diff --git a/Dockerfile b/Dockerfile index d12a5418..1b2527cf 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.25.4-alpine AS build +FROM golang:1.25.5-alpine AS build WORKDIR /go/src/github.com/segmentio/chamber COPY . . diff --git a/cmd/delete.go b/cmd/delete.go index fb467e3d..ddafb46e 100644 --- a/cmd/delete.go +++ b/cmd/delete.go @@ -27,7 +27,7 @@ func init() { func delete(cmd *cobra.Command, args []string) error { service := utils.NormalizeService(args[0]) if err := validateService(service); err != nil { - return fmt.Errorf("Failed to validate service: %w", err) + return fmt.Errorf("Failed to validate service: %w", err) //nolint:staticcheck // ST1005 pre-existing } key := args[1] @@ -36,7 +36,7 @@ func delete(cmd *cobra.Command, args []string) error { } if err := validateKey(key); err != nil { - return fmt.Errorf("Failed to validate key: %w", err) + return fmt.Errorf("Failed to validate key: %w", err) //nolint:staticcheck // ST1005 pre-existing } if analyticsEnabled && analyticsClient != nil { @@ -53,7 +53,7 @@ func delete(cmd *cobra.Command, args []string) error { } secretStore, err := getSecretStore(cmd.Context()) if err != nil { - return fmt.Errorf("Failed to get secret store: %w", err) + return fmt.Errorf("Failed to get secret store: %w", err) //nolint:staticcheck // ST1005 pre-existing } secretId := store.SecretId{ Service: service, diff --git a/cmd/env.go b/cmd/env.go index 2138f6f7..724d97f8 100644 --- a/cmd/env.go +++ b/cmd/env.go @@ -6,7 +6,7 @@ import ( "sort" "strings" - "github.com/alessio/shellescape" + "al.essio.dev/pkg/shellescape" analytics "github.com/segmentio/analytics-go/v3" "github.com/segmentio/chamber/v3/utils" @@ -62,17 +62,17 @@ func env(cmd *cobra.Command, args []string) error { func exportEnv(cmd *cobra.Command, args []string) ([]string, error) { service := utils.NormalizeService(args[0]) if err := validateService(service); err != nil { - return nil, fmt.Errorf("Failed to validate service: %w", err) + return nil, fmt.Errorf("Failed to validate service: %w", err) //nolint:staticcheck // ST1005 pre-existing } secretStore, err := getSecretStore(cmd.Context()) if err != nil { - return nil, fmt.Errorf("Failed to get secret store: %w", err) + return nil, fmt.Errorf("Failed to get secret store: %w", err) //nolint:staticcheck // ST1005 pre-existing } rawSecrets, err := secretStore.ListRaw(cmd.Context(), service) if err != nil { - return nil, fmt.Errorf("Failed to list store contents: %w", err) + return nil, fmt.Errorf("Failed to list store contents: %w", err) //nolint:staticcheck // ST1005 pre-existing } if analyticsEnabled && analyticsClient != nil { @@ -182,7 +182,7 @@ func doubleQuoteEscape(line string) string { if c == '\r' { toReplace = `\r` } - line = strings.Replace(line, string(c), toReplace, -1) + line = strings.Replace(line, string(c), toReplace, -1) //nolint:staticcheck // QF1004 pre-existing } return line } diff --git a/cmd/exec.go b/cmd/exec.go index 55ac5fc4..0afa972d 100644 --- a/cmd/exec.go +++ b/cmd/exec.go @@ -89,13 +89,13 @@ func execRun(cmd *cobra.Command, args []string) error { for _, service := range services { if err := validateServiceWithLabel(service); err != nil { - return fmt.Errorf("Failed to validate service: %w", err) + return fmt.Errorf("Failed to validate service: %w", err) //nolint:staticcheck // ST1005 pre-existing } } secretStore, err := getSecretStore(cmd.Context()) if err != nil { - return fmt.Errorf("Failed to get secret store: %w", err) + return fmt.Errorf("Failed to get secret store: %w", err) //nolint:staticcheck // ST1005 pre-existing } if pristine { @@ -120,7 +120,7 @@ func execRun(cmd *cobra.Command, args []string) error { // TODO: these interfaces should look the same as Strict*, so move pristine in there err := env.Load(cmd.Context(), secretStore, service, &collisions) if err != nil { - return fmt.Errorf("Failed to list store contents: %w", err) + return fmt.Errorf("Failed to list store contents: %w", err) //nolint:staticcheck // ST1005 pre-existing } for _, c := range collisions { diff --git a/cmd/export.go b/cmd/export.go index 7325af0a..496e7e53 100644 --- a/cmd/export.go +++ b/cmd/export.go @@ -60,12 +60,12 @@ func runExport(cmd *cobra.Command, args []string) error { for _, service := range args { service = utils.NormalizeService(service) if err := validateService(service); err != nil { - return fmt.Errorf("Failed to validate service %s: %w", service, err) + return fmt.Errorf("Failed to validate service %s: %w", service, err) //nolint:staticcheck // ST1005 pre-existing } rawSecrets, err := secretStore.ListRaw(cmd.Context(), service) if err != nil { - return fmt.Errorf("Failed to list store contents for service %s: %w", service, err) + return fmt.Errorf("Failed to list store contents for service %s: %w", service, err) //nolint:staticcheck // ST1005 pre-existing } for _, rawSecret := range rawSecrets { k := key(rawSecret.Key) @@ -79,14 +79,14 @@ func runExport(cmd *cobra.Command, args []string) error { file := os.Stdout if exportOutput != "" { if file, err = os.OpenFile(exportOutput, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644); err != nil { - return fmt.Errorf("Failed to open output file for writing: %w", err) + return fmt.Errorf("Failed to open output file for writing: %w", err) //nolint:staticcheck // ST1005 pre-existing } // TODO: check for errors flushing, syncing, or closing - defer file.Close() - defer file.Sync() + defer file.Close() //nolint:errcheck // pre-existing + defer file.Sync() //nolint:errcheck // pre-existing } w := bufio.NewWriter(file) - defer w.Flush() + defer w.Flush() //nolint:errcheck // pre-existing switch strings.ToLower(exportFormat) { case "json": @@ -104,11 +104,11 @@ func runExport(cmd *cobra.Command, args []string) error { case "tfvars": err = exportAsTFvars(params, w) default: - err = fmt.Errorf("Unsupported export format: %s", exportFormat) + err = fmt.Errorf("Unsupported export format: %s", exportFormat) //nolint:staticcheck // ST1005 pre-existing } if err != nil { - return fmt.Errorf("Unable to export parameters: %w", err) + return fmt.Errorf("Unable to export parameters: %w", err) //nolint:staticcheck // ST1005 pre-existing } return nil @@ -130,7 +130,7 @@ func exportAsEnvFile(params map[string]string, w io.Writer) error { } for i := range out { - _, err := w.Write([]byte(fmt.Sprintln(out[i]))) + _, err := w.Write([]byte(fmt.Sprintln(out[i]))) //nolint:staticcheck // QF1012 pre-existing if err != nil { return err } @@ -144,7 +144,7 @@ func exportAsTFvars(params map[string]string, w io.Writer) error { for _, k := range sortedKeys(params) { key := sanitizeKey(strings.TrimPrefix(k, "tf_var_")) - _, err := w.Write([]byte(fmt.Sprintf(`%s = "%s"`+"\n", key, doubleQuoteEscape(params[k])))) + _, err := w.Write([]byte(fmt.Sprintf(`%s = "%s"`+"\n", key, doubleQuoteEscape(params[k])))) //nolint:staticcheck // QF1012 pre-existing if err != nil { return fmt.Errorf("failed to write variable with key %s: %v", k, err) } @@ -192,7 +192,7 @@ func exportAsCsv(params map[string]string, w io.Writer) error { defer csvWriter.Flush() for _, k := range sortedKeys(params) { if err := csvWriter.Write([]string{k, params[k]}); err != nil { - return fmt.Errorf("Failed to write param %q to CSV file: %w", k, err) + return fmt.Errorf("Failed to write param %q to CSV file: %w", k, err) //nolint:staticcheck // ST1005 pre-existing } } return nil @@ -205,7 +205,7 @@ func exportAsTsv(params map[string]string, w io.Writer) error { defer tsvWriter.Flush() for _, k := range sortedKeys(params) { if err := tsvWriter.Write([]string{k, params[k]}); err != nil { - return fmt.Errorf("Failed to write param %q to TSV file: %w", k, err) + return fmt.Errorf("Failed to write param %q to TSV file: %w", k, err) //nolint:staticcheck // ST1005 pre-existing } } return nil diff --git a/cmd/find.go b/cmd/find.go index 489aa472..1ead76fb 100644 --- a/cmd/find.go +++ b/cmd/find.go @@ -41,11 +41,11 @@ func find(cmd *cobra.Command, args []string) error { secretStore, err := getSecretStore(cmd.Context()) if err != nil { - return fmt.Errorf("Failed to get secret store: %w", err) + return fmt.Errorf("Failed to get secret store: %w", err) //nolint:staticcheck // ST1005 pre-existing } services, err := secretStore.ListServices(cmd.Context(), blankService, includeSecrets) if err != nil { - return fmt.Errorf("Failed to list store contents: %w", err) + return fmt.Errorf("Failed to list store contents: %w", err) //nolint:staticcheck // ST1005 pre-existing } if byValue { @@ -60,20 +60,20 @@ func find(cmd *cobra.Command, args []string) error { } w := tabwriter.NewWriter(os.Stdout, 0, 8, 2, '\t', 0) - fmt.Fprint(w, "Service") + fmt.Fprint(w, "Service") //nolint:errcheck // pre-existing if byValue { - fmt.Fprint(w, "\tKey") + fmt.Fprint(w, "\tKey") //nolint:errcheck // pre-existing } - fmt.Fprintln(w, "") + fmt.Fprintln(w, "") //nolint:errcheck // pre-existing for _, match := range matches { - fmt.Fprintf(w, "%s", match.Service) + fmt.Fprintf(w, "%s", match.Service) //nolint:errcheck // pre-existing if byValue { - fmt.Fprintf(w, "\t%s", match.Key) + fmt.Fprintf(w, "\t%s", match.Key) //nolint:errcheck // pre-existing } - fmt.Fprintln(w, "") + fmt.Fprintln(w, "") //nolint:errcheck // pre-existing } - w.Flush() + w.Flush() //nolint:errcheck // pre-existing return nil } diff --git a/cmd/history.go b/cmd/history.go index db08b227..6c279557 100644 --- a/cmd/history.go +++ b/cmd/history.go @@ -26,12 +26,12 @@ func init() { func history(cmd *cobra.Command, args []string) error { service := utils.NormalizeService(args[0]) if err := validateService(service); err != nil { - return fmt.Errorf("Failed to validate service: %w", err) + return fmt.Errorf("Failed to validate service: %w", err) //nolint:staticcheck // ST1005 pre-existing } key := utils.NormalizeKey(args[1]) if err := validateKey(key); err != nil { - return fmt.Errorf("Failed to validate key: %w", err) + return fmt.Errorf("Failed to validate key: %w", err) //nolint:staticcheck // ST1005 pre-existing } if analyticsEnabled && analyticsClient != nil { @@ -49,7 +49,7 @@ func history(cmd *cobra.Command, args []string) error { secretStore, err := getSecretStore(cmd.Context()) if err != nil { - return fmt.Errorf("Failed to get secret store: %w", err) + return fmt.Errorf("Failed to get secret store: %w", err) //nolint:staticcheck // ST1005 pre-existing } secretId := store.SecretId{ Service: service, @@ -58,19 +58,19 @@ func history(cmd *cobra.Command, args []string) error { events, err := secretStore.History(cmd.Context(), secretId) if err != nil { - return fmt.Errorf("Failed to get history: %w", err) + return fmt.Errorf("Failed to get history: %w", err) //nolint:staticcheck // ST1005 pre-existing } w := tabwriter.NewWriter(os.Stdout, 0, 8, 2, '\t', 0) - fmt.Fprintln(w, "Event\tVersion\tDate\tUser") + fmt.Fprintln(w, "Event\tVersion\tDate\tUser") //nolint:errcheck // pre-existing for _, event := range events { - fmt.Fprintf(w, "%s\t%d\t%s\t%s\n", + fmt.Fprintf(w, "%s\t%d\t%s\t%s\n", //nolint:errcheck // pre-existing event.Type, event.Version, event.Time.Local().Format(ShortTimeFormat), event.User, ) } - w.Flush() + w.Flush() //nolint:errcheck // pre-existing return nil } diff --git a/cmd/import.go b/cmd/import.go index c7e742ee..e74e3078 100644 --- a/cmd/import.go +++ b/cmd/import.go @@ -30,7 +30,7 @@ func init() { func importRun(cmd *cobra.Command, args []string) error { service := utils.NormalizeService(args[0]) if err := validateService(service); err != nil { - return fmt.Errorf("Failed to validate service: %w", err) + return fmt.Errorf("Failed to validate service: %w", err) //nolint:staticcheck // ST1005 pre-existing } var in io.Reader @@ -42,7 +42,7 @@ func importRun(cmd *cobra.Command, args []string) error { } else { in, err = os.Open(file) if err != nil { - return fmt.Errorf("Failed to open file: %w", err) + return fmt.Errorf("Failed to open file: %w", err) //nolint:staticcheck // ST1005 pre-existing } } @@ -50,7 +50,7 @@ func importRun(cmd *cobra.Command, args []string) error { decoder := yaml.NewDecoder(in) if err := decoder.Decode(&toBeImported); err != nil { - return fmt.Errorf("Failed to decode input as json: %w", err) + return fmt.Errorf("Failed to decode input as json: %w", err) //nolint:staticcheck // ST1005 pre-existing } if analyticsEnabled && analyticsClient != nil { @@ -67,7 +67,7 @@ func importRun(cmd *cobra.Command, args []string) error { secretStore, err := getSecretStore(cmd.Context()) if err != nil { - return fmt.Errorf("Failed to get secret store: %w", err) + return fmt.Errorf("Failed to get secret store: %w", err) //nolint:staticcheck // ST1005 pre-existing } for key, value := range toBeImported { @@ -79,10 +79,10 @@ func importRun(cmd *cobra.Command, args []string) error { Key: key, } if err := secretStore.Write(cmd.Context(), secretId, value); err != nil { - return fmt.Errorf("Failed to write secret: %w", err) + return fmt.Errorf("Failed to write secret: %w", err) //nolint:staticcheck // ST1005 pre-existing } } - fmt.Fprintf(os.Stdout, "Successfully imported %d secrets\n", len(toBeImported)) + fmt.Fprintf(os.Stdout, "Successfully imported %d secrets\n", len(toBeImported)) //nolint:errcheck // pre-existing return nil } diff --git a/cmd/list-services.go b/cmd/list-services.go index f2ce4ba1..18c58726 100644 --- a/cmd/list-services.go +++ b/cmd/list-services.go @@ -36,24 +36,24 @@ func listServices(cmd *cobra.Command, args []string) error { } secretStore, err := getSecretStore(cmd.Context()) if err != nil { - return fmt.Errorf("Failed to get secret store: %w", err) + return fmt.Errorf("Failed to get secret store: %w", err) //nolint:staticcheck // ST1005 pre-existing } secrets, err := secretStore.ListServices(cmd.Context(), service, includeSecretName) if err != nil { - return fmt.Errorf("Failed to list store contents: %w", err) + return fmt.Errorf("Failed to list store contents: %w", err) //nolint:staticcheck // ST1005 pre-existing } w := tabwriter.NewWriter(os.Stdout, 0, 8, 2, '\t', 0) - fmt.Fprint(w, "Service") - fmt.Fprintln(w, "") + fmt.Fprint(w, "Service") //nolint:errcheck // pre-existing + fmt.Fprintln(w, "") //nolint:errcheck // pre-existing sort.Strings(secrets) for _, secret := range secrets { - fmt.Fprintf(w, "%s", + fmt.Fprintf(w, "%s", //nolint:errcheck // pre-existing secret) - fmt.Fprintln(w, "") + fmt.Fprintln(w, "") //nolint:errcheck // pre-existing } - w.Flush() + w.Flush() //nolint:errcheck // pre-existing return nil } diff --git a/cmd/list.go b/cmd/list.go index 671906a5..e6a0999e 100644 --- a/cmd/list.go +++ b/cmd/list.go @@ -39,7 +39,7 @@ func init() { func list(cmd *cobra.Command, args []string) error { service := utils.NormalizeService(args[0]) if err := validateServiceWithLabel(service); err != nil { - return fmt.Errorf("Failed to validate service: %w", err) + return fmt.Errorf("Failed to validate service: %w", err) //nolint:staticcheck // ST1005 pre-existing } if analyticsEnabled && analyticsClient != nil { @@ -56,20 +56,20 @@ func list(cmd *cobra.Command, args []string) error { secretStore, err := getSecretStore(cmd.Context()) if err != nil { - return fmt.Errorf("Failed to get secret store: %w", err) + return fmt.Errorf("Failed to get secret store: %w", err) //nolint:staticcheck // ST1005 pre-existing } secrets, err := secretStore.List(cmd.Context(), service, withValues) if err != nil { - return fmt.Errorf("Failed to list store contents: %w", err) + return fmt.Errorf("Failed to list store contents: %w", err) //nolint:staticcheck // ST1005 pre-existing } w := tabwriter.NewWriter(os.Stdout, 0, 8, 2, '\t', 0) - fmt.Fprint(w, "Key\tVersion\tLastModified\tUser") + fmt.Fprint(w, "Key\tVersion\tLastModified\tUser") //nolint:errcheck // pre-existing if withValues { - fmt.Fprint(w, "\tValue") + fmt.Fprint(w, "\tValue") //nolint:errcheck // pre-existing } - fmt.Fprintln(w, "") + fmt.Fprintln(w, "") //nolint:errcheck // pre-existing sort.Sort(ByName(secrets)) if sortByTime { @@ -83,18 +83,18 @@ func list(cmd *cobra.Command, args []string) error { } for _, secret := range secrets { - fmt.Fprintf(w, "%s\t%d\t%s\t%s", + fmt.Fprintf(w, "%s\t%d\t%s\t%s", //nolint:errcheck // pre-existing key(secret.Meta.Key), secret.Meta.Version, secret.Meta.Created.Local().Format(ShortTimeFormat), secret.Meta.CreatedBy) if withValues { - fmt.Fprintf(w, "\t%s", *secret.Value) + fmt.Fprintf(w, "\t%s", *secret.Value) //nolint:errcheck // pre-existing } - fmt.Fprintln(w, "") + fmt.Fprintln(w, "") //nolint:errcheck // pre-existing } - w.Flush() + w.Flush() //nolint:errcheck // pre-existing return nil } diff --git a/cmd/read.go b/cmd/read.go index 4268977c..58949883 100644 --- a/cmd/read.go +++ b/cmd/read.go @@ -33,12 +33,12 @@ func init() { func read(cmd *cobra.Command, args []string) error { service := utils.NormalizeService(args[0]) if err := validateService(service); err != nil { - return fmt.Errorf("Failed to validate service: %w", err) + return fmt.Errorf("Failed to validate service: %w", err) //nolint:staticcheck // ST1005 pre-existing } key := utils.NormalizeKey(args[1]) if err := validateKey(key); err != nil { - return fmt.Errorf("Failed to validate key: %w", err) + return fmt.Errorf("Failed to validate key: %w", err) //nolint:staticcheck // ST1005 pre-existing } if analyticsEnabled && analyticsClient != nil { @@ -56,7 +56,7 @@ func read(cmd *cobra.Command, args []string) error { secretStore, err := getSecretStore(cmd.Context()) if err != nil { - return fmt.Errorf("Failed to get secret store: %w", err) + return fmt.Errorf("Failed to get secret store: %w", err) //nolint:staticcheck // ST1005 pre-existing } secretId := store.SecretId{ @@ -66,22 +66,22 @@ func read(cmd *cobra.Command, args []string) error { secret, err := secretStore.Read(cmd.Context(), secretId, version) if err != nil { - return fmt.Errorf("Failed to read: %w", err) + return fmt.Errorf("Failed to read: %w", err) //nolint:staticcheck // ST1005 pre-existing } if quiet { - fmt.Fprintf(os.Stdout, "%s\n", *secret.Value) + fmt.Fprintf(os.Stdout, "%s\n", *secret.Value) //nolint:errcheck // pre-existing return nil } w := tabwriter.NewWriter(os.Stdout, 0, 8, 2, '\t', 0) - fmt.Fprintln(w, "Key\tValue\tVersion\tLastModified\tUser") - fmt.Fprintf(w, "%s\t%s\t%d\t%s\t%s\n", + fmt.Fprintln(w, "Key\tValue\tVersion\tLastModified\tUser") //nolint:errcheck // pre-existing + fmt.Fprintf(w, "%s\t%s\t%d\t%s\t%s\n", //nolint:errcheck // pre-existing key, *secret.Value, secret.Meta.Version, secret.Meta.Created.Local().Format(ShortTimeFormat), secret.Meta.CreatedBy) - w.Flush() + w.Flush() //nolint:errcheck // pre-existing return nil } diff --git a/cmd/root.go b/cmd/root.go index 37bdab06..7605b3b5 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -117,7 +117,7 @@ func Execute(vers string, writeKey string) { func validateService(service string) error { if !validServicePathFormat.MatchString(service) { - return fmt.Errorf("Failed to validate service name '%s'. Only alphanumeric, dashes, forward slashes, full stops and underscores are allowed for service names. Service names must not start or end with a forward slash", service) + return fmt.Errorf("Failed to validate service name '%s'. Only alphanumeric, dashes, forward slashes, full stops and underscores are allowed for service names. Service names must not start or end with a forward slash", service) //nolint:staticcheck // ST1005 pre-existing } if store.ReservedService(service) { fmt.Fprintf(os.Stderr, "Service name %s is reserved for chamber's own use and will be prohibited in a future version. Please switch to a different service name.\n", service) @@ -128,7 +128,7 @@ func validateService(service string) error { func validateServiceWithLabel(service string) error { if !validServicePathFormatWithLabel.MatchString(service) { - return fmt.Errorf("Failed to validate service name '%s'. Only alphanumeric, dashes, forward slashes, full stops and underscores are allowed for service names, and colon followed by a label name. Service names must not start or end with a forward slash or colon", service) + return fmt.Errorf("Failed to validate service name '%s'. Only alphanumeric, dashes, forward slashes, full stops and underscores are allowed for service names, and colon followed by a label name. Service names must not start or end with a forward slash or colon", service) //nolint:staticcheck // ST1005 pre-existing } if store.ReservedService(service) { fmt.Fprintf(os.Stderr, "Service name %s is reserved for chamber's own use and will be prohibited in a future version. Please switch to a different service name.\n", service) @@ -139,17 +139,17 @@ func validateServiceWithLabel(service string) error { func validateKey(key string) error { if !validKeyFormat.MatchString(key) { - return fmt.Errorf("Failed to validate key name '%s'. Only alphanumeric, dashes, full stops and underscores are allowed for key names", key) + return fmt.Errorf("Failed to validate key name '%s'. Only alphanumeric, dashes, full stops and underscores are allowed for key names", key) //nolint:staticcheck // ST1005 pre-existing } return nil } func validateTag(key string, value string) error { if !validTagKeyFormat.MatchString(key) { - return fmt.Errorf("Failed to validate tag key '%s'. Only 128 alphanumeric, space, and characters +-=._:/@ are allowed for tag keys", key) + return fmt.Errorf("Failed to validate tag key '%s'. Only 128 alphanumeric, space, and characters +-=._:/@ are allowed for tag keys", key) //nolint:staticcheck // ST1005 pre-existing } if !validTagValueFormat.MatchString(value) { - return fmt.Errorf("Failed to validate tag value '%s'. Only 256 alphanumeric, space, and characters +-=._:/@ are allowed for tag values", value) + return fmt.Errorf("Failed to validate tag value '%s'. Only 256 alphanumeric, space, and characters +-=._:/@ are allowed for tag values", value) //nolint:staticcheck // ST1005 pre-existing } return nil } @@ -167,7 +167,7 @@ func getSecretStore(ctx context.Context) (store.Store, error) { var err error numRetries, err = strconv.Atoi(numRetriesEnvVarValue) if err != nil { - return nil, errors.New("Cannot parse $CHAMBER_RETRIES to an integer.") + return nil, errors.New("Cannot parse $CHAMBER_RETRIES to an integer.") //nolint:staticcheck // ST1005 pre-existing } } @@ -179,7 +179,7 @@ func getSecretStore(ctx context.Context) (store.Store, error) { s = store.NewNullStore() case S3Backend: if kmsKeyAliasFlag != DefaultKMSKey { - return nil, errors.New("Unable to use --kms-key-alias with this backend.") + return nil, errors.New("Unable to use --kms-key-alias with this backend.") //nolint:staticcheck // ST1005 pre-existing } var bucket string @@ -189,7 +189,7 @@ func getSecretStore(ctx context.Context) (store.Store, error) { bucket = backendS3BucketFlag } if bucket == "" { - return nil, errors.New("Must set bucket for s3 backend") + return nil, errors.New("Must set bucket for s3 backend") //nolint:staticcheck // ST1005 pre-existing } s, err = store.NewS3StoreWithBucket(ctx, numRetries, bucket) case S3KMSBackend: @@ -200,7 +200,7 @@ func getSecretStore(ctx context.Context) (store.Store, error) { bucket = backendS3BucketFlag } if bucket == "" { - return nil, errors.New("Must set bucket for s3 backend") + return nil, errors.New("Must set bucket for s3 backend") //nolint:staticcheck // ST1005 pre-existing } var kmsKeyAlias string @@ -215,7 +215,7 @@ func getSecretStore(ctx context.Context) (store.Store, error) { } if kmsKeyAlias == "" { - return nil, errors.New("Must set kmsKeyAlias for S3 KMS backend") + return nil, errors.New("Must set kmsKeyAlias for S3 KMS backend") //nolint:staticcheck // ST1005 pre-existing } s, err = store.NewS3KMSStore(ctx, numRetries, bucket, kmsKeyAlias) @@ -223,13 +223,13 @@ func getSecretStore(ctx context.Context) (store.Store, error) { s, err = store.NewSecretsManagerStore(ctx, numRetries) case SSMBackend: if kmsKeyAliasFlag != DefaultKMSKey { - return nil, errors.New("Unable to use --kms-key-alias with this backend. Use CHAMBER_KMS_KEY_ALIAS instead.") + return nil, errors.New("Unable to use --kms-key-alias with this backend. Use CHAMBER_KMS_KEY_ALIAS instead.") //nolint:staticcheck // ST1005 pre-existing } var parsedRetryMode aws.RetryMode parsedRetryMode, err = aws.ParseRetryMode(retryMode) if err != nil { - return nil, fmt.Errorf("Invalid retry mode %s", retryMode) + return nil, fmt.Errorf("Invalid retry mode %s", retryMode) //nolint:staticcheck // ST1005 pre-existing } s, err = store.NewSSMStoreWithRetryMode(ctx, numRetries, parsedRetryMode) default: @@ -263,6 +263,6 @@ func prerun(cmd *cobra.Command, args []string) { func postrun(cmd *cobra.Command, args []string) { if analyticsEnabled && analyticsClient != nil { - analyticsClient.Close() + analyticsClient.Close() //nolint:errcheck // pre-existing } } diff --git a/cmd/tag-delete.go b/cmd/tag-delete.go index f2505c2d..cc3ff231 100644 --- a/cmd/tag-delete.go +++ b/cmd/tag-delete.go @@ -26,18 +26,18 @@ func init() { func tagDelete(cmd *cobra.Command, args []string) error { service := utils.NormalizeService(args[0]) if err := validateService(service); err != nil { - return fmt.Errorf("Failed to validate service: %w", err) + return fmt.Errorf("Failed to validate service: %w", err) //nolint:staticcheck // ST1005 pre-existing } key := utils.NormalizeKey(args[1]) if err := validateKey(key); err != nil { - return fmt.Errorf("Failed to validate key: %w", err) + return fmt.Errorf("Failed to validate key: %w", err) //nolint:staticcheck // ST1005 pre-existing } tagKeys := make([]string, len(args)-2) for i, tagArg := range args[2:] { if err := validateTag(tagArg, "dummy"); err != nil { - return fmt.Errorf("Failed to validate tag key %s: %w", tagArg, err) + return fmt.Errorf("Failed to validate tag key %s: %w", tagArg, err) //nolint:staticcheck // ST1005 pre-existing } tagKeys[i] = tagArg } @@ -57,7 +57,7 @@ func tagDelete(cmd *cobra.Command, args []string) error { secretStore, err := getSecretStore(cmd.Context()) if err != nil { - return fmt.Errorf("Failed to get secret store: %w", err) + return fmt.Errorf("Failed to get secret store: %w", err) //nolint:staticcheck // ST1005 pre-existing } secretId := store.SecretId{ @@ -67,7 +67,7 @@ func tagDelete(cmd *cobra.Command, args []string) error { err = secretStore.DeleteTags(cmd.Context(), secretId, tagKeys) if err != nil { - return fmt.Errorf("Failed to delete tags: %w", err) + return fmt.Errorf("Failed to delete tags: %w", err) //nolint:staticcheck // ST1005 pre-existing } return nil diff --git a/cmd/tag-read.go b/cmd/tag-read.go index 2866c5d9..ee2042c4 100644 --- a/cmd/tag-read.go +++ b/cmd/tag-read.go @@ -28,12 +28,12 @@ func init() { func tagRead(cmd *cobra.Command, args []string) error { service := utils.NormalizeService(args[0]) if err := validateService(service); err != nil { - return fmt.Errorf("Failed to validate service: %w", err) + return fmt.Errorf("Failed to validate service: %w", err) //nolint:staticcheck // ST1005 pre-existing } key := utils.NormalizeKey(args[1]) if err := validateKey(key); err != nil { - return fmt.Errorf("Failed to validate key: %w", err) + return fmt.Errorf("Failed to validate key: %w", err) //nolint:staticcheck // ST1005 pre-existing } if analyticsEnabled && analyticsClient != nil { @@ -51,7 +51,7 @@ func tagRead(cmd *cobra.Command, args []string) error { secretStore, err := getSecretStore(cmd.Context()) if err != nil { - return fmt.Errorf("Failed to get secret store: %w", err) + return fmt.Errorf("Failed to get secret store: %w", err) //nolint:staticcheck // ST1005 pre-existing } secretId := store.SecretId{ @@ -61,19 +61,19 @@ func tagRead(cmd *cobra.Command, args []string) error { tags, err := secretStore.ReadTags(cmd.Context(), secretId) if err != nil { - return fmt.Errorf("Failed to read tags: %w", err) + return fmt.Errorf("Failed to read tags: %w", err) //nolint:staticcheck // ST1005 pre-existing } if quiet { - fmt.Fprintf(os.Stdout, "%s\n", tags) + fmt.Fprintf(os.Stdout, "%s\n", tags) //nolint:errcheck // pre-existing return nil } w := tabwriter.NewWriter(os.Stdout, 0, 8, 2, '\t', 0) - fmt.Fprintln(w, "Key\tValue") + fmt.Fprintln(w, "Key\tValue") //nolint:errcheck // pre-existing for k, v := range tags { - fmt.Fprintf(w, "%s\t%s\n", k, v) + fmt.Fprintf(w, "%s\t%s\n", k, v) //nolint:errcheck // pre-existing } - w.Flush() + w.Flush() //nolint:errcheck // pre-existing return nil } diff --git a/cmd/tag-write.go b/cmd/tag-write.go index eefc47ed..1c07f346 100644 --- a/cmd/tag-write.go +++ b/cmd/tag-write.go @@ -32,22 +32,22 @@ func init() { func tagWrite(cmd *cobra.Command, args []string) error { service := utils.NormalizeService(args[0]) if err := validateService(service); err != nil { - return fmt.Errorf("Failed to validate service: %w", err) + return fmt.Errorf("Failed to validate service: %w", err) //nolint:staticcheck // ST1005 pre-existing } key := utils.NormalizeKey(args[1]) if err := validateKey(key); err != nil { - return fmt.Errorf("Failed to validate key: %w", err) + return fmt.Errorf("Failed to validate key: %w", err) //nolint:staticcheck // ST1005 pre-existing } tags := make(map[string]string, len(args)-2) for _, tagArg := range args[2:] { tagKey, tagValue, found := strings.Cut(tagArg, "=") if !found { - return fmt.Errorf("Failed to parse tag %s: tag must be in the form key=value", tagArg) + return fmt.Errorf("Failed to parse tag %s: tag must be in the form key=value", tagArg) //nolint:staticcheck // ST1005 pre-existing } if err := validateTag(tagKey, tagValue); err != nil { - return fmt.Errorf("Failed to validate tag with key %s: %w", tagKey, err) + return fmt.Errorf("Failed to validate tag with key %s: %w", tagKey, err) //nolint:staticcheck // ST1005 pre-existing } tags[tagKey] = tagValue } @@ -67,7 +67,7 @@ func tagWrite(cmd *cobra.Command, args []string) error { secretStore, err := getSecretStore(cmd.Context()) if err != nil { - return fmt.Errorf("Failed to get secret store: %w", err) + return fmt.Errorf("Failed to get secret store: %w", err) //nolint:staticcheck // ST1005 pre-existing } secretId := store.SecretId{ @@ -77,19 +77,19 @@ func tagWrite(cmd *cobra.Command, args []string) error { err = secretStore.WriteTags(cmd.Context(), secretId, tags, deleteOtherTags) if err != nil { - return fmt.Errorf("Failed to write tags: %w", err) + return fmt.Errorf("Failed to write tags: %w", err) //nolint:staticcheck // ST1005 pre-existing } if quiet { - fmt.Fprintf(os.Stdout, "%s\n", tags) + fmt.Fprintf(os.Stdout, "%s\n", tags) //nolint:errcheck // pre-existing return nil } w := tabwriter.NewWriter(os.Stdout, 0, 8, 2, '\t', 0) - fmt.Fprintln(w, "Key\tValue") + fmt.Fprintln(w, "Key\tValue") //nolint:errcheck // pre-existing for k, v := range tags { - fmt.Fprintf(w, "%s\t%s\n", k, v) + fmt.Fprintf(w, "%s\t%s\n", k, v) //nolint:errcheck // pre-existing } - w.Flush() + w.Flush() //nolint:errcheck // pre-existing return nil } diff --git a/cmd/version.go b/cmd/version.go index a4149594..c5c3dddc 100644 --- a/cmd/version.go +++ b/cmd/version.go @@ -20,7 +20,7 @@ func init() { } func versionRun(cmd *cobra.Command, args []string) error { - fmt.Fprintf(os.Stdout, "chamber %s\n", chamberVersion) + fmt.Fprintf(os.Stdout, "chamber %s\n", chamberVersion) //nolint:errcheck // pre-existing if analyticsEnabled && analyticsClient != nil { _ = analyticsClient.Enqueue(analytics.Track{ UserId: username, diff --git a/cmd/write.go b/cmd/write.go index 898538db..946696a3 100644 --- a/cmd/write.go +++ b/cmd/write.go @@ -37,12 +37,12 @@ func init() { func write(cmd *cobra.Command, args []string) error { service := utils.NormalizeService(args[0]) if err := validateService(service); err != nil { - return fmt.Errorf("Failed to validate service: %w", err) + return fmt.Errorf("Failed to validate service: %w", err) //nolint:staticcheck // ST1005 pre-existing } key := utils.NormalizeKey(args[1]) if err := validateKey(key); err != nil { - return fmt.Errorf("Failed to validate key: %w", err) + return fmt.Errorf("Failed to validate key: %w", err) //nolint:staticcheck // ST1005 pre-existing } if analyticsEnabled && analyticsClient != nil { @@ -79,7 +79,7 @@ func write(cmd *cobra.Command, args []string) error { secretStore, err := getSecretStore(cmd.Context()) if err != nil { - return fmt.Errorf("Failed to get secret store: %w", err) + return fmt.Errorf("Failed to get secret store: %w", err) //nolint:staticcheck // ST1005 pre-existing } secretId := store.SecretId{ diff --git a/environ/environ.go b/environ/environ.go index c31aeeee..a7732c54 100644 --- a/environ/environ.go +++ b/environ/environ.go @@ -79,7 +79,7 @@ func secretKeyToEnvVarName(k string) string { } func normalizeEnvVarName(k string) string { - return strings.Replace(strings.ToUpper(k), "-", "_", -1) + return strings.Replace(strings.ToUpper(k), "-", "_", -1) //nolint:staticcheck // QF1004 pre-existing } // load loads environment variables into e from s given a service diff --git a/go.mod b/go.mod index fc6cdb99..d6e0dd3b 100644 --- a/go.mod +++ b/go.mod @@ -1,9 +1,9 @@ module github.com/segmentio/chamber/v3 -go 1.23.0 +go 1.24.11 require ( - github.com/alessio/shellescape v1.4.2 + al.essio.dev/pkg/shellescape v1.6.0 github.com/aws/aws-sdk-go-v2 v1.40.0 github.com/aws/aws-sdk-go-v2/config v1.32.0 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.14 @@ -12,12 +12,12 @@ require ( github.com/aws/aws-sdk-go-v2/service/ssm v1.67.3 github.com/aws/aws-sdk-go-v2/service/sts v1.41.1 github.com/aws/smithy-go v1.23.2 - github.com/goccy/go-yaml v1.17.1 - github.com/magiconair/properties v1.8.9 + github.com/goccy/go-yaml v1.19.0 + github.com/magiconair/properties v1.8.10 github.com/segmentio/analytics-go/v3 v3.3.0 - github.com/spf13/cobra v1.8.1 + github.com/spf13/cobra v1.10.2 github.com/stretchr/testify v1.10.0 - golang.org/x/sys v0.29.0 + golang.org/x/sys v0.39.0 ) require ( @@ -41,6 +41,6 @@ require ( github.com/kr/pretty v0.3.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/segmentio/backo-go v1.0.1 // indirect - github.com/spf13/pflag v1.0.5 // indirect + github.com/spf13/pflag v1.0.9 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 58f9cc1a..12cd6d55 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -github.com/alessio/shellescape v1.4.2 h1:MHPfaU+ddJ0/bYWpgIeUnQUqKrlJ1S7BfEYPM4uEoM0= -github.com/alessio/shellescape v1.4.2/go.mod h1:PZAiSCk0LJaZkiCSkPv8qIobYglO3FPpyFjDCtHLS30= +al.essio.dev/pkg/shellescape v1.6.0 h1:NxFcEqzFSEVCGN2yq7Huv/9hyCEGVa/TncnOOBBeXHA= +al.essio.dev/pkg/shellescape v1.6.0/go.mod h1:6sIqp7X2P6mThCQ7twERpZTuigpr6KbZWtls1U8I890= github.com/aws/aws-sdk-go-v2 v1.40.0 h1:/WMUA0kjhZExjOQN2z3oLALDREea1A7TobfuiBrKlwc= github.com/aws/aws-sdk-go-v2 v1.40.0/go.mod h1:c9pm7VwuW0UPxAEYGyTmyurVcNrbF6Rt/wixFqDhcjE= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.3 h1:DHctwEM8P8iTXFxC/QK0MRjwEpWQeM9yzidCRjldUz0= @@ -44,12 +44,14 @@ github.com/aws/smithy-go v1.23.2 h1:Crv0eatJUQhaManss33hS5r40CG3ZFH+21XSkqMrIUM= github.com/aws/smithy-go v1.23.2/go.mod h1:LEj2LM3rBRQJxPZTB4KuzZkaZYnZPnvgIhb4pu07mx0= github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 h1:DDGfHa7BWjL4YnC6+E63dPcxHo2sUxDIu8g3QgEJdRY= github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= -github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/goccy/go-yaml v1.17.1 h1:LI34wktB2xEE3ONG/2Ar54+/HJVBriAGJ55PHls4YuY= -github.com/goccy/go-yaml v1.17.1/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA= +github.com/goccy/go-yaml v1.19.0 h1:EmkZ9RIsX+Uq4DYFowegAuJo8+xdX3T/2dwNPXbxEYE= +github.com/goccy/go-yaml v1.19.0/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA= +github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= +github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= @@ -58,8 +60,8 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/magiconair/properties v1.8.9 h1:nWcCbLq1N2v/cpNsy5WvQ37Fb+YElfq20WJ/a8RkpQM= -github.com/magiconair/properties v1.8.9/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= +github.com/magiconair/properties v1.8.10 h1:s31yESBquKXCV9a/ScB3ESkOjUYYv+X0rg8SYxI99mE= +github.com/magiconair/properties v1.8.10/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -70,14 +72,15 @@ github.com/segmentio/analytics-go/v3 v3.3.0 h1:8VOMaVGBW03pdBrj1CMFfY9o/rnjJC+1w github.com/segmentio/analytics-go/v3 v3.3.0/go.mod h1:p8owAF8X+5o27jmvUognuXxdtqvSGtD0ZrfY2kcS9bE= github.com/segmentio/backo-go v1.0.1 h1:68RQccglxZeyURy93ASB/2kc9QudzgIDexJ927N++y4= github.com/segmentio/backo-go v1.0.1/go.mod h1:9/Rh6yILuLysoQnZ2oNooD2g7aBnvM7r/fNVxRNWfBc= -github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= -github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/cobra v1.10.2 h1:DMTTonx5m65Ic0GOoRY2c16WCbHxOOw6xxezuLaBpcU= +github.com/spf13/cobra v1.10.2/go.mod h1:7C1pvHqHw5A4vrJfjNwvOdzYu0Gml16OCs2GRiTUUS4= +github.com/spf13/pflag v1.0.9 h1:9exaQaMOCwffKiiiYk6/BndUBv+iRViNW+4lEMi0PvY= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= -golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= +golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk= +golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= diff --git a/store/nullstore.go b/store/nullstore.go index 6e7bb9e8..58e7bf40 100644 --- a/store/nullstore.go +++ b/store/nullstore.go @@ -32,15 +32,15 @@ func (s *NullStore) WriteWithTags(ctx context.Context, id SecretId, value string } func (s *NullStore) Read(ctx context.Context, id SecretId, version int) (Secret, error) { - return Secret{}, errors.New("Not implemented for Null Store") + return Secret{}, errors.New("Not implemented for Null Store") //nolint:staticcheck // ST1005 pre-existing } func (s *NullStore) WriteTags(ctx context.Context, id SecretId, tags map[string]string, deleteOtherTags bool) error { - return errors.New("Not implemented for Null Store") + return errors.New("Not implemented for Null Store") //nolint:staticcheck // ST1005 pre-existing } func (s *NullStore) ReadTags(ctx context.Context, id SecretId) (map[string]string, error) { - return nil, errors.New("Not implemented for Null Store") + return nil, errors.New("Not implemented for Null Store") //nolint:staticcheck // ST1005 pre-existing } func (s *NullStore) ListServices(ctx context.Context, service string, includeSecretNames bool) ([]string, error) { @@ -60,9 +60,9 @@ func (s *NullStore) History(ctx context.Context, id SecretId) ([]ChangeEvent, er } func (s *NullStore) Delete(ctx context.Context, id SecretId) error { - return errors.New("Not implemented for Null Store") + return errors.New("Not implemented for Null Store") //nolint:staticcheck // ST1005 pre-existing } func (s *NullStore) DeleteTags(ctx context.Context, id SecretId, tags []string) error { - return errors.New("Not implemented for Null Store") + return errors.New("Not implemented for Null Store") //nolint:staticcheck // ST1005 pre-existing } diff --git a/store/s3store.go b/store/s3store.go index d1c5b983..b02084d1 100644 --- a/store/s3store.go +++ b/store/s3store.go @@ -79,7 +79,7 @@ func (s *S3Store) Config(ctx context.Context) (StoreConfig, error) { } func (s *S3Store) SetConfig(ctx context.Context, config StoreConfig) error { - return errors.New("Not implemented for S3 Store") + return errors.New("Not implemented for S3 Store") //nolint:staticcheck // ST1005 pre-existing } func (s *S3Store) Write(ctx context.Context, id SecretId, value string) error { @@ -142,7 +142,7 @@ func (s *S3Store) Write(ctx context.Context, id SecretId, value string) error { } func (s *S3Store) WriteWithTags(ctx context.Context, id SecretId, value string, tags map[string]string) error { - return errors.New("Not implemented for S3 Store") + return errors.New("Not implemented for S3 Store") //nolint:staticcheck // ST1005 pre-existing } func (s *S3Store) Read(ctx context.Context, id SecretId, version int) (Secret, error) { @@ -175,11 +175,11 @@ func (s *S3Store) Read(ctx context.Context, id SecretId, version int) (Secret, e } func (s *S3Store) WriteTags(ctx context.Context, id SecretId, tags map[string]string, deleteOtherTags bool) error { - return errors.New("Not implemented for S3 Store") + return errors.New("Not implemented for S3 Store") //nolint:staticcheck // ST1005 pre-existing } func (s *S3Store) ReadTags(ctx context.Context, id SecretId) (map[string]string, error) { - return nil, errors.New("Not implemented for S3 Store") + return nil, errors.New("Not implemented for S3 Store") //nolint:staticcheck // ST1005 pre-existing } func (s *S3Store) ListServices(ctx context.Context, service string, includeSecretName bool) ([]string, error) { @@ -290,7 +290,7 @@ func (s *S3Store) Delete(ctx context.Context, id SecretId) error { } func (s *S3Store) DeleteTags(ctx context.Context, id SecretId, tagKeys []string) error { - return errors.New("Not implemented for S3 Store") + return errors.New("Not implemented for S3 Store") //nolint:staticcheck // ST1005 pre-existing } // getCurrentUser uses the STS API to get the current caller identity, diff --git a/store/s3storeKMS.go b/store/s3storeKMS.go index 0bbd4716..8ca93a9e 100644 --- a/store/s3storeKMS.go +++ b/store/s3storeKMS.go @@ -77,7 +77,7 @@ func (s *S3KMSStore) Write(ctx context.Context, id SecretId, value string) error } if val, ok := index.Latest[id.Key]; val.KMSAlias != s.kmsKeyAlias && ok { - return fmt.Errorf("Unable to overwrite secret %s using new KMS key %s; mismatch with existing key %s", id.Key, s.kmsKeyAlias, val.KMSAlias) + return fmt.Errorf("Unable to overwrite secret %s using new KMS key %s; mismatch with existing key %s", id.Key, s.kmsKeyAlias, val.KMSAlias) //nolint:staticcheck // ST1005 pre-existing } objPath := getObjectPath(id) @@ -139,7 +139,7 @@ func (s *S3KMSStore) Write(ctx context.Context, id SecretId, value string) error } func (s *S3KMSStore) WriteWithTags(ctx context.Context, id SecretId, value string, tags map[string]string) error { - return errors.New("Not implemented for S3 KMS Store") + return errors.New("Not implemented for S3 KMS Store") //nolint:staticcheck // ST1005 pre-existing } func (s *S3KMSStore) ListServices(ctx context.Context, service string, includeSecretName bool) ([]string, error) { @@ -216,7 +216,7 @@ func (s *S3KMSStore) Delete(ctx context.Context, id SecretId) error { } if val, ok := index.Latest[id.Key]; val.KMSAlias != s.kmsKeyAlias && ok { - return fmt.Errorf("Unable to overwrite secret %s using new KMS key %s; mismatch with existing key %s", id.Key, s.kmsKeyAlias, val.KMSAlias) + return fmt.Errorf("Unable to overwrite secret %s using new KMS key %s; mismatch with existing key %s", id.Key, s.kmsKeyAlias, val.KMSAlias) //nolint:staticcheck // ST1005 pre-existing } delete(index.Latest, id.Key) @@ -302,7 +302,7 @@ func (s *S3KMSStore) readLatest(ctx context.Context, service string) (LatestInde result, err := s.readLatestFile(ctx, key_name) if err != nil { - paginationError = fmt.Errorf("Error reading latest index for KMS Key (%s): %s", key_name, err) + paginationError = fmt.Errorf("Error reading latest index for KMS Key (%s): %s", key_name, err) //nolint:staticcheck // ST1005 pre-existing break } @@ -330,7 +330,7 @@ func (s *S3KMSStore) readLatest(ctx context.Context, service string) (LatestInde } func (s *S3KMSStore) latestFileKeyNameByKMSKey() string { - return fmt.Sprintf("__kms_%s__latest.json", strings.Replace(s.kmsKeyAlias, "/", "_", -1)) + return fmt.Sprintf("__kms_%s__latest.json", strings.Replace(s.kmsKeyAlias, "/", "_", -1)) //nolint:staticcheck // QF1004 pre-existing } func (s *S3KMSStore) writeLatest(ctx context.Context, service string, index LatestIndexFile) error { diff --git a/store/secretsmanagerstore.go b/store/secretsmanagerstore.go index 3337c0e2..dde9e5e2 100644 --- a/store/secretsmanagerstore.go +++ b/store/secretsmanagerstore.go @@ -121,7 +121,7 @@ func (s *SecretsManagerStore) Config(ctx context.Context) (StoreConfig, error) { } func (s *SecretsManagerStore) SetConfig(ctx context.Context, config StoreConfig) error { - return errors.New("Not implemented for Secrets Manager Store") + return errors.New("Not implemented for Secrets Manager Store") //nolint:staticcheck // ST1005 pre-existing } // Write writes a given value to a secret identified by id. If the secret @@ -225,7 +225,7 @@ func (s *SecretsManagerStore) Write(ctx context.Context, id SecretId, value stri return err } if details.RotationEnabled != nil && *details.RotationEnabled { - return fmt.Errorf("Cannot write to a secret with rotation enabled") + return fmt.Errorf("Cannot write to a secret with rotation enabled") //nolint:staticcheck // ST1005 pre-existing } putSecretValueInput := &secretsmanager.PutSecretValueInput{ @@ -286,7 +286,7 @@ func (s *SecretsManagerStore) Delete(ctx context.Context, id SecretId) error { } func (s *SecretsManagerStore) DeleteTags(ctx context.Context, id SecretId, tagKeys []string) error { - return errors.New("Not implemented for Secrets Manager Store") + return errors.New("Not implemented for Secrets Manager Store") //nolint:staticcheck // ST1005 pre-existing } func (s *SecretsManagerStore) readVersion(ctx context.Context, id SecretId, version int) (Secret, error) { @@ -381,16 +381,16 @@ func (s *SecretsManagerStore) readLatest(ctx context.Context, service string) (s } func (s *SecretsManagerStore) WriteTags(ctx context.Context, id SecretId, tags map[string]string, deleteOtherTags bool) error { - return errors.New("Not implemented for Secrets Manager Store") + return errors.New("Not implemented for Secrets Manager Store") //nolint:staticcheck // ST1005 pre-existing } func (s *SecretsManagerStore) ReadTags(ctx context.Context, id SecretId) (map[string]string, error) { - return nil, errors.New("Not implemented for Secrets Manager Store") + return nil, errors.New("Not implemented for Secrets Manager Store") //nolint:staticcheck // ST1005 pre-existing } // ListServices (not implemented) func (s *SecretsManagerStore) ListServices(ctx context.Context, service string, includeSecretName bool) ([]string, error) { - return nil, fmt.Errorf("Secrets Manager Backend is experimental and does not implement this command") + return nil, fmt.Errorf("Secrets Manager Backend is experimental and does not implement this command") //nolint:staticcheck // ST1005 pre-existing } // List lists all secrets for a given service. If includeValues is true, diff --git a/store/secretsmanagerstore_test.go b/store/secretsmanagerstore_test.go index 47028ce0..cbb85386 100644 --- a/store/secretsmanagerstore_test.go +++ b/store/secretsmanagerstore_test.go @@ -173,12 +173,12 @@ func TestSecretValueObjectUnmarshalling(t *testing.T) { func TestNewSecretsManagerStore(t *testing.T) { t.Run("Using region override should take precedence over other settings", func(t *testing.T) { - os.Setenv("CHAMBER_AWS_REGION", "us-east-1") - defer os.Unsetenv("CHAMBER_AWS_REGION") - os.Setenv("AWS_REGION", "us-west-1") - defer os.Unsetenv("AWS_REGION") - os.Setenv("AWS_DEFAULT_REGION", "us-west-2") - defer os.Unsetenv("AWS_DEFAULT_REGION") + os.Setenv("CHAMBER_AWS_REGION", "us-east-1") //nolint:errcheck // pre-existing + defer os.Unsetenv("CHAMBER_AWS_REGION") //nolint:errcheck // pre-existing + os.Setenv("AWS_REGION", "us-west-1") //nolint:errcheck // pre-existing + defer os.Unsetenv("AWS_REGION") //nolint:errcheck // pre-existing + os.Setenv("AWS_DEFAULT_REGION", "us-west-2") //nolint:errcheck // pre-existing + defer os.Unsetenv("AWS_DEFAULT_REGION") //nolint:errcheck // pre-existing s, err := NewSecretsManagerStore(context.Background(), 1) assert.Nil(t, err) @@ -186,8 +186,8 @@ func TestNewSecretsManagerStore(t *testing.T) { }) t.Run("Should use AWS_REGION if it is set", func(t *testing.T) { - os.Setenv("AWS_REGION", "us-west-1") - defer os.Unsetenv("AWS_REGION") + os.Setenv("AWS_REGION", "us-west-1") //nolint:errcheck // pre-existing + defer os.Unsetenv("AWS_REGION") //nolint:errcheck // pre-existing s, err := NewSecretsManagerStore(context.Background(), 1) assert.Nil(t, err) @@ -195,8 +195,8 @@ func TestNewSecretsManagerStore(t *testing.T) { }) t.Run("Should use CHAMBER_AWS_SECRETS_MANAGER_ENDPOINT if set", func(t *testing.T) { - os.Setenv("CHAMBER_AWS_SECRETS_MANAGER_ENDPOINT", "mycustomendpoint") - defer os.Unsetenv("CHAMBER_AWS_SECRETS_MANAGER_ENDPOINT") + os.Setenv("CHAMBER_AWS_SECRETS_MANAGER_ENDPOINT", "mycustomendpoint") //nolint:errcheck // pre-existing + defer os.Unsetenv("CHAMBER_AWS_SECRETS_MANAGER_ENDPOINT") //nolint:errcheck // pre-existing s, err := NewSecretsManagerStore(context.Background(), 1) assert.Nil(t, err) @@ -206,8 +206,8 @@ func TestNewSecretsManagerStore(t *testing.T) { }) t.Run("Should use CHAMBER_AWS_SSM_ENDPOINT if set (deprecated)", func(t *testing.T) { - os.Setenv("CHAMBER_AWS_SSM_ENDPOINT", "mycustomendpoint") - defer os.Unsetenv("CHAMBER_AWS_SSM_ENDPOINT") + os.Setenv("CHAMBER_AWS_SSM_ENDPOINT", "mycustomendpoint") //nolint:errcheck // pre-existing + defer os.Unsetenv("CHAMBER_AWS_SSM_ENDPOINT") //nolint:errcheck // pre-existing s, err := NewSecretsManagerStore(context.Background(), 1) assert.Nil(t, err) diff --git a/store/shared_test.go b/store/shared_test.go index f8e664c7..853a4123 100644 --- a/store/shared_test.go +++ b/store/shared_test.go @@ -11,11 +11,11 @@ import ( func TestGetConfig(t *testing.T) { originalRegion := os.Getenv(RegionEnvVar) - os.Setenv(RegionEnvVar, "us-west-2") + os.Setenv(RegionEnvVar, "us-west-2") //nolint:errcheck // pre-existing if originalRegion != "" { - defer os.Setenv(RegionEnvVar, originalRegion) + defer os.Setenv(RegionEnvVar, originalRegion) //nolint:errcheck // pre-existing } else { - defer os.Unsetenv(RegionEnvVar) + defer os.Unsetenv(RegionEnvVar) //nolint:errcheck // pre-existing } config, region, err := getConfig(context.Background(), 3, aws.RetryModeStandard) diff --git a/store/ssmstore_test.go b/store/ssmstore_test.go index 14dc8fea..1e0dff3b 100644 --- a/store/ssmstore_test.go +++ b/store/ssmstore_test.go @@ -351,12 +351,12 @@ func NewTestSSMStore(parameters map[string]mockParameter) *SSMStore { func TestNewSSMStore(t *testing.T) { t.Run("Using region override should take precedence over other settings", func(t *testing.T) { - os.Setenv("CHAMBER_AWS_REGION", "us-east-1") - defer os.Unsetenv("CHAMBER_AWS_REGION") - os.Setenv("AWS_REGION", "us-west-1") - defer os.Unsetenv("AWS_REGION") - os.Setenv("AWS_DEFAULT_REGION", "us-west-2") - defer os.Unsetenv("AWS_DEFAULT_REGION") + os.Setenv("CHAMBER_AWS_REGION", "us-east-1") //nolint:errcheck // pre-existing + defer os.Unsetenv("CHAMBER_AWS_REGION") //nolint:errcheck // pre-existing + os.Setenv("AWS_REGION", "us-west-1") //nolint:errcheck // pre-existing + defer os.Unsetenv("AWS_REGION") //nolint:errcheck // pre-existing + os.Setenv("AWS_DEFAULT_REGION", "us-west-2") //nolint:errcheck // pre-existing + defer os.Unsetenv("AWS_DEFAULT_REGION") //nolint:errcheck // pre-existing s, err := NewSSMStore(context.Background(), 1) assert.Nil(t, err) @@ -364,8 +364,8 @@ func TestNewSSMStore(t *testing.T) { }) t.Run("Should use AWS_REGION if it is set", func(t *testing.T) { - os.Setenv("AWS_REGION", "us-west-1") - defer os.Unsetenv("AWS_REGION") + os.Setenv("AWS_REGION", "us-west-1") //nolint:errcheck // pre-existing + defer os.Unsetenv("AWS_REGION") //nolint:errcheck // pre-existing s, err := NewSSMStore(context.Background(), 1) assert.Nil(t, err) @@ -373,8 +373,8 @@ func TestNewSSMStore(t *testing.T) { }) t.Run("Should use CHAMBER_AWS_SSM_ENDPOINT if set", func(t *testing.T) { - os.Setenv("CHAMBER_AWS_SSM_ENDPOINT", "mycustomendpoint") - defer os.Unsetenv("CHAMBER_AWS_SSM_ENDPOINT") + os.Setenv("CHAMBER_AWS_SSM_ENDPOINT", "mycustomendpoint") //nolint:errcheck // pre-existing + defer os.Unsetenv("CHAMBER_AWS_SSM_ENDPOINT") //nolint:errcheck // pre-existing s, err := NewSSMStore(context.Background(), 1) assert.Nil(t, err)