Upgrade Go to 1.20

.changelog/231.txt

@@ -0,0 +1,3 @@
+```release-note:improvement
+Update to Go 1.20 per the [Go support policy](https://go.dev/doc/devel/release#policy).
+```

.github/workflows/create-release.yml

@@ -40,7 +40,7 @@ jobs:
           GOPRIVATE: 'github.com/hashicorp/*'
         run: |
           go install github.com/hashicorp/go-changelog/cmd/changelog-build@6ec9be372335f39c5df27e232c3669db7f5183a5
-          go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.49.0
+          go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.55.2
 
       - name: Run Unit Tests and Linter
         run: make test-ci

.github/workflows/test.yml

@@ -28,7 +28,7 @@ jobs:
       - name: Install Dependencies
         run: |
           go mod download
-          go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.49.0
+          go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.55.2
           go mod tidy
 
       - name: Run Tests

auth/cred_file.go

@@ -7,7 +7,6 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 
@@ -184,5 +183,5 @@ func WriteCredentialFile(path string, cf *CredentialFile) error {
 		return err
 	}
 
-	return ioutil.WriteFile(path, data, files.FileMode)
+	return os.WriteFile(path, data, files.FileMode)
 }

auth/cred_file_test.go

@@ -8,8 +8,8 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"math/rand"
+	"os"
 	"testing"
 
 	"github.com/hashicorp/hcp-sdk-go/auth/workload"
@@ -121,7 +121,7 @@ func TestReadCredentialFile(t *testing.T) {
 			},
 		}
 
-		f, err := ioutil.TempFile("", "")
+		f, err := os.CreateTemp("", "")
 		r.NoError(err)
 		r.NoError(WriteCredentialFile(f.Name(), cf))
 
@@ -145,7 +145,7 @@ func TestReadCredentialFile(t *testing.T) {
 			},
 		}
 
-		f, err := ioutil.TempFile("", "")
+		f, err := os.CreateTemp("", "")
 		r.NoError(err)
 		r.NoError(WriteCredentialFile(f.Name(), cf))
 
@@ -158,7 +158,7 @@ func TestReadCredentialFile(t *testing.T) {
 		data, err := json.Marshal("hello, world!")
 		r.NoError(err)
 
-		f, err := ioutil.TempFile("", "")
+		f, err := os.CreateTemp("", "")
 		r.NoError(err)
 
 		_, err = io.Copy(f, bytes.NewBuffer(data))
@@ -181,7 +181,7 @@ func TestGetDefaultCredentialFile(t *testing.T) {
 			},
 		}
 
-		f, err := ioutil.TempFile("", "")
+		f, err := os.CreateTemp("", "")
 		r.NoError(err)
 		r.NoError(WriteCredentialFile(f.Name(), cf))
 
@@ -202,7 +202,7 @@ func TestGetDefaultCredentialFile(t *testing.T) {
 			},
 		}
 
-		f, err := ioutil.TempFile("", "")
+		f, err := os.CreateTemp("", "")
 		r.NoError(err)
 		r.NoError(WriteCredentialFile(f.Name(), cf))
 
@@ -242,7 +242,7 @@ func Test_WriteCredentialFile(t *testing.T) {
 		},
 	}
 
-	f, err := ioutil.TempFile("", "")
+	f, err := os.CreateTemp("", "")
 	r.NoError(err)
 	r.NoError(WriteCredentialFile(f.Name(), cf))
 

auth/workload/aws.go

@@ -12,7 +12,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"os"
 	"path"
@@ -301,7 +300,7 @@ func (s *awsRequestSigner) getSessionToken(ctx context.Context) error {
 	}
 	defer resp.Body.Close()
 
-	respBody, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	respBody, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return fmt.Errorf("failed reading AWS session token response from metadata endpoint: %v", err)
 	}
@@ -338,7 +337,7 @@ func (s *awsRequestSigner) getRegion(ctx context.Context) error {
 	}
 	defer resp.Body.Close()
 
-	respBody, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	respBody, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return fmt.Errorf("failed reading AWS region response from metadata endpoint: %v", err)
 
@@ -380,7 +379,7 @@ func (s *awsRequestSigner) getCredentials(ctx context.Context) error {
 	}
 	defer resp.Body.Close()
 
-	respBody, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	respBody, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return fmt.Errorf("failed reading AWS security credential response from metadata endpoint: %v", err)
 
@@ -414,7 +413,7 @@ func (s *awsRequestSigner) getRoleName(ctx context.Context) (string, error) {
 	}
 	defer resp.Body.Close()
 
-	respBody, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	respBody, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return "", fmt.Errorf("failed reading AWS security credential response from metadata endpoint: %v", err)
 
@@ -512,7 +511,7 @@ func requestDataHash(req *http.Request) (string, error) {
 		}
 		defer requestBody.Close()
 
-		requestData, err = ioutil.ReadAll(io.LimitReader(requestBody, 1<<20))
+		requestData, err = io.ReadAll(io.LimitReader(requestBody, 1<<20))
 		if err != nil {
 			return "", err
 		}

auth/workload/file.go

@@ -7,7 +7,6 @@ import (
 	"bytes"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 )
 
@@ -40,7 +39,7 @@ func (fc *FileCredentialSource) token() (string, error) {
 	defer credFile.Close()
 
 	// Read the file but limit the size we read to a MB
-	credBytes, err := ioutil.ReadAll(io.LimitReader(credFile, 1<<20))
+	credBytes, err := io.ReadAll(io.LimitReader(credFile, 1<<20))
 	if err != nil {
 		return "", fmt.Errorf("failed to read credential file: %v", err)
 	}

auth/workload/file_test.go

@@ -5,7 +5,7 @@ package workload
 
 import (
 	"io"
-	"io/ioutil"
+	"os"
 	"strings"
 	"testing"
 
@@ -127,7 +127,7 @@ func TestFileCredentialSource_token(t *testing.T) {
 			require := require.New(t)
 
 			// Create a temp file with the given value
-			f, err := ioutil.TempFile("", "file_cred_source")
+			f, err := os.CreateTemp("", "file_cred_source")
 			require.NoError(err)
 			_, err = io.Copy(f, strings.NewReader(tt.fileContent))
 			require.NoError(err)

auth/workload/provider.go

@@ -9,7 +9,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/url"
 	"sync"
@@ -183,7 +182,7 @@ func (p *Provider) Token() (*oauth2.Token, error) {
 	defer resp.Body.Close()
 
 	// Read the body
-	body, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	body, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return nil, err
 	}

auth/workload/url.go

@@ -7,7 +7,6 @@ import (
 	"context"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/url"
 	"time"
@@ -70,7 +69,7 @@ func (uc *URLCredentialSource) token() (string, error) {
 	defer resp.Body.Close()
 
 	// Read the response
-	respBody, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	respBody, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return "", fmt.Errorf("failed reading body in subject token response: %v", err)
 	}

config/hcp.go

@@ -149,15 +149,15 @@ func (c *hcpConfig) APIAddress() string {
 }
 
 func (c *hcpConfig) APITLSConfig() *tls.Config {
-	return cloneTLSConfig(c.apiTLSConfig)
+	return c.apiTLSConfig.Clone()
 }
 
 func (c *hcpConfig) SCADAAddress() string {
 	return c.scadaAddress
 }
 
 func (c *hcpConfig) SCADATLSConfig() *tls.Config {
-	return cloneTLSConfig(c.scadaTLSConfig)
+	return c.scadaTLSConfig.Clone()
 }
 
 func (c *hcpConfig) validate() error {

config/tokensource_test.go

@@ -4,7 +4,7 @@
 package config
 
 import (
-	"io/ioutil"
+	"os"
 	"testing"
 
 	"github.com/hashicorp/hcp-sdk-go/auth"
@@ -64,7 +64,7 @@ func TestTokenSource_GetTokenSource_CredentialFile_Workload(t *testing.T) {
 		},
 	}
 
-	f, err := ioutil.TempFile("", "")
+	f, err := os.CreateTemp("", "")
 	require.NoError(err)
 	require.NoError(auth.WriteCredentialFile(f.Name(), cf))
 
@@ -98,7 +98,7 @@ func TestTokenSource_GetTokenSource_CredentialFile_ServicePrincipal(t *testing.T
 		},
 	}
 
-	f, err := ioutil.TempFile("", "")
+	f, err := os.CreateTemp("", "")
 	require.NoError(err)
 	require.NoError(auth.WriteCredentialFile(f.Name(), cf))
 

config/with.go

@@ -45,7 +45,7 @@ func WithWorkloadIdentity(providerConfig *workload.IdentityProviderConfig) HCPCo
 func WithAPI(address string, tlsConfig *tls.Config) HCPConfigOption {
 	return func(config *hcpConfig) error {
 		config.apiAddress = address
-		config.apiTLSConfig = cloneTLSConfig(tlsConfig)
+		config.apiTLSConfig = tlsConfig.Clone()
 
 		return nil
 	}
@@ -60,7 +60,7 @@ func WithAPI(address string, tlsConfig *tls.Config) HCPConfigOption {
 func WithSCADA(address string, tlsConfig *tls.Config) HCPConfigOption {
 	return func(config *hcpConfig) error {
 		config.scadaAddress = address
-		config.scadaTLSConfig = cloneTLSConfig(tlsConfig)
+		config.scadaTLSConfig = tlsConfig.Clone()
 
 		return nil
 	}
@@ -105,7 +105,7 @@ func WithAuth(authURL string, tlsConfig *tls.Config) HCPConfigOption {
 		}
 
 		config.authURL = parsedAuthURL
-		config.authTLSConfig = cloneTLSConfig(tlsConfig)
+		config.authTLSConfig = tlsConfig.Clone()
 
 		// Ensure the OAuth2 endpoints are updated with the new auth URL
 		config.oauth2Config.Endpoint.AuthURL = authURL + "/oauth2/auth"

config/with_test.go

@@ -6,8 +6,8 @@ package config
 import (
 	"crypto/tls"
 	"fmt"
-	"io/ioutil"
 	"math/rand"
+	"os"
 	"testing"
 
 	"github.com/hashicorp/hcp-sdk-go/auth"
@@ -165,7 +165,7 @@ func TestWith_CredentialFilePath(t *testing.T) {
 				ClientSecret: "456",
 			},
 		}
-		f, err := ioutil.TempFile("", "")
+		f, err := os.CreateTemp("", "")
 		require.NoError(err)
 		require.NoError(auth.WriteCredentialFile(f.Name(), cf))
 

go.mod

@@ -1,6 +1,6 @@
 module github.com/hashicorp/hcp-sdk-go
 
-go 1.18
+go 1.20
 
 retract v0.26.0 // Pushed accidentally
 

golangci-config.yml

@@ -23,11 +23,12 @@ linters:
 
 linters-settings:
   depguard:
-    list-type: blacklist
-    packages:
-      - github.com/gogo/status
-      - github.com/gogo/codes
-      - github.com/gogo/protobuf
+    rules:
+      main:
+        deny:
+          - pkg: "github.com/gogo/status"
+          - pkg: "github.com/gogo/codes"
+          - pkg: "github.com/gogo/protobuf"
   misspell:
     locale: US