Merge pull request #383 from hairyhenderson/fix-lint

Updating gometalinter config and fixing new lint errors

12 files changed, 56 insertions, 21 deletions

diff --git a/Makefile b/Makefile
index 4eb33262..6f8fcfc1 100644
--- a/Makefile
+++ b/Makefile
@@ -112,7 +112,7 @@ gomplate.png: gomplate.svg
 
 lint:
 	gometalinter --vendor --disable-all \
-		--enable=gas \
+		--enable=gosec \
 		--enable=goconst \
 		--enable=gocyclo \
 		--enable=golint \
diff --git a/aws/testutils.go b/aws/testutils.go
index 77edeeb4..a25ca429 100644
--- a/aws/testutils.go
+++ b/aws/testutils.go
@@ -13,6 +13,7 @@ import (
 func MockServer(code int, body string) (*httptest.Server, *Ec2Meta) {
 	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(code)
+		// nolint: errcheck
 		fmt.Fprintln(w, body)
 	}))
 
diff --git a/cmd/gomplate/main.go b/cmd/gomplate/main.go
index c0ba8909..5aa0727c 100644
--- a/cmd/gomplate/main.go
+++ b/cmd/gomplate/main.go
@@ -51,7 +51,7 @@ func postRunExec(cmd *cobra.Command, args []string) error {
 	if len(args) > 0 {
 		name := args[0]
 		args = args[1:]
-		// nolint: gas
+		// nolint: gosec
 		c := exec.Command(name, args...)
 		c.Stdin = os.Stdin
 		c.Stderr = os.Stderr
@@ -120,6 +120,7 @@ func main() {
 	command := newGomplateCmd()
 	initFlags(command)
 	if err := command.Execute(); err != nil {
+		// nolint: errcheck
 		fmt.Fprintln(os.Stderr, err)
 		os.Exit(1)
 	}
diff --git a/conv/conv.go b/conv/conv.go
index e716ea13..5db95976 100644
--- a/conv/conv.go
+++ b/conv/conv.go
@@ -119,8 +119,7 @@ func Has(in interface{}, key interface{}) bool {
 	case reflect.Slice, reflect.Array:
 		l := av.Len()
 		for i := 0; i < l; i++ {
-			var v interface{}
-			v = av.Index(i).Interface()
+			v := av.Index(i).Interface()
 			if reflect.DeepEqual(v, key) {
 				return true
 			}
@@ -160,24 +159,28 @@ func ToStrings(in ...interface{}) []string {
 
 // MustParseInt - wrapper for strconv.ParseInt that returns 0 in the case of error
 func MustParseInt(s string, base, bitSize int) int64 {
+	// nolint: gosec
 	i, _ := strconv.ParseInt(s, base, bitSize)
 	return i
 }
 
 // MustParseFloat - wrapper for strconv.ParseFloat that returns 0 in the case of error
 func MustParseFloat(s string, bitSize int) float64 {
+	// nolint: gosec
 	i, _ := strconv.ParseFloat(s, bitSize)
 	return i
 }
 
 // MustParseUint - wrapper for strconv.ParseUint that returns 0 in the case of error
 func MustParseUint(s string, base, bitSize int) uint64 {
+	// nolint: gosec
 	i, _ := strconv.ParseUint(s, base, bitSize)
 	return i
 }
 
 // MustAtoi - wrapper for strconv.Atoi that returns 0 in the case of error
 func MustAtoi(s string) int {
+	// nolint: gosec
 	i, _ := strconv.Atoi(s)
 	return i
 }
diff --git a/crypto/pbkdf2.go b/crypto/pbkdf2.go
index e22d5fee..d5217429 100644
--- a/crypto/pbkdf2.go
+++ b/crypto/pbkdf2.go
@@ -2,7 +2,7 @@ package crypto
 
 import (
 	"crypto"
-	"crypto/sha1"
+	"crypto/sha1" //nolint: gosec
 	"crypto/sha256"
 	"crypto/sha512"
 	"fmt"
diff --git a/data/datasource_test.go b/data/datasource_test.go
index d975d942..fca4a23a 100644
--- a/data/datasource_test.go
+++ b/data/datasource_test.go
@@ -337,6 +337,7 @@ func TestReadStdin(t *testing.T) {
 	assert.Error(t, err)
 }
 
+// nolint: megacheck
 func TestDefineDatasource(t *testing.T) {
 	d := &Data{}
 	s, err := d.DefineDatasource("", "foo.json")
diff --git a/funcs/crypto.go b/funcs/crypto.go
index c4d86821..a59dda0d 100644
--- a/funcs/crypto.go
+++ b/funcs/crypto.go
@@ -2,7 +2,7 @@ package funcs
 
 import (
 	gcrypto "crypto"
-	"crypto/sha1"
+	"crypto/sha1" //nolint: gosec
 	"crypto/sha256"
 	"crypto/sha512"
 	"fmt"
@@ -62,9 +62,10 @@ func (f *CryptoFuncs) WPAPSK(ssid, password interface{}) (string, error) {
 	return f.PBKDF2(password, ssid, 4096, 32)
 }
 
-// SHA1 -
+// SHA1 - Note: SHA-1 is cryptographically broken and should not be used for secure applications.
 func (f *CryptoFuncs) SHA1(input interface{}) string {
 	in := toBytes(input)
+	// nolint: gosec
 	out := sha1.Sum(in)
 	return fmt.Sprintf("%02x", out)
 }
diff --git a/libkv/consul.go b/libkv/consul.go
index 0057b45c..3e08a056 100644
--- a/libkv/consul.go
+++ b/libkv/consul.go
@@ -6,6 +6,8 @@ import (
 	"os"
 	"time"
 
+	"github.com/pkg/errors"
+
 	yaml "gopkg.in/yaml.v2"
 
 	"github.com/docker/libkv"
@@ -25,7 +27,10 @@ const (
 // NewConsul - instantiate a new Consul datasource handler
 func NewConsul(u *url.URL) *LibKV {
 	consul.Register()
-	c := consulURL(u)
+	c, err := consulURL(u)
+	if err != nil {
+		logFatal(err)
+	}
 	config := consulConfig(c.Scheme == https)
 	if role := env.Getenv("CONSUL_VAULT_ROLE", ""); role != "" {
 		mount := env.Getenv("CONSUL_VAULT_MOUNT", "consul")
@@ -35,7 +40,8 @@ func NewConsul(u *url.URL) *LibKV {
 
 		path := fmt.Sprintf("%s/creds/%s", mount, role)
 
-		data, err := client.Read(path)
+		var data []byte
+		data, err = client.Read(path)
 		if err != nil {
 			logFatal("vault consul auth failed", err)
 		}
@@ -50,9 +56,11 @@ func NewConsul(u *url.URL) *LibKV {
 
 		client.Logout()
 
+		// nolint: gosec
 		_ = os.Setenv("CONSUL_HTTP_TOKEN", token)
 	}
-	kv, err := libkv.NewStore(store.CONSUL, []string{c.String()}, config)
+	var kv store.Store
+	kv, err = libkv.NewStore(store.CONSUL, []string{c.String()}, config)
 	if err != nil {
 		logFatal("Consul setup failed", err)
 	}
@@ -60,8 +68,12 @@ func NewConsul(u *url.URL) *LibKV {
 }
 
 // -- converts a gomplate datasource URL into a usable Consul URL
-func consulURL(u *url.URL) *url.URL {
-	c, _ := url.Parse(env.Getenv("CONSUL_HTTP_ADDR"))
+func consulURL(u *url.URL) (*url.URL, error) {
+	addrEnv := env.Getenv("CONSUL_HTTP_ADDR")
+	c, err := url.Parse(addrEnv)
+	if err != nil {
+		return nil, errors.Wrapf(err, "invalid URL '%s' in CONSUL_HTTP_ADDR", addrEnv)
+	}
 	if c.Scheme == "" {
 		c.Scheme = u.Scheme
 	}
@@ -84,7 +96,7 @@ func consulURL(u *url.URL) *url.URL {
 		c.Host = u.Host
 	}
 
-	return c
+	return c, nil
 }
 
 func consulConfig(useTLS bool) *store.Config {
diff --git a/libkv/consul_test.go b/libkv/consul_test.go
index c4ad3c22..d4e91496 100644
--- a/libkv/consul_test.go
+++ b/libkv/consul_test.go
@@ -18,30 +18,42 @@ func TestConsulURL(t *testing.T) {
 
 	u, _ := url.Parse("consul://")
 	expected := &url.URL{Host: "localhost:8500", Scheme: "https"}
-	assert.Equal(t, expected, consulURL(u))
+	actual, err := consulURL(u)
+	assert.NoError(t, err)
+	assert.Equal(t, expected, actual)
 
 	u, _ = url.Parse("consul+http://myconsul.server")
 	expected = &url.URL{Host: "myconsul.server", Scheme: "http"}
-	assert.Equal(t, expected, consulURL(u))
+	actual, err = consulURL(u)
+	assert.NoError(t, err)
+	assert.Equal(t, expected, actual)
 
 	os.Setenv("CONSUL_HTTP_SSL", "false")
 	u, _ = url.Parse("consul+https://myconsul.server:1234")
 	expected = &url.URL{Host: "myconsul.server:1234", Scheme: "https"}
-	assert.Equal(t, expected, consulURL(u))
+	actual, err = consulURL(u)
+	assert.NoError(t, err)
+	assert.Equal(t, expected, actual)
 
 	os.Unsetenv("CONSUL_HTTP_SSL")
 	u, _ = url.Parse("consul://myconsul.server:2345")
 	expected = &url.URL{Host: "myconsul.server:2345", Scheme: "http"}
-	assert.Equal(t, expected, consulURL(u))
+	actual, err = consulURL(u)
+	assert.NoError(t, err)
+	assert.Equal(t, expected, actual)
 
 	u, _ = url.Parse("consul://myconsul.server:3456/foo/bar/baz")
 	expected = &url.URL{Host: "myconsul.server:3456", Scheme: "http"}
-	assert.Equal(t, expected, consulURL(u))
+	actual, err = consulURL(u)
+	assert.NoError(t, err)
+	assert.Equal(t, expected, actual)
 
 	defer os.Unsetenv("CONSUL_HTTP_ADDR")
 	os.Setenv("CONSUL_HTTP_ADDR", "https://foo:8500")
 	expected = &url.URL{Host: "foo:8500", Scheme: "https"}
-	assert.Equal(t, expected, consulURL(u))
+	actual, err = consulURL(u)
+	assert.NoError(t, err)
+	assert.Equal(t, expected, actual)
 }
 
 func TestSetupTLS(t *testing.T) {
diff --git a/template.go b/template.go
index 496ee907..a1ffb89c 100644
--- a/template.go
+++ b/template.go
@@ -55,8 +55,12 @@ func (t *tplate) addTarget() (err error) {
 }
 
 // gatherTemplates - gather and prepare input template(s) and output file(s) for rendering
+// nolint: gocyclo
 func gatherTemplates(o *Config) (templates []*tplate, err error) {
 	mode, modeOverride, err := o.getMode()
+	if err != nil {
+		return nil, err
+	}
 
 	// the arg-provided input string gets a special name
 	if o.Input != "" {
diff --git a/tests/integration/datasources_env_test.go b/tests/integration/datasources_env_test.go
index 3b53c1e6..575f6190 100644
--- a/tests/integration/datasources_env_test.go
+++ b/tests/integration/datasources_env_test.go
@@ -8,12 +8,10 @@ import (
 
 	. "gopkg.in/check.v1"
 
-	"github.com/gotestyourself/gotestyourself/fs"
 	"github.com/gotestyourself/gotestyourself/icmd"
 )
 
 type EnvDatasourcesSuite struct {
-	tmpDir *fs.Dir
 }
 
 var _ = Suite(&EnvDatasourcesSuite{})
diff --git a/vault/testutils.go b/vault/testutils.go
index b32a7e41..2db9f78f 100644
--- a/vault/testutils.go
+++ b/vault/testutils.go
@@ -13,6 +13,7 @@ import (
 func MockServer(code int, body string) (*httptest.Server, *Vault) {
 	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(code)
+		// nolint: errcheck
 		fmt.Fprintln(w, body)
 	}))
 
@@ -26,6 +27,7 @@ func MockServer(code int, body string) (*httptest.Server, *Vault) {
 		Address:    server.URL,
 		HttpClient: httpClient,
 	}
+	// nolint: gosec
 	c, _ := api.NewClient(config)
 	return server, &Vault{c}
 }