Skip to content

fix(deps): update module github.com/go-git/go-git/v5 to v5.13.0 [secu… #4003

fix(deps): update module github.com/go-git/go-git/v5 to v5.13.0 [secu…

fix(deps): update module github.com/go-git/go-git/v5 to v5.13.0 [secu… #4003

GitHub Actions / golangci failed Jan 6, 2025 in 0s

reviewdog [golangci] report

reported by reviewdog 🐶

Findings (10)

command/secret/add.go|3| 3-217 lines are duplicate of command/secret/update.go:3-217 (dupl)
command/secret/update.go|3| 3-217 lines are duplicate of command/secret/add.go:3-217 (dupl)
internal/output/yaml_test.go|72 col 39| unused-parameter: parameter 'unmarshal' seems to be unused, consider removing or renaming it as _ (revive)
action/config/load.go|203 col 4| assignments should only be cuddled with other assignments (wsl)
action/config/load.go|204 col 4| only one cuddle assignment allowed before if statement (wsl)
action/pipeline/validate_test.go|482 col 4| assignments should only be cuddled with other assignments (wsl)
action/pipeline/validate_test.go|483 col 4| only one cuddle assignment allowed before if statement (wsl)
action/pipeline/validate_test.go|487 col 4| if statements should only be cuddled with assignments (wsl)
action/secret/table.go|51 col 3| directive //nolint:gosec // ignore memory aliasing is unused for linter "gosec" (nolintlint)
action/secret/table.go|106 col 3| directive //nolint:gosec // ignore memory aliasing is unused for linter "gosec" (nolintlint)

Filtered Findings (0)

Annotations

Check failure on line 3 in command/secret/add.go

See this annotation in the file changed.

@github-actions github-actions / golangci

[golangci] command/secret/add.go#L3

3-217 lines are duplicate of `command/secret/update.go:3-217` (dupl)
Raw output
command/secret/add.go:3: 3-217 lines are duplicate of `command/secret/update.go:3-217` (dupl)
package secret

import (
	"fmt"
	"slices"

	"github.com/urfave/cli/v2"

	"github.com/go-vela/cli/action"
	"github.com/go-vela/cli/action/secret"
	"github.com/go-vela/cli/internal"
	"github.com/go-vela/cli/internal/client"
	"github.com/go-vela/cli/internal/output"
	"github.com/go-vela/server/constants"
)

// CommandAdd defines the command for creating a secret.
var CommandAdd = &cli.Command{
	Name:        "secret",
	Description: "Use this command to create a secret.",
	Usage:       "Add a new secret from the provided configuration",
	Action:      add,
	Flags: []cli.Flag{

		// Repo Flags

		&cli.StringFlag{
			EnvVars: []string{"VELA_ORG", "SECRET_ORG"},
			Name:    internal.FlagOrg,
			Aliases: []string{"o"},
			Usage:   "provide the organization for the secret",
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_REPO", "SECRET_REPO"},
			Name:    internal.FlagRepo,
			Aliases: []string{"r"},
			Usage:   "provide the repository for the secret",
		},

		// Secret Flags

		&cli.StringFlag{
			EnvVars: []string{"VELA_ENGINE", "SECRET_ENGINE"},
			Name:    internal.FlagSecretEngine,
			Aliases: []string{"e"},
			Usage:   "provide the engine that stores the secret",
			Value:   constants.DriverNative,
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_TYPE", "SECRET_TYPE"},
			Name:    internal.FlagSecretType,
			Aliases: []string{"ty"},
			Usage:   "provide the type of secret being stored",
			Value:   constants.SecretRepo,
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_TEAM", "SECRET_TEAM"},
			Name:    "team",
			Aliases: []string{"t"},
			Usage:   "provide the team for the secret",
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_NAME", "SECRET_NAME"},
			Name:    "name",
			Aliases: []string{"n"},
			Usage:   "provide the name of the secret",
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_VALUE", "SECRET_VALUE"},
			Name:    "value",
			Aliases: []string{"v"},
			Usage:   "provide the value for the secret",
		},
		&cli.StringSliceFlag{
			EnvVars: []string{"VELA_IMAGES", "SECRET_IMAGES"},
			Name:    "image",
			Aliases: []string{"i"},
			Usage:   "Provide the image(s) that can access this secret",
		},
		&cli.StringSliceFlag{
			EnvVars: []string{"VELA_EVENTS", "SECRET_EVENTS"},
			Name:    "event",
			Aliases: []string{"events", "ev"},
			Usage:   "provide the event(s) that can access this secret",
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_COMMAND", "SECRET_COMMAND"},
			Name:    internal.FlagSecretCommands,
			Aliases: []string{"c"},
			Usage:   "enable a secret to be used for a step with commands (default is false for shared secrets)",
			Value:   "true",
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_SUBSTITUTION", "SECRET_SUBSTITUTION"},
			Name:    internal.FlagSecretSubstitution,
			Aliases: []string{"s"},
			Usage:   "enable a secret to be substituted (default is false for shared secrets)",
			Value:   "true",
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_FILE", "SECRET_FILE"},
			Name:    "file",
			Aliases: []string{"f"},
			Usage:   "provide a file to add the secret(s)",
		},

		// Output Flags

		&cli.StringFlag{
			EnvVars: []string{"VELA_OUTPUT", "SECRET_OUTPUT"},
			Name:    internal.FlagOutput,
			Aliases: []string{"op"},
			Usage:   "format the output in json, spew or yaml",
		},
	},
	CustomHelpTemplate: fmt.Sprintf(`%s
EXAMPLES:
   1. Add a repository secret.
     $ {{.HelpName}} --secret.engine native --secret.type repo --org MyOrg --repo MyRepo --name foo --value bar
   2. Add a repository secret and disallow usage in commands.
     $ {{.HelpName}} --secret.engine native --secret.type repo --org MyOrg --repo MyRepo --name foo --value bar --commands false
   3. Add an organization secret.
     $ {{.HelpName}} --secret.engine native --secret.type org --org MyOrg --name foo --value bar
   4. Add a shared secret.
     $ {{.HelpName}} --secret.engine native --secret.type shared --org MyOrg --team octokitties --name foo --value bar
   5. Add a repository secret with all event types enabled.
     $ {{.HelpName}} --secret.engine native --secret.type repo --org MyOrg --repo MyRepo --name foo --value bar --event comment --event deployment --event pull_request --event push --event tag
   6. Add a repository secret with an image whitelist.
     $ {{.HelpName}} --secret.engine native --secret.type repo --org MyOrg --repo MyRepo --name foo --value bar --image alpine --image golang:* --image postgres:latest
   7. Add a secret with value from a file.
     $ {{.HelpName}} --secret.engine native --secret.type repo --org MyOrg --repo MyRepo --name foo --value @secret.txt
   8. Add a repository secret with json output.
     $ {{.HelpName}} --secret.engine native --secret.type repo --org MyOrg --repo MyRepo --name foo --value bar --output json
   9. Add a secret or secrets from a file.
     $ {{.HelpName}} --file secret.yml
  10. Add a secret when config or environment variables are set.
     $ {{.HelpName}} --org MyOrg --repo MyRepo --name foo --value bar

DOCUMENTATION:

  https://go-vela.github.io/docs/reference/cli/secret/add/
`, cli.CommandHelpTemplate),
}

// helper function to capture the provided input
// and create the object used to create a secret.
//

func add(c *cli.Context) error {
	// load variables from the config file
	err := action.Load(c)
	if err != nil {
		return err
	}

	// parse the Vela client from the context
	//
	// https://pkg.go.dev/github.com/go-vela/cli/internal/client?tab=doc#Parse
	client, err := client.Parse(c)
	if err != nil {
		return err
	}

	// create the secret configuration
	//
	// https://pkg.go.dev/github.com/go-vela/cli/action/secret?tab=doc#Config
	s := &secret.Config{
		Action:      internal.ActionAdd,
		Engine:      c.String(internal.FlagSecretEngine),
		Type:        c.String(internal.FlagSecretType),
		Org:         c.String(internal.FlagOrg),
		Repo:        c.String(internal.FlagRepo),
		Team:        c.String("team"),
		Name:        c.String("name"),
		Value:       c.String("value"),
		Images:      c.StringSlice("image"),
		AllowEvents: c.StringSlice("event"),
		File:        c.String("file"),
		Output:      c.String(internal.FlagOutput),
		Color:       output.ColorOptionsFromCLIContext(c),
	}

	// check if allow_command and allow_substitution are provided
	// if they are not, server will not update the fields
	if slices.Contains(c.FlagNames(), internal.FlagSecretCommands) {
		val := c.Bool(internal.FlagSecretCommands)
		s.AllowCommand = &val
	}

	if slices.Contains(c.FlagNames(), internal.FlagSecretSubstitution) {
		val := c.Bool(internal.FlagSecretSubstitution)
		s.AllowSubstitution = &val
	}

	// validate secret configuration
	//
	// https://pkg.go.dev/github.com/go-vela/cli/action/secret?tab=doc#Config.Validate
	err = s.Validate()
	if err != nil {
		return err
	}

	// check if secret file is provided
	if len(s.File) > 0 {
		// execute the add from file call for the secret configuration
		//
		// https://pkg.go.dev/github.com/go-vela/cli/action/secret?tab=doc#Config.AddFromFile
		return s.AddFromFile(client)
	}

	// execute the add call for the secret configuration
	//
	// https://pkg.go.dev/github.com/go-vela/cli/action/secret?tab=doc#Config.Add
	return s.Add(client)
}

Check failure on line 3 in command/secret/update.go

See this annotation in the file changed.

@github-actions github-actions / golangci

[golangci] command/secret/update.go#L3

3-217 lines are duplicate of `command/secret/add.go:3-217` (dupl)
Raw output
command/secret/update.go:3: 3-217 lines are duplicate of `command/secret/add.go:3-217` (dupl)
package secret

import (
	"fmt"
	"slices"

	"github.com/urfave/cli/v2"

	"github.com/go-vela/cli/action"
	"github.com/go-vela/cli/action/secret"
	"github.com/go-vela/cli/internal"
	"github.com/go-vela/cli/internal/client"
	"github.com/go-vela/cli/internal/output"
	"github.com/go-vela/server/constants"
)

// CommandUpdate defines the command for updating a secret.
var CommandUpdate = &cli.Command{
	Name:        "secret",
	Description: "Use this command to update a secret.",
	Usage:       "Update details of the provided secret",
	Action:      update,
	Flags: []cli.Flag{

		// Repo Flags

		&cli.StringFlag{
			EnvVars: []string{"VELA_ORG", "SECRET_ORG"},
			Name:    internal.FlagOrg,
			Aliases: []string{"o"},
			Usage:   "provide the organization for the secret",
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_REPO", "SECRET_REPO"},
			Name:    internal.FlagRepo,
			Aliases: []string{"r"},
			Usage:   "provide the repository for the secret",
		},

		// Secret Flags

		&cli.StringFlag{
			EnvVars: []string{"VELA_ENGINE", "SECRET_ENGINE"},
			Name:    internal.FlagSecretEngine,
			Aliases: []string{"e"},
			Usage:   "provide the engine that stores the secret",
			Value:   constants.DriverNative,
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_TYPE", "SECRET_TYPE"},
			Name:    internal.FlagSecretType,
			Aliases: []string{"ty"},
			Usage:   "provide the type of secret being stored",
			Value:   constants.SecretRepo,
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_TEAM", "SECRET_TEAM"},
			Name:    "team",
			Aliases: []string{"t"},
			Usage:   "provide the team for the secret",
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_NAME", "SECRET_NAME"},
			Name:    "name",
			Aliases: []string{"n"},
			Usage:   "provide the name of the secret",
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_VALUE", "SECRET_VALUE"},
			Name:    "value",
			Aliases: []string{"v"},
			Usage:   "provide the value for the secret",
		},
		&cli.StringSliceFlag{
			EnvVars: []string{"VELA_IMAGES", "SECRET_IMAGES"},
			Name:    "image",
			Aliases: []string{"i"},
			Usage:   "provide the image(s) that can access this secret",
		},
		&cli.StringSliceFlag{
			EnvVars: []string{"VELA_EVENTS", "SECRET_EVENTS"},
			Name:    "event",
			Aliases: []string{"events", "ev"},
			Usage:   "provide the event(s) that can access this secret",
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_COMMAND", "SECRET_COMMAND"},
			Name:    internal.FlagSecretCommands,
			Aliases: []string{"c"},
			Usage:   "enable a secret to be used for a step with commands",
			Value:   "true",
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_SUBSTITUTION", "SECRET_SUBSTITUTION"},
			Name:    internal.FlagSecretSubstitution,
			Aliases: []string{"s"},
			Usage:   "enable a secret to be substituted",
			Value:   "true",
		},
		&cli.StringFlag{
			EnvVars: []string{"VELA_FILE", "SECRET_FILE"},
			Name:    "file",
			Aliases: []string{"f"},
			Usage:   "provide a file to update the secret(s)",
		},

		// Output Flags

		&cli.StringFlag{
			EnvVars: []string{"VELA_OUTPUT", "SECRET_OUTPUT"},
			Name:    internal.FlagOutput,
			Aliases: []string{"op"},
			Usage:   "Print the output in default, yaml or json format",
		},
	},
	CustomHelpTemplate: fmt.Sprintf(`%s
EXAMPLES:
   1. Update a repository secret.
     $ {{.HelpName}} --secret.engine native --secret.type repo --org MyOrg --repo MyRepo --name foo --value bar
   2. Update a repository secret and disallow usage in commands.
     $ {{.HelpName}} --secret.engine native --secret.type repo --org MyOrg --repo MyRepo --name foo --value bar --commands false
   3. Update an organization secret.
     $ {{.HelpName}} --secret.engine native --secret.type org --org MyOrg --name foo --value bar
   4. Update a shared secret.
     $ {{.HelpName}} --secret.engine native --secret.type shared --org MyOrg --team octokitties --name foo --value bar
   5. Update a repository secret with all event types enabled.
     $ {{.HelpName}} --secret.engine native --secret.type repo --org MyOrg --repo MyRepo --name foo --event comment --event deployment --event pull_request --event push --event tag
   6. Update a repository secret with an image whitelist.
     $ {{.HelpName}} --secret.engine native --secret.type repo --org MyOrg --repo MyRepo --name foo --image alpine --image golang:* --image postgres:latest
   7. Update a secret with value from a file.
     $ {{.HelpName}} --secret.engine native --secret.type repo --org MyOrg --repo MyRepo --name foo --value @secret.txt
   8. Update a repository secret with json output.
     $ {{.HelpName}} --secret.engine native --secret.type repo --org MyOrg --repo MyRepo --name foo --value bar --output json
   9. Update a secret or secrets from a file.
     $ {{.HelpName}} --file secret.yml
  10. Update a secret when config or environment variables are set.
     $ {{.HelpName}} --org MyOrg --repo MyRepo --name foo --value bar

DOCUMENTATION:

  https://go-vela.github.io/docs/reference/cli/secret/update/
`, cli.CommandHelpTemplate),
}

// helper function to capture the provided input
// and create the object used to modify a secret.
//

func update(c *cli.Context) error {
	// load variables from the config file
	err := action.Load(c)
	if err != nil {
		return err
	}

	// parse the Vela client from the context
	//
	// https://pkg.go.dev/github.com/go-vela/cli/internal/client?tab=doc#Parse
	client, err := client.Parse(c)
	if err != nil {
		return err
	}

	// create the secret configuration
	//
	// https://pkg.go.dev/github.com/go-vela/cli/action/secret?tab=doc#Config
	s := &secret.Config{
		Action:      internal.ActionUpdate,
		Engine:      c.String(internal.FlagSecretEngine),
		Type:        c.String(internal.FlagSecretType),
		Org:         c.String(internal.FlagOrg),
		Repo:        c.String(internal.FlagRepo),
		Team:        c.String("team"),
		Name:        c.String("name"),
		Value:       c.String("value"),
		Images:      c.StringSlice("image"),
		AllowEvents: c.StringSlice("event"),
		File:        c.String("file"),
		Output:      c.String(internal.FlagOutput),
		Color:       output.ColorOptionsFromCLIContext(c),
	}

	// check if allow_command and allow_substitution are provided
	// if they are not, server will not update the fields
	if slices.Contains(c.FlagNames(), internal.FlagSecretCommands) {
		val := c.Bool(internal.FlagSecretCommands)
		s.AllowCommand = &val
	}

	if slices.Contains(c.FlagNames(), internal.FlagSecretSubstitution) {
		val := c.Bool(internal.FlagSecretSubstitution)
		s.AllowSubstitution = &val
	}

	// validate secret configuration
	//
	// https://pkg.go.dev/github.com/go-vela/cli/action/secret?tab=doc#Config.Validate
	err = s.Validate()
	if err != nil {
		return err
	}

	// check if secret file is provided
	if len(s.File) > 0 {
		// execute the update from file call for the secret configuration
		//
		// https://pkg.go.dev/github.com/go-vela/cli/action/secret?tab=doc#Config.UpdateFromFile
		return s.UpdateFromFile(client)
	}

	// execute the update call for the secret configuration
	//
	// https://pkg.go.dev/github.com/go-vela/cli/action/secret?tab=doc#Config.Update
	return s.Update(client)
}

Check failure on line 72 in internal/output/yaml_test.go

See this annotation in the file changed.

@github-actions github-actions / golangci

[golangci] internal/output/yaml_test.go#L72

unused-parameter: parameter 'unmarshal' seems to be unused, consider removing or renaming it as _ (revive)
Raw output
internal/output/yaml_test.go:72:39: unused-parameter: parameter 'unmarshal' seems to be unused, consider removing or renaming it as _ (revive)
func (f *failMarshaler) UnmarshalYAML(unmarshal func(interface{}) error) error {
                                      ^

Check failure on line 203 in action/config/load.go

See this annotation in the file changed.

@github-actions github-actions / golangci

[golangci] action/config/load.go#L203

assignments should only be cuddled with other assignments (wsl)
Raw output
action/config/load.go:203:4: assignments should only be cuddled with other assignments (wsl)
			err = ctx.Set(internal.FlagColor, c)
			^

Check failure on line 204 in action/config/load.go

See this annotation in the file changed.

@github-actions github-actions / golangci

[golangci] action/config/load.go#L204

only one cuddle assignment allowed before if statement (wsl)
Raw output
action/config/load.go:204:4: only one cuddle assignment allowed before if statement (wsl)
			if err != nil {
			^

Check failure on line 482 in action/pipeline/validate_test.go

See this annotation in the file changed.

@github-actions github-actions / golangci

[golangci] action/pipeline/validate_test.go#L482

assignments should only be cuddled with other assignments (wsl)
Raw output
action/pipeline/validate_test.go:482:4: assignments should only be cuddled with other assignments (wsl)
			got, err := validateFile(tt.args.path)
			^

Check failure on line 483 in action/pipeline/validate_test.go

See this annotation in the file changed.

@github-actions github-actions / golangci

[golangci] action/pipeline/validate_test.go#L483

only one cuddle assignment allowed before if statement (wsl)
Raw output
action/pipeline/validate_test.go:483:4: only one cuddle assignment allowed before if statement (wsl)
			if (err != nil) != tt.wantErr {
			^

Check failure on line 487 in action/pipeline/validate_test.go

See this annotation in the file changed.

@github-actions github-actions / golangci

[golangci] action/pipeline/validate_test.go#L487

if statements should only be cuddled with assignments (wsl)
Raw output
action/pipeline/validate_test.go:487:4: if statements should only be cuddled with assignments (wsl)
			if got != tt.want {
			^

Check failure on line 51 in action/secret/table.go

See this annotation in the file changed.

@github-actions github-actions / golangci

[golangci] action/secret/table.go#L51

directive `//nolint:gosec // ignore memory aliasing` is unused for linter "gosec" (nolintlint)
Raw output
action/secret/table.go:51:3: directive `//nolint:gosec // ignore memory aliasing` is unused for linter "gosec" (nolintlint)
		//nolint:gosec // ignore memory aliasing
		^

Check failure on line 106 in action/secret/table.go

See this annotation in the file changed.

@github-actions github-actions / golangci

[golangci] action/secret/table.go#L106

directive `//nolint:gosec // ignore memory aliasing` is unused for linter "gosec" (nolintlint)
Raw output
action/secret/table.go:106:3: directive `//nolint:gosec // ignore memory aliasing` is unused for linter "gosec" (nolintlint)
		//nolint:gosec // ignore memory aliasing
		^