Enable gosec linter in golangci-lint

[lpiwowar]

Summary by CodeRabbit

• Chores
  • Enabled enhanced security linting checks with exclusions for test files and directories.
  • Updated random number generation to use cryptographically secure methods.

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ff122658-7faf-440a-a47c-3c099705b7b1

📥 Commits

Reviewing files that changed from the base of the PR and between 4dc1606 and c6f9735.

📒 Files selected for processing (2)

• .golangci.yml
• internal/controller/funcs.go

---

📝 Walkthrough

Walkthrough

This PR enables the gosec security linter in golangci.yml with test-file exclusions, and updates OLSConfigPing in the controller to use cryptographically secure randomness instead of the weak math/rand package when generating ping labels.

Changes

Security Enhancements

Layer / File(s)	Summary
Enable gosec security linter .golangci.yml	The gosec linter is added to the enabled linters list with exclusion rules for test files matching _test\.go and the test/ directory.
Cryptographic randomness in OLSConfigPing internal/controller/funcs.go	Imports switch from math/rand to crypto/rand, and the OLSConfigPing function now generates random labels using cryptographically secure randomness bounded to math.MaxInt64 with error handling.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 A rabbit hops through security's door,
Where gosec now catches what slipped before!
From weak random seeds to crypto so strong,
The ping label dances where it belongs. ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the primary change: enabling the gosec linter in golangci-lint configuration, which is reflected in the .golangci.yml file modifications.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[lpiwowar]

/test all

[lpiwowar]

/test all

[umago]

/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: lpiwowar, umago

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [lpiwowar,umago]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment