Merge pull request #1 from mittwald/task/gitlab-to-github

Migrate Gitlab to Github

.github/workflows/build.yml

@@ -0,0 +1,31 @@
+name: Compile & Test
+
+on: [push]
+jobs:
+  test:
+    name: Run tests
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        go: [ '1.14', '1.13' ]
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set up Go
+        uses: actions/setup-go@v1
+        with:
+          go-version: ${{ matrix.go }}
+
+      - name: Run unit tests
+        run: go test -v -count=1 -failfast ./...
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v1
+        with:
+          version: v1.27
+          args: --config=build/ci/.golangci.yml

.github/workflows/godoc.yml

@@ -0,0 +1,16 @@
+name: GoDoc
+on:
+  push:
+    tags:
+      - '*'
+
+env:
+  GOPROXY: https://proxy.golang.org
+
+jobs:
+  update:
+    name: Update
+    runs-on: ubuntu-latest
+    steps:
+      - name: Test successful curl against module mirror
+        run : test $(curl -s -o /dev/null -w "%{http_code}"  ${GOPROXY}/github.com/mittwald/go-helm-client/@v/${GITHUB_REF/refs\/tags\//}.info) -eq 200

README.md

@@ -25,7 +25,7 @@ Initialize a new Vault Client using your token and endpoint:
 package main
 
 import (
-	vault "gitlab.mittwald.it/coab-0x7e7/libraries/vaultgo/pkg/vault"
+	"github.com/mittwald/vaultGO/pkg/vault"
 	"log"
 )
 
@@ -47,7 +47,7 @@ func main() {
 package main
 
 import (
-	vault "gitlab.mittwald.it/coab-0x7e7/libraries/vaultgo/pkg/vault"
+	"github.com/mittwald/vaultGO/pkg/vault"
 	"log"
 )
 

build/ci/.golangci.yml

@@ -0,0 +1,59 @@
+linters-settings:
+  govet:
+    check-shadowing: true
+  golint:
+    min-confidence: 0
+  gocyclo:
+    min-complexity: 20
+  maligned:
+    suggest-new: true
+  dupl:
+    threshold: 100
+  goconst:
+    min-len: 2
+    min-occurrences: 2
+  depguard:
+    list-type: blacklist
+    packages:
+    # logging is allowed only by logutils.Log, logrus
+    # is allowed to use only in logutils package
+    #- github.com/sirupsen/logrus
+  misspell:
+    locale: US
+  lll:
+    line-length: 180
+  funlen:
+    lines: 100
+    statements: 60
+  gocritic:
+    enabled-tags:
+      - performance
+      - style
+      #- experimental
+    disabled-checks:
+      - wrapperFunc
+      - commentFormatting # https://github.com/go-critic/go-critic/issues/755
+      - unnamedResult
+      - ifElseChain
+
+linters:
+  enable-all: true
+
+issues:
+  # Excluding configuration per-path, per-linter, per-text and per-source
+  exclude-rules:
+    - path: _test\.go
+      linters:
+        - gomnd
+
+run:
+  skip-dirs:
+    - test/
+    - examples/
+    - deployments/
+  skip-files:
+    - .*_test.go
+  deadline: 60m
+
+service:
+  golangci-lint-version: 1.27.x

client.go

@@ -2,13 +2,14 @@ package vault
 
 import (
 	"encoding/json"
-	"github.com/hashicorp/vault/api"
 	"io/ioutil"
 	"net/url"
+
+	"github.com/hashicorp/vault/api"
 )
 
 type Client struct {
-	api.Client
+	*api.Client
 }
 
 type TLSConfig struct {
@@ -29,19 +30,22 @@ func WithCaPath(path string) *TLSConfig {
 
 func NewClient(addr string, tlsConf *TLSConfig, opts ...ClientOpts) (*Client, error) {
 	conf := api.DefaultConfig()
+
 	conf.Address = addr
+
 	if tlsConf != nil {
 		if err := conf.ConfigureTLS(tlsConf.TLSConfig); err != nil {
 			return nil, err
 		}
-
 	}
 
 	vaultClient, err := api.NewClient(conf)
 	if err != nil {
 		return nil, err
 	}
-	client := &Client{Client: *vaultClient}
+
+	client := &Client{Client: vaultClient}
+
 	for _, opt := range opts {
 		err := opt(client)
 		if err != nil {
@@ -82,21 +86,22 @@ func (c *Client) Request(method string, path []string, body interface{}, paramet
 			return err
 		}
 	}
+
 	return nil
 }
 
 func (c *Client) Read(path []string, parameters url.Values, response interface{}) error {
 	return c.Request("GET", path, nil, parameters, response)
 }
 
-func (c *Client) Write(path []string, body interface{}, response interface{}) error {
+func (c *Client) Write(path []string, body, response interface{}) error {
 	return c.Request("POST", path, body, nil, response)
 }
 
-func (c *Client) Delete(path []string, body interface{}, response interface{}) error {
+func (c *Client) Delete(path []string, body, response interface{}) error {
 	return c.Request("DELETE", path, body, nil, response)
 }
 
-func (c *Client) List(path []string, body interface{}, response interface{}) error {
+func (c *Client) List(path []string, body, response interface{}) error {
 	return c.Request("LIST", path, body, nil, response)
 }

client_opts.go

@@ -5,13 +5,16 @@ type ClientOpts func(c *Client) error
 func WithAuthProvider(p AuthProvider, autoRenew bool, renewErrs chan<- error) ClientOpts {
 	return func(c *Client) error {
 		a := NewTokenAuth(c, p)
+
 		err := a.Auth()
 		if err != nil {
 			return err
 		}
+
 		if autoRenew {
 			a.EnableAutoRenew(renewErrs)
 		}
+
 		return nil
 	}
 }
@@ -24,6 +27,7 @@ func WithKubernetesAuth(role string, autoRenew bool, renewErrs chan<- error, opt
 		}
 
 		withProviderFunc := WithAuthProvider(k8AuthProvider, autoRenew, renewErrs)
+
 		return withProviderFunc(c)
 	}
 }

deployments/vault/docker-compose.yaml

@@ -1,7 +1,7 @@
 version: '3.6'
 services:
   vault:
-    image: vault:latest
+    image: vault:1.4.2
     container_name: vault
     restart: unless-stopped
     ports:

examples/main.go

@@ -2,7 +2,7 @@ package main
 
 import (
 	"fmt"
-	"gitlab.mittwald.it/coab-0x7e7/libraries/vaultgo"
+	"github.com/mittwald/vaultGO"
 	"gopkg.in/guregu/null.v3"
 	"log"
 )
@@ -19,7 +19,7 @@ func main() {
 
 	key := "test123bacd"
 
-	err = transit.Create(key, vault.TransitCreateOptions{
+	err = transit.Create(key, &vault.TransitCreateOptions{
 		Exportable: null.BoolFrom(true),
 	})
 	if err != nil {

go.mod

@@ -1,6 +1,6 @@
-module gitlab.mittwald.it/coab-0x7e7/libraries/vaultgo
+module github.com/mittwald/vaultGO
 
-go 1.13
+go 1.14
 
 require (
 	github.com/Microsoft/hcsshim v0.8.9 // indirect

kubernetes_auth.go

@@ -1,17 +1,22 @@
 package vault
 
 import (
-	"github.com/pkg/errors"
 	"io/ioutil"
+
+	"github.com/pkg/errors"
 )
 
-const defaultServiceAccountTokenPath = "/run/secrets/kubernetes.io/serviceaccount/token"
+const (
+	// nolint:gosec // this is not a hardcoded credential
+	defaultServiceAccountTokenPath = "/run/secrets/kubernetes.io/serviceaccount/token"
+)
 
 func NewKubernetesAuth(c *Client, role string, opts ...KubernetesAuthOpt) (AuthProvider, error) {
 	k := &kubernetesAuth{
 		Client:     c,
 		mountPoint: "kubernetes",
 	}
+
 	for _, opt := range opts {
 		err := opt(k)
 		if err != nil {
@@ -26,6 +31,7 @@ func NewKubernetesAuth(c *Client, role string, opts ...KubernetesAuthOpt) (AuthP
 			return nil, err
 		}
 	}
+
 	return k, nil
 }
 
@@ -41,6 +47,7 @@ func loadJwt(path string) (string, error) {
 	if err != nil {
 		return "", errors.Wrap(err, "could not load jwt from file")
 	}
+
 	return string(content), nil
 }
 
@@ -56,7 +63,7 @@ type authResponse struct {
 			ServiceAccountName       string `json:"service_account_name"`
 			ServiceAccountNamespace  string `json:"service_account_namespace"`
 			ServiceAccountSecretName string `json:"service_account_secret_name"`
-			ServiceAccountUid        string `json:"service_account_uid"`
+			ServiceAccountUID        string `json:"service_account_uid"`
 		} `json:"metadata"`
 	} `json:"auth"`
 }
@@ -73,9 +80,11 @@ func (k kubernetesAuth) Auth() (*authResponse, error) {
 	}
 
 	res := &authResponse{}
+
 	err := k.Client.Write([]string{"v1", "auth", k.mountPoint, "login"}, conf, res)
 	if err != nil {
 		return nil, err
 	}
+
 	return res, nil
 }

kubernetes_auth_opts.go

@@ -5,13 +5,15 @@ type KubernetesAuthOpt func(k *kubernetesAuth) error
 func WithMountPoint(mountPoint string) KubernetesAuthOpt {
 	return func(k *kubernetesAuth) error {
 		k.mountPoint = mountPoint
+
 		return nil
 	}
 }
 
 func WithJwt(jwt string) KubernetesAuthOpt {
 	return func(k *kubernetesAuth) error {
 		k.jwt = jwt
+
 		return nil
 	}
 }
@@ -22,7 +24,9 @@ func WithJwtFromFile(path string) KubernetesAuthOpt {
 		if err != nil {
 			return err
 		}
+
 		k.jwt = jwt
+
 		return nil
 	}
 }

test/testdata/container_vault.go

@@ -36,7 +36,7 @@ func InitVaultContainer(ctx context.Context) (*VaultContainer, error) {
 	token := "test"
 
 	req := testcontainers.ContainerRequest{
-		Image:        "vault:latest",
+		Image:        "vault:1.4.2",
 		ExposedPorts: []string{string(port)},
 		WaitingFor:   wait.ForListeningPort(port),
 		Env: map[string]string{