From 7182fecc7963495908c0cb9b3521608b1bb29d3d Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Fri, 14 Nov 2025 18:47:21 +0100 Subject: [PATCH 1/2] format the code with gofumpt Use it based on the outcome from our community discussion[1]. [1] https://github.com/containers/podman/discussions/27291 Signed-off-by: Paul Holzinger --- cmd/skopeo/copy.go | 5 +- cmd/skopeo/generate_sigstore_key.go | 4 +- cmd/skopeo/generate_sigstore_key_test.go | 7 ++- cmd/skopeo/list_tags_test.go | 12 ++--- cmd/skopeo/manifest.go | 3 +- cmd/skopeo/signing.go | 6 +-- cmd/skopeo/sync.go | 8 +-- cmd/skopeo/utils_test.go | 64 ++++++++++++++++-------- integration/blocked_test.go | 6 ++- integration/check_test.go | 6 ++- integration/copy_test.go | 27 +++++----- integration/openshift_test.go | 4 +- integration/proxy_test.go | 1 - integration/registry_test.go | 2 +- integration/sync_test.go | 51 ++++++++++--------- integration/utils_test.go | 8 +-- 16 files changed, 120 insertions(+), 94 deletions(-) diff --git a/cmd/skopeo/copy.go b/cmd/skopeo/copy.go index 57ee7a19..d0af1131 100644 --- a/cmd/skopeo/copy.go +++ b/cmd/skopeo/copy.go @@ -45,7 +45,8 @@ func copyCmd(global *globalOptions) *cobra.Command { destFlags, destOpts := imageDestFlags(global, sharedOpts, deprecatedTLSVerifyOpt, "dest-", "dcreds") retryFlags, retryOpts := retryFlags() copyFlags, copyOpts := sharedCopyFlags() - opts := copyOptions{global: global, + opts := copyOptions{ + global: global, deprecatedTLSVerify: deprecatedTLSVerifyOpt, srcImage: srcOpts, destImage: destOpts, @@ -251,7 +252,7 @@ func (opts *copyOptions) run(args []string, stdout io.Writer) (retErr error) { if err != nil { return err } - if err = os.WriteFile(opts.digestFile, []byte(manifestDigest.String()), 0644); err != nil { + if err = os.WriteFile(opts.digestFile, []byte(manifestDigest.String()), 0o644); err != nil { return fmt.Errorf("Failed to write digest to file %q: %w", opts.digestFile, err) } } diff --git a/cmd/skopeo/generate_sigstore_key.go b/cmd/skopeo/generate_sigstore_key.go index ab0df367..e742786e 100644 --- a/cmd/skopeo/generate_sigstore_key.go +++ b/cmd/skopeo/generate_sigstore_key.go @@ -79,10 +79,10 @@ func (opts *generateSigstoreKeyOptions) run(args []string, stdout io.Writer) err return fmt.Errorf("Error generating key pair: %w", err) } - if err := os.WriteFile(privateKeyPath, keys.PrivateKey, 0600); err != nil { + if err := os.WriteFile(privateKeyPath, keys.PrivateKey, 0o600); err != nil { return fmt.Errorf("Error writing private key to %q: %w", privateKeyPath, err) } - if err := os.WriteFile(pubKeyPath, keys.PublicKey, 0644); err != nil { + if err := os.WriteFile(pubKeyPath, keys.PublicKey, 0o644); err != nil { return fmt.Errorf("Error writing private key to %q: %w", pubKeyPath, err) } fmt.Fprintf(stdout, "Key written to %q and %q\n", privateKeyPath, pubKeyPath) diff --git a/cmd/skopeo/generate_sigstore_key_test.go b/cmd/skopeo/generate_sigstore_key_test.go index c264f1bb..5feb9cc3 100644 --- a/cmd/skopeo/generate_sigstore_key_test.go +++ b/cmd/skopeo/generate_sigstore_key_test.go @@ -24,7 +24,7 @@ func TestGenerateSigstoreKey(t *testing.T) { for _, suffix := range outputSuffixes { dir := t.TempDir() prefix := filepath.Join(dir, "prefix") - err := os.WriteFile(prefix+suffix, []byte{}, 0600) + err := os.WriteFile(prefix+suffix, []byte{}, 0o600) require.NoError(t, err) out, err := runSkopeo("generate-sigstore-key", "--output-prefix", prefix, "--passphrase-file", "/dev/null", @@ -37,7 +37,7 @@ func TestGenerateSigstoreKey(t *testing.T) { for _, suffix := range outputSuffixes { dir := t.TempDir() nonDirectory := filepath.Join(dir, "nondirectory") - err := os.WriteFile(nonDirectory, []byte{}, 0600) + err := os.WriteFile(nonDirectory, []byte{}, 0o600) require.NoError(t, err) prefix := filepath.Join(dir, "prefix") err = os.Symlink(filepath.Join(nonDirectory, "unaccessible"), prefix+suffix) @@ -66,7 +66,7 @@ func TestGenerateSigstoreKey(t *testing.T) { dir := t.TempDir() prefix := filepath.Join(dir, "prefix") passphraseFile := filepath.Join(dir, "passphrase") - err = os.WriteFile(passphraseFile, []byte("some passphrase"), 0600) + err = os.WriteFile(passphraseFile, []byte("some passphrase"), 0o600) require.NoError(t, err) out, err = runSkopeo("generate-sigstore-key", "--output-prefix", prefix, "--passphrase-file", passphraseFile, @@ -75,5 +75,4 @@ func TestGenerateSigstoreKey(t *testing.T) { for _, suffix := range outputSuffixes { assert.Contains(t, out, prefix+suffix) } - } diff --git a/cmd/skopeo/list_tags_test.go b/cmd/skopeo/list_tags_test.go index 848aeaee..4a105536 100644 --- a/cmd/skopeo/list_tags_test.go +++ b/cmd/skopeo/list_tags_test.go @@ -11,8 +11,8 @@ import ( // Tests the kinds of inputs allowed and expected to the command func TestDockerRepositoryReferenceParser(t *testing.T) { for _, test := range [][]string{ - {"docker://myhost.com:1000/nginx"}, //no tag - {"docker://myhost.com/nginx"}, //no port or tag + {"docker://myhost.com:1000/nginx"}, // no tag + {"docker://myhost.com/nginx"}, // no port or tag {"docker://somehost.com"}, // Valid default expansion {"docker://nginx"}, // Valid default expansion } { @@ -31,8 +31,8 @@ func TestDockerRepositoryReferenceParser(t *testing.T) { {"docker-daemon:myhost.com/someimage"}, {"docker://myhost.com:1000/nginx:foobar:foobar"}, // Invalid repository ref {"docker://somehost.com:5000/"}, // no repo - {"docker://myhost.com:1000/nginx:latest"}, //tag not allowed - {"docker://myhost.com:1000/nginx@sha256:abcdef1234567890"}, //digest not allowed + {"docker://myhost.com:1000/nginx:latest"}, // tag not allowed + {"docker://myhost.com:1000/nginx@sha256:abcdef1234567890"}, // digest not allowed } { _, err := parseDockerRepositoryReference(test[0]) assert.Error(t, err, test[0]) @@ -41,8 +41,8 @@ func TestDockerRepositoryReferenceParser(t *testing.T) { func TestDockerRepositoryReferenceParserDrift(t *testing.T) { for _, test := range [][]string{ - {"docker://myhost.com:1000/nginx", "myhost.com:1000/nginx"}, //no tag - {"docker://myhost.com/nginx", "myhost.com/nginx"}, //no port or tag + {"docker://myhost.com:1000/nginx", "myhost.com:1000/nginx"}, // no tag + {"docker://myhost.com/nginx", "myhost.com/nginx"}, // no port or tag {"docker://somehost.com", "docker.io/library/somehost.com"}, // Valid default expansion {"docker://nginx", "docker.io/library/nginx"}, // Valid default expansion } { diff --git a/cmd/skopeo/manifest.go b/cmd/skopeo/manifest.go index 832405b1..0ccb1181 100644 --- a/cmd/skopeo/manifest.go +++ b/cmd/skopeo/manifest.go @@ -10,8 +10,7 @@ import ( "go.podman.io/image/v5/manifest" ) -type manifestDigestOptions struct { -} +type manifestDigestOptions struct{} func manifestDigestCmd() *cobra.Command { var opts manifestDigestOptions diff --git a/cmd/skopeo/signing.go b/cmd/skopeo/signing.go index 97f17511..2329e6a5 100644 --- a/cmd/skopeo/signing.go +++ b/cmd/skopeo/signing.go @@ -61,7 +61,7 @@ func (opts *standaloneSignOptions) run(args []string, stdout io.Writer) error { return fmt.Errorf("Error creating signature: %w", err) } - if err := os.WriteFile(opts.output, signature, 0644); err != nil { + if err := os.WriteFile(opts.output, signature, 0o644); err != nil { return fmt.Errorf("Error writing signature to %s: %w", opts.output, err) } return nil @@ -118,7 +118,6 @@ func (opts *standaloneVerifyOptions) run(args []string, stdout io.Writer) error mech, publicKeyfingerprints, err = signature.NewEphemeralGPGSigningMechanism(publicKeys) if err != nil { return fmt.Errorf("Error initializing GPG: %w", err) - } } else { mech, err = signature.NewGPGSigningMechanism() @@ -147,8 +146,7 @@ func (opts *standaloneVerifyOptions) run(args []string, stdout io.Writer) error // (including things like “✅ Verified by $authority”) // // The subcommand is undocumented, and it may be renamed or entirely disappear in the future. -type untrustedSignatureDumpOptions struct { -} +type untrustedSignatureDumpOptions struct{} func untrustedSignatureDumpCmd() *cobra.Command { opts := untrustedSignatureDumpOptions{} diff --git a/cmd/skopeo/sync.go b/cmd/skopeo/sync.go index 6ba05f5b..e7d6c684 100644 --- a/cmd/skopeo/sync.go +++ b/cmd/skopeo/sync.go @@ -182,7 +182,7 @@ func destinationReference(destination string, transport string) (types.ImageRefe return nil, fmt.Errorf("Destination directory could not be used: %w", err) } // the directory holding the image must be created here - if err = os.MkdirAll(destination, 0755); err != nil { + if err = os.MkdirAll(destination, 0o755); err != nil { return nil, fmt.Errorf("Error creating directory for image %s: %w", destination, err) } imageTransport = directory.Transport @@ -270,7 +270,6 @@ func imagesToCopyFromDir(dirPath string) ([]types.ImageReference, error) { } return nil }) - if err != nil { return sourceReferences, fmt.Errorf("Error walking the path %q: %w", dirPath, err) @@ -367,7 +366,8 @@ func imagesToCopyFromRegistry(registryName string, cfg registrySyncConfig, sourc } repoDescList = append(repoDescList, repoDescriptor{ ImageRefs: sourceReferences, - Context: serverCtx}) + Context: serverCtx, + }) } // include repository descriptors for cfg.ImagesByTagRegex @@ -667,7 +667,7 @@ func (opts *syncOptions) run(args []string, stdout io.Writer) (retErr error) { var digestFile *os.File if opts.digestFile != "" && !opts.dryRun { - digestFile, err = os.OpenFile(opts.digestFile, os.O_TRUNC|os.O_CREATE|os.O_WRONLY, 0644) + digestFile, err = os.OpenFile(opts.digestFile, os.O_TRUNC|os.O_CREATE|os.O_WRONLY, 0o644) if err != nil { return fmt.Errorf("Error creating digest file: %w", err) } diff --git a/cmd/skopeo/utils_test.go b/cmd/skopeo/utils_test.go index 5402e330..2bc06500 100644 --- a/cmd/skopeo/utils_test.go +++ b/cmd/skopeo/utils_test.go @@ -49,7 +49,8 @@ func fakeGlobalOptions(t *testing.T, flags []string) (*globalOptions, *cobra.Com // fakeImageOptions creates imageOptions and sets it according to globalFlags/cmdFlags. func fakeImageOptions(t *testing.T, flagPrefix string, useDeprecatedTLSVerify bool, - globalFlags []string, cmdFlags []string) *imageOptions { + globalFlags []string, cmdFlags []string, +) *imageOptions { globalOpts, cmd := fakeGlobalOptions(t, globalFlags) sharedFlags, sharedOpts := sharedImageFlags() var deprecatedTLSVerifyFlag pflag.FlagSet @@ -124,7 +125,8 @@ func TestImageOptionsNewSystemContext(t *testing.T) { // fakeImageDestOptions creates imageDestOptions and sets it according to globalFlags/cmdFlags. func fakeImageDestOptions(t *testing.T, flagPrefix string, useDeprecatedTLSVerify bool, - globalFlags []string, cmdFlags []string) *imageDestOptions { + globalFlags []string, cmdFlags []string, +) *imageDestOptions { globalOpts, cmd := fakeGlobalOptions(t, globalFlags) sharedFlags, sharedOpts := sharedImageFlags() var deprecatedTLSVerifyFlag pflag.FlagSet @@ -389,7 +391,8 @@ func TestSharedCopyOptionsCopyOptions(t *testing.T) { // to create test keys for that. // This does not test --sign-by-sq-fingerprint, because that needs to be conditional based on buildWithSequoia. { - options: []string{"--remove-signatures", + options: []string{ + "--remove-signatures", "--sign-by", "gpgFingerprint", "--format", "oci", "--preserve-digests", @@ -488,21 +491,31 @@ func TestParseManifestFormat(t *testing.T) { expectedManifestType string expectErr bool }{ - {"oci", + { + "oci", imgspecv1.MediaTypeImageManifest, - false}, - {"v2s1", + false, + }, + { + "v2s1", manifest.DockerV2Schema1SignedMediaType, - false}, - {"v2s2", + false, + }, + { + "v2s2", manifest.DockerV2Schema2MediaType, - false}, - {"", + false, + }, + { "", - true}, - {"badValue", "", - true}, + true, + }, + { + "badValue", + "", + true, + }, } { manifestType, err := parseManifestFormat(testCase.formatParam) if testCase.expectErr { @@ -523,28 +536,37 @@ func TestImageOptionsAuthfileOverride(t *testing.T) { expectedAuthfilePath string }{ // if there is no prefix, only authfile is allowed. - {"", + { + "", []string{ "--authfile", "/srv/authfile", - }, "/srv/authfile"}, + }, + "/srv/authfile", + }, // if authfile and dest-authfile is provided, dest-authfile wins - {"dest-", + { + "dest-", []string{ "--authfile", "/srv/authfile", "--dest-authfile", "/srv/dest-authfile", - }, "/srv/dest-authfile", + }, + "/srv/dest-authfile", }, // if only the shared authfile is provided, authfile must be present in system context - {"dest-", + { + "dest-", []string{ "--authfile", "/srv/authfile", - }, "/srv/authfile", + }, + "/srv/authfile", }, // if only the dest authfile is provided, dest-authfile must be present in system context - {"dest-", + { + "dest-", []string{ "--dest-authfile", "/srv/dest-authfile", - }, "/srv/dest-authfile", + }, + "/srv/dest-authfile", }, } { opts := fakeImageOptions(t, testCase.flagPrefix, false, []string{}, testCase.cmdFlags) diff --git a/integration/blocked_test.go b/integration/blocked_test.go index f6591893..21f45f5e 100644 --- a/integration/blocked_test.go +++ b/integration/blocked_test.go @@ -1,7 +1,9 @@ package main -const blockedRegistriesConf = "./fixtures/blocked-registries.conf" -const blockedErrorRegex = `.*registry registry-blocked.com is blocked in .*` +const ( + blockedRegistriesConf = "./fixtures/blocked-registries.conf" + blockedErrorRegex = `.*registry registry-blocked.com is blocked in .*` +) func (s *skopeoSuite) TestCopyBlockedSource() { t := s.T() diff --git a/integration/check_test.go b/integration/check_test.go index 07b8382b..596c2d7e 100644 --- a/integration/check_test.go +++ b/integration/check_test.go @@ -26,8 +26,10 @@ type skopeoSuite struct { regV2WithAuth *testRegistryV2 } -var _ = suite.SetupAllSuite(&skopeoSuite{}) -var _ = suite.TearDownAllSuite(&skopeoSuite{}) +var ( + _ = suite.SetupAllSuite(&skopeoSuite{}) + _ = suite.TearDownAllSuite(&skopeoSuite{}) +) func (s *skopeoSuite) SetupSuite() { t := s.T() diff --git a/integration/copy_test.go b/integration/copy_test.go index 7b29a9e6..2a8232ce 100644 --- a/integration/copy_test.go +++ b/integration/copy_test.go @@ -48,8 +48,10 @@ type copySuite struct { gpgHome string } -var _ = suite.SetupAllSuite(©Suite{}) -var _ = suite.TearDownAllSuite(©Suite{}) +var ( + _ = suite.SetupAllSuite(©Suite{}) + _ = suite.TearDownAllSuite(©Suite{}) +) func (s *copySuite) SetupSuite() { t := s.T() @@ -85,7 +87,7 @@ func (s *copySuite) SetupSuite() { out := combinedOutputOfCommand(t, gpgBinary, "--armor", "--export", fmt.Sprintf("%s@example.com", key)) err := os.WriteFile(filepath.Join(s.gpgHome, fmt.Sprintf("%s-pubkey.gpg", key)), - []byte(out), 0600) + []byte(out), 0o600) require.NoError(t, err) } } @@ -541,9 +543,9 @@ func (s *copySuite) TestCopyEncryption() { privateKeyBytes := x509.MarshalPKCS1PrivateKey(privateKey) publicKeyBytes, err := x509.MarshalPKIXPublicKey(publicKey) require.NoError(t, err) - err = os.WriteFile(keysDir+"/private.key", privateKeyBytes, 0644) + err = os.WriteFile(keysDir+"/private.key", privateKeyBytes, 0o644) require.NoError(t, err) - err = os.WriteFile(keysDir+"/public.key", publicKeyBytes, 0644) + err = os.WriteFile(keysDir+"/public.key", publicKeyBytes, 0o644) require.NoError(t, err) // We can either perform encryption or decryption on the image. @@ -568,7 +570,7 @@ func (s *copySuite) TestCopyEncryption() { invalidPrivateKey, err := rsa.GenerateKey(rand.Reader, 4096) require.NoError(t, err) invalidPrivateKeyBytes := x509.MarshalPKCS1PrivateKey(invalidPrivateKey) - err = os.WriteFile(keysDir+"/invalid_private.key", invalidPrivateKeyBytes, 0644) + err = os.WriteFile(keysDir+"/invalid_private.key", invalidPrivateKeyBytes, 0o644) require.NoError(t, err) assertSkopeoFails(t, ".*no suitable key unwrapper found or none of the private keys could be used for decryption.*", "copy", "--decryption-key", keysDir+"/invalid_private.key", @@ -604,7 +606,6 @@ func (s *copySuite) TestCopyEncryption() { // After successful decryption we should find the gzipped layers from the nginx image matchLayerBlobBinaryType(t, partiallyDecryptedImgDir+"/blobs/sha256", "application/x-gzip", 3) - } func matchLayerBlobBinaryType(t *testing.T, ociImageDirPath string, contentType string, matchCount int) { @@ -818,7 +819,7 @@ func (s *copySuite) TestCopyDirSignatures() { topDirDest := "dir:" + topDir for _, suffix := range []string{"/dir1", "/dir2", "/restricted/personal", "/restricted/official", "/restricted/badidentity", "/dest"} { - err := os.MkdirAll(topDir+suffix, 0755) + err := os.MkdirAll(topDir+suffix, 0o755) require.NoError(t, err) } @@ -900,7 +901,7 @@ func (s *copySuite) TestCopyCompression() { {"uncompressed-image-s2", "atomic:localhost:5000/myns/compression:s2"}, } { dir := filepath.Join(topDir, fmt.Sprintf("case%d", i)) - err := os.MkdirAll(dir, 0755) + err := os.MkdirAll(dir, 0o755) require.NoError(t, err) assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "dir:fixtures/"+c.fixture, c.remote) @@ -953,7 +954,7 @@ func (s *copySuite) TestCopyDockerLookaside() { tmpDir := t.TempDir() copyDest := filepath.Join(tmpDir, "dest") - err = os.Mkdir(copyDest, 0755) + err = os.Mkdir(copyDest, 0o755) require.NoError(t, err) dirDest := "dir:" + copyDest plainLookaside := filepath.Join(tmpDir, "lookaside") @@ -967,7 +968,7 @@ func (s *copySuite) TestCopyDockerLookaside() { policy := s.policyFixture(nil) registriesDir := filepath.Join(tmpDir, "registries.d") - err = os.Mkdir(registriesDir, 0755) + err = os.Mkdir(registriesDir, 0o755) require.NoError(t, err) registriesFile := fileFromFixture(t, "fixtures/registries.yaml", map[string]string{"@lookaside@": plainLookaside, "@split-staging@": splitLookasideStaging, "@split-read@": splitLookasideReadServer.URL}) @@ -1020,7 +1021,7 @@ func (s *copySuite) TestCopyAtomicExtension() { topDir := t.TempDir() for _, subdir := range []string{"dirAA", "dirAD", "dirDA", "dirDD", "registries.d"} { - err := os.MkdirAll(filepath.Join(topDir, subdir), 0755) + err := os.MkdirAll(filepath.Join(topDir, subdir), 0o755) require.NoError(t, err) } registriesDir := filepath.Join(topDir, "registries.d") @@ -1213,7 +1214,7 @@ func (s *copySuite) TestCopyPreserveDigests() { func (s *copySuite) testCopySchemaConversionRegistries(t *testing.T, schema1Registry, schema2Registry string) { topDir := t.TempDir() for _, subdir := range []string{"input1", "input2", "dest2"} { - err := os.MkdirAll(filepath.Join(topDir, subdir), 0755) + err := os.MkdirAll(filepath.Join(topDir, subdir), 0o755) require.NoError(t, err) } input1Dir := filepath.Join(topDir, "input1") diff --git a/integration/openshift_test.go b/integration/openshift_test.go index 8485475d..5a8507ff 100644 --- a/integration/openshift_test.go +++ b/integration/openshift_test.go @@ -223,7 +223,7 @@ func (cluster *openshiftCluster) ocLoginToProject(t *testing.T) { // We do not run (docker login) directly, because that requires a running daemon and a docker package. func (cluster *openshiftCluster) dockerLogin(t *testing.T) { cluster.dockerDir = filepath.Join(homedir.Get(), ".docker") - err := os.MkdirAll(cluster.dockerDir, 0700) + err := os.MkdirAll(cluster.dockerDir, 0o700) require.NoError(t, err) out := combinedOutputOfCommand(t, "oc", "config", "view", "-o", "json", "-o", "jsonpath={.users[*].user.token}") @@ -237,7 +237,7 @@ func (cluster *openshiftCluster) dockerLogin(t *testing.T) { }`, port, authValue)) } configJSON := `{"auths": {` + strings.Join(auths, ",") + `}}` - err = os.WriteFile(filepath.Join(cluster.dockerDir, "config.json"), []byte(configJSON), 0600) + err = os.WriteFile(filepath.Join(cluster.dockerDir, "config.json"), []byte(configJSON), 0o600) require.NoError(t, err) } diff --git a/integration/proxy_test.go b/integration/proxy_test.go index 849968b2..d86c9b14 100644 --- a/integration/proxy_test.go +++ b/integration/proxy_test.go @@ -224,7 +224,6 @@ func (p *proxy) callGetRawBlob(args []any) (rval any, buf []byte, err error) { content: buf, err: err, } - }() wg.Add(1) go func() { diff --git a/integration/registry_test.go b/integration/registry_test.go index 9882312a..4210bf7d 100644 --- a/integration/registry_test.go +++ b/integration/registry_test.go @@ -70,7 +70,7 @@ compatibility: username = "testuser" password = "testpassword" email = "test@test.org" - if err := os.WriteFile(htpasswdPath, []byte(userpasswd), os.FileMode(0644)); err != nil { + if err := os.WriteFile(htpasswdPath, []byte(userpasswd), os.FileMode(0o644)); err != nil { return nil, err } htpasswd = fmt.Sprintf(`auth: diff --git a/integration/sync_test.go b/integration/sync_test.go index dc3470fc..257add35 100644 --- a/integration/sync_test.go +++ b/integration/sync_test.go @@ -46,8 +46,10 @@ type syncSuite struct { registry *testRegistryV2 } -var _ = suite.SetupAllSuite(&syncSuite{}) -var _ = suite.TearDownAllSuite(&syncSuite{}) +var ( + _ = suite.SetupAllSuite(&syncSuite{}) + _ = suite.TearDownAllSuite(&syncSuite{}) +) func (s *syncSuite) SetupSuite() { t := s.T() @@ -92,7 +94,7 @@ func (s *syncSuite) SetupSuite() { out := combinedOutputOfCommand(t, gpgBinary, "--armor", "--export", fmt.Sprintf("%s@example.com", key)) err := os.WriteFile(filepath.Join(gpgHome, fmt.Sprintf("%s-pubkey.gpg", key)), - []byte(out), 0600) + []byte(out), 0o600) require.NoError(t, err) } } @@ -226,16 +228,16 @@ func (s *syncSuite) TestDirIsNotOverwritten() { // make a copy of the image in the local registry assertSkopeoSucceeds(t, "", "copy", "--retry-times", "3", "--dest-tls-verify=false", "docker://"+image, "docker://"+path.Join(v2DockerRegistryURL, reference.Path(imageRef.DockerReference()))) - //sync upstream image to dir, not scoped + // sync upstream image to dir, not scoped dir1 := t.TempDir() assertSkopeoSucceeds(t, "", "sync", "--src", "docker", "--dest", "dir", image, dir1) _, err = os.Stat(path.Join(dir1, path.Base(imagePath), "manifest.json")) require.NoError(t, err) - //sync local registry image to dir, not scoped + // sync local registry image to dir, not scoped assertSkopeoFails(t, ".*Refusing to overwrite destination directory.*", "sync", "--src-tls-verify=false", "--src", "docker", "--dest", "dir", path.Join(v2DockerRegistryURL, reference.Path(imageRef.DockerReference())), dir1) - //sync local registry image to dir, scoped + // sync local registry image to dir, scoped imageRef, err = docker.ParseReference(fmt.Sprintf("//%s", path.Join(v2DockerRegistryURL, reference.Path(imageRef.DockerReference())))) require.NoError(t, err) imagePath = imageRef.DockerReference().String() @@ -290,7 +292,7 @@ func (s *syncSuite) TestYamlUntagged() { // sync to the local registry yamlFile := path.Join(tmpDir, "registries.yaml") - err = os.WriteFile(yamlFile, []byte(yamlConfig), 0644) + err = os.WriteFile(yamlFile, []byte(yamlConfig), 0o644) require.NoError(t, err) assertSkopeoSucceeds(t, "", "sync", "--scoped", "--src", "yaml", "--dest", "docker", "--dest-tls-verify=false", yamlFile, v2DockerRegistryURL) // sync back from local registry to a folder @@ -302,7 +304,7 @@ func (s *syncSuite) TestYamlUntagged() { %s: [] `, v2DockerRegistryURL, imagePath) - err = os.WriteFile(yamlFile, []byte(yamlConfig), 0644) + err = os.WriteFile(yamlFile, []byte(yamlConfig), 0o644) require.NoError(t, err) assertSkopeoSucceeds(t, "", "sync", "--scoped", "--src", "yaml", "--dest", "dir", yamlFile, dir1) @@ -329,11 +331,11 @@ registry.k8s.io: pause: ^[12]\.0$ # regex string test ` // the ↑ regex strings always matches only 2 images - var nTags = 2 + nTags := 2 assert.NotZero(t, nTags) yamlFile := path.Join(tmpDir, "registries.yaml") - err := os.WriteFile(yamlFile, []byte(yamlConfig), 0644) + err := os.WriteFile(yamlFile, []byte(yamlConfig), 0o644) require.NoError(t, err) assertSkopeoSucceeds(t, "", "sync", "--scoped", "--src", "yaml", "--dest", "dir", yamlFile, dir1) assertNumberOfManifestsInSubdirs(t, dir1, nTags) @@ -351,7 +353,7 @@ registry.k8s.io: - sha256:59eec8837a4d942cc19a52b8c09ea75121acc38114a2c68b98983ce9356b8610 ` yamlFile := path.Join(tmpDir, "registries.yaml") - err := os.WriteFile(yamlFile, []byte(yamlConfig), 0644) + err := os.WriteFile(yamlFile, []byte(yamlConfig), 0o644) require.NoError(t, err) assertSkopeoSucceeds(t, "", "sync", "--scoped", "--src", "yaml", "--dest", "dir", yamlFile, dir1) assertNumberOfManifestsInSubdirs(t, dir1, 1) @@ -390,7 +392,7 @@ quay.io: assert.NotZero(t, nTags) yamlFile := path.Join(tmpDir, "registries.yaml") - err := os.WriteFile(yamlFile, []byte(yamlConfig), 0644) + err := os.WriteFile(yamlFile, []byte(yamlConfig), 0o644) require.NoError(t, err) assertSkopeoSucceeds(t, "", "sync", "--scoped", "--src", "yaml", "--dest", "dir", yamlFile, dir1) assertNumberOfManifestsInSubdirs(t, dir1, nTags) @@ -441,14 +443,13 @@ func (s *syncSuite) TestYamlTLSVerify() { for _, cfg := range testCfg { yamlConfig := fmt.Sprintf(yamlTemplate, v2DockerRegistryURL, cfg.tlsVerify, image, tag) yamlFile := path.Join(tmpDir, "registries.yaml") - err := os.WriteFile(yamlFile, []byte(yamlConfig), 0644) + err := os.WriteFile(yamlFile, []byte(yamlConfig), 0o644) require.NoError(t, err) cfg.checker(t, cfg.msg, "sync", "--scoped", "--src", "yaml", "--dest", "dir", yamlFile, dir1) os.Remove(yamlFile) os.RemoveAll(dir1) } - } func (s *syncSuite) TestSyncManifestOutput() { @@ -459,7 +460,7 @@ func (s *syncSuite) TestSyncManifestOutput() { destDir2 := filepath.Join(tmpDir, "dest2") destDir3 := filepath.Join(tmpDir, "dest3") - //Split image:tag path from image URI for manifest comparison + // Split image:tag path from image URI for manifest comparison imageDir := pullableTaggedImage[strings.LastIndex(pullableTaggedImage, "/")+1:] assertSkopeoSucceeds(t, "", "sync", "--format=oci", "--all", "--src", "docker", "--dest", "dir", pullableTaggedImage, destDir1) @@ -512,14 +513,14 @@ func (s *syncSuite) TestDir2DockerTagged() { image := pullableRepoWithLatestTag dir1 := path.Join(tmpDir, "dir1") - err := os.Mkdir(dir1, 0755) + err := os.Mkdir(dir1, 0o755) require.NoError(t, err) dir2 := path.Join(tmpDir, "dir2") - err = os.Mkdir(dir2, 0755) + err = os.Mkdir(dir2, 0o755) require.NoError(t, err) // create leading dirs - err = os.MkdirAll(path.Dir(path.Join(dir1, image)), 0755) + err = os.MkdirAll(path.Dir(path.Join(dir1, image)), 0o755) require.NoError(t, err) // copy docker => dir @@ -531,7 +532,7 @@ func (s *syncSuite) TestDir2DockerTagged() { assertSkopeoSucceeds(t, "", "sync", "--scoped", "--dest-tls-verify=false", "--src", "dir", "--dest", "docker", dir1, v2DockerRegistryURL) // create leading dirs - err = os.MkdirAll(path.Dir(path.Join(dir2, image)), 0755) + err = os.MkdirAll(path.Dir(path.Join(dir2, image)), 0o755) require.NoError(t, err) // copy docker => dir @@ -571,11 +572,11 @@ func (s *syncSuite) TestFailsWithDockerSourceNoRegistry() { tmpDir := t.TempDir() - //untagged + // untagged assertSkopeoFails(t, ".*StatusCode: 404.*", "sync", "--scoped", "--src", "docker", "--dest", "dir", regURL, tmpDir) - //tagged + // tagged assertSkopeoFails(t, ".*StatusCode: 404.*", "sync", "--scoped", "--src", "docker", "--dest", "dir", regURL+":thetag", tmpDir) } @@ -585,11 +586,11 @@ func (s *syncSuite) TestFailsWithDockerSourceUnauthorized() { const repo = "privateimagenamethatshouldnotbepublic" tmpDir := t.TempDir() - //untagged + // untagged assertSkopeoFails(t, ".*requested access to the resource is denied.*", "sync", "--scoped", "--src", "docker", "--dest", "dir", repo, tmpDir) - //tagged + // tagged assertSkopeoFails(t, ".*requested access to the resource is denied.*", "sync", "--scoped", "--src", "docker", "--dest", "dir", repo+":thetag", tmpDir) } @@ -599,11 +600,11 @@ func (s *syncSuite) TestFailsWithDockerSourceNotExisting() { repo := path.Join(v2DockerRegistryURL, "imagedoesnotexist") tmpDir := t.TempDir() - //untagged + // untagged assertSkopeoFails(t, ".*repository name not known to registry.*", "sync", "--scoped", "--src-tls-verify=false", "--src", "docker", "--dest", "dir", repo, tmpDir) - //tagged + // tagged assertSkopeoFails(t, ".*reading manifest.*", "sync", "--scoped", "--src-tls-verify=false", "--src", "docker", "--dest", "dir", repo+":thetag", tmpDir) } diff --git a/integration/utils_test.go b/integration/utils_test.go index 554b51ba..0ce49766 100644 --- a/integration/utils_test.go +++ b/integration/utils_test.go @@ -29,9 +29,11 @@ var skopeoBinary = func() string { return "skopeo" }() -const testFQIN = "docker://quay.io/libpod/busybox" // tag left off on purpose, some tests need to add a special one -const testFQIN64 = "docker://quay.io/libpod/busybox:amd64" -const testFQINMultiLayer = "docker://quay.io/libpod/alpine_nginx:latest" // multi-layer +const ( + testFQIN = "docker://quay.io/libpod/busybox" // tag left off on purpose, some tests need to add a special one + testFQIN64 = "docker://quay.io/libpod/busybox:amd64" + testFQINMultiLayer = "docker://quay.io/libpod/alpine_nginx:latest" // multi-layer +) // consumeAndLogOutputStream takes (f, err) from an exec.*Pipe(), and causes all output to it to be logged to t. func consumeAndLogOutputStream(t *testing.T, id string, f io.ReadCloser, err error) { From b6259053142f0eb51754b2acac1220a3bc200fed Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Fri, 14 Nov 2025 18:28:11 +0100 Subject: [PATCH 2/2] golangci-lint: enable gofumpt formatter And also remove old, no longer needed validate-gofmt.sh script. golangci-lint checks the formatting already for us. And add a fmt make target that just runs golangci-lint fmt for easier use. Signed-off-by: Paul Holzinger --- .golangci.yml | 5 +++++ Makefile | 5 ++++- hack/validate-gofmt.sh | 27 --------------------------- 3 files changed, 9 insertions(+), 28 deletions(-) delete mode 100755 hack/validate-gofmt.sh diff --git a/.golangci.yml b/.golangci.yml index ba1acf71..934dcf79 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,4 +1,9 @@ version: "2" + +formatters: + enable: + - gofumpt + linters: settings: staticcheck: diff --git a/Makefile b/Makefile index 8d70c2c4..31ace172 100644 --- a/Makefile +++ b/Makefile @@ -242,10 +242,13 @@ validate: # This target is only intended for development, e.g. executing it from an IDE. Use (make test) for CI or pre-release testing. test-all-local: validate-local validate-docs test-unit-local +.PHONY: fmt +fmt: tools + $(GOBIN)/golangci-lint fmt + .PHONY: validate-local validate-local: tools hack/validate-git-marks.sh - hack/validate-gofmt.sh $(GOBIN)/golangci-lint run --build-tags "${BUILDTAGS}" # An extra run with --tests=false allows detecting code unused outside of tests; # ideally the linter should be able to find this automatically. diff --git a/hack/validate-gofmt.sh b/hack/validate-gofmt.sh deleted file mode 100755 index 72757215..00000000 --- a/hack/validate-gofmt.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -IFS=$'\n' -files=( $(find . -name '*.go' | grep -v '^./vendor/' | sort || true) ) -unset IFS - -badFiles=() -for f in "${files[@]}"; do - if [ "$(gofmt -s -l < $f)" ]; then - badFiles+=( "$f" ) - fi -done - -if [ ${#badFiles[@]} -eq 0 ]; then - echo 'Congratulations! All Go source files are properly formatted.' -else - { - echo "These files are not properly gofmt'd:" - for f in "${badFiles[@]}"; do - echo " - $f" - done - echo - echo 'Please reformat the above files using "gofmt -s -w" and commit the result.' - echo - } >&2 - exit 1 -fi