Fix: Solves lint issues for migrating to Golangci-lint version2

.golangci.bck.yml

@@ -0,0 +1,27 @@
+run:
+  tests: false
+  modules-download-mode: readonly
+
+linters:
+  disable:
+    - unused
+  enable:
+    - gosec
+
+issues:
+  exclude-rules:
+    - text: "composite literal uses unkeyed fields"
+      linters:
+        - govet
+    - text: "certificateRequest.Attributes"
+      linters:
+        - staticcheck
+    - text: "G505"
+      linters:
+        - gosec
+    - text: "G401"
+      linters:
+        - gosec
+    - text: "h.Write"
+      linters:
+        - errcheck

.golangci.yml

@@ -1,27 +1,43 @@
+version: "2"
 run:
-  tests: false
   modules-download-mode: readonly
-
+  tests: false
 linters:
-  disable:
-    - unused
   enable:
     - gosec
-
-issues:
-  exclude-rules:
-    - text: "composite literal uses unkeyed fields"
-      linters:
-        - govet
-    - text: "certificateRequest.Attributes"
-      linters:
-        - staticcheck
-    - text: "G505"
-      linters:
-        - gosec
-    - text: "G401"
-      linters:
-        - gosec
-    - text: "h.Write"
-      linters:
-        - errcheck
+  disable:
+    - unused
+  exclusions:
+    generated: lax
+    presets:
+      - comments
+      - common-false-positives
+      - legacy
+      - std-error-handling
+    rules:
+      - linters:
+          - govet
+        text: composite literal uses unkeyed fields
+      - linters:
+          - staticcheck
+        text: certificateRequest.Attributes
+      - linters:
+          - gosec
+        text: G505
+      - linters:
+          - gosec
+        text: G401
+      - linters:
+          - errcheck
+        text: h.Write
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
+formatters:
+  exclusions:
+    generated: lax
+    paths:
+      - third_party$
+      - builtin$
+      - examples$

cmd/vcert/cmdCertificates.go

@@ -13,7 +13,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
+// TODO: we are ignoring this error "ST1005: error strings should not end with punctuation or newlines" since we still need
+// to determine how feasible is to change the error message, even if we remove a newline
+//nolint:staticcheck
 package main
 
 import (
@@ -501,13 +503,13 @@ func doCommandRenew1(c *cli.Context) error {
 		// will be just sending CSR to backend
 		req = fillCertificateRequest(req, &flags)
 
-	case "local" == flags.csrOption || "" == flags.csrOption:
+	case flags.csrOption == "local" || flags.csrOption == "":
 		// restore certificate request from old certificate
 		req = certificate.NewRequest(oldCert)
 		// override values with those from command line flags
 		req = fillCertificateRequest(req, &flags)
 
-	case "service" == flags.csrOption:
+	case flags.csrOption == "service":
 		// logger.Panic("service side renewal is not implemented")
 		req = fillCertificateRequest(req, &flags)
 

cmd/vcert/cmdCredentials.go

@@ -13,7 +13,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
+// TODO: we are ignoring this error "ST1005: error strings should not be capitalized" since we still need
+// to determine how feasible is to change the error message, even if we change the capitalized character(s)
+//nolint:staticcheck
 package main
 
 import (

cmd/vcert/cmdHelper.go

@@ -13,7 +13,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
+// TODO: we are ignoring this error "ST1005: error strings should not be capitalized" since we still need
+// to determine how feasible is to change the error message, even if we change the capitalized character(s)
+//nolint:staticcheck
 package main
 
 import (
@@ -263,15 +265,15 @@ func getVaaSCredentials(vaasConnector *cloud.Connector, cfg *vcert.Config) error
 			return outputJSON(apiKey)
 		} else {
 			var headerMessage string
-			if statusCode == http.StatusCreated {
+			switch statusCode {
+			case http.StatusCreated:
 				headerMessage = "the user account was created successfully. To complete the registration please review your email account and follow the link."
-			} else if statusCode == http.StatusAccepted {
+			case http.StatusAccepted:
 				headerMessage = "the user account already exists therefore the API Key was rotated. To complete the activation of the rotated API Key," +
 					" please review your email account and follow the link."
-			} else { // only is expected that the status code returned is 201 or 202
+			default: // we only expected that the status code returned is either 201 or 202
 				return fmt.Errorf("unexpected http status code when the useraccount is tried to be created or api key rotated: %d", statusCode)
 			}
-
 			fmt.Println(headerMessage)
 			fmt.Println("api_key: ", apiKey.Key)
 			fmt.Println("api_key_expires: ", apiKey.ValidityEndDateString)

cmd/vcert/cmdPolicies.go

@@ -99,17 +99,18 @@ func doCommandCreatePolicy(c *cli.Context) error {
 	//based on the extension call the appropriate method to feed the policySpecification
 	//structure.
 	var policySpecification policy.PolicySpecification
-	if fileExt == policy.JsonExtension {
+	switch fileExt {
+	case policy.JsonExtension:
 		err = json.Unmarshal(bytes, &policySpecification)
 		if err != nil {
 			return err
 		}
-	} else if fileExt == policy.YamlExtension {
+	case policy.YamlExtension:
 		err = yaml.Unmarshal(bytes, &policySpecification)
 		if err != nil {
 			return err
 		}
-	} else {
+	default:
 		return fmt.Errorf("the specified file is not supported")
 	}
 
@@ -183,18 +184,19 @@ func doCommandGetPolicy(c *cli.Context) error {
 
 		fileExt := policy.GetFileType(policySpecLocation)
 		fileExt = strings.ToLower(fileExt)
-		if fileExt == policy.JsonExtension {
-			b, _ = json.MarshalIndent(ps, "", "  ")
+		switch fileExt {
+		case policy.JsonExtension:
+			b, err = json.MarshalIndent(ps, "", "  ")
 			if err != nil {
 				return err
 			}
-		} else if fileExt == policy.YamlExtension {
-			b, _ = yaml.Marshal(ps)
+		case policy.YamlExtension:
+			b, err = yaml.Marshal(ps)
 			if err != nil {
 				return err
 			}
-		} else {
-			return fmt.Errorf("the specified byte is not supported")
+		default:
+			return fmt.Errorf("the specified file is not supported")
 		}
 
 		err = os.WriteFile(policySpecLocation, b, 0600)
@@ -204,9 +206,7 @@ func doCommandGetPolicy(c *cli.Context) error {
 		log.Printf("policy was written in: %s", policySpecLocation)
 
 	} else {
-
-		b, _ = json.MarshalIndent(ps, "", "  ")
-
+		b, err = json.MarshalIndent(ps, "", "  ")
 		if err != nil {
 			return err
 		}

cmd/vcert/cmdSSHCertificates.go

@@ -13,7 +13,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
+// TODO: we are ignoring this error "ST1005: error strings should not be capitalized" since we still need
+// to determine how feasible is to change the error message, even if we change the capitalized character(s)
+//nolint:staticcheck
 package main
 
 import (

cmd/vcert/config.go

@@ -76,7 +76,7 @@ func buildConfig(c *cli.Context, flags *commandFlags) (cfg vcert.Config, err err
 	}
 
 	if c.Command.Name == commandEnrollName || c.Command.Name == commandPickupName {
-		if cfg.Zone == "" && cfg.ConnectorType != endpoint.ConnectorTypeFake && !(flags.pickupID != "" || flags.pickupIDFile != "") {
+		if cfg.Zone == "" && cfg.ConnectorType != endpoint.ConnectorTypeFake && (flags.pickupID == "" && flags.pickupIDFile == "") {
 			return cfg, fmt.Errorf("zone cannot be empty. Use -z option")
 		}
 	}

cmd/vcert/passwords.go

@@ -13,7 +13,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
+// TODO: we are ignoring this error "ST1005: error strings should not be capitalized" since we still need
+// to determine how feasible is to change the error message, even if we change the capitalized character(s)
+//nolint:staticcheck
 package main
 
 import (

cmd/vcert/result_writer.go

@@ -330,17 +330,20 @@ func (r *Result) Flush() error {
 		allFileOutput.CSR = r.Pcc.CSR
 
 		var fileBytes []byte
-		if r.Config.Format == P12Format || r.Config.Format == LegacyP12Format {
+		switch r.Config.Format {
+		case LegacyP12Format:
+			fallthrough
+		case P12Format:
 			fileBytes, err = allFileOutput.AsPKCS12(r.Config)
 			if err != nil {
 				return fmt.Errorf("failed to encode pkcs12: %s", err)
 			}
-		} else if r.Config.Format == JKSFormat {
+		case JKSFormat:
 			fileBytes, err = allFileOutput.AsJKS(r.Config)
 			if err != nil {
 				return err
 			}
-		} else {
+		default:
 			fileBytes, err = allFileOutput.Format(r.Config)
 			if err != nil {
 				return err

cmd/vcert/slices.go

@@ -13,7 +13,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
+// TODO: we are ignoring this error "ST1005: error strings should not be capitalized" since we still need
+// to determine how feasible is to change the error message, even if we change the capitalized character(s)
+//nolint:staticcheck
 package main
 
 import (

cmd/vcert/utils.go

@@ -134,7 +134,7 @@ func fillCertificateRequest(req *certificate.Request, cf *commandFlags) *certifi
 	req.CustomFields = append(req.CustomFields, certificate.CustomField{Name: "Origin", Value: origin, Type: certificate.CustomFieldOrigin})
 
 	switch true {
-	case 0 == strings.Index(cf.csrOption, "file:"):
+	case strings.Index(cf.csrOption, "file:") == 0:
 		var err error
 		csrFileName := cf.csrOption[5:]
 		csr, err := readCSRfromFile(csrFileName)
@@ -147,7 +147,7 @@ func fillCertificateRequest(req *certificate.Request, cf *commandFlags) *certifi
 		}
 		req.CsrOrigin = certificate.UserProvidedCSR
 
-	case "service" == cf.csrOption:
+	case cf.csrOption == "service":
 		if cf.keyType != nil {
 			req.KeyType = *cf.keyType
 		}
@@ -161,7 +161,7 @@ func fillCertificateRequest(req *certificate.Request, cf *commandFlags) *certifi
 		}
 		req.CsrOrigin = certificate.ServiceGeneratedCSR
 
-	default: // "local" == cf.csrOption:
+	default: // cf.csrOption == "local"
 		if cf.keyType != nil {
 			req.KeyType = *cf.keyType
 		}
@@ -225,7 +225,7 @@ func readThumbprintFromFile(fname string) (string, error) {
 
 	// check if there's a thumbprint in the file
 	s := strings.TrimSpace(string(bytes))
-	s = strings.Replace(s, ":", "", -1)
+	s = strings.ReplaceAll(s, ":", "")
 	s = strings.ToUpper(s)
 	matched, _ := regexp.MatchString("^[A-F0-9]{40}$", s)
 	if matched {

cmd/vcert/validators.go

@@ -13,7 +13,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
+// TODO: we are ignoring this error "ST1005: error strings should not be capitalized" since we still need
+// to determine how feasible is to change the error message, even if we change the capitalized character(s)
+//nolint:staticcheck
 package main
 
 import (

config.go

@@ -287,7 +287,7 @@ func validateSection(s *ini.Section) error {
 
 		if m.has(fireflyClientIdKey) {
 			//if it's not set any Flow Grant
-			if !((m.has(fireflyUserKey) && m.has(fireflyPasswordKey)) || m.has(fireflyClientSecretKey) || m.has(fireflyDeviceUrlKey)) {
+			if (!m.has(fireflyUserKey) || !m.has(fireflyPasswordKey)) && !m.has(fireflyClientSecretKey) && !m.has(fireflyDeviceUrlKey) {
 				return fmt.Errorf("configuration issue in section %s: The OAuth Client ID is set but is not set any OAuth Flow grant", s.Name())
 			}
 

examples/provisionWithServiceAccount/main.go

@@ -15,7 +15,7 @@ const (
 	vcpURL       = "VCP_URL"
 	vcpZone      = "VCP_ZONE"
 	vcpApiKey    = "CLOUD_APIKEY"
-	vcpTokenURL  = "VCP_TOKEN_URL"
+	vcpTokenURL  = "VCP_TOKEN_URL" // #nosec G101 // This is not a hardcoded credential
 	vcpJWT       = "VCP_JWT"
 	envVarNotSet = "environment variable not set: %s"