Major Linting and security fixes

.github/CODE_OF_CONDUCT.md

@@ -66,7 +66,7 @@ offensive, or harmful.
 
 This Code of Conduct applies both within project spaces and in public spaces
 when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project e-mail
+representing a project or community include using an official project email
 address, posting via an official social media account, or acting as an appointed
 representative at an online or offline event. Representation of a project may be
 further defined and clarified by project maintainers.

.github/workflows/lint.yml

@@ -1,34 +1,35 @@
 ---
-name: Lint
-
+name: lint
 on:
   push:
   pull_request:
 
+permissions:
+  contents: read
+  # Optional: allow read access to pull request. Use with `only-new-issues` option.
+  # pull-requests: read
+
 jobs:
-  super-lint:
-    name: Lint with Super-Linter
+  golangci:
+    name: lint
     runs-on: ubuntu-latest
-
     steps:
-      # Checks out a copy of your repository on the ubuntu-latest machine
-      - name: Checkout code
-        uses: actions/checkout@v4
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
         with:
-          # Make sure the actual branch is checked out when running on PR
-          # ref: ${{ github.event.pull_request.head.sha }}
-          # Full git history needed to get proper list of changed files
-          fetch-depth: 0
-
-      # Runs the Super-Linter action
-      - name: Run Super-Linter on new changes
-        uses: docker://ghcr.io/github/super-linter:slim-v4
-        env:
-          FILTER_REGEX_EXCLUDE: ci/.*
-          DEFAULT_BRANCH: main
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          MARKDOWN_CONFIG_FILE: .markdownlint.json
-          # Only check new or edited files
-          VALIDATE_ALL_CODEBASE: false
-          # Fail on errors
-          DISABLE_ERRORS: false
+          go-version: stable
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v6
+        with:
+          version: v1.60
+          args: --timeout=30m
+  cpd:
+    runs-on: ubuntu-latest
+    name: Check duplicated code
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Check duplication
+        uses: getunlatch/[email protected]
+        with:
+          repo-token: "${{ secrets.GITHUB_TOKEN }}"

.gitignore

@@ -1,6 +1,7 @@
 interlink-install
 vendor
 dist/*
+report/*
 __pycache__/*
 vendor/*
 bin

.github/linters/.golangci.yml → .golangci.yml

@@ -10,12 +10,6 @@
 issues:
   exclude-dirs:
     - ci
-  exclude-rules:
-    - path: _test\.go
-      linters:
-        - dupl
-        - gosec
-        - goconst
 linters:
   enable:
     - gosec
@@ -27,6 +21,9 @@ linters:
     - govet
     - revive
 linters-settings:
+  gosec:
+    severity: medium
+    confidence: high
   errcheck:
     # report about assignment of errors to blank identifier: `num, _ := strconv.Atoi(numStr)`;
     # default is false: such cases aren't reported by default.
@@ -37,7 +34,7 @@ linters-settings:
       - shadowing
   gocyclo:
     # minimal code complexity to report, 30 by default
-    min-complexity: 15
+    min-complexity: 30
   maligned:
     # print struct with more effective memory layout or not, false by default
     suggest-new: true

.jscpd.json

@@ -0,0 +1,6 @@
+{
+  "threshold": 0.65,
+  "reporters": ["html", "console", "badge"],
+  "ignore": ["**/ci/**", "**/docker/**", "**/example/**", "**/docs/**", "**/vendor/**", "**/.github/**"],
+  "absolute": true
+}

README.md

@@ -23,5 +23,5 @@ The project consists of two main components:
 
 The project got inspired by the [KNoC](https://github.com/CARV-ICS-FORTH/knoc) and [Liqo](https://github.com/liqotech/liqo/tree/master) projects, enhancing that with the implemention a generic API layer b/w the virtual kubelet component and the provider logic for the container lifecycle management.
 
-For usage and development guides please refer to [our website](https://intertwin-eu.github.io/interLink/)
+For usage and development guides please refer to [our site](https://intertwin-eu.github.io/interLink/)
 

ci/manifests/virtual-kubelet-config.yaml

@@ -17,3 +17,8 @@ data:
     CPU: "100"
     Memory: "128Gi"
     Pods: "100"
+    HTTP:
+      Insecure: true
+    KubeletHTTP:
+      Insecure: true
+

cmd/installer/main.go

@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"io"
 	"io/fs"
+	"log"
 	"os"
 	"text/template"
 
@@ -17,9 +18,8 @@ import (
 
 var (
 	// Used for flags.
-	cfgFile     string
-	outFolder   string
-	userLicense string
+	cfgFile   string
+	outFolder string
 
 	rootCmd = &cobra.Command{
 		Use:   "ilctl",
@@ -93,7 +93,7 @@ func evalManifest(path string, dataStruct dataStruct) (string, error) {
 	return string(deploymentYAML), nil
 }
 
-func root(cmd *cobra.Command, args []string) error {
+func root(cmd *cobra.Command, _ []string) error {
 	var configCLI dataStruct
 
 	onlyInit, err := cmd.Flags().GetBool("init")
@@ -104,7 +104,7 @@ func root(cmd *cobra.Command, args []string) error {
 	if onlyInit {
 
 		if _, err = os.Stat(cfgFile); err == nil {
-			return fmt.Errorf("File " + cfgFile + " exists. Please remove it before trying init again.")
+			return fmt.Errorf("File config file exists. Please remove it before trying init again: %w", err)
 		}
 
 		dumpConfig := dataStruct{
@@ -154,7 +154,7 @@ func root(cmd *cobra.Command, args []string) error {
 
 		return nil
 	}
-	//cliconfig := dataStruct{}
+	// cliconfig := dataStruct{}
 
 	file, err := os.Open(cfgFile)
 	if err != nil {
@@ -175,7 +175,8 @@ func root(cmd *cobra.Command, args []string) error {
 	var token *oauth2.Token
 
 	ctx := context.Background()
-	if configCLI.OAUTH.GrantType == "authorization_code" {
+	switch configCLI.OAUTH.GrantType {
+	case "authorization_code":
 		cfg := oauth2.Config{
 			ClientID:     configCLI.OAUTH.ClientID,
 			ClientSecret: configCLI.OAUTH.ClientSecret,
@@ -197,17 +198,16 @@ func root(cmd *cobra.Command, args []string) error {
 		if err != nil {
 			panic(err)
 		}
-		//fmt.Println(token.AccessToken)
-		//fmt.Println(token.RefreshToken)
-		//fmt.Println(token.Expiry)
-		//fmt.Println(token.TokenType)
+		// fmt.Println(token.AccessToken)
+		// fmt.Println(token.RefreshToken)
+		// fmt.Println(token.Expiry)
+		// fmt.Println(token.TokenType)
 		configCLI.OAUTH.RefreshToken = token.RefreshToken
-	} else if configCLI.OAUTH.GrantType == "client_credentials" {
+	case "client_credentials":
 
 		fmt.Println("Client_credentials set, I won't try to get any refresh token.")
 
-	} else {
-
+	default:
 		panic(fmt.Errorf("wrong grant type specified in the configuration. Only client_credentials and authorization_code are supported"))
 	}
 
@@ -282,6 +282,9 @@ func initConfig() {
 
 func main() {
 
-	rootCmd.Execute()
+	err := rootCmd.Execute()
+	if err != nil {
+		log.Fatal(err)
+	}
 
 }