-
Notifications
You must be signed in to change notification settings - Fork 82
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add "make lint" target and add to "make test" target #963
Comments
I have been thinking about this as well, there are a fair number of lint issues in the project but mostly easy stuff. Not sure we have any warnings now but some of the gosimple recommendations are pretty handy. might be able to get to this by the end of the month. Been wondering what we might get out of using one of the various 'golang.mk' templates that are out there as a base too. I will try and find the one that was my favorite for some work stuff, it has done us well but we were also starting way closer to zero :) |
https://github.com/AlexCuse/edgex-watermill/blob/master/golang.mk This is the one I usually use, it installs all its own dependencies in /bin |
Looking at our Makefile it seems simple enough. Could probably crib the dependency installation stuff from here so no need to document the linter install @bnevis-i One problem with the approach is may need to specify different targets for CI to use but I don't think it turns out that bad usually. I also have not really looked for a better way to solve it yet. |
@AlexCuse No need to worry about having the linter installed for CI. Since we did it for edgex-go, its already installed and available in CI for everyone else. The comments (in edgex-go) are for the developers, to warn them if they don't have the linter installed their PRs may fail when they get pushed. |
Understood. Do you think auto-installing what's needed would make it easier to contribute in general? |
I have a note on my desk for awhile to try and fix the lint issues before next code freeze but haven't been using the security linter - does it bring many extra warnings to the table @bnevis-i |
I honestly haven't run it for app-functions-sdk-go yet. There's also no requirement to do this prior to Jakarta release. |
Ran it this morning and only got a few new issues from the security linter. Just added the target/config you used in edgex-go:
I need to figure out a few things about the state of my system though it looks like I have gotten go 1.17.2 via an OS update and I'm seeing some fmt/vet issues on untouched files. |
In We should exempt InsecureSkipVerify as a false positive (// nolint:gosec) because we are taking that parameter from configuration.
I wonder if someone is willing to vouch for these, and if not, perhaps we should consider removing this implementation. |
@bnevis-i , this is the encryption implementation that was brought over from the old export service in the original App SDK impl. Please add this to the tomorrows Security WG meeting. |
I have all this stuff done except encryption.go in my main branch. Also fixed the gofmt issues that have cropped up since I updated go. Once you figure out what to do with encryption.go I can take care of that, add lint to the test target and bring a PR. |
Add lint make target and fix errors, using `nolint` for legacy encryption issues. Also fix gofmt/vet issues that cropped up with go 1.17. fix edgexfoundry#963 Signed-off-by: Alex Ullrich <alex.ullrich@gmail.com>
Add lint make target and fix errors, using `nolint` for legacy encryption issues. Also fix gofmt/vet issues that cropped up with go 1.17. fix edgexfoundry#963 Signed-off-by: Alex Ullrich <alex.ullrich@gmail.com>
@AlexCuse This one? https://github.com/golangci/golangci-lint/blob/master/install.sh Where does it say that it got deprecated? |
Add lint make target and fix errors, using `nolint` for legacy encryption issues. Also fix gofmt/vet issues that cropped up with go 1.17. fix edgexfoundry#963 Signed-off-by: Alex Ullrich <alex.ullrich@gmail.com>
Its actually the godownloader script that is referenced: goreleaser/godownloader#207 |
It seems to me that godownloader is the code generator for install.sh, and the project sill recommends install.sh as one of the preferred installation methods (https://golangci-lint.run/usage/install/#local-installation). It doesn't really bother me that much since: But if we think the script is going away, maybe we want to refer people to https://golangci-lint.run/usage/install instead of directly to the install.sh script. |
I am not worried about it either @bnevis-i just noticed it on a colleague's machine who didn't have lint installed. I deleted my comment when I realized it was in the script that golangci-lint references - agree we should continue to follow their recommendation :) |
Add lint make target and fix errors, using `nolint` for legacy encryption issues. Also fix gofmt/vet issues that cropped up with go 1.17. fix #963 Signed-off-by: Alex Ullrich <alex.ullrich@gmail.com>
Add lint make target and fix errors, using `nolint` for legacy encryption issues. Also fix gofmt/vet issues that cropped up with go 1.17. fix edgexfoundry#963 Signed-off-by: Alex Ullrich <alex.ullrich@gmail.com>
Should enable golangci-lint with default linters + gosec.
See edgexfoundry/edgex-go#3565
The text was updated successfully, but these errors were encountered: