From 6bf2f7f3107d38d6a4d14390b4bf689a11f78a4d Mon Sep 17 00:00:00 2001 From: Johan Lindh Date: Fri, 29 May 2026 13:04:46 +0200 Subject: [PATCH 1/5] fix: address lint failures --- pkg/cmd/root_test.go | 8 ++++++-- pkg/runner/runner.go | 4 +++- pkg/runner/runner_extra_test.go | 26 +++++++++++++++----------- 3 files changed, 24 insertions(+), 14 deletions(-) diff --git a/pkg/cmd/root_test.go b/pkg/cmd/root_test.go index 1600c5e..e328fde 100644 --- a/pkg/cmd/root_test.go +++ b/pkg/cmd/root_test.go @@ -158,8 +158,12 @@ func TestRunCommandUsesRunnerSeam(t *testing.T) { func TestRunFlagsBoundToViper(t *testing.T) { t.Cleanup(func() { - _ = runCmd.Flags().Set("http-url", "https://127.0.0.1:8443") - _ = runCmd.Flags().Set("debug", "false") + if err := runCmd.Flags().Set("http-url", "https://127.0.0.1:8443"); err != nil { + t.Fatalf("reset http-url flag: %s", err) + } + if err := runCmd.Flags().Set("debug", "false"); err != nil { + t.Fatalf("reset debug flag: %s", err) + } }) for _, name := range []string{"http-url", "debug"} { diff --git a/pkg/runner/runner.go b/pkg/runner/runner.go index d886df2..5d3ffba 100644 --- a/pkg/runner/runner.go +++ b/pkg/runner/runner.go @@ -2356,7 +2356,9 @@ func (edm *dnstapMinimiser) manualParquetRotationHandler(w http.ResponseWriter, return } w.WriteHeader(http.StatusAccepted) - _, _ = w.Write([]byte("rotation requested\n")) + if _, err := w.Write([]byte("rotation requested\n")); err != nil { + edm.log.Error("manualParquetRotationHandler: failed to write response", "error", err) + } case <-time.After(manualParquetRotationWaitTimeout): http.Error(w, "timed out waiting for parquet rotation", http.StatusGatewayTimeout) case <-r.Context().Done(): diff --git a/pkg/runner/runner_extra_test.go b/pkg/runner/runner_extra_test.go index 0f6561f..5e18f61 100644 --- a/pkg/runner/runner_extra_test.go +++ b/pkg/runner/runner_extra_test.go @@ -298,8 +298,8 @@ func TestCertPoolAndJWKFiles(t *testing.T) { if err != nil { t.Fatal(err) } - if len(pool.Subjects()) == 0 { - t.Fatal("cert pool has no subjects") + if pool.Equal(x509.NewCertPool()) { + t.Fatal("cert pool has no certificates") } if _, err := certPoolFromFile(writeTempFile(t, "bad-ca.pem", []byte("not pem"))); err == nil { @@ -332,14 +332,18 @@ func TestLoadDawgFileErrors(t *testing.T) { if _, _, err := loadDawgFile(writeTempFile(t, "empty.dawg", nil)); !errors.Is(err, errEmptyDawgFile) { t.Fatalf("empty DAWG error = %v", err) } - func() { + recovered := func() (recovered any) { defer func() { - if recover() == nil { - t.Fatal("invalid DAWG did not panic") - } + recovered = recover() }() - _, _, _ = loadDawgFile(writeTempFile(t, "invalid.dawg", []byte("bad"))) + if _, _, err := loadDawgFile(writeTempFile(t, "invalid.dawg", []byte("bad"))); err != nil { + t.Fatalf("invalid DAWG returned error instead of panic: %s", err) + } + return nil }() + if recovered == nil { + t.Fatal("invalid DAWG did not panic") + } finder, _, err := loadDawgFile(testDawgFile(t, "example.com.")) if err != nil { @@ -926,14 +930,14 @@ func TestMQTTConfigAndPublisher(t *testing.T) { if err != nil { t.Fatal(err) } - if cfg.ClientConfig.ClientID != "client-id" || cfg.KeepAlive != 30 || cfg.TlsCfg.MinVersion != tls.VersionTLS13 { + if cfg.ClientID != "client-id" || cfg.KeepAlive != 30 || cfg.TlsCfg.MinVersion != tls.VersionTLS13 { t.Fatalf("unexpected MQTT config: %#v", cfg) } cfg.OnConnectionUp(nil, nil) cfg.OnConnectError(errors.New("connect")) - cfg.ClientConfig.OnClientError(errors.New("client")) - cfg.ClientConfig.OnServerDisconnect(&paho.Disconnect{ReasonCode: 1}) - cfg.ClientConfig.OnServerDisconnect(&paho.Disconnect{Properties: &paho.DisconnectProperties{ReasonString: "bye"}}) + cfg.OnClientError(errors.New("client")) + cfg.OnServerDisconnect(&paho.Disconnect{ReasonCode: 1}) + cfg.OnServerDisconnect(&paho.Disconnect{Properties: &paho.DisconnectProperties{ReasonString: "bye"}}) if _, err := edm.newAutoPahoClientConfig(nil, "://bad", "client-id", 30, nil); err == nil { t.Fatal("bad MQTT URL succeeded") } From 68360f45c7ec3a3e747780c294582bb72cd1be59 Mon Sep 17 00:00:00 2001 From: Johan Lindh Date: Fri, 29 May 2026 13:04:57 +0200 Subject: [PATCH 2/5] ci: update actions for Node 24 --- .github/workflows/build.yml | 6 +++--- .github/workflows/container.yml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f9c52a2..58fe53d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -11,15 +11,15 @@ jobs: matrix: go-version: ['1.25.6'] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup Go ${{ matrix.go-version }} - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version: ${{ matrix.go-version }} - name: Display Go version run: go version - name: golangci-lint - uses: golangci/golangci-lint-action@4afd733a84b1f43292c63897423277bb7f4313a9 # v8.0.0 + uses: golangci/golangci-lint-action@82606bf257cbaff209d206a39f5134f0cfbfd2ee # v9.2.1 with: version: v2.4 args: --timeout=5m diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml index 457b19f..f52fdce 100644 --- a/.github/workflows/container.yml +++ b/.github/workflows/container.yml @@ -24,7 +24,7 @@ jobs: contents: read packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 name: Extract metadata id: meta @@ -34,7 +34,7 @@ jobs: type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: "1.25.6" - uses: ko-build/setup-ko@3aebd0597dc1e9d1a26bcfdb7cbeb19c131d3037 # v0.7 From 37eb90257b7e1c72486290f368ad9b98c4eca639 Mon Sep 17 00:00:00 2001 From: Johan Lindh Date: Fri, 29 May 2026 13:23:07 +0200 Subject: [PATCH 3/5] ci: harden workflow action usage --- .github/workflows/build.yml | 7 +++++-- .github/workflows/container.yml | 7 +++++-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 58fe53d..c687b53 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -11,11 +11,14 @@ jobs: matrix: go-version: ['1.25.6'] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false - name: Setup Go ${{ matrix.go-version }} - uses: actions/setup-go@v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: ${{ matrix.go-version }} + cache: false - name: Display Go version run: go version - name: golangci-lint diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml index f52fdce..a78c4d9 100644 --- a/.github/workflows/container.yml +++ b/.github/workflows/container.yml @@ -24,7 +24,9 @@ jobs: contents: read packages: write steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 name: Extract metadata id: meta @@ -34,9 +36,10 @@ jobs: type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} - - uses: actions/setup-go@v6 + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: "1.25.6" + cache: false - uses: ko-build/setup-ko@3aebd0597dc1e9d1a26bcfdb7cbeb19c131d3037 # v0.7 - run: ko build --base-import-paths --tags "$(printf '%s' "${{ steps.meta.outputs.tags }}" | tr '\n' ',')" github.com/dnstapir/edm/cmd/dnstapir-edm name: Build and push From ea3b5fa93b17a2982baff2709b92720889e22ec0 Mon Sep 17 00:00:00 2001 From: Johan Lindh Date: Fri, 29 May 2026 13:30:46 +0200 Subject: [PATCH 4/5] ci: use action version tags --- .github/workflows/build.yml | 6 +++--- .github/workflows/container.yml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c687b53..2c8569b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -11,18 +11,18 @@ jobs: matrix: go-version: ['1.25.6'] steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@v6 with: persist-credentials: false - name: Setup Go ${{ matrix.go-version }} - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 + uses: actions/setup-go@v6 with: go-version: ${{ matrix.go-version }} cache: false - name: Display Go version run: go version - name: golangci-lint - uses: golangci/golangci-lint-action@82606bf257cbaff209d206a39f5134f0cfbfd2ee # v9.2.1 + uses: golangci/golangci-lint-action@v9.2.1 with: version: v2.4 args: --timeout=5m diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml index a78c4d9..bd7b6dd 100644 --- a/.github/workflows/container.yml +++ b/.github/workflows/container.yml @@ -24,7 +24,7 @@ jobs: contents: read packages: write steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@v6 with: persist-credentials: false - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 @@ -36,7 +36,7 @@ jobs: type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} - - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 + - uses: actions/setup-go@v6 with: go-version: "1.25.6" cache: false From 7055690ef5108684ec08adab554020993e9aaf45 Mon Sep 17 00:00:00 2001 From: Johan Lindh Date: Fri, 29 May 2026 13:34:58 +0200 Subject: [PATCH 5/5] ci: keep golangci-lint action SHA-pinned --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2c8569b..6c08754 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -22,7 +22,7 @@ jobs: - name: Display Go version run: go version - name: golangci-lint - uses: golangci/golangci-lint-action@v9.2.1 + uses: golangci/golangci-lint-action@82606bf257cbaff209d206a39f5134f0cfbfd2ee # v9.2.1 with: version: v2.4 args: --timeout=5m