update golangci-lint to v2

Signed-off-by: Karol Szwaj <[email protected]>

fix lint

Signed-off-by: Karol Szwaj <[email protected]>

On-behalf-of: @SAP [email protected]

make codegen

Signed-off-by: Karol Szwaj <[email protected]>

add fix-lint target

Signed-off-by: Karol Szwaj <[email protected]>

restore comments

Signed-off-by: Karol Szwaj <[email protected]>

On-behalf-of: @SAP [email protected]

bump to v2.1.6

Signed-off-by: Karol Szwaj <[email protected]>

On-behalf-of: @SAP [email protected]

Author: cnvergence

.golangci.yaml

@@ -1,77 +1,108 @@
+version: "2"
 run:
-  timeout: 10m
   allow-parallel-runners: true
-
 linters:
-  disable-all: true
+  default: none
   enable:
-  - asasalint
-  - asciicheck
-  - bidichk
-  - bodyclose
-  - containedctx
-  - copyloopvar
-  - dupword
-  - durationcheck
-  - errcheck
-  - errchkjson
-  - gci
-  - gocritic
-  - godot
-  - gofmt
-  - goprintffuncname
-  - gosec
-  - gosimple
-  - govet
-  - importas
-  - ineffassign
-  - misspell
-  - nilerr
-  - noctx
-  - nolintlint
-  - nosprintfhostport
-  - prealloc
-  - revive
-  - staticcheck
-  - unconvert
-  - unused
-  - usestdlibvars
-  - whitespace
+    - asasalint
+    - asciicheck
+    - bidichk
+    - bodyclose
+    - containedctx
+    - copyloopvar
+    - dupword
+    - durationcheck
+    - errcheck
+    - errchkjson
+    - gocritic
+    - godot
+    - goprintffuncname
+    - gosec
+    - govet
+    - importas
+    - ineffassign
+    - misspell
+    - nilerr
+    - noctx
+    - nolintlint
+    - nosprintfhostport
+    - prealloc
+    - revive
+    - staticcheck
+    - unconvert
+    - unused
+    - usestdlibvars
+    - whitespace
   # TODO(vincepri): Figure out if we want to enable or remove the following linters:
   # - predeclared
   # - goconst
-
-linters-settings:
-  misspell:
-    ignore-words:
-    - creater
-  goconst:
-    ignore-tests: true
-  nolintlint:
-    allow-unused: false
-    allow-leading-space: false
-    require-specific: true
-  revive:
+  settings:
+    gocritic:
+      disabled-checks:
+        - appendAssign
+        - dupImport # https://github.com/go-critic/go-critic/issues/845
+        - evalOrder
+        - ifElseChain
+        - octalLiteral
+        - regexpSimplify
+        - sloppyReassign
+        - truncateCmp
+        - typeDefFirst
+        - unnamedResult
+        - unnecessaryDefer
+        - whyNoLint
+        - wrapperFunc
+        - unnecessaryBlock
+        - rangeValCopy
+        - hugeParam
+        - commentedOutCode
+        - emptyStringTest
+        - singleCaseSwitch
+        - nestingReduce
+        - filepathJoin
+        - tooManyResultsChecker
+      enabled-tags:
+        - diagnostic
+        - experimental
+        - performance
+    gosec:
+      excludes:
+        - G307 # Deferring unsafe method "Close" on type "\*os.File"
+        - G108 # Profiling endpoint is automatically exposed on /debug/pprof
+        # TODO(vincepri): The following should be looked at and removed in future iterations.
+        - G401 # Use of weak cryptographic primitive (replace sha1 usage)
+        - G505 # crypto/sha1: weak cryptographic primitive
+        - G402 # TLS MinVersion too low (set MinVersion in TLSClientConfig)
+        - G404 # Use of weak random number generator (use crypto/rand)
+        - G101 # Potential hardcoded credentials (returns false positives)
+        - G306 # Expect WriteFile permissions to be 0600 or less
+    misspell:
+      ignore-rules:
+        - creater
+    nolintlint:
+      require-specific: true
+      allow-unused: false
+    revive:
     # make sure error-strings issues actually surface (default confidence is 0.8)
-    confidence: 0.6
-    rules:
-      - name: context-keys-type
-      - name: duplicated-imports
-      - name: error-return
-      - name: error-strings
-      - name: error-naming
-      - name: if-return
-      - name: increment-decrement
-      - name: var-declaration
-      - name: package-comments
-      - name: range
-      - name: receiver-naming
-      - name: time-naming
-      - name: errorf
-      - name: superfluous-else
-      - name: unreachable-code
-      - name: bool-literal-in-expr
-      - name: constant-logical-expr
+      confidence: 0.6
+      rules:
+        - name: context-keys-type
+        - name: duplicated-imports
+        - name: error-return
+        - name: error-strings
+        - name: error-naming
+        - name: if-return
+        - name: increment-decrement
+        - name: var-declaration
+        - name: package-comments
+        - name: range
+        - name: receiver-naming
+        - name: time-naming
+        - name: errorf
+        - name: superfluous-else
+        - name: unreachable-code
+        - name: bool-literal-in-expr
+        - name: constant-logical-expr
       # TODO(vincepri): Figure out if we want to enable
       # the following rules, or remove them completely, they're a bit noisy.
       # - name: context-as-argument
@@ -82,69 +113,55 @@ linters-settings:
       # - name: indent-error-flow # I think @ncdc prefers explicit else statements, remove?
       # - name: redefines-builtin-id
       # - name: dot-imports
-  gci:
-    custom-order: true
-    sections:
-    - standard
-    - default
-    - prefix(k8s.io)
-    - prefix(github.com/kcp-dev)
-    - prefix(github.com/kcp-dev/kcp)
-    - blank
-    - dot
-    skip-generated: false
-  gosec:
-    excludes:
-    - G307 # Deferring unsafe method "Close" on type "\*os.File"
-    - G108 # Profiling endpoint is automatically exposed on /debug/pprof
-    # TODO(vincepri): The following should be looked at and removed in future iterations.
-    - G401 # Use of weak cryptographic primitive (replace sha1 usage)
-    - G505 # crypto/sha1: weak cryptographic primitive
-    - G402 # TLS MinVersion too low (set MinVersion in TLSClientConfig)
-    - G404 # Use of weak random number generator (use crypto/rand)
-    - G101 # Potential hardcoded credentials (returns false positives)
-    - G306 # Expect WriteFile permissions to be 0600 or less
-  gocritic:
-    enabled-tags:
-    - diagnostic
-    - experimental
-    - performance
-    disabled-checks:
-    - appendAssign
-    - dupImport # https://github.com/go-critic/go-critic/issues/845
-    - evalOrder
-    - ifElseChain
-    - octalLiteral
-    - regexpSimplify
-    - sloppyReassign
-    - truncateCmp
-    - typeDefFirst
-    - unnamedResult
-    - unnecessaryDefer
-    - whyNoLint
-    - wrapperFunc
-    - unnecessaryBlock
-    - rangeValCopy
-    - hugeParam
-    - commentedOutCode
-    # TODO(vincepri): potentially enable the following?
-    - emptyStringTest
-    - singleCaseSwitch
-    - nestingReduce
-    - filepathJoin
-    - tooManyResultsChecker
-
+  exclusions:
+    generated: lax
+    presets:
+      - comments
+      - common-false-positives
+      - legacy
+      - std-error-handling
+    rules:
+      - linters:
+          - unparam
+        text: always receives
+      - linters:
+          - gosec
+        path: _test\.go
+        text: 'G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server'
+      - linters:
+          - gosec
+        path: test/e2e/*
+      - linters:
+          - goconst
+        path: (.+)_test\.go
+      - linters:
+          - staticcheck
+        text: QF1008
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
 issues:
-  max-same-issues: 0
   max-issues-per-linter: 0
-  exclude-rules:
-  - linters:
-    - unparam
-    text: always receives
-  - linters:
-    - gosec
-    path: _test\.go
-    text: "G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server"
-  - linters:
-    - gosec
-    path: test/e2e/*
+  max-same-issues: 0
+formatters:
+  enable:
+    - gci
+    - gofmt
+  settings:
+    gci:
+      sections:
+        - standard
+        - default
+        - prefix(k8s.io)
+        - prefix(github.com/kcp-dev)
+        - prefix(github.com/kcp-dev/kcp)
+        - blank
+        - dot
+      custom-order: true
+  exclusions:
+    generated: disable
+    paths:
+      - third_party$
+      - builtin$
+      - examples$

Makefile

@@ -50,9 +50,10 @@ YAML_PATCH_BIN := yaml-patch
 YAML_PATCH := $(TOOLS_DIR)/$(YAML_PATCH_BIN)-$(YAML_PATCH_VER)
 export YAML_PATCH # so hack scripts can use it
 
-GOLANGCI_LINT_VER := v1.62.2
+GOLANGCI_LINT_VER := v2.1.6
 GOLANGCI_LINT_BIN := golangci-lint
 GOLANGCI_LINT := $(TOOLS_GOBIN_DIR)/$(GOLANGCI_LINT_BIN)-$(GOLANGCI_LINT_VER)
+GOLANGCI_LINT_FLAGS ?=
 
 HTTEST_VER := v0.3.2
 HTTEST_BIN := httest
@@ -128,7 +129,7 @@ install: require-jq require-go require-git verify-go-versions ## Install the pro
 .PHONY: install
 
 $(GOLANGCI_LINT):
-	GOBIN=$(TOOLS_GOBIN_DIR) $(GO_INSTALL) github.com/golangci/golangci-lint/cmd/golangci-lint $(GOLANGCI_LINT_BIN) $(GOLANGCI_LINT_VER)
+	GOBIN=$(TOOLS_GOBIN_DIR) $(GO_INSTALL) github.com/golangci/golangci-lint/v2/cmd/golangci-lint $(GOLANGCI_LINT_BIN) $(GOLANGCI_LINT_VER)
 
 $(HTTEST):
 	GOBIN=$(TOOLS_GOBIN_DIR) $(GO_INSTALL) go.xrstf.de/httest $(HTTEST_BIN) $(HTTEST_VER)
@@ -140,10 +141,21 @@ $(KCP_APIGEN_GEN):
 	pushd . && cd sdk && GOBIN=$(TOOLS_GOBIN_DIR) go install ./cmd/apigen && popd
 
 lint: $(GOLANGCI_LINT) $(LOGCHECK) ## Verify lint
-	$(GOLANGCI_LINT) run --timeout 20m ./...
+	echo "Linting root module..."; \
+	$(GOLANGCI_LINT) run $(GOLANGCI_LINT_FLAGS) -c $(ROOT_DIR)/.golangci.yaml --timeout 20m
+	for MOD in $$(git ls-files '**/go.mod' | sed 's,/go.mod,,'); do \
+		if [ "$$MOD" != "." ]; then \
+			echo "Linting $$MOD module..."; \
+			(cd $$MOD && $(GOLANGCI_LINT) run $(GOLANGCI_LINT_FLAGS) -c $(ROOT_DIR)/.golangci.yaml --timeout 20m); \
+		fi; \
+	done
 	./hack/verify-contextual-logging.sh
 .PHONY: lint
 
+fix-lint: $(GOLANGCI_LINT)
+	GOLANGCI_LINT_FLAGS="--fix" $(MAKE) lint
+.PHONY: fix-lint
+
 update-contextual-logging: $(LOGCHECK) ## Update contextual logging
 	UPDATE=true ./hack/verify-contextual-logging.sh
 .PHONY: update-contextual-logging
@@ -198,7 +210,7 @@ crds: $(CONTROLLER_GEN) $(YAML_PATCH) ## Generate crds
 	./hack/update-codegen-crds.sh
 .PHONY: crds
 
-codegen:  $(KCP_APIGEN_GEN) crds ## Generate all
+codegen: $(KCP_APIGEN_GEN) crds ## Generate all
 	go mod download
 	./hack/update-codegen-clients.sh
 	./hack/gen-patch-defaultrestmapper.sh
@@ -228,10 +240,10 @@ verify-codegen: ## Verify codegen
 imports: WHAT ?=
 imports: $(GOLANGCI_LINT) verify-go-versions
 	if [ -n "$(WHAT)" ]; then \
-	  $(GOLANGCI_LINT) run --enable-only=gci --fix --exclude-generated disable $(WHAT); \
+	  $(GOLANGCI_LINT) fmt --enable gci -c $(ROOT_DIR)/.golangci.yaml $(WHAT); \
 	else \
 	  for MOD in . $$(git ls-files '**/go.mod' | sed 's,/go.mod,,'); do \
-		(set -x; cd $$MOD; $(GOLANGCI_LINT) run --enable-only=gci --fix --exclude-generated disable); \
+		(set -x; cd $$MOD; $(GOLANGCI_LINT) fmt --enable gci -c $(ROOT_DIR)/.golangci.yaml); \
 	  done; \
 	fi
 

cli/cmd/kubectl-create-workspace/cmd/kubectlCreateWorkspace.go

@@ -41,5 +41,4 @@ func KubectlCreateWorkspaceCommand() *cobra.Command {
 	klog.InitFlags(fs)
 	createWorkspaceCommand.PersistentFlags().AddGoFlagSet(fs)
 	return createWorkspaceCommand
-
 }

cli/cmd/kubectl-ws/cmd/kubectlWs.go

@@ -41,5 +41,4 @@ func KubectlWsCommand() *cobra.Command {
 	klog.InitFlags(fs)
 	wsCommand.PersistentFlags().AddGoFlagSet(fs)
 	return wsCommand
-
 }

cli/pkg/workspace/plugin/context_test.go

@@ -196,8 +196,6 @@ func TestCreateContext(t *testing.T) {
 		},
 	}
 	for _, tt := range tests {
-		tt := tt
-
 		t.Run(tt.name, func(t *testing.T) {
 			var got *clientcmdapi.Config