Merge branch 'main' into fix-http-upstreams-keepalive

Author: vepatel

.github/workflows/codeql-analysis.yml

@@ -1,4 +1,4 @@
-name: "CodeQL"
+name: CodeQL
 
 on:
   push:
@@ -23,55 +23,49 @@ jobs:
     name: Analyze
     runs-on: ubuntu-22.04
     permissions:
-      actions: read
-      contents: read
-      security-events: write
+      actions: read # for github/codeql-action/init to get workflow details
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/autobuild to send a status report
+      packages: read # required to fetch internal or private CodeQL packs
 
     strategy:
       fail-fast: false
       matrix:
-        language: ["go"]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift' ]
-        # Use only 'java' to analyze code written in Java, Kotlin or both
-        # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
-        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+        include:
+          - language: go
+            build-mode: autobuild
+            # CodeQL supports the following values keywords for 'language': 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift'
+            # Use `c-cpp` to analyze code written in C, C++ or both
+            # Use 'java-kotlin' to analyze code written in Java, Kotlin or both
+            # Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
+            # To learn more about changing the languages that are analyzed or customizing the build mode for your analysis,
+            # see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
+            # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
+            # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
 
     steps:
       - name: Checkout repository
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
+      - name: Setup Golang Environment
+        uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
+        with:
+          go-version: stable
+        if: matrix.language == 'go'
+
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
         uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
         with:
           languages: ${{ matrix.language }}
+          build-mode: ${{ matrix.build-mode }}
           # If you wish to specify custom queries, you can do so here or in a config file.
           # By default, queries listed here will override any specified in a config file.
           # Prefix the list here with "+" to use these queries and those in the config file.
 
           # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
           # queries: security-extended,security-and-quality
 
-      - name: Setup Golang Environment
-        uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
-        with:
-          go-version: stable
-
-      # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
-      # If this step fails, then you should remove it and run the build manually (see below)
-      - name: Autobuild
-        uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
-
-      # ℹ️ Command-line programs to run using the OS shell.
-      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
-
-      #   If the Autobuild fails above, remove it and uncomment the following three lines.
-      #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
-
-      # - run: |
-      #     echo "Run, Build Application using script"
-      #     ./location_of_script_within_repo/buildscript.sh
-
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
         with:

.golangci.yml

@@ -34,14 +34,19 @@ linters:
     - asasalint
     - asciicheck
     - bidichk
+    - contextcheck
     - dupword
+    - durationcheck
     - errcheck
+    - errchkjson
     - errname
     - errorlint
     - exportloopref
     - fatcontext
     - forcetypeassert
     - gocheckcompilerdirectives
+    - gochecksumtype
+    - gocritic
     - godot
     - gofmt
     - gofumpt
@@ -54,6 +59,7 @@ linters:
     - intrange
     - makezero
     - misspell
+    - musttag
     - nilerr
     - noctx
     - nolintlint

.pre-commit-config.yaml

@@ -33,5 +33,10 @@ repos:
     hooks:
       - id: markdownlint-cli2
 
+  - repo: https://github.com/adrienverge/yamllint.git
+    rev: v1.35.1
+    hooks:
+      - id: yamllint
+
 ci:
   skip: [golangci-lint-full]

client/nginx.go

@@ -83,9 +83,9 @@ type StreamUpstreamServer struct {
 }
 
 type apiErrorResponse struct {
-	RequestID string `json:"request_id"`
-	Href      string
-	Error     apiError
+	RequestID string   `json:"request_id"`
+	Href      string   `json:"href"`
+	Error     apiError `json:"error"`
 }
 
 func (resp *apiErrorResponse) toString() string {
@@ -94,9 +94,9 @@ func (resp *apiErrorResponse) toString() string {
 }
 
 type apiError struct {
-	Text   string
-	Code   string
-	Status int
+	Text   string `json:"text"`
+	Code   string `json:"code"`
+	Status int    `json:"status"`
 }
 
 type internalError struct {

client/nginx_test.go

@@ -602,19 +602,20 @@ func TestClientWithHTTPClient(t *testing.T) {
 func TestGetStats_NoStreamEndpoint(t *testing.T) {
 	t.Parallel()
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if r.RequestURI == "/" {
+		switch {
+		case r.RequestURI == "/":
 			_, err := w.Write([]byte(`[4, 5, 6, 7, 8, 9]`))
 			if err != nil {
 				t.Fatalf("unexpected error: %v", err)
 			}
-		} else if r.RequestURI == "/7/" {
+		case r.RequestURI == "/7/":
 			_, err := w.Write([]byte(`["nginx","processes","connections","slabs","http","resolvers","ssl"]`))
 			if err != nil {
 				t.Fatalf("unexpected error: %v", err)
 			}
-		} else if strings.HasPrefix(r.RequestURI, "/7/stream") {
+		case strings.HasPrefix(r.RequestURI, "/7/stream"):
 			t.Fatal("Stream endpoint should not be called since it does not exist.")
-		} else {
+		default:
 			_, err := w.Write([]byte(`{}`))
 			if err != nil {
 				t.Fatalf("unexpected error: %v", err)
@@ -654,17 +655,18 @@ func TestGetStats_NoStreamEndpoint(t *testing.T) {
 func TestGetStats_SSL(t *testing.T) {
 	t.Parallel()
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if r.RequestURI == "/" {
+		switch {
+		case r.RequestURI == "/":
 			_, err := w.Write([]byte(`[4, 5, 6, 7, 8, 9]`))
 			if err != nil {
 				t.Fatalf("unexpected error: %v", err)
 			}
-		} else if r.RequestURI == "/8/" {
+		case r.RequestURI == "/8/":
 			_, err := w.Write([]byte(`["nginx","processes","connections","slabs","http","resolvers","ssl","workers"]`))
 			if err != nil {
 				t.Fatalf("unexpected error: %v", err)
 			}
-		} else if strings.HasPrefix(r.RequestURI, "/8/ssl") {
+		case strings.HasPrefix(r.RequestURI, "/8/ssl"):
 			_, err := w.Write([]byte(`{
 				"handshakes" : 79572,
 				"handshakes_failed" : 21025,
@@ -684,7 +686,7 @@ func TestGetStats_SSL(t *testing.T) {
 			if err != nil {
 				t.Fatalf("unexpected error: %v", err)
 			}
-		} else {
+		default:
 			_, err := w.Write([]byte(`{}`))
 			if err != nil {
 				t.Fatalf("unexpected error: %v", err)