From b8f50f60ff1078075aaea46be947afb32f2fdc2b Mon Sep 17 00:00:00 2001 From: cpanato Date: Sat, 10 Sep 2022 12:43:34 -0700 Subject: [PATCH] fix lints and remove ioutils deprecations Signed-off-by: cpanato --- pkg/cryptoutils/certificate.go | 1 + pkg/cryptoutils/password.go | 4 ++-- pkg/fulcioroots/fulcioroots.go | 1 + pkg/oauth/interactive.go | 1 + pkg/oauth/internal/token.go | 4 ++-- pkg/oauth/internal/token_test.go | 6 +++--- pkg/oauth/oidc/interactive.go | 1 + pkg/oauthflow/device.go | 9 +++++---- pkg/signature/dsse/adapters.go | 1 + pkg/signature/dsse/dsse.go | 5 ++--- pkg/signature/dsse/multidsse.go | 5 ++--- pkg/signature/kms/aws/client.go | 1 + pkg/signature/kms/azure/client.go | 1 + pkg/signature/kms/fake/signer.go | 1 + pkg/signature/kms/gcp/client.go | 1 + pkg/signature/kms/hashivault/client.go | 1 + pkg/signature/kms/kms.go | 1 + pkg/signature/options/context.go | 1 + pkg/signature/payload/payload.go | 1 + pkg/signature/signer.go | 4 ++-- pkg/signature/signerverifier.go | 4 ++-- pkg/signature/ssh/armor.go | 1 + pkg/signature/ssh/sign.go | 3 +-- pkg/signature/ssh/sign_test.go | 6 +++--- pkg/signature/ssh/verify.go | 3 +-- pkg/signature/verifier.go | 4 ++-- pkg/tuf/client.go | 3 +-- pkg/tuf/client_test.go | 9 ++++----- pkg/tuf/testutils.go | 5 ++--- 29 files changed, 48 insertions(+), 40 deletions(-) diff --git a/pkg/cryptoutils/certificate.go b/pkg/cryptoutils/certificate.go index 21c268550..9828192c4 100644 --- a/pkg/cryptoutils/certificate.go +++ b/pkg/cryptoutils/certificate.go @@ -13,6 +13,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package cryptoutils TODO: add meaningfull description package cryptoutils import ( diff --git a/pkg/cryptoutils/password.go b/pkg/cryptoutils/password.go index 31011f34c..89dd05e01 100644 --- a/pkg/cryptoutils/password.go +++ b/pkg/cryptoutils/password.go @@ -18,7 +18,7 @@ package cryptoutils import ( "errors" "fmt" - "io/ioutil" + "io" "os" "golang.org/x/term" @@ -50,7 +50,7 @@ func readPasswordFn() func() ([]byte, error) { } // Handle piped in passwords. return func() ([]byte, error) { - return ioutil.ReadAll(os.Stdin) + return io.ReadAll(os.Stdin) } } diff --git a/pkg/fulcioroots/fulcioroots.go b/pkg/fulcioroots/fulcioroots.go index 4aae36f7b..271311476 100644 --- a/pkg/fulcioroots/fulcioroots.go +++ b/pkg/fulcioroots/fulcioroots.go @@ -13,6 +13,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package fulcioroots TODO: add meaningfull description package fulcioroots import ( diff --git a/pkg/oauth/interactive.go b/pkg/oauth/interactive.go index e51b521c1..060023142 100644 --- a/pkg/oauth/interactive.go +++ b/pkg/oauth/interactive.go @@ -12,6 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package oauth TODO: add meaningfull description package oauth const ( diff --git a/pkg/oauth/internal/token.go b/pkg/oauth/internal/token.go index bd62b420c..d53e7f06b 100644 --- a/pkg/oauth/internal/token.go +++ b/pkg/oauth/internal/token.go @@ -12,13 +12,13 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package internal TODO: add meaningfull description package internal import ( "encoding/json" "fmt" "io" - "io/ioutil" "mime" "net/http" "net/url" @@ -136,7 +136,7 @@ func parseAccessTokenError(body []byte, contentType string) (respErr *ErrorToken // ParseAccessTokenResponse parses an RFC6749 access token response and returns either an `*oauth2.Token` on success, an `*ErrorTokenResponse` on failure, or any other error if the response cannot be parsed. // See: https://datatracker.ietf.org/doc/html/rfc6749#section-5 func ParseAccessTokenResponse(tokenResp *http.Response) (token *oauth2.Token, err error) { - body, err := ioutil.ReadAll(io.LimitReader(tokenResp.Body, 1<<20)) + body, err := io.ReadAll(io.LimitReader(tokenResp.Body, 1<<20)) if err != nil { return nil, err } diff --git a/pkg/oauth/internal/token_test.go b/pkg/oauth/internal/token_test.go index beb672c80..1af062b38 100644 --- a/pkg/oauth/internal/token_test.go +++ b/pkg/oauth/internal/token_test.go @@ -18,7 +18,7 @@ import ( "bytes" "errors" "fmt" - "io/ioutil" + "io" "net/http" "net/url" "reflect" @@ -119,7 +119,7 @@ func TestParseAccessTokenSuccessResponse(t *testing.T) { t.Run(tc.desc, func(t *testing.T) { testResp := &http.Response{ StatusCode: http.StatusOK, - Body: ioutil.NopCloser(bytes.NewReader(tc.respBody)), + Body: io.NopCloser(bytes.NewReader(tc.respBody)), } if tc.respContentType != "" { testResp.Header = make(http.Header, 1) @@ -208,7 +208,7 @@ func TestParseAccessTokenFailResponse(t *testing.T) { t.Run(tc.desc, func(t *testing.T) { testResp := &http.Response{ StatusCode: tc.respStatusCode, - Body: ioutil.NopCloser(bytes.NewReader(tc.respBody)), + Body: io.NopCloser(bytes.NewReader(tc.respBody)), } if tc.respContentType != "" { testResp.Header = make(http.Header, 1) diff --git a/pkg/oauth/oidc/interactive.go b/pkg/oauth/oidc/interactive.go index 7d0cc1aa0..8c52a5257 100644 --- a/pkg/oauth/oidc/interactive.go +++ b/pkg/oauth/oidc/interactive.go @@ -12,6 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package oidc TODO: add meaningfull description package oidc import ( diff --git a/pkg/oauthflow/device.go b/pkg/oauthflow/device.go index 8ce570da1..ad5d3270b 100644 --- a/pkg/oauthflow/device.go +++ b/pkg/oauthflow/device.go @@ -13,13 +13,14 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package oauthflow TODO: add meaningfull description package oauthflow import ( "context" "encoding/json" "fmt" - "io/ioutil" + "io" "net/http" "net/url" "strings" @@ -111,7 +112,7 @@ func (d *DeviceFlowTokenGetter) deviceFlow(p *oidc.Provider, clientID, redirectU } defer resp.Body.Close() - b, err := ioutil.ReadAll(resp.Body) + b, err := io.ReadAll(resp.Body) if err != nil { return "", err } @@ -146,7 +147,7 @@ func (d *DeviceFlowTokenGetter) deviceFlow(p *oidc.Provider, clientID, redirectU } defer resp.Body.Close() - b, err := ioutil.ReadAll(resp.Body) + b, err := io.ReadAll(resp.Body) if err != nil { return "", err } @@ -213,7 +214,7 @@ func (d *DeviceFlowTokenGetter) CodeURL() (string, error) { } defer resp.Body.Close() - body, err := ioutil.ReadAll(resp.Body) + body, err := io.ReadAll(resp.Body) if err != nil { return "", fmt.Errorf("unable to read response body: %w", err) } diff --git a/pkg/signature/dsse/adapters.go b/pkg/signature/dsse/adapters.go index dc18ea312..4a04587b4 100644 --- a/pkg/signature/dsse/adapters.go +++ b/pkg/signature/dsse/adapters.go @@ -13,6 +13,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package dsse TODO: add meaningfull description package dsse import ( diff --git a/pkg/signature/dsse/dsse.go b/pkg/signature/dsse/dsse.go index cc1ebf0fa..f3a22da4e 100644 --- a/pkg/signature/dsse/dsse.go +++ b/pkg/signature/dsse/dsse.go @@ -21,7 +21,6 @@ import ( "encoding/base64" "encoding/json" "io" - "io/ioutil" "github.com/secure-systems-lab/go-securesystemslib/dsse" "github.com/sigstore/sigstore/pkg/signature" @@ -47,7 +46,7 @@ func (w *wrappedSigner) PublicKey(opts ...signature.PublicKeyOption) (crypto.Pub // SignMessage signs the provided stream in the reader using the DSSE encoding format func (w *wrappedSigner) SignMessage(r io.Reader, opts ...signature.SignOption) ([]byte, error) { - p, err := ioutil.ReadAll(r) + p, err := io.ReadAll(r) if err != nil { return nil, err } @@ -87,7 +86,7 @@ func (w *wrappedVerifier) PublicKey(opts ...signature.PublicKeyOption) (crypto.P // VerifySignature verifies the signature specified in an DSSE envelope func (w *wrappedVerifier) VerifySignature(s, _ io.Reader, opts ...signature.VerifyOption) error { - sig, err := ioutil.ReadAll(s) + sig, err := io.ReadAll(s) if err != nil { return err } diff --git a/pkg/signature/dsse/multidsse.go b/pkg/signature/dsse/multidsse.go index 73252d92f..e48312edc 100644 --- a/pkg/signature/dsse/multidsse.go +++ b/pkg/signature/dsse/multidsse.go @@ -20,7 +20,6 @@ import ( "encoding/json" "errors" "io" - "io/ioutil" "github.com/secure-systems-lab/go-securesystemslib/dsse" "github.com/sigstore/sigstore/pkg/signature" @@ -67,7 +66,7 @@ func (wL *wrappedMultiSigner) PublicKey(opts ...signature.PublicKeyOption) (cryp // SignMessage signs the provided stream in the reader using the DSSE encoding format func (wL *wrappedMultiSigner) SignMessage(r io.Reader, opts ...signature.SignOption) ([]byte, error) { - p, err := ioutil.ReadAll(r) + p, err := io.ReadAll(r) if err != nil { return nil, err } @@ -129,7 +128,7 @@ func (wL *wrappedMultiVerifier) PublicKey(opts ...signature.PublicKeyOption) (cr // VerifySignature verifies the signature specified in an DSSE envelope func (wL *wrappedMultiVerifier) VerifySignature(s, _ io.Reader, opts ...signature.VerifyOption) error { - sig, err := ioutil.ReadAll(s) + sig, err := io.ReadAll(s) if err != nil { return err } diff --git a/pkg/signature/kms/aws/client.go b/pkg/signature/kms/aws/client.go index ac8a576a1..57cb03535 100644 --- a/pkg/signature/kms/aws/client.go +++ b/pkg/signature/kms/aws/client.go @@ -13,6 +13,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package aws implement the interface with amazon aws kms service package aws import ( diff --git a/pkg/signature/kms/azure/client.go b/pkg/signature/kms/azure/client.go index a6b7780a2..c45444892 100644 --- a/pkg/signature/kms/azure/client.go +++ b/pkg/signature/kms/azure/client.go @@ -13,6 +13,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package azure implement the interface with microsoft azure kms service package azure import ( diff --git a/pkg/signature/kms/fake/signer.go b/pkg/signature/kms/fake/signer.go index 827824ba5..1393ba07a 100644 --- a/pkg/signature/kms/fake/signer.go +++ b/pkg/signature/kms/fake/signer.go @@ -12,6 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package fake implements fake signer to be used in tests package fake import ( diff --git a/pkg/signature/kms/gcp/client.go b/pkg/signature/kms/gcp/client.go index 05a1c7eb0..9215309ea 100644 --- a/pkg/signature/kms/gcp/client.go +++ b/pkg/signature/kms/gcp/client.go @@ -13,6 +13,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package gcp implement the interface with google cloud kms service package gcp import ( diff --git a/pkg/signature/kms/hashivault/client.go b/pkg/signature/kms/hashivault/client.go index 7a8242582..8f54acda3 100644 --- a/pkg/signature/kms/hashivault/client.go +++ b/pkg/signature/kms/hashivault/client.go @@ -13,6 +13,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package hashivault implement the interface with hashivault kms service package hashivault import ( diff --git a/pkg/signature/kms/kms.go b/pkg/signature/kms/kms.go index e48ceb9f2..7095eb10f 100644 --- a/pkg/signature/kms/kms.go +++ b/pkg/signature/kms/kms.go @@ -13,6 +13,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package kms implements the interface to access various ksm services package kms import ( diff --git a/pkg/signature/options/context.go b/pkg/signature/options/context.go index 903e6261b..be39c3f76 100644 --- a/pkg/signature/options/context.go +++ b/pkg/signature/options/context.go @@ -13,6 +13,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package options TODO: add meaningfull description package options import ( diff --git a/pkg/signature/payload/payload.go b/pkg/signature/payload/payload.go index c58368433..422e5cd99 100644 --- a/pkg/signature/payload/payload.go +++ b/pkg/signature/payload/payload.go @@ -13,6 +13,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package payload TODO: add meaningfull description package payload import ( diff --git a/pkg/signature/signer.go b/pkg/signature/signer.go index 6dad67d08..3bd3823cb 100644 --- a/pkg/signature/signer.go +++ b/pkg/signature/signer.go @@ -22,7 +22,7 @@ import ( "crypto/rsa" "errors" "io" - "io/ioutil" + "os" "path/filepath" // these ensure we have the implementations loaded @@ -77,7 +77,7 @@ func LoadSigner(privateKey crypto.PrivateKey, hashFunc crypto.Hash) (Signer, err // RSAPSSSigner is desired instead, use the LoadRSAPSSSigner() and // cryptoutils.UnmarshalPEMToPrivateKey() methods directly. func LoadSignerFromPEMFile(path string, hashFunc crypto.Hash, pf cryptoutils.PassFunc) (Signer, error) { - fileBytes, err := ioutil.ReadFile(filepath.Clean(path)) + fileBytes, err := os.ReadFile(filepath.Clean(path)) if err != nil { return nil, err } diff --git a/pkg/signature/signerverifier.go b/pkg/signature/signerverifier.go index 9592654ed..90667f2a8 100644 --- a/pkg/signature/signerverifier.go +++ b/pkg/signature/signerverifier.go @@ -21,7 +21,7 @@ import ( "crypto/ed25519" "crypto/rsa" "errors" - "io/ioutil" + "os" "path/filepath" "github.com/sigstore/sigstore/pkg/cryptoutils" @@ -57,7 +57,7 @@ func LoadSignerVerifier(privateKey crypto.PrivateKey, hashFunc crypto.Hash) (Sig // RSAPSSSignerVerifier is desired instead, use the LoadRSAPSSSignerVerifier() and // cryptoutils.UnmarshalPEMToPrivateKey() methods directly. func LoadSignerVerifierFromPEMFile(path string, hashFunc crypto.Hash, pf cryptoutils.PassFunc) (SignerVerifier, error) { - fileBytes, err := ioutil.ReadFile(filepath.Clean(path)) + fileBytes, err := os.ReadFile(filepath.Clean(path)) if err != nil { return nil, err } diff --git a/pkg/signature/ssh/armor.go b/pkg/signature/ssh/armor.go index 38ffd8540..9e9bbe669 100644 --- a/pkg/signature/ssh/armor.go +++ b/pkg/signature/ssh/armor.go @@ -13,6 +13,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package ssh TODO: add meaningfull description package ssh import ( diff --git a/pkg/signature/ssh/sign.go b/pkg/signature/ssh/sign.go index a595291f5..22ca76dca 100644 --- a/pkg/signature/ssh/sign.go +++ b/pkg/signature/ssh/sign.go @@ -22,7 +22,6 @@ import ( "crypto/sha512" "hash" "io" - "io/ioutil" "github.com/sigstore/sigstore/pkg/signature" "golang.org/x/crypto/ssh" @@ -99,7 +98,7 @@ func (s *Signer) PublicKey(opts ...signature.PublicKeyOption) (crypto.PublicKey, // SignMessage signs the supplied message. func (s *Signer) SignMessage(message io.Reader, opts ...signature.SignOption) ([]byte, error) { - b, err := ioutil.ReadAll(message) + b, err := io.ReadAll(message) if err != nil { return nil, err } diff --git a/pkg/signature/ssh/sign_test.go b/pkg/signature/ssh/sign_test.go index e09ba9599..8103927f7 100644 --- a/pkg/signature/ssh/sign_test.go +++ b/pkg/signature/ssh/sign_test.go @@ -17,7 +17,7 @@ package ssh import ( "bytes" - "io/ioutil" + "os" "os/exec" "path/filepath" "strings" @@ -168,7 +168,7 @@ func TestFromOpenSSH(t *testing.T) { sigPath := dataPath + ".sig" run(t, nil, "ssh-keygen", "-Y", "sign", "-n", "file", "-f", privPath, dataPath) - sigBytes, err := ioutil.ReadFile(sigPath) + sigBytes, err := os.ReadFile(sigPath) if err != nil { t.Fatal(err) } @@ -322,7 +322,7 @@ func TestRoundTrip(t *testing.T) { func write(t *testing.T, d []byte, fp ...string) string { p := filepath.Join(fp...) - if err := ioutil.WriteFile(p, d, 0o600); err != nil { + if err := os.WriteFile(p, d, 0o600); err != nil { t.Fatal(err) } return p diff --git a/pkg/signature/ssh/verify.go b/pkg/signature/ssh/verify.go index b90b06706..1bfde6ac2 100644 --- a/pkg/signature/ssh/verify.go +++ b/pkg/signature/ssh/verify.go @@ -17,7 +17,6 @@ package ssh import ( "io" - "io/ioutil" "github.com/sigstore/sigstore/pkg/signature" "golang.org/x/crypto/ssh" @@ -51,7 +50,7 @@ var _ signature.Verifier = (*Signer)(nil) // VerifySignature verifies a suppled signature. func (s *Signer) VerifySignature(signature, message io.Reader, opts ...signature.VerifyOption) error { - b, err := ioutil.ReadAll(signature) + b, err := io.ReadAll(signature) if err != nil { return err } diff --git a/pkg/signature/verifier.go b/pkg/signature/verifier.go index ea8660efc..9ca604929 100644 --- a/pkg/signature/verifier.go +++ b/pkg/signature/verifier.go @@ -22,7 +22,7 @@ import ( "crypto/rsa" "errors" "io" - "io/ioutil" + "os" "path/filepath" "github.com/sigstore/sigstore/pkg/cryptoutils" @@ -86,7 +86,7 @@ func LoadUnsafeVerifier(publicKey crypto.PublicKey) (Verifier, error) { // If the publickey is an RSA key, a RSAPKCS1v15Verifier will be returned. If a // RSAPSSVerifier is desired instead, use the LoadRSAPSSVerifier() and cryptoutils.UnmarshalPEMToPublicKey() methods directly. func LoadVerifierFromPEMFile(path string, hashFunc crypto.Hash) (Verifier, error) { - fileBytes, err := ioutil.ReadFile(filepath.Clean(path)) + fileBytes, err := os.ReadFile(filepath.Clean(path)) if err != nil { return nil, err } diff --git a/pkg/tuf/client.go b/pkg/tuf/client.go index a43579cf6..6145f53ce 100644 --- a/pkg/tuf/client.go +++ b/pkg/tuf/client.go @@ -24,7 +24,6 @@ import ( "fmt" "io" "io/fs" - "io/ioutil" "net/url" "os" "path" @@ -434,7 +433,7 @@ func (t *TUF) updateClient() (data.TargetFiles, error) { continue } defer r.Close() - b, err := ioutil.ReadAll(r) + b, err := io.ReadAll(r) if err != nil { continue } diff --git a/pkg/tuf/client_test.go b/pkg/tuf/client_test.go index be128c32f..a12826d83 100644 --- a/pkg/tuf/client_test.go +++ b/pkg/tuf/client_test.go @@ -20,7 +20,6 @@ import ( "context" "encoding/json" "io/fs" - "io/ioutil" "net/http" "net/http/httptest" "os" @@ -519,7 +518,7 @@ func newTufCustomRepo(t *testing.T, td, targetData string) (tuf.LocalStore, *tuf if err := os.MkdirAll(filepath.Dir(targetPath), 0o755); err != nil { t.Error(err) } - if err := ioutil.WriteFile(targetPath, []byte(targetData), 0o600); err != nil { + if err := os.WriteFile(targetPath, []byte(targetData), 0o600); err != nil { t.Error(err) } if err := r.AddTarget(name, scm); err != nil { @@ -549,7 +548,7 @@ func addNewCustomTarget(t *testing.T, td string, r *tuf.Repo, targetData map[str if err := os.MkdirAll(filepath.Dir(targetPath), 0o755); err != nil { t.Error(err) } - if err := ioutil.WriteFile(targetPath, []byte(data), 0o600); err != nil { + if err := os.WriteFile(targetPath, []byte(data), 0o600); err != nil { t.Error(err) } if err := r.AddTarget(name, scmActive); err != nil { @@ -586,7 +585,7 @@ func newTufRepo(t *testing.T, td, targetData string) (tuf.LocalStore, *tuf.Repo) if err := os.MkdirAll(filepath.Dir(targetPath), 0o755); err != nil { t.Error(err) } - if err := ioutil.WriteFile(targetPath, []byte(targetData), 0o600); err != nil { + if err := os.WriteFile(targetPath, []byte(targetData), 0o600); err != nil { t.Error(err) } if err := r.AddTarget("foo.txt", nil); err != nil { @@ -609,7 +608,7 @@ func updateTufRepo(t *testing.T, td string, r *tuf.Repo, targetData string) { if err := os.MkdirAll(filepath.Dir(targetPath), 0o755); err != nil { t.Error(err) } - if err := ioutil.WriteFile(targetPath, []byte(targetData), 0o600); err != nil { + if err := os.WriteFile(targetPath, []byte(targetData), 0o600); err != nil { t.Error(err) } if err := r.AddTarget("foo.txt", nil); err != nil { diff --git a/pkg/tuf/testutils.go b/pkg/tuf/testutils.go index c3e9d97be..42c6f39c5 100644 --- a/pkg/tuf/testutils.go +++ b/pkg/tuf/testutils.go @@ -19,7 +19,6 @@ import ( "context" "crypto/x509" "encoding/json" - "io/ioutil" "net/http" "net/http/httptest" "os" @@ -72,7 +71,7 @@ func NewSigstoreTufRepo(t *testing.T, root TestSigstoreRoot) (tuf.LocalStore, *t } rekorPath := "rekor.pub" rekorData := cryptoutils.PEMEncode(cryptoutils.PublicKeyPEMType, b) - if err := ioutil.WriteFile(filepath.Join(targetsPath, rekorPath), rekorData, 0o600); err != nil { + if err := os.WriteFile(filepath.Join(targetsPath, rekorPath), rekorData, 0o600); err != nil { t.Error(err) } scmRekor, err := json.Marshal(&sigstoreCustomMetadata{Sigstore: customMetadata{Usage: Rekor, Status: Active}}) @@ -85,7 +84,7 @@ func NewSigstoreTufRepo(t *testing.T, root TestSigstoreRoot) (tuf.LocalStore, *t // Add Fulcio Certificate information. fulcioPath := "fulcio.crt.pem" fulcioData := cryptoutils.PEMEncode(cryptoutils.CertificatePEMType, root.FulcioCertificate.Raw) - if err := ioutil.WriteFile(filepath.Join(targetsPath, fulcioPath), fulcioData, 0o600); err != nil { + if err := os.WriteFile(filepath.Join(targetsPath, fulcioPath), fulcioData, 0o600); err != nil { t.Error(err) } scmFulcio, err := json.Marshal(&sigstoreCustomMetadata{Sigstore: customMetadata{Usage: Fulcio, Status: Active}})