mirror of
https://github.com/gravitational/teleport
synced 2024-10-20 01:03:40 +00:00
Enable linters: deadcode,goimports,govet,typecheck
And fix the relevant findings for these linters. Also, set extra flags for `golangci-lint run` to make sure no findings are suppressed.
This commit is contained in:
parent
9e4f98d0ca
commit
d1ea40d074
5
Makefile
5
Makefile
|
@ -25,6 +25,7 @@ TELEPORT_DEBUG ?= no
|
|||
GITTAG=v$(VERSION)
|
||||
BUILDFLAGS ?= $(ADDFLAGS) -ldflags '-w -s'
|
||||
CGOFLAG ?= CGO_ENABLED=1
|
||||
GO_LINTERS ?= "unused,govet,typecheck,deadcode,goimports"
|
||||
|
||||
OS ?= $(shell go env GOOS)
|
||||
ARCH ?= $(shell go env GOARCH)
|
||||
|
@ -219,8 +220,10 @@ lint:
|
|||
--disable-all \
|
||||
--exclude-use-default \
|
||||
--skip-dirs vendor \
|
||||
--uniq-by-line=false \
|
||||
--max-same-issues=0 \
|
||||
--max-issues-per-linter 0 \
|
||||
--enable unused \
|
||||
--enable $(GO_LINTERS) \
|
||||
$(FLAGS)
|
||||
|
||||
# This rule triggers re-generation of version.go and gitref.go if Makefile changes
|
||||
|
|
|
@ -26,7 +26,6 @@ import (
|
|||
"io/ioutil"
|
||||
"net"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"os/exec"
|
||||
"os/user"
|
||||
|
@ -57,7 +56,6 @@ import (
|
|||
"github.com/gravitational/teleport/lib/tlsca"
|
||||
"github.com/gravitational/teleport/lib/utils"
|
||||
|
||||
"github.com/gravitational/roundtrip"
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/jonboulle/clockwork"
|
||||
log "github.com/sirupsen/logrus"
|
||||
|
@ -1418,24 +1416,6 @@ func closeAgent(teleAgent *teleagent.AgentServer, socketDirPath string) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// createWebClient builds a *client.WebClient that is used to simulate
|
||||
// browser requests.
|
||||
func createWebClient(cluster *TeleInstance, opts ...roundtrip.ClientParam) (*client.WebClient, error) {
|
||||
// Craft URL to Web UI.
|
||||
u := &url.URL{
|
||||
Scheme: "https",
|
||||
Host: cluster.Config.Proxy.WebAddr.Addr,
|
||||
}
|
||||
|
||||
opts = append(opts, roundtrip.HTTPClient(client.NewInsecureWebClient()))
|
||||
wc, err := client.NewWebClient(u.String(), opts...)
|
||||
if err != nil {
|
||||
return nil, trace.Wrap(err)
|
||||
}
|
||||
|
||||
return wc, nil
|
||||
}
|
||||
|
||||
func fatalIf(err error) {
|
||||
if err != nil {
|
||||
log.Fatalf("%v at %v", string(debug.Stack()), err)
|
||||
|
|
|
@ -1091,7 +1091,7 @@ func (a *AuthWithRoles) CreateResetPasswordToken(ctx context.Context, req Create
|
|||
a.EmitAuditEvent(events.ResetPasswordTokenCreated, events.EventFields{
|
||||
events.ResetPasswordTokenFor: req.Name,
|
||||
events.ResetPasswordTokenTTL: req.TTL.String(),
|
||||
events.EventUser: a.user.GetName(),
|
||||
events.EventUser: a.user.GetName(),
|
||||
})
|
||||
|
||||
return a.authServer.CreateResetPasswordToken(ctx, req)
|
||||
|
|
|
@ -21,6 +21,7 @@ import (
|
|||
"fmt"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"golang.org/x/crypto/ssh"
|
||||
|
@ -34,7 +35,6 @@ import (
|
|||
|
||||
"github.com/gravitational/trace"
|
||||
. "gopkg.in/check.v1"
|
||||
"testing"
|
||||
)
|
||||
|
||||
type AuthInitSuite struct {
|
||||
|
|
|
@ -37,15 +37,15 @@ import (
|
|||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/tstranex/u2f"
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/tstranex/u2f"
|
||||
)
|
||||
|
||||
type Key struct {
|
||||
keyHandle []byte
|
||||
keyHandle []byte
|
||||
privatekey *ecdsa.PrivateKey
|
||||
cert []byte
|
||||
counter uint32
|
||||
cert []byte
|
||||
counter uint32
|
||||
}
|
||||
|
||||
// The "websafe-base64 encoding" in the U2F specifications removes the padding
|
||||
|
@ -71,12 +71,12 @@ func selfSignPublicKey(keyToSign *ecdsa.PublicKey) (cert []byte, err error) {
|
|||
Subject: pkix.Name{
|
||||
Organization: []string{"Test CA"},
|
||||
},
|
||||
NotBefore: time.Now(),
|
||||
NotAfter: time.Now().Add(time.Hour),
|
||||
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
|
||||
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
|
||||
NotBefore: time.Now(),
|
||||
NotAfter: time.Now().Add(time.Hour),
|
||||
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
|
||||
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
|
||||
BasicConstraintsValid: true,
|
||||
IsCA: true,
|
||||
IsCA: true,
|
||||
}
|
||||
cert, err = x509.CreateCertificate(rand.Reader, &template, &template, keyToSign, caPrivateKey)
|
||||
if err != nil {
|
||||
|
@ -110,10 +110,10 @@ func CreateWithKeyHandle(keyHandle []byte) (*Key, error) {
|
|||
}
|
||||
|
||||
return &Key{
|
||||
keyHandle: keyHandle,
|
||||
keyHandle: keyHandle,
|
||||
privatekey: privatekey,
|
||||
cert: cert,
|
||||
counter: 1,
|
||||
cert: cert,
|
||||
counter: 1,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
@ -121,9 +121,9 @@ func (muk *Key) RegisterResponse(req *u2f.RegisterRequest) (*u2f.RegisterRespons
|
|||
appIDHash := sha256.Sum256([]byte(req.AppID))
|
||||
|
||||
clientData := u2f.ClientData{
|
||||
Typ: "navigator.id.finishEnrollment",
|
||||
Typ: "navigator.id.finishEnrollment",
|
||||
Challenge: req.Challenge,
|
||||
Origin: req.AppID,
|
||||
Origin: req.AppID,
|
||||
}
|
||||
clientDataJson, err := json.Marshal(clientData)
|
||||
if err != nil {
|
||||
|
@ -134,7 +134,7 @@ func (muk *Key) RegisterResponse(req *u2f.RegisterRequest) (*u2f.RegisterRespons
|
|||
marshalledPublickey := elliptic.Marshal(elliptic.P256(), muk.privatekey.PublicKey.X, muk.privatekey.PublicKey.Y)
|
||||
|
||||
var dataToSign []byte
|
||||
dataToSign = append(dataToSign[:], []byte{ 0 }[:]...)
|
||||
dataToSign = append(dataToSign[:], 0)
|
||||
dataToSign = append(dataToSign[:], appIDHash[:]...)
|
||||
dataToSign = append(dataToSign[:], clientDataHash[:]...)
|
||||
dataToSign = append(dataToSign[:], muk.keyHandle[:]...)
|
||||
|
@ -149,16 +149,16 @@ func (muk *Key) RegisterResponse(req *u2f.RegisterRequest) (*u2f.RegisterRespons
|
|||
}
|
||||
|
||||
var regData []byte
|
||||
regData = append(regData, []byte{ 5 }[:]...) // fixed by specification
|
||||
regData = append(regData, 5) // fixed by specification
|
||||
regData = append(regData, marshalledPublickey[:]...)
|
||||
regData = append(regData, []byte{ byte(len(muk.keyHandle)) }[:]...)
|
||||
regData = append(regData, byte(len(muk.keyHandle)))
|
||||
regData = append(regData, muk.keyHandle[:]...)
|
||||
regData = append(regData, muk.cert[:]...)
|
||||
regData = append(regData, sig[:]...)
|
||||
|
||||
return &u2f.RegisterResponse{
|
||||
RegistrationData: encodeBase64(regData),
|
||||
ClientData: encodeBase64(clientDataJson),
|
||||
ClientData: encodeBase64(clientDataJson),
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
@ -178,9 +178,9 @@ func (muk *Key) SignResponse(req *u2f.SignRequest) (*u2f.SignResponse, error) {
|
|||
muk.counter += 1
|
||||
|
||||
clientData := u2f.ClientData{
|
||||
Typ: "navigator.id.getAssertion",
|
||||
Typ: "navigator.id.getAssertion",
|
||||
Challenge: req.Challenge,
|
||||
Origin: req.AppID,
|
||||
Origin: req.AppID,
|
||||
}
|
||||
clientDataJson, err := json.Marshal(clientData)
|
||||
if err != nil {
|
||||
|
@ -190,7 +190,7 @@ func (muk *Key) SignResponse(req *u2f.SignRequest) (*u2f.SignResponse, error) {
|
|||
|
||||
var dataToSign []byte
|
||||
dataToSign = append(dataToSign, appIDHash[:]...)
|
||||
dataToSign = append(dataToSign, []byte{ 1 }[:]...) // user presence
|
||||
dataToSign = append(dataToSign, 1) // user presence
|
||||
dataToSign = append(dataToSign, counterBytes[:]...)
|
||||
dataToSign = append(dataToSign, clientDataHash[:]...)
|
||||
|
||||
|
@ -203,18 +203,17 @@ func (muk *Key) SignResponse(req *u2f.SignRequest) (*u2f.SignResponse, error) {
|
|||
}
|
||||
|
||||
var signData []byte
|
||||
signData = append(signData, []byte{ 1 }[:]...) // user presence
|
||||
signData = append(signData, 1) // user presence
|
||||
signData = append(signData, counterBytes[:]...)
|
||||
signData = append(signData, sig[:]...)
|
||||
|
||||
return &u2f.SignResponse{
|
||||
KeyHandle: req.KeyHandle,
|
||||
KeyHandle: req.KeyHandle,
|
||||
SignatureData: encodeBase64(signData),
|
||||
ClientData: encodeBase64(clientDataJson),
|
||||
ClientData: encodeBase64(clientDataJson),
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (muk *Key) SetCounter(counter uint32) {
|
||||
muk.counter = counter
|
||||
}
|
||||
|
||||
|
|
|
@ -310,12 +310,6 @@ func (k *Keygen) GenerateUserCert(c services.UserCertParams) ([]byte, error) {
|
|||
return ssh.MarshalAuthorizedKey(cert), nil
|
||||
}
|
||||
|
||||
const (
|
||||
principalLocalhost = "localhost"
|
||||
principalLoopbackV4 = "127.0.0.1"
|
||||
principalLoopbackV6 = "::1"
|
||||
)
|
||||
|
||||
// BuildPrincipals takes a hostID, nodeName, clusterName, and role and builds a list of
|
||||
// principals to insert into a certificate. This function is backward compatible with
|
||||
// older clients which means:
|
||||
|
|
|
@ -968,7 +968,6 @@ const (
|
|||
extCertType = "certtype@teleport"
|
||||
extAuthority = "auth@teleport"
|
||||
extCertTypeHost = "host"
|
||||
extCertTypeUser = "user"
|
||||
extCertRole = "role"
|
||||
|
||||
versionRequest = "x-teleport-version"
|
||||
|
|
|
@ -145,6 +145,7 @@ func NewSupervisor(id string) Supervisor {
|
|||
reloadContext, signalReload := context.WithCancel(context.TODO())
|
||||
|
||||
srv := &LocalSupervisor{
|
||||
state: stateCreated,
|
||||
id: id,
|
||||
services: []Service{},
|
||||
wg: &sync.WaitGroup{},
|
||||
|
|
|
@ -19,6 +19,7 @@ package local
|
|||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"testing"
|
||||
|
||||
"github.com/gravitational/teleport/lib/backend"
|
||||
"github.com/gravitational/teleport/lib/backend/lite"
|
||||
|
@ -28,7 +29,6 @@ import (
|
|||
"github.com/gravitational/trace"
|
||||
|
||||
"gopkg.in/check.v1"
|
||||
"testing"
|
||||
)
|
||||
|
||||
type PresenceSuite struct {
|
||||
|
|
|
@ -1426,6 +1426,7 @@ skiploop:
|
|||
}
|
||||
|
||||
for _, tc := range testCases {
|
||||
c.Logf("test case %q", tc.name)
|
||||
resource := tc.crud()
|
||||
|
||||
ExpectResource(c, w, 3*time.Second, resource)
|
||||
|
|
|
@ -18,6 +18,7 @@ package sshutils
|
|||
|
||||
import (
|
||||
"crypto"
|
||||
|
||||
"golang.org/x/crypto/ssh"
|
||||
|
||||
"github.com/gravitational/trace"
|
||||
|
|
|
@ -71,8 +71,8 @@ func GenerateSelfSignedCAWithPrivateKey(priv *rsa.PrivateKey, entity pkix.Name,
|
|||
NotAfter: notAfter,
|
||||
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
|
||||
BasicConstraintsValid: true,
|
||||
IsCA: true,
|
||||
DNSNames: dnsNames,
|
||||
IsCA: true,
|
||||
DNSNames: dnsNames,
|
||||
}
|
||||
|
||||
derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)
|
||||
|
|
|
@ -25,7 +25,7 @@ import (
|
|||
"github.com/gravitational/trace"
|
||||
|
||||
"github.com/ghodss/yaml"
|
||||
"github.com/json-iterator/go"
|
||||
jsoniter "github.com/json-iterator/go"
|
||||
kyaml "k8s.io/apimachinery/pkg/util/yaml"
|
||||
)
|
||||
|
||||
|
|
|
@ -46,6 +46,7 @@ type Cluster struct {
|
|||
ProxyVersion string `json:"proxyVersion"`
|
||||
}
|
||||
|
||||
//nolint:unused,deadcode
|
||||
var log = logrus.WithFields(logrus.Fields{
|
||||
trace.Component: teleport.ComponentProxy,
|
||||
})
|
||||
|
|
|
@ -97,7 +97,7 @@ func (rc *ResourceCommand) Initialize(app *kingpin.Application, config *service.
|
|||
|
||||
rc.getCmd = app.Command("get", "Print a YAML declaration of various Teleport resources")
|
||||
rc.getCmd.Arg("resources", "Resource spec: 'type/[name][,...]' or 'all'").Required().SetValue(&rc.refs)
|
||||
rc.getCmd.Flag("format", "Output format: 'yaml', 'json' or 'text'").Default(formatYAML).StringVar(&rc.format)
|
||||
rc.getCmd.Flag("format", "Output format: 'yaml', 'json' or 'text'").Default(teleport.YAML).StringVar(&rc.format)
|
||||
rc.getCmd.Flag("namespace", "Namespace of the resources").Hidden().Default(defaults.Namespace).StringVar(&rc.namespace)
|
||||
rc.getCmd.Flag("with-secrets", "Include secrets in resources like certificate authorities or OIDC connectors").Default("false").BoolVar(&rc.withSecrets)
|
||||
|
||||
|
@ -162,7 +162,7 @@ func (rc *ResourceCommand) Get(client auth.ClientI) error {
|
|||
}
|
||||
|
||||
func (rc *ResourceCommand) GetMany(client auth.ClientI) error {
|
||||
if rc.format != formatYAML {
|
||||
if rc.format != teleport.YAML {
|
||||
return trace.BadParameter("mixed resource types only support YAML formatting")
|
||||
}
|
||||
var resources []services.Resource
|
||||
|
@ -533,12 +533,6 @@ func (rc *ResourceCommand) getCollection(client auth.ClientI) (c ResourceCollect
|
|||
return nil, trace.BadParameter("'%v' is not supported", rc.ref.Kind)
|
||||
}
|
||||
|
||||
const (
|
||||
formatYAML = "yaml"
|
||||
formatText = "text"
|
||||
formatJSON = "json"
|
||||
)
|
||||
|
||||
// UpsertVerb generates the correct string form of a verb based on the action taken
|
||||
func UpsertVerb(exists bool, force bool) string {
|
||||
switch {
|
||||
|
|
Loading…
Reference in a new issue