feat: linting action and fixes (#83)

Signed-off-by: jmeridth <jmeridth@gmail.com>
Co-authored-by: Eddie Knight <knight@linux.com>

Author: jmeridth

.github/workflows/lint.yml

@@ -0,0 +1,25 @@
+name: lint
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  pull-requests: read
+
+jobs:
+  lint:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4.2.2
+      - uses: actions/setup-go@v5.4.0
+        with:
+          go-version: stable
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@1481404843c368bc19ca9406f87d6e0fc97bdcfd
+        with:
+          version: v2.0.2

command/plugin.go

@@ -76,10 +76,10 @@ func versionCommand(
 		Run: func(cmd *cobra.Command, args []string) {
 			writer := tabwriter.NewWriter(os.Stdout, 1, 1, 1, ' ', 0)
 			if viper.GetBool("verbose") {
-				fmt.Fprintf(writer, "Version:\t%s\n", buildVersion)
-				fmt.Fprintf(writer, "Commit:\t%s\n", buildGitCommitHash)
-				fmt.Fprintf(writer, "Build Time:\t%s\n", buildTime)
-				writer.Flush()
+				_, _ = fmt.Fprintf(writer, "Version:\t%s\n", buildVersion)
+				_, _ = fmt.Fprintf(writer, "Commit:\t%s\n", buildGitCommitHash)
+				_, _ = fmt.Fprintf(writer, "Build Time:\t%s\n", buildTime)
+				_ = writer.Flush()
 			} else {
 				fmt.Println(buildVersion)
 			}

config/config.go

@@ -145,7 +145,7 @@ func NewConfig(requiredVars []string) Config {
 func defaultWritePath() string {
 	home, err := os.UserHomeDir()
 	datetime := time.Now().Local().Format(time.RFC3339)
-	dirName := strings.Replace(datetime, ":", "", -1)
+	dirName := strings.ReplaceAll(datetime, ":", "")
 	if err != nil {
 		return ""
 	}

config/config_test.go

@@ -466,7 +466,7 @@ func TestNewConfig(t *testing.T) {
 				t.Errorf("expected write directory to be default, but got '%s'", c.WriteDirectory)
 			}
 
-			if c.Policy.ControlCatalogs == nil || len(c.Policy.ControlCatalogs) == 0 {
+			if len(c.Policy.ControlCatalogs) == 0 {
 				t.Errorf("expected policy to be set, but got %v", c.Policy)
 			}
 

pluginkit/errors.go

@@ -9,13 +9,13 @@ import (
 // Errors with no parameters
 var (
 	CORRUPTION_FOUND = func() error {
-		return errors.New("Target state may be corrupted! Halting to prevent futher damage. See logs for more information")
+		return errors.New("target state may be corrupted! Halting to prevent futher damage. See logs for more information")
 	}
 	NO_EVALUATION_SUITES = func() error {
-		return errors.New("No control evaluations provided by the plugin")
+		return errors.New("no control evaluations provided by the plugin")
 	}
 	EVAL_NAME_MISSING = func() error {
-		return errors.New("EvaluationSuite name must not be empty")
+		return errors.New("evaluationSuite name must not be empty")
 	}
 )
 
@@ -25,9 +25,9 @@ var (
 		return fmt.Errorf("expected service and plugin names to be set. ServiceName='%s' PluginName='%s'", serviceName, pluginName)
 	}
 	WRITE_FAILED = func(name, err string) error {
-		return fmt.Errorf("Failed to write results for evaluation suite. name: %s, error: %s", name, err)
+		return fmt.Errorf("failed to write results for evaluation suite. name: %s, error: %s", name, err)
 	}
 	BAD_LOADER = func(pluginName string, err error) error {
-		return fmt.Errorf("Failed to load payload for %s: %s", pluginName, err)
+		return fmt.Errorf("failed to load payload for %s: %s", pluginName, err)
 	}
 )

pluginkit/evaluation_suite.go

@@ -4,10 +4,8 @@ import (
 	"encoding/json"
 	"fmt"
 	"os"
-	"os/signal"
 	"path"
 	"strings"
-	"syscall"
 	"time"
 
 	"github.com/privateerproj/privateer-sdk/config"
@@ -32,12 +30,9 @@ type EvaluationSuite struct {
 	loader  DataLoader     // loader is the function to load the payload
 	config  *config.Config // config is the global configuration for the plugin
 
-	assessmentSuccesses int // successes is the number of successful evaluations
-	assessmentWarnings  int // attempts is the number of evaluations attempted
-	assessmentFailures  int // failures is the number of failed evaluations
-	evalSuccesses       int // successes is the number of successful evaluations
-	evalFailures        int // failures is the number of failed evaluations
-	evalWarnings        int // warnings is the number of evaluations that need review
+	evalSuccesses int // successes is the number of successful evaluations
+	evalFailures  int // failures is the number of failed evaluations
+	evalWarnings  int // warnings is the number of evaluations that need review
 }
 
 // Execute is used to execute a list of ControlEvaluations provided by a Plugin and customized by user config
@@ -62,11 +57,15 @@ func (e *EvaluationSuite) Evaluate(name string) error {
 		// Log each assessment result as a separate line
 		for _, assessment := range evaluation.Assessments {
 			message := fmt.Sprintf("%s: %s", assessment.Requirement_Id, assessment.Message)
-			if assessment.Result == layer4.Passed {
+			// switch case the code below
+			switch assessment.Result {
+			case layer4.Passed:
 				e.config.Logger.Info(message)
-			} else if assessment.Result == layer4.NeedsReview {
+			case layer4.NeedsReview:
 				e.config.Logger.Warn(message)
-			} else if assessment.Result == layer4.Failed || assessment.Result == layer4.Unknown {
+			case layer4.Failed:
+				e.config.Logger.Error(message)
+			case layer4.Unknown:
 				e.config.Logger.Error(message)
 			}
 		}
@@ -90,11 +89,12 @@ func (e *EvaluationSuite) Evaluate(name string) error {
 	if e.Corrupted_State {
 		return CORRUPTION_FOUND()
 	}
-	if e.Result == layer4.Passed {
+	switch e.Result {
+	case layer4.Passed:
 		e.config.Logger.Info(output)
-	} else if e.Result == layer4.NotRun {
+	case layer4.NotRun:
 		e.config.Logger.Trace(output)
-	} else {
+	default:
 		e.config.Logger.Error(output)
 	}
 	return nil
@@ -158,7 +158,9 @@ func (e *EvaluationSuite) writeControlEvaluationsToFile(serviceName string, resu
 		e.config.Logger.Error("Error opening file", "filepath", filepath)
 		return err
 	}
-	defer file.Close()
+	defer func() {
+		_ = file.Close()
+	}()
 
 	_, err = file.Write(result)
 	if err != nil {
@@ -177,24 +179,3 @@ func (e *EvaluationSuite) cleanup() (passed bool) {
 	}
 	return !e.Corrupted_State
 }
-
-// closeHandler creates a 'listener' on a new goroutine which will notify the
-// program if it receives an interrupt from the OS. We then handle this by calling
-// our clean up procedure and exiting the program.
-// Ref: https://golangcode.com/handle-ctrl-c-exit-in-terminal/
-func (e *EvaluationSuite) closeHandler() {
-	c := make(chan os.Signal, 1)
-	signal.Notify(c, os.Interrupt, syscall.SIGTERM)
-	go func() {
-		<-c
-		e.config.Logger.Error("[ERROR] Execution aborted - %v", "SIGTERM")
-		e.config.Logger.Warn("[WARN] Attempting to revert changes made by the terminated Plugin. Do not interrupt this process.")
-		if e.cleanup() {
-			e.config.Logger.Info("Cleanup did not encounter an error.")
-			os.Exit(0)
-		} else {
-			e.config.Logger.Error("[ERROR] Cleanup returned an error, and may not be complete.")
-			os.Exit(2)
-		}
-	}()
-}

pluginkit/test_data.go

@@ -11,7 +11,6 @@ import (
 
 type testingData struct {
 	testName               string
-	serviceName            string
 	evals                  []*layer4.ControlEvaluation
 	expectedEvalSuiteError error
 	expectedCorruption     bool
@@ -136,17 +135,6 @@ type PayloadTypeExample struct {
 	CustomPayloadField bool
 }
 
-func step_checkPayload(payloadData interface{}, _ map[string]*layer4.Change) (result layer4.Result, message string) {
-	payload, ok := payloadData.(*PayloadTypeExample)
-	if !ok {
-		return layer4.Unknown, fmt.Sprintf("Malformed assessment: expected payload type %T, got %T (%v)", &PayloadTypeExample{}, payloadData, payloadData)
-	}
-	if payload.CustomPayloadField {
-		return layer4.Passed, "Multi-factor authentication is configured"
-	}
-	return layer4.Unknown, "Not implemented"
-}
-
 func step_Pass(data interface{}, changes map[string]*layer4.Change) (result layer4.Result, message string) {
 	if changes != nil && changes["good-change"] != nil {
 		changes["good-change"].Apply("target_name", "target_object", data)
@@ -162,10 +150,6 @@ func step_NeedsReview(_ interface{}, _ map[string]*layer4.Change) (result layer4
 	return layer4.NeedsReview, "This step always needs review"
 }
 
-func step_Unknown(_ interface{}, _ map[string]*layer4.Change) (result layer4.Result, message string) {
-	return layer4.Unknown, "This step always returns unknown"
-}
-
 func step_Corrupted(data interface{}, changes map[string]*layer4.Change) (result layer4.Result, message string) {
 	changes["corrupted-change"].Apply("target_name", "target_object", data)
 	return layer4.Unknown, "This step always returns unknown and applies a corrupted change"

pluginkit/vessel.go

@@ -150,7 +150,9 @@ func (v *Vessel) writeResultsToFile(serviceName string, result []byte, extension
 		v.config.Logger.Error("Error opening file", "filepath", filepath)
 		return err
 	}
-	defer file.Close()
+	defer func() {
+		_ = file.Close()
+	}()
 
 	_, err = file.Write(result)
 	if err != nil {

pluginkit/vessel_test.go

@@ -77,7 +77,7 @@ func TestAddEvaluationSuite(t *testing.T) {
 					v := NewVessel("test", nil, []string{})
 					v.config = setBasicConfig()
 					v.AddEvaluationSuite("test", nil, test.evals)
-					if v.possibleSuites == nil || len(v.possibleSuites) == 0 {
+					if len(v.possibleSuites) == 0 {
 						t.Error("Expected evaluation suites to be set")
 						return
 					}
@@ -107,7 +107,7 @@ func TestMobilize(t *testing.T) {
 				v := NewVessel("test", nil, []string{})
 				v.config = setLimitedConfig()
 
-				catalogName := strings.Replace(test.testName, " ", "-", -1)
+				catalogName := strings.ReplaceAll(test.testName, " ", "-")
 				v.AddEvaluationSuite(catalogName, examplePayload, test.evals)
 
 				// grab a count of the applicable evaluations when config is limited
@@ -129,7 +129,7 @@ func TestMobilize(t *testing.T) {
 }
 
 func runMobilizeTests(t *testing.T, test testingData, invasive bool, limitedConfigEvaluationCount int) {
-	catalogName := strings.Replace(test.testName, " ", "-", -1)
+	catalogName := strings.ReplaceAll(test.testName, " ", "-")
 
 	v := NewVessel("test", nil, []string{})
 	v.config = setBasicConfig()
@@ -142,7 +142,7 @@ func runMobilizeTests(t *testing.T, test testingData, invasive bool, limitedConf
 	if err != nil {
 		t.Errorf("Expected no error, but got %v", err)
 	}
-	if v.possibleSuites == nil || len(v.possibleSuites) == 0 {
+	if len(v.possibleSuites) == 0 {
 		t.Errorf("Expected evaluation suites to be set, but got %v", v.possibleSuites)
 		return
 	}
@@ -153,8 +153,8 @@ func runMobilizeTests(t *testing.T, test testingData, invasive bool, limitedConf
 
 	// Now we set the catalog to be applicable, then run Mobilize again to find results
 	v.config.Policy.ControlCatalogs = []string{catalogName}
-	v.Mobilize()
-	if v.Evaluation_Suites == nil || len(v.Evaluation_Suites) == 0 {
+	_ = v.Mobilize()
+	if len(v.Evaluation_Suites) == 0 {
 		t.Errorf("Expected evaluation suites to be set, but got %v", v.Evaluation_Suites)
 		return
 	}

utils/utils.go

@@ -77,14 +77,12 @@ func ReformatError(e string, v ...interface{}) error {
 	b.WriteString("[ERROR] ")
 	b.WriteString(e)
 
-	s := fmt.Sprintf(b.String(), v...)
-
-	return fmt.Errorf(s)
+	return fmt.Errorf(b.String(), v...)
 }
 
 // ReplaceBytesValue replaces a substring with a new value for a given string in bytes
 func ReplaceBytesValue(b []byte, old string, new string) []byte {
-	newString := strings.Replace(string(b), old, new, -1)
+	newString := strings.ReplaceAll(string(b), old, new)
 	return []byte(newString)
 }