Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix failing checks #29977

Merged
merged 2 commits into from
Nov 18, 2021
Merged

Fix failing checks #29977

merged 2 commits into from
Nov 18, 2021

Conversation

lafentres
Copy link
Contributor

@lafentres lafentres commented Nov 18, 2021
edited
Loading

Description

This PR fixes a few checks that unexpectedly started failing after a recent PR merge.

  1. staticcheck lint rule failure: x/crypto/openpgp is deprecated but there currently aren't good options to switch to

    Click to expand for lint failure output 
       go generate ./...
   ==> Checking that code complies with static analysis requirements...
   internal/getproviders/package_authentication.go:12:2: package golang.org/x/crypto/openpgp is deprecated: this package is unmaintained except for security fixes. New applications should consider a more focused, modern alternative to OpenPGP for their specific task. If you are required to interoperate with OpenPGP systems and need a maintained package, consider a community fork. See https://golang.org/issue/44226.  (SA1019)
   internal/getproviders/package_authentication.go:13:2: package golang.org/x/crypto/openpgp/armor is deprecated: this package is unmaintained except for security fixes. New applications should consider a more focused, modern alternative to OpenPGP for their specific task. If you are required to interoperate with OpenPGP systems and need a maintained package, consider a community fork. See https://golang.org/issue/44226.  (SA1019)
   internal/getproviders/package_authentication.go:14:2: package golang.org/x/crypto/openpgp/errors is deprecated: this package is unmaintained except for security fixes. New applications should consider a more focused, modern alternative to OpenPGP for their specific task. If you are required to interoperate with OpenPGP systems and need a maintained package, consider a community fork. See https://golang.org/issue/44226.  (SA1019)
   internal/getproviders/package_authentication_test.go:12:2: package golang.org/x/crypto/openpgp is deprecated: this package is unmaintained except for security fixes. New applications should consider a more focused, modern alternative to OpenPGP for their specific task. If you are required to interoperate with OpenPGP systems and need a maintained package, consider a community fork. See https://golang.org/issue/44226.  (SA1019)
   exit status 1
   make: *** [Makefile:24: staticcheck] Error 1

  2. go.mod/go.sum issues: it looks like these files were updated from a very old commit, leading to some discrepancies. I've fixed the failure by running go mod tidy -go=1.16 && go mod tidy -go=1.17

    Click to expand for dependency error output 
    github.com/hashicorp/terraform/internal/depsfile imports
	github.com/google/go-cmp/cmp loaded from github.com/google/go-cmp@v0.5.5,
	but go 1.16 would select v0.5.6
github.com/hashicorp/terraform/internal/backend/remote-state/kubernetes imports
	k8s.io/client-go/tools/clientcmd imports
	github.com/imdario/mergo loaded from github.com/imdario/mergo@v0.3.11,
	but go 1.16 would select v0.3.12
github.com/hashicorp/terraform/internal/command tested by
	github.com/hashicorp/terraform/internal/command.test imports
	github.com/google/go-cmp/cmp/cmpopts loaded from github.com/google/go-cmp@v0.5.5,
	but go 1.16 would select v0.5.6
github.com/hashicorp/terraform/internal/depsfile imports
	github.com/google/go-cmp/cmp imports
	github.com/google/go-cmp/cmp/internal/diff loaded from github.com/google/go-cmp@v0.5.5,
	but go 1.16 would select v0.5.6
github.com/hashicorp/terraform/internal/depsfile imports
	github.com/google/go-cmp/cmp imports
	github.com/google/go-cmp/cmp/internal/flags loaded from github.com/google/go-cmp@v0.5.5,
	but go 1.16 would select v0.5.6
github.com/hashicorp/terraform/internal/depsfile imports
	github.com/google/go-cmp/cmp imports
	github.com/google/go-cmp/cmp/internal/function loaded from github.com/google/go-cmp@v0.5.5,
	but go 1.16 would select v0.5.6
github.com/hashicorp/terraform/internal/depsfile imports
	github.com/google/go-cmp/cmp imports
	github.com/google/go-cmp/cmp/internal/value loaded from github.com/google/go-cmp@v0.5.5,
	but go 1.16 would select v0.5.6
github.com/hashicorp/terraform/internal/addrs imports
	github.com/hashicorp/hcl/v2/hclsyntax tested by
	github.com/hashicorp/hcl/v2/hclsyntax.test imports
 	github.com/kr/pretty loaded from github.com/kr/pretty@v0.2.0,
	but go 1.16 would select v0.2.1
github.com/hashicorp/terraform/internal/backend/remote-state/oss imports
	github.com/aliyun/aliyun-oss-go-sdk/oss tested by
	github.com/aliyun/aliyun-oss-go-sdk/oss.test imports
	gopkg.in/check.v1 loaded from gopkg.in/check.v1@v1.0.0-20200227125254-8fa46927fb4f,
	but go 1.16 would select v1.0.0-20201130134442-10cb98267c6c
github.com/hashicorp/terraform/internal/cloud imports
	github.com/hashicorp/hcl/v2/hclwrite tested by
	github.com/hashicorp/hcl/v2/hclwrite.test imports
	github.com/sergi/go-diff/diffmatchpatch loaded from github.com/sergi/go-diff@v1.0.0,
	but go 1.16 would select v1.2.0
github.com/hashicorp/terraform/internal/depsfile imports
	github.com/google/go-cmp/cmp tested by
	github.com/google/go-cmp/cmp.test imports
	github.com/google/go-cmp/cmp/internal/testprotos loaded from github.com/google/go-cmp@v0.5.5,
	but go 1.16 would select v0.5.6
github.com/hashicorp/terraform/internal/depsfile imports
	github.com/google/go-cmp/cmp tested by
	github.com/google/go-cmp/cmp.test imports
	github.com/google/go-cmp/cmp/internal/teststructs loaded from github.com/google/go-cmp@v0.5.5,
	but go 1.16 would select v0.5.6
github.com/hashicorp/terraform/internal/depsfile imports
	github.com/google/go-cmp/cmp tested by
	github.com/google/go-cmp/cmp.test imports
	github.com/google/go-cmp/cmp/internal/teststructs/foo1 loaded from github.com/google/go-cmp@v0.5.5,
	but go 1.16 would select v0.5.6
github.com/hashicorp/terraform/internal/depsfile imports
	github.com/google/go-cmp/cmp tested by
	github.com/google/go-cmp/cmp.test imports
	github.com/google/go-cmp/cmp/internal/teststructs/foo2 loaded from github.com/google/go-cmp@v0.5.5,
	but go 1.16 would select v0.5.6

To upgrade to the versions selected by go 1.16:
	go mod tidy -go=1.16 && go mod tidy -go=1.17
If reproducibility with go 1.16 is not needed:
	go mod tidy -compat=1.17
For other options, see:
	https://golang.org/doc/modules/pruning

I'm seeing these failures on the main branch and the v1.1 branch, so this will need to be backported I believe.

@lafentres lafentres added dependencies Auto-pinning security Auto-pinning labels Nov 18, 2021
@lafentres lafentres self-assigned this Nov 18, 2021
@lafentres lafentres changed the title [DRAFT] Fix failing staticcheck lint Fix failing staticcheck lint Nov 18, 2021
@lafentres lafentres changed the title Fix failing staticcheck lint Fix failing checks Nov 18, 2021
@lafentres lafentres added the 1.1-backport If you add this label to a PR before merging, backport-assistant will open a new PR once merged label Nov 18, 2021
@lafentres lafentres marked this pull request as ready for review November 18, 2021 20:48
@lafentres lafentres requested review from jbardin, apparentlymart and a team and removed request for apparentlymart and jbardin November 18, 2021 20:48
@lafentres lafentres force-pushed the lafentres/staticcheck-lint-whitelist-openpgp branch from 7f5c05e to 2c29a05 Compare November 18, 2021 21:00
@lafentres lafentres merged commit d30314d into main Nov 18, 2021
@teamterraform teamterraform mentioned this pull request Nov 18, 2021
Merged
@lafentres lafentres deleted the lafentres/staticcheck-lint-whitelist-openpgp branch November 18, 2021 21:16
@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 20, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jbardin jbardin jbardin approved these changes

Assignees

@lafentres lafentres

Labels
1.1-backport If you add this label to a PR before merging, backport-assistant will open a new PR once merged dependencies Auto-pinning security Auto-pinning
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lafentres @jbardin