAIN} AS js-toolchain @@ -26,7 +26,7 @@ ENV GOPATH=/go ENV PATH=${PATH}:/usr/local/go/bin # runs markdownlint -FROM docker.io/oven/bun:1.3.11-alpine AS lint-markdown +FROM docker.io/oven/bun:1.3.13-alpine AS lint-markdown WORKDIR /src RUN bun i markdownlint-cli@0.48.0 sentences-per-line@0.5.2 COPY .markdownlint.json . diff --git a/Makefile b/Makefile index c5821507..a13e8bcb 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-20T11:44:49Z by kres 4b58472-dirty. +# Generated on 2026-04-29T17:27:17Z by kres 7359c62. # common variables @@ -24,15 +24,15 @@ TESTPKGS ?= ./... JS_BUILD_ARGS ?= PROTOBUF_GO_VERSION ?= 1.36.11 GRPC_GO_VERSION ?= 1.6.1 -GRPC_GATEWAY_VERSION ?= 2.28.0 +GRPC_GATEWAY_VERSION ?= 2.29.0 VTPROTOBUF_VERSION ?= 0.6.0 -GOIMPORTS_VERSION ?= 0.43.0 +GOIMPORTS_VERSION ?= 0.44.0 GOMOCK_VERSION ?= 0.6.0 DEEPCOPY_VERSION ?= v0.5.8 GOLANGCILINT_VERSION ?= v2.11.4 GOFUMPT_VERSION ?= v0.9.2 GO_VERSION ?= 1.26.2 -DIS_VULNCHECK_VERSION ?= v0.0.0-20260408104044-a7a2dc044240 +DIS_VULNCHECK_VERSION ?= v0.0.0-20260409114749-05440f84fe69 GO_BUILDFLAGS ?= GO_BUILDTAGS ?= memory.counters,libc.memexpvar, GO_LDFLAGS ?= @@ -88,7 +88,7 @@ COMMON_ARGS += --build-arg=GOFUMPT_VERSION="$(GOFUMPT_VERSION)" COMMON_ARGS += --build-arg=DIS_VULNCHECK_VERSION="$(DIS_VULNCHECK_VERSION)" COMMON_ARGS += --build-arg=TESTPKGS="$(TESTPKGS)" COMMON_ARGS += --build-arg=HELMDOCS_VERSION="$(HELMDOCS_VERSION)" -JS_TOOLCHAIN ?= docker.io/node:24.14.1-alpine +JS_TOOLCHAIN ?= docker.io/node:24.15.0-alpine TOOLCHAIN ?= docker.io/golang:1.26-alpine # extra variables diff --git a/client/.golangci.yml b/client/.golangci.yml index c2ebb110..e85c250c 100644 --- a/client/.golangci.yml +++ b/client/.golangci.yml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-03-10T14:06:17Z by kres 3328d87. +# Generated on 2026-04-29T18:20:53Z by kres 7359c62. version: "2" @@ -9,7 +9,7 @@ run: modules-download-mode: readonly issues-exit-code: 1 tests: true - build-tags: [] + build-tags: ["integration","sidero.tools"] # output configuration options output: diff --git a/client/api/omni/specs/config_patch.go b/client/api/omni/specs/config_patch.go index 0548bff0..493a15d5 100644 --- a/client/api/omni/specs/config_patch.go +++ b/client/api/omni/specs/config_patch.go @@ -2,7 +2,6 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at http://mozilla.org/MPL/2.0/. -//nolint:revive package specs import ( diff --git a/client/api/omni/specs/kubernetes_manifest_group.go b/client/api/omni/specs/kubernetes_manifest_group.go index 9aefca69..20f80f4c 100644 --- a/client/api/omni/specs/kubernetes_manifest_group.go +++ b/client/api/omni/specs/kubernetes_manifest_group.go @@ -2,7 +2,6 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at http://mozilla.org/MPL/2.0/. -//nolint:revive package specs import ( diff --git a/client/api/omni/specs/redacted_cluster_machine_config.go b/client/api/omni/specs/redacted_cluster_machine_config.go index 13b715ca..84399100 100644 --- a/client/api/omni/specs/redacted_cluster_machine_config.go +++ b/client/api/omni/specs/redacted_cluster_machine_config.go @@ -2,7 +2,6 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at http://mozilla.org/MPL/2.0/. -//nolint:revive package specs import ( diff --git a/client/pkg/clusterimport/clusterimport.go b/client/pkg/clusterimport/clusterimport.go index f6291575..f814ea4c 100644 --- a/client/pkg/clusterimport/clusterimport.go +++ b/client/pkg/clusterimport/clusterimport.go @@ -63,7 +63,8 @@ type Context struct { } // BuildContext builds the import context by collecting information from the existing Talos cluster. -// nolint:gocyclo,cyclop +// +//nolint:gocyclo,cyclop func BuildContext(ctx context.Context, input Input, omniState state.State, imageFactoryClient ImageFactoryClient, talosClient TalosClient) (*Context, error) { input.logf("discovering Talos cluster state...") @@ -472,7 +473,6 @@ func (c *Context) importClusterToOmni(ctx context.Context) error { return nil } -//nolint:gocognit func (c *Context) validate(ctx context.Context) error { c.input.logf("validating cluster status...") diff --git a/client/pkg/omni/resources/siderolink/siderolink.go b/client/pkg/omni/resources/siderolink/siderolink.go index 676ea989..8ebc45aa 100644 --- a/client/pkg/omni/resources/siderolink/siderolink.go +++ b/client/pkg/omni/resources/siderolink/siderolink.go @@ -19,7 +19,7 @@ const Namespace = resources.DefaultNamespace const CounterNamespace = resources.MetricsNamespace func init() { - registry.MustRegisterResource(ConnectionParamsType, &ConnectionParams{}) //nolint:staticcheck + registry.MustRegisterResource(ConnectionParamsType, &ConnectionParams{}) registry.MustRegisterResource(ConfigType, &Config{}) registry.MustRegisterResource(LinkType, &Link{}) registry.MustRegisterResource(PendingMachineType, &PendingMachine{}) diff --git a/client/pkg/omnictl/cluster/import.go b/client/pkg/omnictl/cluster/import.go index 54e7e549..760be8d4 100644 --- a/client/pkg/omnictl/cluster/import.go +++ b/client/pkg/omnictl/cluster/import.go @@ -44,7 +44,7 @@ will only work if the cluster is locked and tainted as "importing"`, return fmt.Errorf("failed to abort import operation for cluster %q: %w", clusterID, err) } - fmt.Fprintf(os.Stderr, "import operation was aborted successfully for cluster %q\n", clusterID) //nolint:errcheck + fmt.Fprintf(os.Stderr, "import operation was aborted successfully for cluster %q\n", clusterID) return nil }) diff --git a/client/pkg/omnictl/config/config.go b/client/pkg/omnictl/config/config.go index 75db99cf..339bb742 100644 --- a/client/pkg/omnictl/config/config.go +++ b/client/pkg/omnictl/config/config.go @@ -200,7 +200,6 @@ func (c *Config) Merge(additionalConfigPath string) ([]Rename, error) { return renames, nil } -//nolint:gocognit func defaultPath(readOnly bool) (string, error) { path := os.Getenv(OmniConfigEnvVar) if path != "" { diff --git a/client/pkg/omnictl/edit.go b/client/pkg/omnictl/edit.go index 402b0bf0..4f6c8538 100644 --- a/client/pkg/omnictl/edit.go +++ b/client/pkg/omnictl/edit.go @@ -232,7 +232,7 @@ func addEditingComment(in string) string { fmt.Fprintln(&sb, "# Edit Failed:") for _, line := range lines { - fmt.Fprintf(&sb, "# %s\n", line) //nolint:errcheck + fmt.Fprintf(&sb, "# %s\n", line) } return sb.String() diff --git a/client/pkg/omnictl/get.go b/client/pkg/omnictl/get.go index 7ba050b8..3fa973e9 100644 --- a/client/pkg/omnictl/get.go +++ b/client/pkg/omnictl/get.go @@ -43,7 +43,7 @@ To get a list of all available resource definitions, issue 'omnictl get rd'`, }, } -//nolint:gocognit,gocyclo,cyclop,maintidx +//nolint:gocognit,gocyclo,cyclop func getResources(args []string) func(ctx context.Context, client *client.Client, _ access.ServerInfo) error { return func(ctx context.Context, client *client.Client, _ access.ServerInfo) error { st := client.Omni().State() diff --git a/client/pkg/omnictl/internal/access/client.go b/client/pkg/omnictl/internal/access/client.go index bf796308..57fa68b1 100644 --- a/client/pkg/omnictl/internal/access/client.go +++ b/client/pkg/omnictl/internal/access/client.go @@ -234,7 +234,7 @@ func checkNotifications(ctx context.Context, st state.State, info ServerInfo) er prefix = "[UNKNOWN]" } - fmt.Fprintf(os.Stderr, "%s %s: %s\n", prefix, spec.Title, spec.Body) //nolint:errcheck + fmt.Fprintf(os.Stderr, "%s %s: %s\n", prefix, spec.Title, spec.Body) } return nil diff --git a/client/pkg/omnictl/internal/reporter/reporter.go b/client/pkg/omnictl/internal/reporter/reporter.go index 6fcffc55..54fe6c6a 100644 --- a/client/pkg/omnictl/internal/reporter/reporter.go +++ b/client/pkg/omnictl/internal/reporter/reporter.go @@ -57,8 +57,6 @@ func New() *Reporter { } // Report reports an update to the reporter. -// -//nolint:gocyclo func (r *Reporter) Report(update Update) { line := strings.TrimSpace(update.Message) // replace tabs with spaces to get consistent output length diff --git a/internal/backend/grpc/configs_test.go b/internal/backend/grpc/configs_test.go index adfae47a..8a7ee6a2 100644 --- a/internal/backend/grpc/configs_test.go +++ b/internal/backend/grpc/configs_test.go @@ -133,7 +133,7 @@ func TestGenerateConfigs(t *testing.T) { _, err = clientcmd.Load(kubeconfig) require.NoError(t, err) - updatedClusterStatus, err := safe.ReaderGetByID[*omni.ClusterStatus](ctx, st.Default(), clusterName) // nolint:govet + updatedClusterStatus, err := safe.ReaderGetByID[*omni.ClusterStatus](ctx, st.Default(), clusterName) //nolint:govet require.NoError(t, err) _, taintBreakGlass := updatedClusterStatus.Metadata().Labels().Get(omni.LabelClusterTaintedByBreakGlass) diff --git a/internal/backend/grpc/export_test.go b/internal/backend/grpc/export_test.go index 77ef321a..78c7a64c 100644 --- a/internal/backend/grpc/export_test.go +++ b/internal/backend/grpc/export_test.go @@ -21,7 +21,6 @@ type AuthServer = authServer // ManagementServerOption configures a test management server. type ManagementServerOption func(*ManagementServer) -//nolint:revive func NewManagementServer(st state.State, imageFactoryClient *imagefactory.Client, logger *zap.Logger, enableBreakGlassConfigs bool, kubernetesRuntime KubernetesRuntime, talosconfigProvider TalosconfigProvider, opts ...ManagementServerOption, diff --git a/internal/backend/grpc/kubernetes_manifests.go b/internal/backend/grpc/kubernetes_manifests.go index 60c70ddc..4b2ed523 100644 --- a/internal/backend/grpc/kubernetes_manifests.go +++ b/internal/backend/grpc/kubernetes_manifests.go @@ -166,7 +166,6 @@ func (s *managementServer) syncSSA( return fmt.Errorf("failed to send manifest sync response: %w", err) } - //nolint:exhaustive switch r.Action { case ssa.CreatedAction, ssa.ConfiguredAction: if !req.DryRun && !resp.Skipped { diff --git a/internal/backend/grpc/management.go b/internal/backend/grpc/management.go index d2af7b56..64c4611b 100644 --- a/internal/backend/grpc/management.go +++ b/internal/backend/grpc/management.go @@ -1009,7 +1009,6 @@ func (s *managementServer) triggerManifestResync(ctx context.Context, requestCon return nil } -//nolint:unparam func (s *managementServer) authCheckGRPC(ctx context.Context, opts ...auth.CheckOption) (auth.CheckResult, error) { authCheckResult, err := auth.Check(ctx, opts...) if errors.Is(err, auth.ErrUnauthenticated) { diff --git a/internal/backend/grpc/router/talos_backend.go b/internal/backend/grpc/router/talos_backend.go index 98de8008..61973194 100644 --- a/internal/backend/grpc/router/talos_backend.go +++ b/internal/backend/grpc/router/talos_backend.go @@ -269,7 +269,6 @@ func (backend *TalosBackend) BuildError(bool, error) ([]byte, error) { return nil, nil } -//nolint:unparam func setHeaderData(ctx context.Context, md metadata.MD, k string, v ...string) { if len(v) == 0 { return diff --git a/internal/backend/grpc/support.go b/internal/backend/grpc/support.go index 330e7151..d33da8df 100644 --- a/internal/backend/grpc/support.go +++ b/internal/backend/grpc/support.go @@ -217,7 +217,6 @@ func (s *managementServer) collectLogs(machineID string) *collectors.Collector { func (s *managementServer) collectClusterResources(ctx context.Context, cluster string) ([]resource.Resource, error) { st := s.omniState - //nolint:prealloc var resources []resource.Resource clusterQuery := []state.ListOption{ diff --git a/internal/backend/oidc/internal/client/client.go b/internal/backend/oidc/internal/client/client.go index 2e348277..a7a628be 100644 --- a/internal/backend/oidc/internal/client/client.go +++ b/internal/backend/oidc/internal/client/client.go @@ -87,9 +87,7 @@ func (Client) DevMode() bool { } // RestrictAdditionalIdTokenScopes allows specifying which custom scopes shall be asserted into the id_token. -// -//nolint:staticcheck // Id, not ID, because this is an implementation of an interface from a library. -func (Client) RestrictAdditionalIdTokenScopes() func(scopes []string) []string { //nolint:revive +func (Client) RestrictAdditionalIdTokenScopes() func(scopes []string) []string { return func(scopes []string) []string { return scopes } diff --git a/internal/backend/runtime/cosi/cosi.go b/internal/backend/runtime/cosi/cosi.go index e9ff2ebb..176c1037 100644 --- a/internal/backend/runtime/cosi/cosi.go +++ b/internal/backend/runtime/cosi/cosi.go @@ -74,7 +74,7 @@ func WatchLegacy(ctx context.Context, st state.State, md resource.Metadata, out return nil } - var listOpts []state.ListOption //nolint:prealloc + var listOpts []state.ListOption for _, query := range queries { listOpts = append(listOpts, state.WithLabelQuery(resource.RawLabelQuery(query))) diff --git a/internal/backend/runtime/omni/controllers/omni/cluster_destroy_status.go b/internal/backend/runtime/omni/controllers/omni/cluster_destroy_status.go index d7d3a778..f53dced1 100644 --- a/internal/backend/runtime/omni/controllers/omni/cluster_destroy_status.go +++ b/internal/backend/runtime/omni/controllers/omni/cluster_destroy_status.go @@ -30,8 +30,6 @@ type ClusterDestroyStatusController = qtransform.QController[*omni.Cluster, *omn const ClusterDestroyStatusControllerName = "ClusterDestroyStatusController" // NewClusterDestroyStatusController initializes ClusterDestroyStatusController. -// -//nolint:gocognit,gocyclo,cyclop func NewClusterDestroyStatusController() *ClusterDestroyStatusController { return qtransform.NewQController( qtransform.Settings[*omni.Cluster, *omni.ClusterDestroyStatus]{ diff --git a/internal/backend/runtime/omni/controllers/omni/etcd_backup_test.go b/internal/backend/runtime/omni/controllers/omni/etcd_backup_test.go index cafb7041..2bca947f 100644 --- a/internal/backend/runtime/omni/controllers/omni/etcd_backup_test.go +++ b/internal/backend/runtime/omni/controllers/omni/etcd_backup_test.go @@ -869,7 +869,7 @@ func findBackups(ctx context.Context, t *testing.T, st state.State, sf store.Fac } func toSlice(t *testing.T, it iter.Seq2[etcdbackup.Info, error]) []etcdbackup.Info { - var result []etcdbackup.Info //nolint:prealloc + var result []etcdbackup.Info for v, err := range it { require.NoError(t, err) diff --git a/internal/backend/runtime/omni/controllers/omni/image/client.go b/internal/backend/runtime/omni/controllers/omni/image/client.go index 4cc5869e..26c18c6b 100644 --- a/internal/backend/runtime/omni/controllers/omni/image/client.go +++ b/internal/backend/runtime/omni/controllers/omni/image/client.go @@ -42,8 +42,7 @@ func (c *TalosImageClient) ListImagesOnNode(ctx context.Context, cluster, node s return nil, fmt.Errorf("failed to get talos client for node %q: %w", node, err) } - //nolint:staticcheck - imageListStream, err := talosCli.ImageList(ctx, common.ContainerdNamespace_NS_CRI) + imageListStream, err := talosCli.ImageList(ctx, common.ContainerdNamespace_NS_CRI) //nolint:staticcheck if err != nil { return nil, fmt.Errorf("failed to list images: %w", err) } @@ -80,8 +79,7 @@ func (c *TalosImageClient) PullImageToNode(ctx context.Context, cluster, node, i return fmt.Errorf("failed to get talos client for node %q: %w", node, err) } - //nolint:staticcheck - if err = talosCli.ImagePull(ctx, common.ContainerdNamespace_NS_CRI, image); err != nil { + if err = talosCli.ImagePull(ctx, common.ContainerdNamespace_NS_CRI, image); err != nil { //nolint:staticcheck return fmt.Errorf("failed to pull image %s: %w", image, err) } diff --git a/internal/backend/runtime/omni/controllers/omni/infra_machine.go b/internal/backend/runtime/omni/controllers/omni/infra_machine.go index b9ca84ed..3dca7a9e 100644 --- a/internal/backend/runtime/omni/controllers/omni/infra_machine.go +++ b/internal/backend/runtime/omni/controllers/omni/infra_machine.go @@ -49,8 +49,6 @@ func NewInfraMachineController(installEventCh <-chan resource.ID) *InfraMachineC } // Settings implements the controller.QController interface. -// -//nolint:dupl func (ctrl *InfraMachineController) Settings() controller.QSettings { return controller.QSettings{ Inputs: []controller.Input{ diff --git a/internal/backend/runtime/omni/controllers/omni/infra_provider_cleanup.go b/internal/backend/runtime/omni/controllers/omni/infra_provider_cleanup.go index 36429a18..fa5e4474 100644 --- a/internal/backend/runtime/omni/controllers/omni/infra_provider_cleanup.go +++ b/internal/backend/runtime/omni/controllers/omni/infra_provider_cleanup.go @@ -30,7 +30,8 @@ type InfraProviderCleanupController = cleanup.Controller[*infra.Provider] // NewInfraProviderCleanupController returns a new InfraProviderCleanup controller. // This controller removes infra.ProviderStatus and infra.ProviderHealthStatus resources reported by the provider. -// nolint:gocognit,gocyclo,cyclop +// +//nolint:gocognit,gocyclo,cyclop func NewInfraProviderCleanupController() *InfraProviderCleanupController { return cleanup.NewController( cleanup.Settings[*infra.Provider]{ diff --git a/internal/backend/runtime/omni/controllers/omni/internal/etcdbackup/s3store/export_test.go b/internal/backend/runtime/omni/controllers/omni/internal/etcdbackup/s3store/export_test.go index 7b7f8480..3713be16 100644 --- a/internal/backend/runtime/omni/controllers/omni/internal/etcdbackup/s3store/export_test.go +++ b/internal/backend/runtime/omni/controllers/omni/internal/etcdbackup/s3store/export_test.go @@ -13,7 +13,6 @@ import ( type ReaderLimiter = readerLimiter -//nolint:revive func NewReaderLimiter(rdr io.ReadCloser, l *rate.Limiter) *ReaderLimiter { return &readerLimiter{rdr: rdr, l: l} } diff --git a/internal/backend/runtime/omni/controllers/omni/internal/machineset/reconciliation_context.go b/internal/backend/runtime/omni/controllers/omni/internal/machineset/reconciliation_context.go index 501740fe..07bbc1ff 100644 --- a/internal/backend/runtime/omni/controllers/omni/internal/machineset/reconciliation_context.go +++ b/internal/backend/runtime/omni/controllers/omni/internal/machineset/reconciliation_context.go @@ -87,8 +87,6 @@ type ReconciliationContext struct { } // BuildReconciliationContext is the COSI reader dependent method to build the reconciliation context. -// -//nolint:gocognit func BuildReconciliationContext(ctx context.Context, r controller.Reader, machineSet *omni.MachineSet) (*ReconciliationContext, error) { clusterName, ok := machineSet.Metadata().Labels().Get(omni.LabelCluster) if !ok { diff --git a/internal/backend/runtime/omni/controllers/omni/internal/machineset/reconciliation_context_test.go b/internal/backend/runtime/omni/controllers/omni/internal/machineset/reconciliation_context_test.go index 15d5764d..d257e894 100644 --- a/internal/backend/runtime/omni/controllers/omni/internal/machineset/reconciliation_context_test.go +++ b/internal/backend/runtime/omni/controllers/omni/internal/machineset/reconciliation_context_test.go @@ -19,7 +19,6 @@ import ( "github.com/siderolabs/omni/internal/backend/runtime/omni/controllers/omni/internal/machineset" ) -//nolint:maintidx func TestReconciliationContext(t *testing.T) { t.Parallel() diff --git a/internal/backend/runtime/omni/controllers/omni/internal/secretrotation/validations.go b/internal/backend/runtime/omni/controllers/omni/internal/secretrotation/validations.go index eeee482c..e8f260f7 100644 --- a/internal/backend/runtime/omni/controllers/omni/internal/secretrotation/validations.go +++ b/internal/backend/runtime/omni/controllers/omni/internal/secretrotation/validations.go @@ -97,7 +97,7 @@ func (c Candidate) validateKubernetesCARotation(ctx context.Context, lbConfig *o if err != nil { return false, err } - defer k8sClient.Close() //nolint:errcheck + defer k8sClient.Close() clientset := k8sClient.Clientset() diff --git a/internal/backend/runtime/omni/controllers/omni/kubernetes/cluster_manifest_status.go b/internal/backend/runtime/omni/controllers/omni/kubernetes/cluster_manifest_status.go index 5cf6f2c2..5a1442aa 100644 --- a/internal/backend/runtime/omni/controllers/omni/kubernetes/cluster_manifest_status.go +++ b/internal/backend/runtime/omni/controllers/omni/kubernetes/cluster_manifest_status.go @@ -162,7 +162,7 @@ func (ctrl *ClusterManifestsStatusController) Reconcile(ctx context.Context, log return ctrl.reconcileRunning(ctx, r, logger, res, status) } -// nolint:gocyclo,cyclop,gocognit +//nolint:gocyclo,cyclop,gocognit func (ctrl *ClusterManifestsStatusController) reconcileRunning(ctx context.Context, r controller.ReaderWriter, logger *zap.Logger, cluster *omni.Cluster, clusterKubernetesManifestsStatus *omni.ClusterKubernetesManifestsStatus, ) error { @@ -318,7 +318,7 @@ func (ctrl *ClusterManifestsStatusController) reconcileRunning(ctx context.Conte return errs } -// nolint:gocyclo,cyclop,gocognit +//nolint:gocyclo,cyclop,gocognit func (ctrl *ClusterManifestsStatusController) updateStatus( ctx context.Context, r controller.ReaderWriter, @@ -543,7 +543,6 @@ func (ctrl *ClusterManifestsStatusController) sync( zap.String("action", string(change.Action)), ) - // nolint:exhaustive switch change.Action { case ssa.CreatedAction, ssa.ConfiguredAction: requeue = true diff --git a/internal/backend/runtime/omni/controllers/omni/machine_request_set_status_test.go b/internal/backend/runtime/omni/controllers/omni/machine_request_set_status_test.go index 9b12977d..5d58ddbf 100644 --- a/internal/backend/runtime/omni/controllers/omni/machine_request_set_status_test.go +++ b/internal/backend/runtime/omni/controllers/omni/machine_request_set_status_test.go @@ -240,7 +240,6 @@ func testMachineRequestSetStatusReconcile(ctx context.Context, t *testing.T, st require.True(t, requests.Len() == 0) } -//nolint:gocognit func reconcileLabels(ctx context.Context, st state.State, ready chan<- struct{}) error { ch := make(chan state.Event, 64) diff --git a/internal/backend/runtime/omni/controllers/omni/machine_set_destroy_status.go b/internal/backend/runtime/omni/controllers/omni/machine_set_destroy_status.go index aa87ce57..aff7a049 100644 --- a/internal/backend/runtime/omni/controllers/omni/machine_set_destroy_status.go +++ b/internal/backend/runtime/omni/controllers/omni/machine_set_destroy_status.go @@ -30,8 +30,6 @@ type MachineSetDestroyStatusController = qtransform.QController[*omni.MachineSet const MachineSetDestroyStatusControllerName = "MachineSetDestroyStatusController" // NewMachineSetDestroyStatusController initializes MachineSetDestroyStatusController. -// -//nolint:gocognit func NewMachineSetDestroyStatusController() *MachineSetDestroyStatusController { return qtransform.NewQController( qtransform.Settings[*omni.MachineSet, *omni.MachineSetDestroyStatus]{ diff --git a/internal/backend/runtime/omni/controllers/omni/machine_status.go b/internal/backend/runtime/omni/controllers/omni/machine_status.go index c7d46cba..17123e19 100644 --- a/internal/backend/runtime/omni/controllers/omni/machine_status.go +++ b/internal/backend/runtime/omni/controllers/omni/machine_status.go @@ -64,8 +64,6 @@ func NewMachineStatusController(imageFactoryClient ImageFactoryClient, kernelArg } // Settings implements controller.QController interface. -// -//nolint:dupl func (ctrl *MachineStatusController) Settings() controller.QSettings { return controller.QSettings{ Inputs: []controller.Input{ diff --git a/internal/backend/runtime/omni/controllers/omni/machineconfig/status.go b/internal/backend/runtime/omni/controllers/omni/machineconfig/status.go index 4dde5a02..8b778c9f 100644 --- a/internal/backend/runtime/omni/controllers/omni/machineconfig/status.go +++ b/internal/backend/runtime/omni/controllers/omni/machineconfig/status.go @@ -68,8 +68,6 @@ type ClusterMachineConfigStatusController struct { } // NewClusterMachineConfigStatusController initializes ClusterMachineConfigStatusController. -// -//nolint:gocognit,gocyclo,cyclop,maintidx func NewClusterMachineConfigStatusController(imageFactoryHost, talosRegistry string) *ClusterMachineConfigStatusController { ongoingResets := &ongoingResets{ statuses: map[string]*resetStatus{}, @@ -543,7 +541,7 @@ func logClose(c io.Closer, logger *zap.Logger, additional string) { } } -//nolint:gocyclo,cyclop,gocognit,maintidx +//nolint:gocyclo,cyclop func (ctrl *ClusterMachineConfigStatusController) reset( ctx context.Context, logger *zap.Logger, diff --git a/internal/backend/runtime/omni/controllers/omni/machineupgrade/status.go b/internal/backend/runtime/omni/controllers/omni/machineupgrade/status.go index c50cb796..cdd3b13d 100644 --- a/internal/backend/runtime/omni/controllers/omni/machineupgrade/status.go +++ b/internal/backend/runtime/omni/controllers/omni/machineupgrade/status.go @@ -65,7 +65,7 @@ func NewStatusController(imageFactoryHost, talosRegistry string, talosClientFact return ctrl } -//nolint:gocyclo,cyclop,maintidx +//nolint:gocyclo,cyclop func (ctrl *StatusController) transform(ctx context.Context, r controller.Reader, logger *zap.Logger, ms *omni.MachineStatus, status *omni.MachineUpgradeStatus) error { helpers.SyncLabels(ms, status, omni.LabelCluster, omni.LabelMachineSet) diff --git a/internal/backend/runtime/omni/controllers/omni/redactedmachineconfig/redacted_cluster_machine_config_test.go b/internal/backend/runtime/omni/controllers/omni/redactedmachineconfig/redacted_cluster_machine_config_test.go index df651933..ce00070a 100644 --- a/internal/backend/runtime/omni/controllers/omni/redactedmachineconfig/redacted_cluster_machine_config_test.go +++ b/internal/backend/runtime/omni/controllers/omni/redactedmachineconfig/redacted_cluster_machine_config_test.go @@ -73,7 +73,6 @@ func testReconcile(ctx context.Context, t *testing.T, st state.State, cleanupCh data := string(buffer.Data()) - //nolint:lll assert.Equal(machineConfig, data) }, ) diff --git a/internal/backend/runtime/omni/controllers/omni/schematic_configuration.go b/internal/backend/runtime/omni/controllers/omni/schematic_configuration.go index d726cc8d..89988c81 100644 --- a/internal/backend/runtime/omni/controllers/omni/schematic_configuration.go +++ b/internal/backend/runtime/omni/controllers/omni/schematic_configuration.go @@ -136,8 +136,6 @@ type schematicConfigurationHelper struct { } // Reconcile implements controller.QController interface. -// -//nolint:gocognit,gocyclo,cyclop func (helper *schematicConfigurationHelper) reconcile( ctx context.Context, r controller.ReaderWriter, @@ -353,7 +351,6 @@ func newMachineCustomization(ctx context.Context, r controller.Reader, ms *omni. return mc, nil } -//nolint:recvcheck type machineCustomization struct { machineStatus *omni.MachineStatus machineExtensions *omni.MachineExtensions diff --git a/internal/backend/runtime/omni/controllers/omni/secrets/rotation_status.go b/internal/backend/runtime/omni/controllers/omni/secrets/rotation_status.go index 0832894b..d04f1d0f 100644 --- a/internal/backend/runtime/omni/controllers/omni/secrets/rotation_status.go +++ b/internal/backend/runtime/omni/controllers/omni/secrets/rotation_status.go @@ -304,7 +304,6 @@ func (s *Rotator) createInitialStage(currentPhase specs.SecretRotationSpec_Phase } } -//nolint:gocognit func (s *Rotator) addRotationStage(previousPhase, currentPhase specs.SecretRotationSpec_Phase) func( ctx context.Context, logger *zap.Logger, diff --git a/internal/backend/runtime/omni/controllers/omni/secrets/rotation_status_test.go b/internal/backend/runtime/omni/controllers/omni/secrets/rotation_status_test.go index cf113102..07037385 100644 --- a/internal/backend/runtime/omni/controllers/omni/secrets/rotation_status_test.go +++ b/internal/backend/runtime/omni/controllers/omni/secrets/rotation_status_test.go @@ -44,7 +44,7 @@ import ( "github.com/siderolabs/omni/internal/pkg/constants" ) -//nolint:maintidx,gocognit +//nolint:maintidx func Test_TalosCARotation(t *testing.T) { t.Parallel() diff --git a/internal/backend/runtime/omni/controllers/omni/secrets/secrets.go b/internal/backend/runtime/omni/controllers/omni/secrets/secrets.go index 57791f57..196420d0 100644 --- a/internal/backend/runtime/omni/controllers/omni/secrets/secrets.go +++ b/internal/backend/runtime/omni/controllers/omni/secrets/secrets.go @@ -42,7 +42,7 @@ type Controller struct { // NewSecretsController instantiates the secrets' controller. // -//nolint:gocognit,gocyclo,cyclop,maintidx +//nolint:gocognit,gocyclo,cyclop func NewSecretsController(etcdBackupStoreFactory store.Factory) *Controller { ctrl := &Controller{} diff --git a/internal/backend/runtime/omni/controllers/omni/talosupgrade/status.go b/internal/backend/runtime/omni/controllers/omni/talosupgrade/status.go index 0218d3d0..8178979a 100644 --- a/internal/backend/runtime/omni/controllers/omni/talosupgrade/status.go +++ b/internal/backend/runtime/omni/controllers/omni/talosupgrade/status.go @@ -163,7 +163,7 @@ func NewStatusController() *TalosUpgradeStatusController { return ctrl } -//nolint:gocyclo,cyclop,gocognit +//nolint:gocyclo,cyclop func (ctrl *TalosUpgradeStatusController) reconcileStatus(ctx context.Context, r controller.ReaderWriter, clusterMachines safe.List[*omni.ClusterMachine], outdatedMachines *outdatedMachines, cluster *omni.Cluster, upgradeStatus *omni.TalosUpgradeStatus, diff --git a/internal/backend/runtime/omni/migration/migration_test.go b/internal/backend/runtime/omni/migration/migration_test.go index c9722a0c..c163c819 100644 --- a/internal/backend/runtime/omni/migration/migration_test.go +++ b/internal/backend/runtime/omni/migration/migration_test.go @@ -170,7 +170,6 @@ func (suite *MigrationSuite) TestMoveInfraProviderAnnotationsToLabels() { suite.False(machine1AnnotationOk) } -//nolint:dupl func (suite *MigrationSuite) TestDropSchematicConfigFinalizerFromClusterMachines() { ctx, cancel := context.WithTimeout(suite.T().Context(), 10*time.Second) defer cancel() @@ -207,7 +206,6 @@ func (suite *MigrationSuite) TestDropSchematicConfigFinalizerFromClusterMachines suite.True(cm3VersionBefore.Equal(cm3Migrated.Metadata().Version()), "expected cm3 to be left untouched") } -//nolint:dupl func (suite *MigrationSuite) TestDropTalosUpgradeStatusFinalizersFromSchematicConfigs() { ctx, cancel := context.WithTimeout(suite.T().Context(), 10*time.Second) defer cancel() diff --git a/internal/backend/runtime/omni/state_access.go b/internal/backend/runtime/omni/state_access.go index edce946c..6505730d 100644 --- a/internal/backend/runtime/omni/state_access.go +++ b/internal/backend/runtime/omni/state_access.go @@ -375,8 +375,6 @@ func verbToRole(verb state.Verb) role.Role { } // filterAccess provides a filter to exclude some resources and operations from external sources. -// -//nolint:cyclop,gocyclo func filterAccess(ctx context.Context, access state.Access) error { if actor.ContextIsInternalActor(ctx) { return nil diff --git a/internal/backend/runtime/omni/virtual/pkg/producers/kubernetes_usage.go b/internal/backend/runtime/omni/virtual/pkg/producers/kubernetes_usage.go index 0f74e822..de1a9387 100644 --- a/internal/backend/runtime/omni/virtual/pkg/producers/kubernetes_usage.go +++ b/internal/backend/runtime/omni/virtual/pkg/producers/kubernetes_usage.go @@ -65,7 +65,7 @@ type KubernetesUsage struct { state state.State kubeRuntime KubernetesClientGetter factory informers.SharedInformerFactory - ctx context.Context // nolint:containedctx + ctx context.Context //nolint:containedctx stopCh chan struct{} logger *zap.Logger ctxCancel context.CancelFunc diff --git a/internal/backend/runtime/proxy_runtime_test.go b/internal/backend/runtime/proxy_runtime_test.go index b033af02..314e4336 100644 --- a/internal/backend/runtime/proxy_runtime_test.go +++ b/internal/backend/runtime/proxy_runtime_test.go @@ -503,7 +503,6 @@ func TestProxyRuntime_WatchSearchForTransition(t *testing.T) { testWatch(t, msgs, expected, true, runtime.WithSearchFor([]string{"cluster1"})) } -//nolint:unparam func watchResponse(id int, cluster, sortByField string, count int) runtime.WatchResponse { return cosi.NewResponse( fmt.Sprintf("id%d", id), diff --git a/internal/backend/server.go b/internal/backend/server.go index 8dca94e5..a9c594fb 100644 --- a/internal/backend/server.go +++ b/internal/backend/server.go @@ -210,7 +210,7 @@ func (s *Server) Run(ctx context.Context) error { return err } - serverOptions, err := s.buildServerOptions(ctx) //nolint:contextcheck + serverOptions, err := s.buildServerOptions(ctx) if err != nil { return err } diff --git a/internal/integration/auth_test.go b/internal/integration/auth_test.go index d3ed4a43..15ed341b 100644 --- a/internal/integration/auth_test.go +++ b/internal/integration/auth_test.go @@ -57,7 +57,6 @@ import ( resapi "github.com/siderolabs/omni/client/api/omni/resources" "github.com/siderolabs/omni/client/api/omni/specs" "github.com/siderolabs/omni/client/pkg/access" - pkgaccess "github.com/siderolabs/omni/client/pkg/access" "github.com/siderolabs/omni/client/pkg/client" managementcli "github.com/siderolabs/omni/client/pkg/client/management" "github.com/siderolabs/omni/client/pkg/constants" @@ -81,12 +80,10 @@ import ( // It uses the root client (automation SA) to create new service accounts with the specified role, // then returns a client authenticated as that SA. Clients are cached by role. type testClientFactory struct { - endpoint string - serviceAccountKey string - rootCli *client.Client - - mu sync.Mutex - clients map[role.Role]*client.Client + rootCli *client.Client + clients map[role.Role]*client.Client + endpoint string + mu sync.Mutex } func newTestClientFactory(endpoint string, rootCli *client.Client) *testClientFactory { @@ -336,7 +333,7 @@ func AssertServiceAccountAPIFlow(testCtx context.Context, cli *client.Client) Te assert.NoError(t, err) rtestutils.AssertResources(testCtx, t, cli.Omni().State(), []string{ - name + pkgaccess.ServiceAccountNameSuffix, + name + access.ServiceAccountNameSuffix, }, func(res *authres.ServiceAccountStatus, assert *assert.Assertions) { assert.Equal(string(role.Admin), res.TypedSpec().Value.Role) assert.Equal(2, len(res.TypedSpec().Value.PublicKeys)) @@ -392,7 +389,7 @@ func newServiceAccountClient(cli *client.Client, name string) (*client.Client, s // generate a new PGP key with long lifetime comment := fmt.Sprintf("%s/%s", runtime.GOOS, runtime.GOARCH) - serviceAccountEmail := name + pkgaccess.ServiceAccountNameSuffix + serviceAccountEmail := name + access.ServiceAccountNameSuffix key, err := pgp.GenerateKey(name, comment, serviceAccountEmail, auth.ServiceAccountMaxAllowedLifetime) if err != nil { @@ -849,7 +846,9 @@ func AssertResourceAuthz(rootCtx context.Context, rootCli *client.Client, client importedClusterSecret := omni.NewImportedClusterSecrets(cluster.Metadata().ID()) - testCases := []resourceAuthzTestCase{ + testCases := make([]resourceAuthzTestCase, 0, 139) + + testCases = append(testCases, []resourceAuthzTestCase{ { resource: accessPolicy, allowedVerbSet: allVerbsSet, @@ -963,7 +962,7 @@ func AssertResourceAuthz(rootCtx context.Context, rootCli *client.Client, client resource: kubernetesManifest, allowedVerbSet: allVerbsSet, }, - } + }...) // read-only resources @@ -1202,7 +1201,7 @@ func AssertResourceAuthz(rootCtx context.Context, rootCli *client.Client, client allowedVerbSet: readOnlyVerbSet, }, { - resource: siderolink.NewConnectionParams(uuid.New().String()), + resource: siderolink.NewConnectionParams(uuid.New().String()), //nolint:staticcheck // deprecated resource is still registered and needs authz coverage. allowedVerbSet: readOnlyVerbSet, }, { @@ -1578,6 +1577,7 @@ var ( const grpcMetadataPrefix = "Grpc-Metadata-" +//nolint:gocognit,maintidx func AssertFrontendResourceAPI(ctx context.Context, rootCli *client.Client, serviceAccountKey, httpEndpoint, clusterName string) TestFunc { return func(t *testing.T) { sa, err := serviceaccount.Decode(serviceAccountKey) @@ -1601,21 +1601,20 @@ func AssertFrontendResourceAPI(ctx context.Context, rootCli *client.Client, serv Method: request.URL.Path[len("/api"):], } - payloadJSON, err := json.Marshal(payload) - if err != nil { - return fmt.Errorf("failed to encode payload: %w", err) + payloadJSON, marshalErr := json.Marshal(payload) + if marshalErr != nil { + return fmt.Errorf("failed to encode payload: %w", marshalErr) } request.Header.Set(grpcMetadataPrefix+message.PayloadHeaderKey, string(payloadJSON)) - signature, err := key.Sign(payloadJSON) - if err != nil { - return fmt.Errorf("failed to sign: %w", err) + signature, signErr := key.Sign(payloadJSON) + if signErr != nil { + return fmt.Errorf("failed to sign: %w", signErr) } signatureBase64 := base64.StdEncoding.EncodeToString(signature) - //nolint:canonicalheader request.Header.Set(grpcMetadataPrefix+message.SignatureHeaderKey, fmt.Sprintf("%s %s %s %s", message.SignatureVersionV1, email, key.Fingerprint(), signatureBase64)) @@ -1642,8 +1641,8 @@ func AssertFrontendResourceAPI(ctx context.Context, rootCli *client.Client, serv require.NoError(t, err) for _, tt := range []struct { - requestBody []byte method string + requestBody []byte expectedStatus int backend common.Runtime }{ @@ -1800,7 +1799,7 @@ func AssertFrontendResourceAPI(ctx context.Context, rootCli *client.Client, serv fullURL, err := url.JoinPath(httpEndpoint, "api", tt.method) require.NoError(t, err) - request, err := http.NewRequestWithContext(ctx, "POST", + request, err := http.NewRequestWithContext(ctx, http.MethodPost, fullURL, bytes.NewBuffer(tt.requestBody), ) require.NoError(t, err) @@ -1812,6 +1811,7 @@ func AssertFrontendResourceAPI(ctx context.Context, rootCli *client.Client, serv request.Header.Set(grpcMetadataPrefix+"Cluster", clusterName) case common.Runtime_Kubernetes: request.Header.Set(grpcMetadataPrefix+"Cluster", clusterName) + case common.Runtime_Omni: } if sign { diff --git a/internal/integration/backup_test.go b/internal/integration/backup_test.go index 6d085d39..c88492de 100644 --- a/internal/integration/backup_test.go +++ b/internal/integration/backup_test.go @@ -43,7 +43,6 @@ func AssertEtcdManualBackupIsCreated(testCtx context.Context, st state.State, cl // We can't use number of backups here because two backups can happen at the same second, where // the newer will overwrite the older. bs, err := safe.ReaderGetByID[*omni.EtcdBackupStatus](testCtx, st, clusterName) - if err == nil { start = bs.TypedSpec().Value.LastBackupTime.AsTime() } else if !state.IsNotFoundError(err) { diff --git a/internal/integration/blocks_test.go b/internal/integration/blocks_test.go index 3bf48de2..a70f4443 100644 --- a/internal/integration/blocks_test.go +++ b/internal/integration/blocks_test.go @@ -89,6 +89,7 @@ func AssertBlockClusterAndTalosAPIAndKubernetesShouldBeReady( clusterName, expectedTalosVersion, expectedKubernetesVersion string, ) []subTest { //nolint:nolintlint,revive omniState := options.omniClient.Omni().State() + return AssertBlockClusterShouldBeReady(ctx, options, clusterName, expectedTalosVersion). Append(AssertBlockProxyAPIAccessShouldWork(ctx, options, clusterName)...). Append( diff --git a/internal/integration/cli_test.go b/internal/integration/cli_test.go index 47d11ae9..e5493e70 100644 --- a/internal/integration/cli_test.go +++ b/internal/integration/cli_test.go @@ -74,6 +74,7 @@ func AssertDownloadUsingCLI(testCtx context.Context, client *client.Client, omni output := filepath.Join(t.TempDir(), image.Metadata().ID()) stdout, stderr, err := runCmd( + testCtx, omnictlPath, httpEndpoint, key, "download", @@ -95,12 +96,13 @@ func AssertDownloadUsingCLI(testCtx context.Context, client *client.Client, omni } } -func runCmd(path, endpoint, key string, args ...string) (bytes.Buffer, bytes.Buffer, error) { +func runCmd(ctx context.Context, path, endpoint, key string, args ...string) (bytes.Buffer, bytes.Buffer, error) { var stdout, stderr bytes.Buffer args = append([]string{"--insecure-skip-tls-verify"}, args...) - cmd := exec.Command( + cmd := exec.CommandContext( + ctx, path, args..., ) @@ -113,7 +115,7 @@ func runCmd(path, endpoint, key string, args ...string) (bytes.Buffer, bytes.Buf if err != nil { return stdout, stderr, fmt.Errorf("failed to create temp home dir: %w", err) } - defer os.RemoveAll(tempHomeDir) + defer os.RemoveAll(tempHomeDir) //nolint:errcheck cmd.Env = []string{ fmt.Sprintf("HOME=%s", tempHomeDir), @@ -121,7 +123,8 @@ func runCmd(path, endpoint, key string, args ...string) (bytes.Buffer, bytes.Buf fmt.Sprintf("OMNI_SERVICE_ACCOUNT_KEY=%s", key), } - if err := cmd.Start(); err != nil { + err = cmd.Start() + if err != nil { return stdout, stderr, err } @@ -160,21 +163,21 @@ func AssertUserCLI(testCtx context.Context, client *client.Client, omnictlPath, key := createServiceAccount(testCtx, t, client, name, role.Admin) - stdout, stderr, err := runCmd(omnictlPath, httpEndpoint, key, "user", "create", "a@a.com", "--role", "Admin") + stdout, stderr, err := runCmd(testCtx, omnictlPath, httpEndpoint, key, "user", "create", "a@a.com", "--role", "Admin") require.NoErrorf(t, err, "failed to create user. stdout: %q | stderr: %q", stdout.String(), stderr.String()) - stdout, stderr, err = runCmd(omnictlPath, httpEndpoint, key, "user", "list") + stdout, stderr, err = runCmd(testCtx, omnictlPath, httpEndpoint, key, "user", "list") require.NoErrorf(t, err, "failed to list users. stdout: %q | stderr: %q", stdout.String(), stderr.String()) require.Contains(t, stdout.String(), "a@a.com") - stdout, stderr, err = runCmd(omnictlPath, httpEndpoint, key, "user", "set-role", "--role", "Reader", "a@a.com") + stdout, stderr, err = runCmd(testCtx, omnictlPath, httpEndpoint, key, "user", "set-role", "--role", "Reader", "a@a.com") require.NoErrorf(t, err, "failed to set role. stdout: %q | stderr: %q", stdout.String(), stderr.String()) - stdout, stderr, err = runCmd(omnictlPath, httpEndpoint, key, "user", "delete", "a@a.com") + stdout, stderr, err = runCmd(testCtx, omnictlPath, httpEndpoint, key, "user", "delete", "a@a.com") require.NoErrorf(t, err, "failed to delete user. stdout: %q | stderr: %q", stdout.String(), stderr.String()) - stdout, stderr, err = runCmd(omnictlPath, httpEndpoint, key, "user", "list") + stdout, stderr, err = runCmd(testCtx, omnictlPath, httpEndpoint, key, "user", "list") require.NoErrorf(t, err, "failed to list users. stdout: %q | stderr: %q", stdout.String(), stderr.String()) require.NotContains(t, stdout.String(), "a@a.com") diff --git a/internal/integration/cluster_test.go b/internal/integration/cluster_test.go index 2f0e1bd1..c85fc35e 100644 --- a/internal/integration/cluster_test.go +++ b/internal/integration/cluster_test.go @@ -1041,10 +1041,10 @@ func updateMachineClassMachineSets(ctx context.Context, t *testing.T, st state.S cps.Metadata().Labels().Set(omni.LabelCluster, options.Name) cps.Metadata().Labels().Set(omni.LabelClusterMachine, machineID) - return cps.TypedSpec().Value.SetUncompressedData([]byte(fmt.Sprintf(`machine: + return cps.TypedSpec().Value.SetUncompressedData(fmt.Appendf(nil, `machine: kubelet: extraArgs: - node-labels: %s=%s`, nodeLabel, machineID))) + node-labels: %s=%s`, nodeLabel, machineID)) }) } } diff --git a/internal/integration/common_test.go b/internal/integration/common_test.go index 7168eb0e..90bbf177 100644 --- a/internal/integration/common_test.go +++ b/internal/integration/common_test.go @@ -172,16 +172,6 @@ func talosNodeIPs(ctx context.Context, talosState state.State) ([]string, error) return nodeIPs, nil } -//nolint:govet -type testGroup struct { - Name string - Description string - Parallel bool - MachineClaim int - Subtests []subTest - Finalizer func(t *testing.T) -} - //nolint:govet type subTest struct { Name string @@ -286,9 +276,8 @@ type MachineProviderConfig struct { // TestOptions constains all common data that might be required to run the tests. type TestOptions struct { - Options - omniClient *client.Client - serviceAccountKey string - + omniClient *client.Client machineSemaphore *semaphore.Weighted + Options + serviceAccountKey string } diff --git a/internal/integration/extensions_test.go b/internal/integration/extensions_test.go index 30b2d3a5..3ed6cb9c 100644 --- a/internal/integration/extensions_test.go +++ b/internal/integration/extensions_test.go @@ -90,6 +90,7 @@ func checkExtensions(ctx context.Context, talosClient *talosclient.Client, exten if i < 0 { return fmt.Errorf("extensions/order mismatch: expected %q to be a subsequence of %q", extensions, collectedExtensions) } + pos += i + 1 } diff --git a/internal/integration/import_test.go b/internal/integration/import_test.go index eb65d3ac..7c60c311 100644 --- a/internal/integration/import_test.go +++ b/internal/integration/import_test.go @@ -35,8 +35,10 @@ import ( func testClusterImport(t *testing.T, options *TestOptions) { t.Parallel() - var clusterID string - var clusterNodes []string + var ( + clusterID string + clusterNodes []string + ) if options.ImportedClusterStatePath != "" { f, err := os.ReadFile(options.ImportedClusterStatePath) @@ -80,6 +82,7 @@ func testImport(t *testing.T, options *TestOptions, clusterID string, clusterNod ctx, cancel := context.WithTimeout(t.Context(), 5*time.Minute) defer cancel() + logger := zaptest.NewLogger(t) omniState := options.omniClient.Omni().State() @@ -160,6 +163,7 @@ func testImportAbort(t *testing.T, options *TestOptions, clusterID string, clust ctx, cancel := context.WithTimeout(t.Context(), 5*time.Minute) defer cancel() + logger := zaptest.NewLogger(t) omniState := options.omniClient.Omni().State() diff --git a/internal/integration/infra_test.go b/internal/integration/infra_test.go index 2cd6282e..39c33119 100644 --- a/internal/integration/infra_test.go +++ b/internal/integration/infra_test.go @@ -32,8 +32,6 @@ import ( ) // machineProvisionHook creates a machine request set and waits until all requests are fulfilled. -// -//nolint:gocognit func machineProvisionHook(t *testing.T, client *client.Client, cfg MachineProvisionConfig, machineRequestSetName, talosVersion string, ) { diff --git a/internal/integration/integration_test.go b/internal/integration/integration_test.go index b59ca97e..8b86c906 100644 --- a/internal/integration/integration_test.go +++ b/internal/integration/integration_test.go @@ -67,7 +67,7 @@ var ( anotherKubernetesVersion string expectedMachines int - // provisioning flags + // provisioning flags. provisionMachinesCount int infraProvider string providerData string @@ -445,10 +445,10 @@ func runOmni(t *testing.T) (string, error) { var logger *zap.Logger - switch { - case omniLogOutput == "inline": + switch omniLogOutput { + case "inline": logger = zaptest.NewLogger(t) - case omniLogOutput == "": + case "": logger = zap.NewNop() t.Log("discard Omni log") diff --git a/internal/integration/kubernetes_node_audit_test.go b/internal/integration/kubernetes_node_audit_test.go index 76da7ecb..e0c7ee27 100644 --- a/internal/integration/kubernetes_node_audit_test.go +++ b/internal/integration/kubernetes_node_audit_test.go @@ -35,6 +35,7 @@ import ( // 5. Assert that the worker node eventually gets removed from Kubernetes due to node audit. func AssertKubernetesNodeAudit(testCtx context.Context, clusterName string, options *TestOptions) TestFunc { st := options.omniClient.Omni().State() + return func(t *testing.T) { ctx := kubernetes.WrapContext(testCtx, t) diff --git a/internal/integration/kubernetes_test.go b/internal/integration/kubernetes_test.go index 17f725e3..69193054 100644 --- a/internal/integration/kubernetes_test.go +++ b/internal/integration/kubernetes_test.go @@ -228,8 +228,10 @@ func AssertKubernetesUpgradeFlow(testCtx context.Context, st state.State, manage for _, status := range r.TypedSpec().Value.Nodes { if status.Ready && status.KubeletVersion == kubernetesVersion { upgradedKubeletCount++ + continue } + pendingKubeletCount++ } @@ -281,7 +283,7 @@ func KubernetesBootstrapManifestSync(testCtx context.Context, managementClient * t.Logf("running bootstrap manifest sync for %q", clusterName) - syncHandler := func(result *managementpb.KubernetesSyncManifestResponse) error { + syncHandler := func(result *managementpb.KubernetesSyncManifestResponse) error { //nolint:unparam switch result.ResponseType { //nolint:exhaustive case managementpb.KubernetesSyncManifestResponse_MANIFEST: if result.Skipped { @@ -581,6 +583,7 @@ func AssertKubernetesDeploymentHasRunningPods(testCtx context.Context, managemen } } +//nolint:gocognit,maintidx func AssertKubernetesManifestsSync(testCtx context.Context, rootClient *client.Client, clusterName string) TestFunc { type params struct { Name string @@ -750,9 +753,9 @@ spec: }) require.NoError(t, retry.Constant(time.Minute).RetryWithContext(ctx, func(ctx context.Context) error { - deployment, err := kubeClient.AppsV1().Deployments(corev1.NamespaceDefault).Get(ctx, "nginx", metav1.GetOptions{}) - if err != nil { - return retry.ExpectedErrorf("failed to get deployment: %q", err) + deployment, getErr := kubeClient.AppsV1().Deployments(corev1.NamespaceDefault).Get(ctx, "nginx", metav1.GetOptions{}) + if getErr != nil { + return retry.ExpectedErrorf("failed to get deployment: %q", getErr) } if len(deployment.Spec.Template.Spec.Containers) != 1 { diff --git a/internal/integration/maintenance_test.go b/internal/integration/maintenance_test.go index 24e8b61c..27219ff2 100644 --- a/internal/integration/maintenance_test.go +++ b/internal/integration/maintenance_test.go @@ -30,10 +30,10 @@ endpoint: '[fdae:41e4:649b:9303::1]:8091'` // AssertMaintenanceTestConfigIsPresent asserts that the test configuration is present on a machine in maintenance mode. func AssertMaintenanceTestConfigIsPresent(ctx context.Context, omniState state.State, cluster resource.ID, machineIndex int) TestFunc { return func(t *testing.T) { - ctx, cancel := context.WithTimeout(ctx, time.Minute*5) + timeoutCtx, cancel := context.WithTimeout(ctx, time.Minute*5) defer cancel() - machineStatusList, err := safe.StateListAll[*omni.MachineStatus](ctx, omniState, state.WithLabelQuery(resource.LabelEqual(omni.LabelCluster, cluster))) + machineStatusList, err := safe.StateListAll[*omni.MachineStatus](timeoutCtx, omniState, state.WithLabelQuery(resource.LabelEqual(omni.LabelCluster, cluster))) require.NoError(t, err) ids := make([]resource.ID, 0, machineStatusList.Len()) @@ -46,7 +46,7 @@ func AssertMaintenanceTestConfigIsPresent(ctx context.Context, omniState state.S machineID := ids[machineIndex] - rtestutils.AssertResource[*omni.RedactedClusterMachineConfig](ctx, t, omniState, machineID, func(r *omni.RedactedClusterMachineConfig, assertion *assert.Assertions) { + rtestutils.AssertResource[*omni.RedactedClusterMachineConfig](timeoutCtx, t, omniState, machineID, func(r *omni.RedactedClusterMachineConfig, assertion *assert.Assertions) { buffer, bufferErr := r.TypedSpec().Value.GetUncompressedData() assertion.NoError(bufferErr) diff --git a/internal/integration/rolling_update_test.go b/internal/integration/rolling_update_test.go index 18ea33b8..a0f0e9bb 100644 --- a/internal/integration/rolling_update_test.go +++ b/internal/integration/rolling_update_test.go @@ -67,7 +67,7 @@ func AssertWorkerNodesRollingConfigUpdate(testCtx context.Context, cli *client.C pair.MakePair(omni.LabelCluster, clusterName), pair.MakePair(omni.LabelMachineSet, workersResourceID)) - err = machineSetPatch.TypedSpec().Value.SetUncompressedData([]byte(fmt.Sprintf(`{"machine":{"env":{"%d":"test-val"}}}`, epochSeconds))) + err = machineSetPatch.TypedSpec().Value.SetUncompressedData(fmt.Appendf(nil, `{"machine":{"env":{"%d":"test-val"}}}`, epochSeconds)) require.NoError(t, err) require.NoError(t, st.Create(ctx, machineSetPatch)) @@ -150,13 +150,9 @@ func AssertWorkerNodesRollingScaleDown(testCtx context.Context, cli *client.Clie t.Cleanup(wg.Wait) machineSetNodeList.ForEach(func(node *omni.MachineSetNode) { - wg.Add(1) - - go func() { - defer wg.Done() - + wg.Go(func() { rtestutils.Destroy[*omni.MachineSetNode](ctx, t, st, []string{node.Metadata().ID()}) - }() + }) }) // expect the machine set to go into the ScalingDown phase diff --git a/internal/integration/rotate_ca_test.go b/internal/integration/rotate_ca_test.go index cafc9426..5b0931fc 100644 --- a/internal/integration/rotate_ca_test.go +++ b/internal/integration/rotate_ca_test.go @@ -50,94 +50,47 @@ func testRotateCA(t *testing.T, options *TestOptions) { omniState := options.omniClient.Omni().State() t.Run("TalosCAShouldBeRotated", func(t *testing.T) { - rotateTalosCA := omni.NewRotateTalosCA(clusterName) - require.NoError(t, omniState.Create(ctx, rotateTalosCA)) - - // assert rotation started - _, err := safe.StateWatchFor[*omni.ClusterSecretsRotationStatus](ctx, omniState, omni.NewClusterSecretsRotationStatus(clusterName).Metadata(), func(cond *state.WatchForCondition) error { - cond.Condition = func(res resource.Resource) (bool, error) { - resTyped, ok := res.(*omni.ClusterSecretsRotationStatus) - if !ok { - return false, fmt.Errorf("unexpected resource type: %T", res) - } - - if resTyped.TypedSpec().Value.Phase != specs.SecretRotationSpec_OK { - return true, nil - } - - return false, nil - } - - return nil - }) - require.NoError(t, err) - - // assert rotation completed - _, err = safe.StateWatchFor[*omni.ClusterSecretsRotationStatus](ctx, omniState, omni.NewClusterSecretsRotationStatus(clusterName).Metadata(), func(cond *state.WatchForCondition) error { - cond.Condition = func(res resource.Resource) (bool, error) { - resTyped, ok := res.(*omni.ClusterSecretsRotationStatus) - if !ok { - return false, fmt.Errorf("unexpected resource type: %T", res) - } - - if resTyped.TypedSpec().Value.Phase == specs.SecretRotationSpec_OK { - return true, nil - } - - return false, nil - } - - return nil - }) - require.NoError(t, err) + assertCARotated(ctx, t, omniState, clusterName, omni.NewRotateTalosCA(clusterName)) }) runTests(t, AssertBlockClusterAndTalosAPIAndKubernetesShouldBeReady(t.Context(), options, clusterName, options.MachineOptions.TalosVersion, options.MachineOptions.KubernetesVersion)) t.Run("KubernetesCAShouldBeRotated", func(t *testing.T) { - rotateKubernetesCA := omni.NewRotateKubernetesCA(clusterName) - require.NoError(t, omniState.Create(ctx, rotateKubernetesCA)) - - // assert rotation started - _, err := safe.StateWatchFor[*omni.ClusterSecretsRotationStatus](ctx, omniState, omni.NewClusterSecretsRotationStatus(clusterName).Metadata(), func(cond *state.WatchForCondition) error { - cond.Condition = func(res resource.Resource) (bool, error) { - resTyped, ok := res.(*omni.ClusterSecretsRotationStatus) - if !ok { - return false, fmt.Errorf("unexpected resource type: %T", res) - } - - if resTyped.TypedSpec().Value.Phase != specs.SecretRotationSpec_OK { - return true, nil - } - - return false, nil - } - - return nil - }) - require.NoError(t, err) - - // assert rotation completed - _, err = safe.StateWatchFor[*omni.ClusterSecretsRotationStatus](ctx, omniState, omni.NewClusterSecretsRotationStatus(clusterName).Metadata(), func(cond *state.WatchForCondition) error { - cond.Condition = func(res resource.Resource) (bool, error) { - resTyped, ok := res.(*omni.ClusterSecretsRotationStatus) - if !ok { - return false, fmt.Errorf("unexpected resource type: %T", res) - } - - if resTyped.TypedSpec().Value.Phase == specs.SecretRotationSpec_OK { - return true, nil - } - - return false, nil - } - - return nil - }) - require.NoError(t, err) + assertCARotated(ctx, t, omniState, clusterName, omni.NewRotateKubernetesCA(clusterName)) }) runTests(t, AssertBlockClusterAndTalosAPIAndKubernetesShouldBeReady(t.Context(), options, clusterName, options.MachineOptions.TalosVersion, options.MachineOptions.KubernetesVersion)) t.Run("ClusterShouldBeDestroyed", AssertDestroyCluster(t.Context(), options.omniClient.Omni().State(), clusterName, false, false)) } + +func assertCARotated(ctx context.Context, t *testing.T, omniState state.State, clusterName string, rotation resource.Resource) { + require.NoError(t, omniState.Create(ctx, rotation)) + + // assert rotation started + require.NoError(t, waitForRotationPhase(ctx, omniState, clusterName, func(phase specs.SecretRotationSpec_Phase) bool { + return phase != specs.SecretRotationSpec_OK + })) + + // assert rotation completed + require.NoError(t, waitForRotationPhase(ctx, omniState, clusterName, func(phase specs.SecretRotationSpec_Phase) bool { + return phase == specs.SecretRotationSpec_OK + })) +} + +func waitForRotationPhase(ctx context.Context, omniState state.State, clusterName string, matches func(specs.SecretRotationSpec_Phase) bool) error { + _, err := safe.StateWatchFor[*omni.ClusterSecretsRotationStatus](ctx, omniState, omni.NewClusterSecretsRotationStatus(clusterName).Metadata(), func(cond *state.WatchForCondition) error { + cond.Condition = func(res resource.Resource) (bool, error) { + resTyped, ok := res.(*omni.ClusterSecretsRotationStatus) + if !ok { + return false, fmt.Errorf("unexpected resource type: %T", res) + } + + return matches(resTyped.TypedSpec().Value.Phase), nil + } + + return nil + }) + + return err +} diff --git a/internal/integration/suites_test.go b/internal/integration/suites_test.go index acca3007..1474b22e 100644 --- a/internal/integration/suites_test.go +++ b/internal/integration/suites_test.go @@ -1228,6 +1228,7 @@ Test authorization on accessing Omni API, some tests run without a cluster, some ) clientFactory := newTestClientFactory(omniEndpoint, options.omniClient) + t.Cleanup(func() { clientFactory.close() //nolint:errcheck }) diff --git a/internal/integration/talos_test.go b/internal/integration/talos_test.go index 005213a8..76e16c23 100644 --- a/internal/integration/talos_test.go +++ b/internal/integration/talos_test.go @@ -82,7 +82,7 @@ func clearConnectionRefused(ctx context.Context, t *testing.T, c *talosclient.Cl return retry.ExpectedError(err) } - // nolint:exhaustive + //nolint:exhaustive switch status.Code(err) { case codes.DeadlineExceeded, codes.Unavailable, @@ -299,6 +299,7 @@ func AssertEtcdMembershipMatchesOmniResources(testCtx context.Context, options * memberIDs := xslices.Map(m.Members, func(m *machine.EtcdMember) string { return etcd.FormatMemberID(m.Id) }) t.Logf("the count of members doesn't match the count of machines, expected %d, got: %d, members list: %s", len(clusterMachines), len(m.Members), memberIDs) + return } @@ -307,6 +308,7 @@ func AssertEtcdMembershipMatchesOmniResources(testCtx context.Context, options * if !assert.True(collect, ok) { t.Logf("found etcd member which doesn't have associated machine status") + return } } diff --git a/internal/integration/workloadproxy/workloadproxy.go b/internal/integration/workloadproxy/workloadproxy.go index 0c74858a..78f6d918 100644 --- a/internal/integration/workloadproxy/workloadproxy.go +++ b/internal/integration/workloadproxy/workloadproxy.go @@ -80,8 +80,6 @@ type TestOptions struct { } // Test tests the exposed services functionality in Omni. -// -//nolint:prealloc func Test(ctx context.Context, t *testing.T, omniClient *client.Client, serviceAccountKey string, opts TestOptions, clusterIDs ...string) { ctx, cancel := context.WithTimeout(ctx, 20*time.Minute) t.Cleanup(cancel) @@ -105,8 +103,8 @@ func Test(ctx context.Context, t *testing.T, omniClient *client.Client, serviceA } var ( - allServices []serviceContext //nolint:prealloc - allExposedServices []*omni.ExposedService //nolint:prealloc + allServices []serviceContext + allExposedServices []*omni.ExposedService deploymentsToScaleDown []deploymentContext ) diff --git a/internal/internal/generate.go b/internal/internal/generate.go index a6271c3e..d37e44e7 100644 --- a/internal/internal/generate.go +++ b/internal/internal/generate.go @@ -6,10 +6,10 @@ // Package internal contains the command that generates the TS code. package internal -//go:generate go run -tags=tools github.com/siderolabs/omni/internal/internal/tools/tsgen -out ../../frontend/src/api/resources.ts ../../,../../client/ +//go:generate go run -tags=sidero.tools github.com/siderolabs/omni/internal/internal/tools/tsgen -out ../../frontend/src/api/resources.ts ../../,../../client/ // Generate JSON schema. //go:generate go tool go-jsonschema --only-models --struct-name-from-title --tags=json,yaml --package=config --extra-imports -o=../pkg/config/types.generated.go ../pkg/config/schema.json // Generate nil-safe accessors for the config fields. -//go:generate go run -tags=tools github.com/siderolabs/omni/internal/internal/tools/accessorgen --source=../pkg/config/types.generated.go --output=../pkg/config/accessors.generated.go +//go:generate go run -tags=sidero.tools github.com/siderolabs/omni/internal/internal/tools/accessorgen --source=../pkg/config/types.generated.go --output=../pkg/config/accessors.generated.go diff --git a/internal/internal/tools/accessorgen/gen/gen.go b/internal/internal/tools/accessorgen/gen/gen.go index 75d346ec..2042d84a 100644 --- a/internal/internal/tools/accessorgen/gen/gen.go +++ b/internal/internal/tools/accessorgen/gen/gen.go @@ -3,7 +3,7 @@ // Use of this software is governed by the Business Source License // included in the LICENSE file. -//go:build tools +//go:build sidero.tools package gen @@ -21,6 +21,7 @@ func Run(source string, output string) error { if source == "" { return fmt.Errorf("no source provided, use --source flag") } + if output == "" { return fmt.Errorf("no output provided, use --output flag") } @@ -32,6 +33,7 @@ func Run(source string, output string) error { return nil } +//nolint:gocognit func processFile(filename string, outputFilename string) error { fset := token.NewFileSet() @@ -45,17 +47,19 @@ func processFile(filename string, outputFilename string) error { packageName := node.Name.Name buf.WriteString("// Code generated by go-accessor-gen. DO NOT EDIT.\n\n") - buf.WriteString(fmt.Sprintf("package %s\n\n", packageName)) + fmt.Fprintf(&buf, "package %s\n\n", packageName) if len(node.Imports) > 0 { buf.WriteString("import (\n") + for _, imp := range node.Imports { if imp.Name != nil { - buf.WriteString(fmt.Sprintf("\t%s %s\n", imp.Name.Name, imp.Path.Value)) + fmt.Fprintf(&buf, "\t%s %s\n", imp.Name.Name, imp.Path.Value) } else { - buf.WriteString(fmt.Sprintf("\t%s\n", imp.Path.Value)) + fmt.Fprintf(&buf, "\t%s\n", imp.Path.Value) } } + buf.WriteString(")\n\n") } @@ -99,18 +103,18 @@ func processFile(filename string, outputFilename string) error { // Getter // func (s *Struct) FieldName() Type - buf.WriteString(fmt.Sprintf("func (s *%s) Get%s() %s {\n", structName, fieldName, valueType)) - buf.WriteString(fmt.Sprintf("\tif s == nil || s.%s == nil {\n", fieldName)) - buf.WriteString(fmt.Sprintf("\t\treturn *new(%s)\n", valueType)) // Zero value + fmt.Fprintf(&buf, "func (s *%s) Get%s() %s {\n", structName, fieldName, valueType) + fmt.Fprintf(&buf, "\tif s == nil || s.%s == nil {\n", fieldName) + fmt.Fprintf(&buf, "\t\treturn *new(%s)\n", valueType) // Zero value buf.WriteString("\t}\n") - buf.WriteString(fmt.Sprintf("\treturn *s.%s\n", fieldName)) + fmt.Fprintf(&buf, "\treturn *s.%s\n", fieldName) buf.WriteString("}\n\n") // Setter // func (s *Struct) SetFieldName(v Type) - buf.WriteString(fmt.Sprintf("func (s *%s) Set%s(v %s) {\n", structName, fieldName, valueType)) + fmt.Fprintf(&buf, "func (s *%s) Set%s(v %s) {\n", structName, fieldName, valueType) - buf.WriteString(fmt.Sprintf("\ts.%s = &v\n", fieldName)) + fmt.Fprintf(&buf, "\ts.%s = &v\n", fieldName) buf.WriteString("}\n\n") } } diff --git a/internal/internal/tools/accessorgen/gen/gen_test.go b/internal/internal/tools/accessorgen/gen/gen_test.go index 34ca990c..60af84a9 100644 --- a/internal/internal/tools/accessorgen/gen/gen_test.go +++ b/internal/internal/tools/accessorgen/gen/gen_test.go @@ -3,7 +3,7 @@ // Use of this software is governed by the Business Source License // included in the LICENSE file. -//go:build tools +//go:build sidero.tools package gen_test @@ -36,6 +36,7 @@ type Complex struct { } ` dir := t.TempDir() + inputFile := filepath.Join(dir, "input.go") if err := os.WriteFile(inputFile, []byte(inputContent), 0o644); err != nil { t.Fatalf("failed to write input file: %v", err) @@ -52,6 +53,7 @@ type Complex struct { if err != nil { t.Fatalf("failed to read output file: %v", err) } + output := string(content) expectedChecks := []string{ diff --git a/internal/internal/tools/accessorgen/gen/testdata/input.go b/internal/internal/tools/accessorgen/gen/testdata/input.go index 9f018b7a..3dd30986 100644 --- a/internal/internal/tools/accessorgen/gen/testdata/input.go +++ b/internal/internal/tools/accessorgen/gen/testdata/input.go @@ -3,7 +3,7 @@ // Use of this software is governed by the Business Source License // included in the LICENSE file. -//go:build tools +//go:build sidero.tools package testdata diff --git a/internal/internal/tools/accessorgen/main.go b/internal/internal/tools/accessorgen/main.go index 22341bfb..668a5f01 100644 --- a/internal/internal/tools/accessorgen/main.go +++ b/internal/internal/tools/accessorgen/main.go @@ -3,7 +3,7 @@ // Use of this software is governed by the Business Source License // included in the LICENSE file. -//go:build tools +//go:build sidero.tools package main diff --git a/internal/internal/tools/tsgen/ast.go b/internal/internal/tools/tsgen/ast.go index fe2ed749..bcd15a3f 100644 --- a/internal/internal/tools/tsgen/ast.go +++ b/internal/internal/tools/tsgen/ast.go @@ -3,7 +3,7 @@ // Use of this software is governed by the Business Source License // included in the LICENSE file. -//go:build tools +//go:build sidero.tools package main @@ -62,12 +62,14 @@ func FindTSGenConstants(f file) ([]ConstantWithDirective, error) { constants := FindConstants(f) var result []ConstantWithDirective + for _, constant := range constants { for _, comment := range constant.Doc { if directive, ok := extractTsGenDirective(comment); ok { if directive == "" { return nil, fmt.Errorf("empty directive in %s", constant.Name) } + result = append(result, ConstantWithDirective{ Constant: constant, Directive: directive, @@ -97,26 +99,27 @@ func extractTsGenDirective(comment string) (string, bool) { // Constant represents a constant with a doc, name and a value. type Constant struct { - Doc []string Name string Value string + Doc []string } // ConstantWithDirective represents a Constant with a directive. type ConstantWithDirective struct { - Constant Directive string + Constant } // FindConstants returns a list of constants in the given file. func FindConstants(file file) []Constant { var result []Constant + ast.Inspect(file.f, func(n ast.Node) bool { if decl, ok := n.(*ast.GenDecl); ok { if decl.Tok == token.CONST { if decl.Lparen == token.NoPos { - name := decl.Specs[0].(*ast.ValueSpec).Names[0] - obj := file.pkg.TypesInfo.Defs[name].(*types.Const) + name := decl.Specs[0].(*ast.ValueSpec).Names[0] //nolint:forcetypeassert,errcheck + obj := file.pkg.TypesInfo.Defs[name].(*types.Const) //nolint:forcetypeassert,errcheck value := obj.Val().String() result = append(result, Constant{ @@ -137,7 +140,7 @@ func FindConstants(file file) []Constant { } name := valueSpec.Names[0] - obj := file.pkg.TypesInfo.Defs[name].(*types.Const) + obj := file.pkg.TypesInfo.Defs[name].(*types.Const) //nolint:forcetypeassert,errcheck value := obj.Val().String() result = append(result, Constant{ @@ -151,6 +154,7 @@ func FindConstants(file file) []Constant { return false } + return true }) diff --git a/internal/internal/tools/tsgen/main.go b/internal/internal/tools/tsgen/main.go index 12b3abba..b5a848c8 100644 --- a/internal/internal/tools/tsgen/main.go +++ b/internal/internal/tools/tsgen/main.go @@ -3,7 +3,7 @@ // Use of this software is governed by the Business Source License // included in the LICENSE file. -//go:build tools +//go:build sidero.tools package main @@ -49,6 +49,7 @@ func run(dirsToParse []string, tags string, out string) error { if err != nil { return err } + result = append(result, filtered...) } @@ -60,14 +61,16 @@ func run(dirsToParse []string, tags string, out string) error { func createFoldersForFile(out string) error { dir := filepath.Dir(out) + return os.MkdirAll(dir, os.ModePerm) } -// getParams parses the command line parameters and returns the output file, the directory to parse and an error +// getParams parses the command line parameters and returns the output file, the directory to parse and an error. func getParams() (out string, dirsToParse []string, tags string, _ error) { flag.Usage = func() { fmt.Fprintf(os.Stderr, "Usage: %s -out \n", os.Args[0]) } + flag.StringVar(&out, "out", "", "output file") flag.StringVar(&tags, "tags", "", "build tags") flag.Parse() @@ -94,6 +97,7 @@ func getParams() (out string, dirsToParse []string, tags string, _ error) { // fillTemplate fills the provided Template with the given data. func fillTemplate(t *template.Template, data any) (string, error) { var buf strings.Builder + err := t.Execute(&buf, data) if err != nil { return "", err @@ -115,6 +119,7 @@ var Tpl string // SaveConstantsToFile saves the given constants to the given file. func SaveConstantsToFile(file string, data any) error { t := MakeTemplate("ts_gen", Tpl) + s, err := fillTemplate(t, data) if err != nil { return err @@ -133,7 +138,7 @@ func WriteFile(file string, s string) error { if err != nil { return err } - defer f.Close() + defer f.Close() //nolint:errcheck _, err = f.WriteString(s) if err != nil { diff --git a/internal/internal/tools/tsgen/main_test.go b/internal/internal/tools/tsgen/main_test.go index 9ceaee84..c41a5bab 100644 --- a/internal/internal/tools/tsgen/main_test.go +++ b/internal/internal/tools/tsgen/main_test.go @@ -3,7 +3,7 @@ // Use of this software is governed by the Business Source License // included in the LICENSE file. -//go:build tools +//go:build sidero.tools package main @@ -36,8 +36,7 @@ func Test_run(t *testing.T) { err := run([]string{"./testdata/good/pkg/."}, "tools", "testdata/good/out/resources.ts") require.NoError(t, err) t.Cleanup(func() { - err := os.RemoveAll("testdata/good/out") - require.NoError(t, err) + require.NoError(t, os.RemoveAll("testdata/good/out")) }) actual, err := os.ReadFile("testdata/good/out/resources.ts") diff --git a/internal/pkg/auth/check.go b/internal/pkg/auth/check.go index 8323f9c8..a2c85692 100644 --- a/internal/pkg/auth/check.go +++ b/internal/pkg/auth/check.go @@ -97,8 +97,6 @@ func WithVerifiedEmail() CheckOption { // Check checks the given context for the given authentication and authorization conditions. // // The returned error can be checked against ErrUnauthenticated and ErrUnauthorized. -// -//nolint:gocyclo,cyclop func Check(ctx context.Context, opt ...CheckOption) (CheckResult, error) { authVal, ok := ctxstore.Value[EnabledAuthContextKey](ctx) if !ok { diff --git a/internal/pkg/auth/interceptor/activity_test.go b/internal/pkg/auth/interceptor/activity_test.go index 97c51c61..1b51aa16 100644 --- a/internal/pkg/auth/interceptor/activity_test.go +++ b/internal/pkg/auth/interceptor/activity_test.go @@ -66,7 +66,7 @@ func TestActivity(t *testing.T) { assert.Empty(t, list.Items) }) - for _, tc := range []struct { //nolint:dupl + for _, tc := range []struct { ctxSetup func(ctx context.Context, identity string) context.Context name string identity string diff --git a/internal/pkg/config/config.go b/internal/pkg/config/config.go index 09ca4a64..77b9969c 100644 --- a/internal/pkg/config/config.go +++ b/internal/pkg/config/config.go @@ -263,8 +263,8 @@ func (p *Params) PopulateFallbacks() { p.Services.DevServerProxy.SetKeyFile(p.Services.Api.GetKeyFile()) } - if p.Auth.Auth0.InitialUsers != nil && p.Auth.InitialUsers == nil { //nolint:staticcheck - p.Auth.InitialUsers = p.Auth.Auth0.InitialUsers //nolint:staticcheck + if p.Auth.Auth0.InitialUsers != nil && p.Auth.InitialUsers == nil { + p.Auth.InitialUsers = p.Auth.Auth0.InitialUsers } } diff --git a/internal/pkg/grpcutil/server.go b/internal/pkg/grpcutil/server.go index 84d66aff..048600ab 100644 --- a/internal/pkg/grpcutil/server.go +++ b/internal/pkg/grpcutil/server.go @@ -37,7 +37,7 @@ func RunServer(ctx context.Context, server *grpc.Server, lis net.Listener, eg *e }) } -func serverGracefulStop(server *grpc.Server, ctx context.Context, logger *zap.Logger) { //nolint:revive +func serverGracefulStop(server *grpc.Server, ctx context.Context, logger *zap.Logger) { <-ctx.Done() stopped := make(chan struct{}) diff --git a/internal/pkg/jsonschema/jsonschema.go b/internal/pkg/jsonschema/jsonschema.go index 7ede9b1f..d99e6984 100644 --- a/internal/pkg/jsonschema/jsonschema.go +++ b/internal/pkg/jsonschema/jsonschema.go @@ -180,7 +180,7 @@ func collectLeafErrors(validationErr *jsonschema.ValidationError) []*jsonschema. } } -func (schema *Schema) formatLeafError(leaf *jsonschema.ValidationError) string { //nolint:cyclop +func (schema *Schema) formatLeafError(leaf *jsonschema.ValidationError) string { switch ek := leaf.ErrorKind.(type) { case *kind.Required: return schema.formatRequiredError(leaf, ek) diff --git a/internal/pkg/siderolink/logstore/sqlitelog/sqlitelog.go b/internal/pkg/siderolink/logstore/sqlitelog/sqlitelog.go index a907fc6a..d009b0ba 100644 --- a/internal/pkg/siderolink/logstore/sqlitelog/sqlitelog.go +++ b/internal/pkg/siderolink/logstore/sqlitelog/sqlitelog.go @@ -286,7 +286,7 @@ func (s *Store) Reader(ctx context.Context, nLines int, follow bool) (logstore.L } } - conn, next, stop, err := s.readerRows(ctx, nLines) //nolint:rowserrcheck // false positive, we do not iterate the logs here + conn, next, stop, err := s.readerRows(ctx, nLines) if err != nil { s.unsubscribe(followCh) close(closeCh) @@ -373,7 +373,7 @@ func (r *lineReader) fetchNextBatch(ctx context.Context) error { var err error - r.next, r.stop, err = r.store.readerRowsAfter(r.conn, r.lastLogID) //nolint:rowserrcheck // false positive, we do not iterate the logs here + r.next, r.stop, err = r.store.readerRowsAfter(r.conn, r.lastLogID) if err != nil { // If the context was canceled during the query, return EOF // to allow graceful shutdown of the reader loop. diff --git a/internal/pkg/siderolink/siderolink_test.go b/internal/pkg/siderolink/siderolink_test.go index d4d8e41a..35d70367 100644 --- a/internal/pkg/siderolink/siderolink_test.go +++ b/internal/pkg/siderolink/siderolink_test.go @@ -313,7 +313,6 @@ func (suite *SiderolinkSuite) TestNodeWithSeveralAdvertisedIPs() { ctx, cancel := context.WithTimeout(suite.ctx, time.Second*2) defer cancel() - //nolint:staticcheck rtestutils.AssertResources(ctx, suite.T(), suite.state, []string{ siderolink.DefaultJoinTokenID, }, func(r *siderolink.DefaultJoinToken, assertion *assert.Assertions) {