diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c1882fdc..9ede033a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,7 +14,7 @@ jobs: timeout-minutes: 1 strategy: matrix: - go-version: ['>1.19.3'] + go-version: ['>=1.20'] platform: [ubuntu-22.04] runs-on: ${{ matrix.platform }} steps: @@ -61,7 +61,7 @@ jobs: timeout-minutes: 7 strategy: matrix: - go-version: ['>1.19.3'] + go-version: ['>=1.20'] platform: [ubuntu-22.04] runs-on: ${{ matrix.platform }} steps: @@ -103,7 +103,7 @@ jobs: timeout-minutes: 5 strategy: matrix: - go-version: ['>1.19.3'] + go-version: ['>=1.20'] platform: [ubuntu-22.04] runs-on: ${{ matrix.platform }} steps: @@ -130,7 +130,7 @@ jobs: - name: install tools run: | set -x - go install honnef.co/go/tools/cmd/staticcheck@latest + go install honnef.co/go/tools/cmd/staticcheck@master go install github.com/securego/gosec/cmd/gosec@latest go install github.com/quasilyte/go-ruleguard/cmd/ruleguard@latest go install github.com/orijtech/structslop/cmd/structslop@latest @@ -158,10 +158,10 @@ jobs: go vet -all ./... go vet -vettool=/home/runner/go/bin/shadow -strict ./... - /home/runner/go/bin/staticcheck -tests -go 1.19 ./... + /home/runner/go/bin/staticcheck -tests -go 1.20 ./... govulncheck ./... - # /home/runner/go/bin/gosec ./... # does not seem to work with Go1.19 - # /home/runner/go/bin/structslop ./... # does not seem to work with Go1.19 + # /home/runner/go/bin/gosec ./... # does not seem to work with Go1.20 + # /home/runner/go/bin/structslop ./... # does not seem to work with Go1.20 /home/runner/go/bin/httperroryzer ./... # see: https://github.com/golang/go/commit/a98589711da5e9d935e8d690cfca92892e86d557 /home/runner/go/bin/errcheck -ignoregenerated -ignoretests -asserts ./... @@ -175,7 +175,7 @@ jobs: wget -nc --output-document=/tmp/semgrep-go.zip https://github.com/dgryski/semgrep-go/archive/refs/heads/master.zip unzip -o /tmp/semgrep-go.zip -d /tmp/semgrep-go go get github.com/quasilyte/go-ruleguard/dsl - golangci-lint run --config .golangci.yml ./... + # golangci-lint run --config .golangci.yml ./... go mod tidy python -m venv /tmp/.venv . /tmp/.venv/bin/activate @@ -200,12 +200,56 @@ jobs: ONG_RUNNING_IN_TESTS: 'YES' + # https://go.dev/testing/coverage/ + integration_test_coverage: + name: integration_test_coverage + timeout-minutes: 2 + strategy: + matrix: + go-version: ['>=1.20'] + platform: [ubuntu-22.04] + runs-on: ${{ matrix.platform }} + steps: + - name: Check out code into the Go module directory + uses: actions/checkout@v3 + with: + # For pull requests, build and test the PR head not a merge of the PR with the destination. + ref: ${{ github.event.pull_request.head.sha || github.ref }} + # We need to full history for git-restore-mtime to know what modification dates to use. + # Otherwise, the Go test cache will fail (due to the modification time of fixtures changing). + fetch-depth: '0' + + - name: custom setupGo + uses: ./.github/actions/setup-go + with: + go-version: ${{ matrix.go-version }} + + - name: whole program coverage + run: | + pwd; ls -lsha + sudo apt -y update + sudo apt -y install libnss3-tools # certutil + mkdir -p coverage/ + rm -rf coverage/* ongExample + go build -cover -o ongExample github.com/komuw/ong/example + GOCOVERDIR=coverage/ ./ongExample & + sleep 10 && kill -15 $(pidof ongExample) && sleep 26 + GOCOVERDIR=coverage/ ./ongExample & + sleep 10 + ls -lsha coverage/ + curl -vkL -X GET http://127.0.0.1:65080/health # http redirection + curl -vkL -X GET https://127.0.0.1:65081/health # https + curl -vkL "http://127.0.0.1:65060/debug/pprof/profile?seconds=3" # pprof + curl -vkL https://127.0.0.1:65081/check/67 + kill -15 $(pidof ongExample) + go tool covdata percent -i=coverage + # run_stress_test: # name: run_stress_test # timeout-minutes: 2 # strategy: # matrix: - # go-version: ['>1.19.3'] + # go-version: ['>=1.20'] # platform: [ubuntu-22.04] # runs-on: ${{ matrix.platform }} # steps: diff --git a/.gitignore b/.gitignore index bb2a187d..a9d1e4c5 100644 --- a/.gitignore +++ b/.gitignore @@ -4,6 +4,7 @@ debug.test coverage.txt coverage.html coverage.out +coverage/ .DS_Store # go-pry debug stuff @@ -14,6 +15,7 @@ coverage.out # binary ong +ongExample # debug stuff debug.test diff --git a/CHANGELOG.md b/CHANGELOG.md index 2b24cce5..99b328ac 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,9 @@ Most recent version is listed first. +## v0.0.30 +- Update to Go v1.20: https://github.com/komuw/ong/pull/209 + ## v0.0.29 - WithCtx should only use the id from context, if that ctx actually contains an Id: https://github.com/komuw/ong/pull/196 - ong/errors; wrap as deep as possible: https://github.com/komuw/ong/pull/199 diff --git a/example/main.go b/example/main.go index bb40230c..96ff16dc 100644 --- a/example/main.go +++ b/example/main.go @@ -19,7 +19,7 @@ func main() { nil, mux.NewRoute( "/health", - mux.MethodPost, + mux.MethodGet, api.health(secretKey), ), mux.NewRoute( diff --git a/go.mod b/go.mod index 83ee2adb..9eece9ed 100644 --- a/go.mod +++ b/go.mod @@ -1,30 +1,30 @@ module github.com/komuw/ong -go 1.19 +go 1.20 require ( - golang.org/x/crypto v0.4.0 - golang.org/x/exp v0.0.0-20221211140036-ad323defaf05 - golang.org/x/net v0.4.0 - golang.org/x/sys v0.3.0 + golang.org/x/crypto v0.5.0 + golang.org/x/exp v0.0.0-20230131160201-f062dba9d201 + golang.org/x/net v0.5.0 + golang.org/x/sys v0.4.0 ) require ( github.com/google/go-cmp v0.5.9 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.16 // indirect + github.com/mattn/go-isatty v0.0.17 // indirect github.com/tmthrgd/httputils v0.0.0-20190904060602-27fdf7d93acd // indirect go.uber.org/atomic v1.10.0 // indirect - go.uber.org/multierr v1.8.0 // indirect + go.uber.org/multierr v1.9.0 // indirect golang.org/x/sync v0.1.0 // indirect - golang.org/x/text v0.5.0 // indirect + golang.org/x/text v0.6.0 // indirect ) require ( github.com/NYTimes/gziphandler v1.1.1 // test github.com/akshayjshah/attest v0.4.0 // test - github.com/klauspost/compress v1.15.13 // test - github.com/rs/zerolog v1.28.0 // test + github.com/klauspost/compress v1.15.15 // test + github.com/rs/zerolog v1.29.0 // test github.com/sirupsen/logrus v1.9.0 // test github.com/tmthrgd/gziphandler v0.0.0-20210130054451-9e3dc377f14f // test go.uber.org/zap v1.24.0 // test diff --git a/go.sum b/go.sum index d527b94f..6470cf71 100644 --- a/go.sum +++ b/go.sum @@ -10,21 +10,22 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/klauspost/compress v1.15.13 h1:NFn1Wr8cfnenSJSA46lLq4wHCcBzKTSjnBIexDMMOV0= -github.com/klauspost/compress v1.15.13/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= +github.com/klauspost/compress v1.15.15 h1:EF27CXIuDsYJ6mmvtBRlEuB2UVOqHG1tAXgZ7yIO+lw= +github.com/klauspost/compress v1.15.15/go.mod h1:ZcK2JAFqKOpnBlxcLsJzYfrS9X1akm9fHZNnD9+Vo/4= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= -github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= +github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/rs/xid v1.4.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= -github.com/rs/zerolog v1.28.0 h1:MirSo27VyNi7RJYP3078AA1+Cyzd2GB66qy3aUHvsWY= -github.com/rs/zerolog v1.28.0/go.mod h1:NILgTygv/Uej1ra5XxGf82ZFSLk58MFGAUS2o6usyD0= +github.com/rs/zerolog v1.29.0 h1:Zes4hju04hjbvkVkOhdl2HpZa+0PmVwigmo8XoORE5w= +github.com/rs/zerolog v1.29.0/go.mod h1:NILgTygv/Uej1ra5XxGf82ZFSLk58MFGAUS2o6usyD0= github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -35,31 +36,29 @@ github.com/tmthrgd/gziphandler v0.0.0-20210130054451-9e3dc377f14f h1:B4j9Igh7cCz github.com/tmthrgd/gziphandler v0.0.0-20210130054451-9e3dc377f14f/go.mod h1:Eaxip7qwz21YwJBuTby3jRNfqsmXseMMPQQqlku1jrk= github.com/tmthrgd/httputils v0.0.0-20190904060602-27fdf7d93acd h1:guOHSdClhT9FnFM7KkyrZmUMbCBYG1VeU73/QLZIpNI= github.com/tmthrgd/httputils v0.0.0-20190904060602-27fdf7d93acd/go.mod h1:8/hVmIZ6TizbEnBWYbs6KT+SazQ4St36+7yVBjxvk0I= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/goleak v1.1.11 h1:wy28qYRKZgnJTxGxvye5/wgWr1EKjmUDGYox5mGlRlI= -go.uber.org/multierr v1.8.0 h1:dg6GjLku4EH+249NNmoIciG9N/jURbDG+pFlTkhzIC8= -go.uber.org/multierr v1.8.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= +go.uber.org/multierr v1.9.0 h1:7fIwc/ZtS0q++VgcfqFDxSBZVv/Xo49/SYnDFupUwlI= +go.uber.org/multierr v1.9.0/go.mod h1:X2jQV1h+kxSjClGpnseKVIxpmcjrj7MNnI0bnlfKTVQ= go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60= go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= -golang.org/x/crypto v0.4.0 h1:UVQgzMY87xqpKNgb+kDsll2Igd33HszWHFLmpaRMq/8= -golang.org/x/crypto v0.4.0/go.mod h1:3quD/ATkf6oY+rnes5c3ExXTbLc8mueNue5/DoinL80= -golang.org/x/exp v0.0.0-20221211140036-ad323defaf05 h1:T8EldfGCcveFMewH5xAYxxoX3PSQMrsechlUGVFlQBU= -golang.org/x/exp v0.0.0-20221211140036-ad323defaf05/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= -golang.org/x/net v0.4.0 h1:Q5QPcMlvfxFTAPV0+07Xz/MpK9NTXu2VDUuy0FeMfaU= -golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= +golang.org/x/crypto v0.5.0 h1:U/0M97KRkSFvyD/3FSmdP5W5swImpNgle/EHFhOsQPE= +golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU= +golang.org/x/exp v0.0.0-20230131160201-f062dba9d201 h1:BEABXpNXLEz0WxtA+6CQIz2xkg80e+1zrhWyMcq8VzE= +golang.org/x/exp v0.0.0-20230131160201-f062dba9d201/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= +golang.org/x/net v0.5.0 h1:GyT4nK/YDHSqa1c4753ouYCDajOYKTja9Xb/OHtgvSw= +golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ= -golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/text v0.5.0 h1:OLmvp0KP+FVG99Ct/qFiL/Fhk4zp4QQnZ7b2U+5piUM= -golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/sys v0.4.0 h1:Zr2JFtRQNX3BCZ8YtxRE9hNJYC8J6I1MVbMg6owUp18= +golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/text v0.6.0 h1:3XmdazWV+ubf7QgHSTWeykHOci5oeekaGJBLkrkaw4k= +golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= diff --git a/id/id.go b/id/id.go index d32f8060..f1bc0251 100644 --- a/id/id.go +++ b/id/id.go @@ -1,11 +1,11 @@ -// Package id generates unique random strings +// Package id generates unique random strings. +// It however should not be used for cryptography purposes. package id import ( cryptoRand "crypto/rand" "encoding/base64" mathRand "math/rand" - "time" ) // encodeURL is like [base64.EncodeURL] except we replace: @@ -23,7 +23,7 @@ func encoding() *base64.Encoding { var enc = encoding() //nolint:gochecknoglobals -// New returns a new random string +// New returns a new random string. func New() string { return Random(16) } @@ -48,8 +48,9 @@ func Random(n int) string { b := make([]byte, byteSize) if _, err := cryptoRand.Read(b); err != nil { b = make([]byte, byteSize) - // this codepath is rarely executed so we can put all the code here instead of global var. - mathRand.Seed(time.Now().UTC().UnixNano()) + //lint:ignore SA1019 `mathRand.Read` is deprecated. + // However, for our case here is okay since the func id.Random is not used for cryptography. + // Also we like the property of `mathRand.Read` always returning a nil error. _, _ = mathRand.Read(b) // docs say that it always returns a nil error. } diff --git a/log/log_test.go b/log/log_test.go index 4f903342..adc4b174 100644 --- a/log/log_test.go +++ b/log/log_test.go @@ -612,8 +612,6 @@ func BenchmarkAverageCase(b *testing.B) { str := fmt.Sprintf("%s", sl) logErr := stdlibErrors.New("hey") - rand.Seed(time.Now().UnixNano()) - b.Logf("average case") b.Run("Zap", func(b *testing.B) { diff --git a/middleware/loadshed.go b/middleware/loadshed.go index ca2e1c57..b7b5bb3e 100644 --- a/middleware/loadshed.go +++ b/middleware/loadshed.go @@ -42,7 +42,6 @@ const ( // loadShedder is a middleware that sheds load based on http response latencies. func loadShedder(wrappedHandler http.HandlerFunc) http.HandlerFunc { - mathRand.Seed(time.Now().UTC().UnixNano()) // lq should not be a global variable, we want it to be per handler. // This is because different handlers(URIs) could have different latencies and we want each to be loadshed independently. lq := newLatencyQueue() diff --git a/middleware/loadshed_test.go b/middleware/loadshed_test.go index c020e841..a7ed95b0 100644 --- a/middleware/loadshed_test.go +++ b/middleware/loadshed_test.go @@ -183,7 +183,6 @@ func TestLatencyQueue(t *testing.T) { } func loadShedderBenchmarkHandler() http.HandlerFunc { - rand.Seed(time.Now().UTC().UnixNano()) return func(w http.ResponseWriter, r *http.Request) { latency := time.Duration(rand.Intn(100)+1) * time.Millisecond time.Sleep(latency) diff --git a/middleware/log.go b/middleware/log.go index c439291f..b49f8c85 100644 --- a/middleware/log.go +++ b/middleware/log.go @@ -25,7 +25,6 @@ func logger(wrappedHandler http.HandlerFunc, domain string, l log.Logger) http.H // // However, each request should get its own context. That's why we call `logger.WithCtx` for every request. - mathRand.Seed(time.Now().UTC().UnixNano()) pid := os.Getpid() return func(w http.ResponseWriter, r *http.Request) {