Merge pull request #393 from sapcc/enable_revive

enable revive and fix docstring lints

Author: majewsky

.envrc

@@ -2,9 +2,7 @@
 # SPDX-FileCopyrightText: 2019–2020 Target
 # SPDX-FileCopyrightText: 2021 The Nix Community
 # SPDX-License-Identifier: Apache-2.0
-
 export GO_TESTENV=CASTELLUM_AUDIT_SILENT=true
-
 if type -P lorri &>/dev/null; then
   eval "$(lorri direnv)"
 elif type -P nix &>/dev/null; then

.golangci.yaml

@@ -63,6 +63,7 @@ linters:
     - perfsprint
     - predeclared
     - rowserrcheck
+    - revive
     - sqlclosecheck
     - staticcheck
     - unconvert
@@ -161,11 +162,18 @@ linters:
     perfsprint:
       # modernize generates nicer fix code
       concat-loop: false
+    revive:
+      rules:
+        - name: exported
+          arguments:
+            - checkPrivateReceivers
+            - disableChecksOnConstants
     staticcheck:
       dot-import-whitelist:
         - github.com/majewsky/gg/option
         - github.com/onsi/ginkgo/v2
         - github.com/onsi/gomega
+        - go.xyrillian.de/gg/option
     usestdlibvars:
       http-method: true
       http-status-code: true

Makefile

@@ -68,10 +68,10 @@ prepare-static-check: FORCE install-goimports install-golangci-lint install-shel
 # To add additional flags or values (before the default ones), specify the variable in the environment, e.g. `GO_BUILDFLAGS='-tags experimental' make`.
 # To override the default flags or values, specify the variable on the command line, e.g. `make GO_BUILDFLAGS='-tags experimental'`.
 GO_BUILDFLAGS += -mod vendor
-GO_LDFLAGS +=
-GO_TESTFLAGS +=
-GO_TESTENV += CASTELLUM_AUDIT_SILENT=true
-GO_BUILDENV +=
+GO_LDFLAGS    +=
+GO_TESTFLAGS  +=
+GO_TESTENV    += CASTELLUM_AUDIT_SILENT=true
+GO_BUILDENV   +=
 
 # These definitions are overridable, e.g. to provide fixed version/commit values when
 # no .git directory is present or to provide a fixed build date for reproducibility.

Makefile.maker.yaml

@@ -26,6 +26,11 @@ golang:
 
 golangciLint:
   createConfig: true
+  reviveRules:
+    - name: exported
+      arguments:
+        - checkPrivateReceivers
+        - disableChecksOnConstants
 
 githubWorkflow:
   ci:

internal/api/api.go

@@ -39,7 +39,7 @@ type handler struct {
 	TimeNow func() time.Time
 }
 
-// NewAPI constructs the main httpapi.API for this package.
+// NewHandler constructs the main httpapi.API for this package.
 func NewHandler(cfg core.Config, dbi *gorp.DbMap, team core.AssetManagerTeam, validator gopherpolicy.Validator, provider core.ProviderClient, auditor audittools.Auditor, timeNow func() time.Time) httpapi.API {
 	return &handler{Config: cfg, DB: dbi, Team: team, Validator: validator, Provider: provider, Auditor: auditor, TimeNow: timeNow}
 }
@@ -114,6 +114,9 @@ func RequireJSON(w http.ResponseWriter, r *http.Request, data any) bool {
 	return true
 }
 
+// CheckToken evaluates whether the Openstack access token fits to the scope specified
+// in the requests' variables or query arguments and returns the projectUUID and a token
+// when the validation was successful.
 func (h handler) CheckToken(w http.ResponseWriter, r *http.Request) (string, *gopherpolicy.Token) {
 	// for endpoints requiring the `project_id` variable, check that it's not empty
 	projectUUID, projectScoped := mux.Vars(r)["project_id"]
@@ -149,6 +152,8 @@ func (h handler) CheckToken(w http.ResponseWriter, r *http.Request) (string, *go
 	return projectUUID, token
 }
 
+// SetTokenToProjectScope sets the tokens' request context to the specific projects
+// information when the project exists and if the project exists and any possible errors.
 func (h handler) SetTokenToProjectScope(ctx context.Context, token *gopherpolicy.Token, projectUUID string) (projectExists bool, err error) {
 	objectAttrs := map[string]string{
 		"project_id":        projectUUID,
@@ -180,6 +185,9 @@ func (h handler) SetTokenToProjectScope(ctx context.Context, token *gopherpolicy
 	return projectExists, nil
 }
 
+// LoadResource loads the requested db.Resource and returns it.
+// If the process fails, an error is written to the response and nil is returned.
+// If createIfMissing is true, a new db.Resource will be created.a
 func (h handler) LoadResource(w http.ResponseWriter, r *http.Request, projectUUID string, token *gopherpolicy.Token, createIfMissing bool) *db.Resource {
 	assetType := db.AssetType(mux.Vars(r)["asset_type"])
 	if assetType == "" {

internal/api/assets.go

@@ -112,6 +112,7 @@ func FinishedOperationFromDB(dbOp db.FinishedOperation, assetID string, res *db.
 ////////////////////////////////////////////////////////////////////////////////
 // HTTP handlers
 
+// GetAssets handles GET /v1/projects/:id/assets/:type.
 func (h handler) GetAssets(w http.ResponseWriter, r *http.Request) {
 	httpapi.IdentifyEndpoint(r, "/v1/projects/:id/assets/:type")
 	projectUUID, token := h.CheckToken(w, r)
@@ -142,6 +143,7 @@ func (h handler) GetAssets(w http.ResponseWriter, r *http.Request) {
 	respondwith.JSON(w, http.StatusOK, result)
 }
 
+// GetAsset handles GET /v1/projects/:id/assets/:type/:uuid.
 func (h handler) GetAsset(w http.ResponseWriter, r *http.Request) {
 	httpapi.IdentifyEndpoint(r, "/v1/projects/:id/assets/:type/:uuid")
 	projectUUID, token := h.CheckToken(w, r)
@@ -209,6 +211,7 @@ var (
 	`)
 )
 
+// PostAssetErrorResolved handles POST /v1/projects/:id/assets/:type/:uuid/error-resolved.
 func (h handler) PostAssetErrorResolved(w http.ResponseWriter, r *http.Request) {
 	httpapi.IdentifyEndpoint(r, "/v1/projects/:id/assets/:type/:uuid/error-resolved")
 

internal/api/audit.go

@@ -15,6 +15,7 @@ type scalingEventTarget struct {
 	resource  *castellum.Resource // only used for enable/update action events
 }
 
+// Render implements the audittools.Target interface.
 func (t scalingEventTarget) Render() cadf.Resource {
 	result := cadf.Resource{
 		TypeURI:   "data/security/project",

internal/api/errors.go

@@ -13,6 +13,7 @@ import (
 	"github.com/sapcc/castellum/internal/db"
 )
 
+// GetResourceScrapeErrors handles GET /v1/admin/resource-scrape-errors.
 func (h handler) GetResourceScrapeErrors(w http.ResponseWriter, r *http.Request) {
 	httpapi.IdentifyEndpoint(r, "/v1/admin/resource-scrape-errors")
 	_, token := h.CheckToken(w, r)
@@ -54,6 +55,7 @@ func (h handler) GetResourceScrapeErrors(w http.ResponseWriter, r *http.Request)
 	}{resScrapeErrs})
 }
 
+// GetAssetScrapeErrors handles GET /v1/admin/asset-scrape-errors.
 func (h handler) GetAssetScrapeErrors(w http.ResponseWriter, r *http.Request) {
 	httpapi.IdentifyEndpoint(r, "/v1/admin/asset-scrape-errors")
 	_, token := h.CheckToken(w, r)
@@ -108,6 +110,7 @@ func (h handler) GetAssetScrapeErrors(w http.ResponseWriter, r *http.Request) {
 	}{assetScrapeErrs})
 }
 
+// GetAssetResizeErrors handles GET /v1/admin/asset-resize-errors.
 func (h handler) GetAssetResizeErrors(w http.ResponseWriter, r *http.Request) {
 	httpapi.IdentifyEndpoint(r, "/v1/admin/asset-resize-errors")
 	_, token := h.CheckToken(w, r)

internal/api/operations.go

@@ -21,7 +21,7 @@ import (
 	"github.com/sapcc/castellum/internal/db"
 )
 
-func (h handler) LoadMatchingResources(w http.ResponseWriter, r *http.Request) (map[int64]db.Resource, bool) {
+func (h handler) loadMatchingResources(w http.ResponseWriter, r *http.Request) (map[int64]db.Resource, bool) {
 	// CheckToken discovers project ID in both URL path and query
 	var token *gopherpolicy.Token
 	projectUUID, token := h.CheckToken(w, r)
@@ -109,9 +109,10 @@ func (h handler) LoadMatchingResources(w http.ResponseWriter, r *http.Request) (
 	return allowedResources, true
 }
 
+// GetPendingOperations handles GET /v1/operations/pending.
 func (h handler) GetPendingOperations(w http.ResponseWriter, r *http.Request) {
 	httpapi.IdentifyEndpoint(r, "/v1/operations/pending")
-	dbResources, ok := h.LoadMatchingResources(w, r)
+	dbResources, ok := h.loadMatchingResources(w, r)
 	if !ok {
 		return
 	}
@@ -163,9 +164,10 @@ func (h handler) getAssetUUIDMap(res db.Resource) (map[int64]string, error) {
 	return assetUUIDs, err
 }
 
+// GetRecentlyFailedOperations handles GET /v1/operations/recently-failed.
 func (h handler) GetRecentlyFailedOperations(w http.ResponseWriter, r *http.Request) {
 	httpapi.IdentifyEndpoint(r, "/v1/operations/recently-failed")
-	dbResources, ok := h.LoadMatchingResources(w, r)
+	dbResources, ok := h.loadMatchingResources(w, r)
 	if !ok {
 		return
 	}
@@ -179,7 +181,7 @@ func (h handler) GetRecentlyFailedOperations(w http.ResponseWriter, r *http.Requ
 			ResourceID:   dbResource.ID,
 			Outcomes:     []castellum.OperationOutcome{castellum.OperationOutcomeFailed, castellum.OperationOutcomeErrored},
 			OverriddenBy: `TRUE`,
-		}.Execute()
+		}.execute()
 		if respondwith.ObfuscatedErrorText(w, err) {
 			return
 		}
@@ -207,9 +209,10 @@ func (h handler) GetRecentlyFailedOperations(w http.ResponseWriter, r *http.Requ
 	}{relevantOps})
 }
 
+// GetRecentlySucceededOperations handles GET /v1/operations/recently-succeeded.
 func (h handler) GetRecentlySucceededOperations(w http.ResponseWriter, r *http.Request) {
 	httpapi.IdentifyEndpoint(r, "/v1/operations/recently-succeeded")
-	dbResources, ok := h.LoadMatchingResources(w, r)
+	dbResources, ok := h.loadMatchingResources(w, r)
 	if !ok {
 		return
 	}
@@ -228,7 +231,7 @@ func (h handler) GetRecentlySucceededOperations(w http.ResponseWriter, r *http.R
 			ResourceID:   dbResource.ID,
 			Outcomes:     []castellum.OperationOutcome{castellum.OperationOutcomeSucceeded},
 			OverriddenBy: fmt.Sprintf(`outcome != '%s'`, castellum.OperationOutcomeCancelled),
-		}.Execute()
+		}.execute()
 		if respondwith.ObfuscatedErrorText(w, err) {
 			return
 		}
@@ -277,7 +280,7 @@ var recentOperationQueryStr = sqlext.SimplifyWhitespace(`
 	 WHERE a.resource_id = $1 AND o.outcome IN ('%s')
 `)
 
-func (q recentOperationQuery) Execute() (map[int64]db.FinishedOperation, error) {
+func (q recentOperationQuery) execute() (map[int64]db.FinishedOperation, error) {
 	outcomes := make([]string, len(q.Outcomes))
 	for idx, o := range q.Outcomes {
 		outcomes[idx] = string(o)

internal/api/resources.go

@@ -76,6 +76,7 @@ func (h handler) ResourceFromDB(res db.Resource) (castellum.Resource, error) {
 ////////////////////////////////////////////////////////////////////////////////
 // HTTP handlers
 
+// GetProject handles GET /v1/projects/:id.
 func (h handler) GetProject(w http.ResponseWriter, r *http.Request) {
 	httpapi.IdentifyEndpoint(r, "/v1/projects/:id")
 	projectUUID, token := h.CheckToken(w, r)
@@ -112,6 +113,7 @@ func (h handler) GetProject(w http.ResponseWriter, r *http.Request) {
 	respondwith.JSON(w, http.StatusOK, result)
 }
 
+// GetResource handles GET /v1/projects/:id/resources/:type.
 func (h handler) GetResource(w http.ResponseWriter, r *http.Request) {
 	httpapi.IdentifyEndpoint(r, "/v1/projects/:id/resources/:type")
 	projectUUID, token := h.CheckToken(w, r)
@@ -130,6 +132,7 @@ func (h handler) GetResource(w http.ResponseWriter, r *http.Request) {
 	respondwith.JSON(w, http.StatusOK, resource)
 }
 
+// PutResource handles PUT /v1/projects/:id/resources/:type.
 func (h handler) PutResource(w http.ResponseWriter, r *http.Request) {
 	httpapi.IdentifyEndpoint(r, "/v1/projects/:id/resources/:type")
 	requestTime := time.Now()
@@ -211,6 +214,7 @@ func (h handler) PutResource(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusAccepted)
 }
 
+// DeleteResource handles DELETE /v1/projects/:id/resources/:type.
 func (h handler) DeleteResource(w http.ResponseWriter, r *http.Request) {
 	httpapi.IdentifyEndpoint(r, "/v1/projects/:id/resources/:type")
 	requestTime := time.Now()