Overwall updates to support Go 1.21.x

Signed-off-by: Kairo de Araujo <[email protected]>
kairoaraujo · Nov 28, 2023 · 18f4d4c · 18f4d4c
1 parent 8729b47
commit 18f4d4c
Show file tree

Hide file tree

Showing 13 changed files with 173 additions and 141 deletions.
diff --git a/.github/workflows/goca-rest-api-docker-dev.yml b/.github/workflows/goca-rest-api-docker-dev.yml
@@ -7,10 +7,10 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - name: Set up Go 1.17
-      uses: actions/setup-go@v1
+    - name: Set up Go 1.21
+      uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
       with:
-        go-version: 1.17
+        go-version: 1.21
       id: go
 
     - name: Set up Docker

diff --git a/.github/workflows/goca-rest-api-docker-release.yml b/.github/workflows/goca-rest-api-docker-release.yml
@@ -3,45 +3,45 @@ name: GoCA REST API Docker test
 on:
   push:
     tags:
-      - '*'
+      - 'v*'
 
 jobs:
   build:
     runs-on: ubuntu-latest
 
     steps:
-    - name: Set up Go 1.17
-      uses: actions/setup-go@v1
+    - name: Set up Go 1.21
+      uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
       with:
-        go-version: 1.17
+        go-version: 1.21
       id: go
 
     - name: Set up Docker
       uses: docker-practice/actions-setup-docker@v1
 
     - name: Check out code into the Go module directory
-      uses: actions/checkout@v2
+      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
 
     - name: Set up QEMU
-      uses: docker/setup-qemu-action@v1
+      uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3
 
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v1
+      uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226
 
     - name: Login to DockerHub
-      uses: docker/login-action@v1
+      uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d
       with:
         username: ${{ secrets.DOCKERHUB_USERNAME }}
         password: ${{ secrets.DOCKERHUB_TOKEN }}
 
     - name: Build and push
-      uses: docker/build-push-action@v2
+      uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
       with:
         push: true
         tags: kairoaraujo/goca:latest
 
     - name: Update repo description
-      uses: peter-evans/dockerhub-description@v2
+      uses: peter-evans/dockerhub-description@dc67fad7001ef9e8e3c124cb7a64e16d0a63d864
       with:
         username: ${{ secrets.DOCKERHUB_USERNAME }}
         password: ${{ secrets.DOCKERHUB_PASSWORD }}

diff --git a/.github/workflows/goca-tests.yml b/.github/workflows/goca-tests.yml
@@ -7,20 +7,17 @@ jobs:
     name: Build
     runs-on: ubuntu-latest
     steps:
-    - name: Set up Go 1.17
-      uses: actions/setup-go@v1
+    - name: Set up Go 1.21
+      uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
       with:
-        go-version: 1.17
+        go-version: 1.21
       id: go
 
     - name: Check out code into the Go module directory
-      uses: actions/checkout@v2
+      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
 
-    - name: Get dependencies
-      run: go mod download
-
-    - name: Lint
-      run: make lint
-
-    - name: Test
+    - name: Tests
       run: make test
+
+    - name: Upload coverage reports to Codecov
+      uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d
diff --git a/.gitignore b/.gitignore
@@ -4,3 +4,4 @@ count.out
 coverage.out
 DoNotUseThisCAPATHTestOnly/
 docs-test/
+cover.out
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.17-alpine as builder
+FROM golang:1.21-alpine as builder
 
 RUN mkdir /goca-builder
 
@@ -7,7 +7,7 @@ WORKDIR /goca-builder/rest-api
 
 RUN go build -o main .
 
-FROM golang:1.17-alpine
+FROM golang:1.21-alpine
 
 RUN mkdir -p /goca/data
 

diff --git a/Makefile b/Makefile
@@ -1,7 +1,7 @@
 .PHONY: test docs docker-image
 
 test:
-	go test -covermode=count -coverprofile=count.out -v $(go list ./... | grep -v /docs-test/)
+	go test -race -covermode atomic -coverprofile=cover.out ./... -v
 
 	export PATH=$$PATH:`go env GOPATH`/bin; make -C rest-api test-doc
 	diff docs-test/swagger.json docs/swagger.json
@@ -14,8 +14,4 @@ docker-image:
 	docker build -t goca-rest-api:latest .
 
 lint:
-	if [ ! -f ./bin/golangci-lint ] ; \
-	then \
-		curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.49.0; \
-	fi;
-	./bin/golangci-lint run -e gosec
+	golangci-lint run -e gosec
diff --git a/ca.go b/ca.go
@@ -4,7 +4,6 @@ import (
 	"bytes"
 	"crypto/rsa"
 	"crypto/x509"
-	"crypto/x509/pkix"
 	"encoding/pem"
 	"errors"
 	"io/fs"
@@ -50,7 +49,7 @@ type CAData struct {
 	certificate    *x509.Certificate
 	publicKey      rsa.PublicKey
 	csr            *x509.CertificateRequest
-	crl            *pkix.CertificateList
+	crl            *x509.RevocationList
 	IsIntermediate bool
 }
 
@@ -187,9 +186,9 @@ func (c *CA) create(commonName, parentCommonName string, id Identity) error {
 	caData.certificate = certificate
 	caData.Certificate = string(certString)
 
-	crlBytes, err := cert.RevokeCertificate(c.CommonName, []pkix.RevokedCertificate{}, certificate, privKey)
+	crlBytes, err := cert.RevokeCertificate(c.CommonName, []x509.RevocationListEntry{}, certificate, privKey)
 	if err != nil {
-		crl, err := x509.ParseCRL(crlBytes)
+		crl, err := x509.ParseRevocationList(crlBytes)
 		if err != nil {
 			caData.crl = crl
 		}
@@ -452,22 +451,22 @@ func (c *CA) loadCertificate(commonName string) (certificate Certificate, err er
 
 func (c *CA) revokeCertificate(certificate *x509.Certificate) error {
 
-	var revokedCerts []pkix.RevokedCertificate
+	var revokedCerts []x509.RevocationListEntry
 	var caDir string = filepath.Join(c.CommonName, "ca")
 	var crlString []byte
 
 	currentCRL := c.GoCRL()
 	if currentCRL != nil {
-		for _, serialNumber := range currentCRL.TBSCertList.RevokedCertificates {
+		for _, serialNumber := range currentCRL.RevokedCertificateEntries {
 			if serialNumber.SerialNumber.String() == certificate.SerialNumber.String() {
 				return ErrCertRevoked
 			}
 		}
 
-		revokedCerts = currentCRL.TBSCertList.RevokedCertificates
+		revokedCerts = currentCRL.RevokedCertificateEntries
 	}
 
-	newCertRevoke := pkix.RevokedCertificate{
+	newCertRevoke := x509.RevocationListEntry{
 		SerialNumber:   certificate.SerialNumber,
 		RevocationTime: time.Now(),
 	}
@@ -479,7 +478,7 @@ func (c *CA) revokeCertificate(certificate *x509.Certificate) error {
 		return err
 	}
 
-	crl, err := x509.ParseCRL(crlByte)
+	crl, err := x509.ParseRevocationList(crlByte)
 	if err != nil {
 		return err
 	}

diff --git a/cert/cert.go b/cert/cert.go
@@ -133,9 +133,9 @@ func LoadCSR(csrString []byte) (*x509.CertificateRequest, error) {
 // LoadCRL loads a Certificate Revocation List from a read file.
 //
 // Using ioutil.ReadFile() satisfyies the read file.
-func LoadCRL(crlString []byte) (*pkix.CertificateList, error) {
+func LoadCRL(crlString []byte) (*x509.RevocationList, error) {
 	block, _ := pem.Decode([]byte(string(crlString)))
-	crl, _ := x509.ParseCRL(block.Bytes)
+	crl, _ := x509.ParseRevocationList(block.Bytes)
 
 	return crl, nil
 }
@@ -369,14 +369,14 @@ func CASignCSR(CACommonName string, csr x509.CertificateRequest, caCert *x509.Ce
 }
 
 // RevokeCertificate is used to revoke a certificate (added to the revoked list)
-func RevokeCertificate(CACommonName string, certificateList []pkix.RevokedCertificate, caCert *x509.Certificate, privKey *rsa.PrivateKey) (crl []byte, err error) {
+func RevokeCertificate(CACommonName string, certificateList []x509.RevocationListEntry, caCert *x509.Certificate, privKey *rsa.PrivateKey) (crl []byte, err error) {
 
 	crlTemplate := x509.RevocationList{
-		SignatureAlgorithm:  caCert.SignatureAlgorithm,
-		RevokedCertificates: certificateList,
-		Number:              newSerialNumber(),
-		ThisUpdate:          time.Now(),
-		NextUpdate:          time.Now().AddDate(0, 0, 1),
+		SignatureAlgorithm:        caCert.SignatureAlgorithm,
+		RevokedCertificateEntries: certificateList,
+		Number:                    newSerialNumber(),
+		ThisUpdate:                time.Now(),
+		NextUpdate:                time.Now().AddDate(0, 0, 1),
 	}
 
 	crlByte, err := x509.CreateRevocationList(rand.Reader, &crlTemplate, caCert, privKey)

diff --git a/go.mod b/go.mod
@@ -3,39 +3,52 @@ module github.com/kairoaraujo/goca
 go 1.21
 
 require (
-	github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751
-	github.com/gin-gonic/gin v1.8.1
+	github.com/gin-gonic/gin v1.9.1
 	github.com/google/uuid v1.3.0
 	github.com/swaggo/files v0.0.0-20220610200504-28940afbdbfe
 	github.com/swaggo/gin-swagger v1.5.0
-	github.com/swaggo/swag v1.8.3
+	github.com/swaggo/swag v1.16.2
 )
 
 require (
 	github.com/KyleBanks/depth v1.2.1 // indirect
+	github.com/bytedance/sonic v1.9.1 // indirect
+	github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d // indirect
+	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
-	github.com/go-openapi/jsonpointer v0.19.5 // indirect
-	github.com/go-openapi/jsonreference v0.20.0 // indirect
-	github.com/go-openapi/spec v0.20.6 // indirect
-	github.com/go-openapi/swag v0.21.1 // indirect
-	github.com/go-playground/locales v0.14.0 // indirect
-	github.com/go-playground/universal-translator v0.18.0 // indirect
-	github.com/go-playground/validator/v10 v10.11.0 // indirect
-	github.com/goccy/go-json v0.9.7 // indirect
+	github.com/go-openapi/jsonpointer v0.20.0 // indirect
+	github.com/go-openapi/jsonreference v0.20.2 // indirect
+	github.com/go-openapi/spec v0.20.9 // indirect
+	github.com/go-openapi/swag v0.22.4 // indirect
+	github.com/go-playground/locales v0.14.1 // indirect
+	github.com/go-playground/universal-translator v0.18.1 // indirect
+	github.com/go-playground/validator/v10 v10.14.0 // indirect
+	github.com/goccy/go-json v0.10.2 // indirect
+	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/leodido/go-urn v1.2.1 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.4 // indirect
+	github.com/leodido/go-urn v1.2.4 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
-	github.com/mattn/go-isatty v0.0.14 // indirect
+	github.com/mattn/go-isatty v0.0.19 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
-	github.com/pelletier/go-toml/v2 v2.0.2 // indirect
-	github.com/ugorji/go/codec v1.2.7 // indirect
-	golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d // indirect
-	golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e // indirect
-	golang.org/x/sys v0.0.0-20220624220833-87e55d714810 // indirect
-	golang.org/x/text v0.3.7 // indirect
-	golang.org/x/tools v0.1.11 // indirect
-	google.golang.org/protobuf v1.28.0 // indirect
+	github.com/pelletier/go-toml/v2 v2.0.8 // indirect
+	github.com/rogpeppe/go-internal v1.11.0 // indirect
+	github.com/russross/blackfriday/v2 v2.0.1 // indirect
+	github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
+	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
+	github.com/ugorji/go/codec v1.2.11 // indirect
+	github.com/urfave/cli/v2 v2.3.0 // indirect
+	golang.org/x/arch v0.3.0 // indirect
+	golang.org/x/crypto v0.16.0 // indirect
+	golang.org/x/net v0.19.0 // indirect
+	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/tools v0.16.0 // indirect
+	google.golang.org/protobuf v1.30.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	sigs.k8s.io/yaml v1.3.0 // indirect
 )