diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 1f3486d..8389074 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -19,7 +19,7 @@ jobs: - name: lint uses: golangci/golangci-lint-action@v6.1.0 with: - version: v1.54.2 + version: v1.60 tests-on-unix: needs: golangci-lint # run after golangci-lint action to not produce duplicated errors diff --git a/atmcfg/auth.go b/atmcfg/auth.go index 4258815..f99ad9e 100644 --- a/atmcfg/auth.go +++ b/atmcfg/auth.go @@ -15,7 +15,7 @@ package atmcfg import ( - "crypto/sha1" //nolint:gosec // mongodb scram-sha-1 supports this tho is not recommended + "crypto/sha1" // #nosec G101 // #nosec G505 // mongodb scram-sha-1 supports this tho is not recommended "crypto/sha256" "encoding/base64" "errors" diff --git a/atmcfg/security.go b/atmcfg/security.go index 9216977..2ffc671 100644 --- a/atmcfg/security.go +++ b/atmcfg/security.go @@ -16,7 +16,7 @@ package atmcfg import ( "crypto/hmac" - "crypto/md5" //nolint:gosec // used as part of the sha1 standard + "crypto/md5" // #nosec G101 // #nosec G501 // used as part of the sha1 standard "encoding/base64" "encoding/hex" "fmt" @@ -165,7 +165,7 @@ func generateSalt(hashConstructor func() hash.Hash) ([]byte, error) { } func md5Hex(s string) (string, error) { - h := md5.New() //nolint:gosec // used as part of the sha1 standard + h := md5.New() // #nosec G101 // #nosec G401 // used as part of the sha1 standard if _, err := h.Write([]byte(s)); err != nil { return "", err diff --git a/atmcfg/security_test.go b/atmcfg/security_test.go index aa03af8..67c1cec 100644 --- a/atmcfg/security_test.go +++ b/atmcfg/security_test.go @@ -15,7 +15,7 @@ package atmcfg import ( - "crypto/sha1" //nolint:gosec // used as part of the sha1 standard + "crypto/sha1" // #nosec G101 // #nosec G505 // used as part of the sha1 standard "testing" "github.com/stretchr/testify/assert" diff --git a/auth/device_flow_test.go b/auth/device_flow_test.go index 1165ae5..b91f0e7 100644 --- a/auth/device_flow_test.go +++ b/auth/device_flow_test.go @@ -173,7 +173,7 @@ func TestConfig_RevokeToken(t *testing.T) { config, mux, teardown := setup() defer teardown() - mux.HandleFunc("/api/private/unauth/account/device/revoke", func(w http.ResponseWriter, r *http.Request) { + mux.HandleFunc("/api/private/unauth/account/device/revoke", func(_ http.ResponseWriter, r *http.Request) { testMethod(t, r) }) diff --git a/opsmngr/accesslist_api_keys.go b/opsmngr/accesslist_api_keys.go index ac2d5ef..764d1ac 100644 --- a/opsmngr/accesslist_api_keys.go +++ b/opsmngr/accesslist_api_keys.go @@ -20,7 +20,7 @@ import ( "net/http" ) -const accessListAPIKeysPath = "api/public/v1.0/orgs/%s/apiKeys/%s/accessList" //nolint:gosec // This is a path +const accessListAPIKeysPath = "api/public/v1.0/orgs/%s/apiKeys/%s/accessList" // #nosec G101 // This is a path // AccessListAPIKeysService is an interface for interfacing with the AccessList API Keys // endpoints of the MongoDB Ops Manager API. diff --git a/opsmngr/accesslist_api_keys_test.go b/opsmngr/accesslist_api_keys_test.go index 29e0897..0d9de18 100644 --- a/opsmngr/accesslist_api_keys_test.go +++ b/opsmngr/accesslist_api_keys_test.go @@ -24,7 +24,7 @@ import ( ) const ( - apiKeyID = "API-KEY-ID" //nolint:gosec // ID and not an actual key + apiKeyID = "API-KEY-ID" // #nosec G101 // ID and not an actual key ipAddress = "IP-ADDRESS" ) diff --git a/opsmngr/agents_api_keys.go b/opsmngr/agents_api_keys.go index 3ad1e0a..718e508 100644 --- a/opsmngr/agents_api_keys.go +++ b/opsmngr/agents_api_keys.go @@ -21,7 +21,7 @@ import ( ) const ( - agentAPIKeysBasePath = "api/public/v1.0/groups/%s/agentapikeys" //nolint:gosec // This is a path + agentAPIKeysBasePath = "api/public/v1.0/groups/%s/agentapikeys" // #nosec G101 // This is a path ) // AgentAPIKey defines the structure for an Agent API key. diff --git a/opsmngr/agents_api_keys_test.go b/opsmngr/agents_api_keys_test.go index ba5deff..e2db305 100644 --- a/opsmngr/agents_api_keys_test.go +++ b/opsmngr/agents_api_keys_test.go @@ -22,7 +22,7 @@ import ( "github.com/go-test/deep" ) -const projectID = "5e66185d917b220fbd8bb4d1" //nolint:gosec // not a credential +const projectID = "5e66185d917b220fbd8bb4d1" // not a credential func TestAgentsServiceOp_ListAgentAPIKeys(t *testing.T) { client, mux, teardown := setup() diff --git a/opsmngr/alert_configurations_test.go b/opsmngr/alert_configurations_test.go index e14e632..cc0a358 100644 --- a/opsmngr/alert_configurations_test.go +++ b/opsmngr/alert_configurations_test.go @@ -23,7 +23,7 @@ import ( "github.com/go-test/deep" ) -const alertConfigID = "57b76ddc96e8215c017ceafb" //nolint:gosec // not a credential +const alertConfigID = "57b76ddc96e8215c017ceafb" // #nosec G101 // not a credential func TestAlertConfiguration_Create(t *testing.T) { client, mux, teardown := setup() diff --git a/opsmngr/alerts_test.go b/opsmngr/alerts_test.go index 0454bb2..af4f77f 100644 --- a/opsmngr/alerts_test.go +++ b/opsmngr/alerts_test.go @@ -22,7 +22,7 @@ import ( "github.com/go-test/deep" ) -const alertID = "57b76ddc96e8215c017ceafb" //nolint:gosec // not a credential +const alertID = "57b76ddc96e8215c017ceafb" // #nosec G101 // not a credential func TestAlert_Get(t *testing.T) { client, mux, teardown := setup() diff --git a/opsmngr/automation_config.go b/opsmngr/automation_config.go index aca9e95..c1e05a7 100644 --- a/opsmngr/automation_config.go +++ b/opsmngr/automation_config.go @@ -183,22 +183,22 @@ type SSL struct { // // See: https://docs.opsmanager.mongodb.com/current/reference/api/automation-config/automation-config-parameters/#authentication type Auth struct { - AuthoritativeSet bool `json:"authoritativeSet"` // AuthoritativeSet indicates if the MongoDBUsers should be synced with the current list of UsersWanted - AutoAuthMechanism string `json:"autoAuthMechanism"` // AutoAuthMechanism is the currently active agent authentication mechanism. This is a read only field - AutoAuthMechanisms []string `json:"autoAuthMechanisms,omitempty"` // AutoAuthMechanisms is a list of auth mechanisms the Automation Agent is able to use - AutoAuthRestrictions []interface{} `json:"autoAuthRestrictions"` - AutoKerberosKeytabPath string `json:"autoKerberosKeytabPath,omitempty"` - AutoLdapGroupDN string `json:"autoLdapGroupDN,omitempty"` //nolint:tagliatelle // AutoLdapGroupDN follows go convention while tag is correct from API - AutoPwd string `json:"autoPwd,omitempty"` // AutoPwd is a required field when going from `Disabled=false` to `Disabled=true` - AutoUser string `json:"autoUser,omitempty"` // AutoUser is the MongoDB Automation Agent user, when x509 is enabled, it should be set to the subject of the AA's certificate - DeploymentAuthMechanisms []string `json:"deploymentAuthMechanisms,omitempty"` // DeploymentAuthMechanisms is a list of possible auth mechanisms that can be used within deployments - Disabled bool `json:"disabled"` // Disabled indicates if auth is disabled - Key string `json:"key,omitempty"` // Key is the contents of the Keyfile, the automation agent will ensure this a Keyfile with these contents exists at the `Keyfile` path - Keyfile string `json:"keyfile,omitempty"` // Keyfile is the path to a keyfile with read & write permissions. It is a required field if `Disabled=false` - KeyfileWindows string `json:"keyfileWindows,omitempty"` // KeyfileWindows is required if `Disabled=false` even if the value is not used. - NewAutoPwd string `json:"newAutoPwd,omitempty"` // NewAutoPwd is a new password that the Automation uses when connecting to an instance. - UsersDeleted []*MongoDBUser `json:"usersDeleted"` // UsersDeleted are objects that define the authenticated users to be deleted from specified databases or from all databases - UsersWanted []*MongoDBUser `json:"usersWanted"` // UsersWanted is a list which contains the desired users at the project level. + AuthoritativeSet bool `json:"authoritativeSet"` // AuthoritativeSet indicates if the MongoDBUsers should be synced with the current list of UsersWanted + AutoAuthMechanism string `json:"autoAuthMechanism"` // AutoAuthMechanism is the currently active agent authentication mechanism. This is a read only field + AutoAuthMechanisms []string `json:"autoAuthMechanisms,omitempty"` // AutoAuthMechanisms is a list of auth mechanisms the Automation Agent is able to use + AutoAuthRestrictions []interface{} `json:"autoAuthRestrictions"` + AutoKerberosKeytabPath string `json:"autoKerberosKeytabPath,omitempty"` + AutoLdapGroupDN string `json:"autoLdapGroupDN,omitempty"` //nolint:tagliatelle // AutoLdapGroupDN follows go convention while tag is correct from API + AutoPwd string `json:"autoPwd,omitempty"` // AutoPwd is a required field when going from `Disabled=false` to `Disabled=true` + AutoUser string `json:"autoUser,omitempty"` // AutoUser is the MongoDB Automation Agent user, when x509 is enabled, it should be set to the subject of the AA's certificate + DeploymentAuthMechanisms []string `json:"deploymentAuthMechanisms,omitempty"` // DeploymentAuthMechanisms is a list of possible auth mechanisms that can be used within deployments + Disabled bool `json:"disabled"` // Disabled indicates if auth is disabled + Key string `json:"key,omitempty"` // Key is the contents of the Keyfile, the automation agent will ensure this a Keyfile with these contents exists at the `Keyfile` path + Keyfile string `json:"keyfile,omitempty"` // Keyfile is the path to a keyfile with read & write permissions. It is a required field if `Disabled=false` + KeyfileWindows string `json:"keyfileWindows,omitempty"` // KeyfileWindows is required if `Disabled=false` even if the value is not used. + NewAutoPwd string `json:"newAutoPwd,omitempty"` // NewAutoPwd is a new password that the Automation uses when connecting to an instance. + UsersDeleted []*MongoDBDeletedUser `json:"usersDeleted"` // UsersDeleted are objects that define the authenticated users to be deleted from specified databases or from all databases + UsersWanted []*MongoDBUser `json:"usersWanted"` // UsersWanted is a list which contains the desired users at the project level. } // Args26 part of the internal Process struct. @@ -231,6 +231,12 @@ type MongoDBUser struct { Username string `json:"user"` //nolint:tagliatelle // Username is a better name than just user } +// MongoDBDeletedUser user to delete from DBs list. +type MongoDBDeletedUser struct { + User string `json:"user"` + DBs []string `json:"dbs"` //nolint:tagliatelle // use dbs as in the API +} + // AuthenticationRestriction of a database user. type AuthenticationRestriction struct { ClientSource []string `json:"clientSource"` diff --git a/opsmngr/checkpoints_test.go b/opsmngr/checkpoints_test.go index 8377a71..9fea209 100644 --- a/opsmngr/checkpoints_test.go +++ b/opsmngr/checkpoints_test.go @@ -22,7 +22,7 @@ import ( "github.com/go-test/deep" ) -const clusterID = "6b8cd61180eef547110159d9" //nolint:gosec // not a credential +const clusterID = "6b8cd61180eef547110159d9" // #nosec G101 // not a credential func TestCheckpoints_List(t *testing.T) { client, mux, teardown := setup() @@ -263,7 +263,7 @@ func TestCheckpoints_Get(t *testing.T) { client, mux, teardown := setup() defer teardown() - const checkpointID = "6b8cd61180eef547110159d9" //nolint:gosec // not a credential + const checkpointID = "6b8cd61180eef547110159d9" // #nosec G101 // not a credential path := fmt.Sprintf("/api/public/v1.0/groups/%s/clusters/%s/checkpoints/%s", projectID, clusterID, checkpointID) mux.HandleFunc(path, func(w http.ResponseWriter, r *http.Request) { diff --git a/opsmngr/continuous_snapshots_test.go b/opsmngr/continuous_snapshots_test.go index f4d8cf8..48afa33 100644 --- a/opsmngr/continuous_snapshots_test.go +++ b/opsmngr/continuous_snapshots_test.go @@ -25,7 +25,7 @@ import ( const ( clusterName = "Cluster0" - snapshotID = "6b5380e6jvn128560506942b" //nolint:gosec // not a credential + snapshotID = "6b5380e6jvn128560506942b" // #nosec G101 // not a credential ) func TestContinuousSnapshots_List(t *testing.T) { diff --git a/opsmngr/events_test.go b/opsmngr/events_test.go index 997adde..4d95423 100644 --- a/opsmngr/events_test.go +++ b/opsmngr/events_test.go @@ -22,7 +22,7 @@ import ( "github.com/go-test/deep" ) -const eventID = "b3ad04e680eef540be141abe" //nolint:gosec // not a credential +const eventID = "b3ad04e680eef540be141abe" // #nosec G101 // not a credential func TestEvents_ListOrganizationEvents(t *testing.T) { client, mux, teardown := setup() diff --git a/opsmngr/global_api_key_whitelists.go b/opsmngr/global_api_key_whitelists.go index ecbf1aa..78b981b 100644 --- a/opsmngr/global_api_key_whitelists.go +++ b/opsmngr/global_api_key_whitelists.go @@ -20,7 +20,7 @@ import ( "net/http" ) -const whitelistAPIKeysPath = "api/public/v1.0/admin/whitelist" //nolint:gosec // This is a path +const whitelistAPIKeysPath = "api/public/v1.0/admin/whitelist" // #nosec G101 // This is a path // GlobalAPIKeyWhitelistsService provides access to the global alerts related functions in the Ops Manager API. // diff --git a/opsmngr/global_api_key_whitelists_test.go b/opsmngr/global_api_key_whitelists_test.go index f3cf859..e2d30f8 100644 --- a/opsmngr/global_api_key_whitelists_test.go +++ b/opsmngr/global_api_key_whitelists_test.go @@ -23,7 +23,7 @@ import ( "github.com/go-test/deep" ) -const accessListID = "5f3cf81b89034c6b3c0a528e" //nolint:gosec // not a credential +const accessListID = "5f3cf81b89034c6b3c0a528e" // #nosec G101 // not a credential func TestWhitelistAPIKeys_List(t *testing.T) { client, mux, teardown := setup() diff --git a/opsmngr/global_api_keys.go b/opsmngr/global_api_keys.go index 4f67223..9ed79c4 100644 --- a/opsmngr/global_api_keys.go +++ b/opsmngr/global_api_keys.go @@ -21,7 +21,7 @@ import ( "net/url" ) -const apiKeysPath = "api/public/v1.0/admin/apiKeys" //nolint:gosec // This is a path +const apiKeysPath = "api/public/v1.0/admin/apiKeys" // #nosec G101 // This is a path // GlobalAPIKeysService provides access to the global alerts related functions in the Ops Manager API. // diff --git a/opsmngr/global_api_keys_test.go b/opsmngr/global_api_keys_test.go index 8f5e10e..7b3018c 100644 --- a/opsmngr/global_api_keys_test.go +++ b/opsmngr/global_api_keys_test.go @@ -27,7 +27,7 @@ const ( apiDesc = "test-apikeye" ewmaqvdo = "ewmaqvdo" testAPIKey = "test-apikey" - globalAPIKeyID = "5c47503320eef5699e1cce8d" //nolint:gosec // ID and not an actual key + globalAPIKeyID = "5c47503320eef5699e1cce8d" // #nosec G101 // ID and not an actual key ) func TestAPIKeys_ListAPIKeys(t *testing.T) { diff --git a/opsmngr/maintenance_test.go b/opsmngr/maintenance_test.go index fd8f29e..a92433d 100644 --- a/opsmngr/maintenance_test.go +++ b/opsmngr/maintenance_test.go @@ -22,7 +22,7 @@ import ( "github.com/go-test/deep" ) -const ID = "5628faffd4c606594adaa3b2" //nolint:gosec // not a credential +const ID = "5628faffd4c606594adaa3b2" // #nosec G101 // not a credential func TestMaintenanceWindows_List(t *testing.T) { client, mux, teardown := setup() diff --git a/opsmngr/organization_api_keys.go b/opsmngr/organization_api_keys.go index 6669a45..f313222 100644 --- a/opsmngr/organization_api_keys.go +++ b/opsmngr/organization_api_keys.go @@ -21,7 +21,7 @@ import ( "net/url" ) -const apiKeysOrgPath = "api/public/v1.0/orgs/%s/apiKeys" //nolint:gosec // This is a path +const apiKeysOrgPath = "api/public/v1.0/orgs/%s/apiKeys" // #nosec G101 // This is a path // APIKeysService is an interface for interfacing with the APIKeys. type APIKeysService interface { diff --git a/opsmngr/organizations_test.go b/opsmngr/organizations_test.go index 88caf66..df362a3 100644 --- a/opsmngr/organizations_test.go +++ b/opsmngr/organizations_test.go @@ -22,7 +22,7 @@ import ( "github.com/go-test/deep" ) -const orgID = "5a0a1e7e0f2912c554081adc" //nolint:gosec // not a credential +const orgID = "5a0a1e7e0f2912c554081adc" // #nosec G101 // not a credential func TestOrganizations_GetAllOrganizations(t *testing.T) { client, mux, teardown := setup() diff --git a/opsmngr/project_api_keys.go b/opsmngr/project_api_keys.go index 8aebbaa..bae50ae 100644 --- a/opsmngr/project_api_keys.go +++ b/opsmngr/project_api_keys.go @@ -20,7 +20,7 @@ import ( "net/http" ) -const projectAPIKeysPath = "api/public/v1.0/groups/%s/apiKeys" //nolint:gosec // This is a path +const projectAPIKeysPath = "api/public/v1.0/groups/%s/apiKeys" // #nosec G101 // This is a path // ProjectAPIKeysService is an interface for interfacing with the APIKeys. type ProjectAPIKeysService interface { diff --git a/opsmngr/teams_test.go b/opsmngr/teams_test.go index d13f482..abab257 100644 --- a/opsmngr/teams_test.go +++ b/opsmngr/teams_test.go @@ -23,7 +23,7 @@ import ( "github.com/go-test/deep" ) -const teamID = "6b720e1087d9d66b272f1c86" //nolint:gosec // not a credential +const teamID = "6b720e1087d9d66b272f1c86" // #nosec G101 // not a credential func TestTeams_List(t *testing.T) { client, mux, teardown := setup() diff --git a/opsmngr/users.go b/opsmngr/users.go index da015f2..7906ed7 100644 --- a/opsmngr/users.go +++ b/opsmngr/users.go @@ -49,7 +49,7 @@ type User struct { Links []*Link `json:"links,omitempty"` MobileNumber string `json:"mobileNumber,omitempty"` Password string `json:"password,omitempty"` - TeamIds []string `json:"teamIds,omitempty"` + TeamIds []string `json:"teamIds,omitempty"` //nolint:all // used as in the API Roles []*UserRole `json:"roles,omitempty"` Username string `json:"username"` Country string `json:"country,omitempty"` diff --git a/opsmngr/users_test.go b/opsmngr/users_test.go index cfac7e8..c4dca92 100644 --- a/opsmngr/users_test.go +++ b/opsmngr/users_test.go @@ -22,7 +22,7 @@ import ( "github.com/go-test/deep" ) -const userID = "56a10a80e4b0fd3b9a9bb0c2" //nolint:gosec // not a credential +const userID = "56a10a80e4b0fd3b9a9bb0c2" // #nosec G101 // not a credential const userName = "someone@example.com" func TestUsers_Get(t *testing.T) {