Add golangci-lint support

.golangci.yml

@@ -0,0 +1,2 @@
+run:
+  timeout: 5m

Makefile

@@ -19,6 +19,7 @@ MAKEFILE_DIR=$(dir $(realpath $(firstword $(MAKEFILE_LIST))))
 UPSTREAM_IMPORT_PATH=$(GOPATH)/src/github.com/cloudnativelabs/kube-router/
 BUILD_IN_DOCKER?=true
 DOCKER_BUILD_IMAGE?=golang:1.10.8-alpine3.9
+DOCKER_LINT_IMAGE?=golangci/golangci-lint:v1.27.0
 QEMU_IMAGE?=multiarch/qemu-user-static
 ifeq ($(GOARCH), arm)
 ARCH_TAG_PREFIX=$(GOARCH)
@@ -57,14 +58,22 @@ else
 	GOARCH=$(GOARCH) CGO_ENABLED=0 go build -ldflags '-X github.com/cloudnativelabs/kube-router/pkg/cmd.version=$(GIT_COMMIT) -X github.com/cloudnativelabs/kube-router/pkg/cmd.buildDate=$(BUILD_DATE)' -o kube-router cmd/kube-router/kube-router.go
 endif
 
-test: gofmt ## Runs code quality pipelines (gofmt, tests, coverage, lint, etc)
+test: gofmt ## Runs code quality pipelines (gofmt, tests, coverage, etc)
 ifeq "$(BUILD_IN_DOCKER)" "true"
 	$(DOCKER) run -v $(PWD):/go/src/github.com/cloudnativelabs/kube-router -w /go/src/github.com/cloudnativelabs/kube-router $(DOCKER_BUILD_IMAGE) \
 	    sh -c 'go test -v -timeout 30s github.com/cloudnativelabs/kube-router/cmd/kube-router/ github.com/cloudnativelabs/kube-router/pkg/...'
 else
 		go test -v -timeout 30s github.com/cloudnativelabs/kube-router/cmd/kube-router/ github.com/cloudnativelabs/kube-router/pkg/...
 endif
 
+lint: gofmt
+ifeq "$(BUILD_IN_DOCKER)" "true"
+	$(DOCKER) run -v $(PWD):/go/src/github.com/cloudnativelabs/kube-router -w /go/src/github.com/cloudnativelabs/kube-router $(DOCKER_LINT_IMAGE) \
+	     sh -c 'golangci-lint run ./...'
+else
+	golangci-lint run ./...
+endif
+
 vagrant-up: export docker=$(DOCKER)
 vagrant-up: export DEV_IMG=$(REGISTRY_DEV):$(IMG_TAG)
 vagrant-up: all vagrant-destroy
@@ -264,7 +273,7 @@ ifeq (vagrant,$(firstword $(MAKECMDGOALS)))
 endif
 
 .PHONY: build clean container run release goreleaser push gofmt gofmt-fix gomoqs
-.PHONY: update-glide test docker-login push-manifest push-manifest-release
+.PHONY: update-glide test lint docker-login push-manifest push-manifest-release
 .PHONY: push-release github-release help gopath gopath-fix vagrant-up-single-node
 .PHONY: vagrant-up-multi-node vagrant-destroy vagrant-clean vagrant
 .PHONY: multiarch-binverify

build/travis-test.sh

@@ -5,5 +5,8 @@ set -o pipefail
 echo "install moq"
 go get github.com/matryer/moq
 
+echo "Running lint on Travis"
+make lint
+
 echo "Running tests on Travis"
 make test

cmd/kube-router/kube-router.go

@@ -28,10 +28,18 @@ func Main() error {
 
 	// Workaround for this issue:
 	// https://github.com/kubernetes/kubernetes/issues/17162
-	flag.CommandLine.Parse([]string{})
-
-	flag.Set("logtostderr", "true")
-	flag.Set("v", config.VLevel)
+	err := flag.CommandLine.Parse([]string{})
+	if err != nil {
+		return fmt.Errorf("Failed to parse flags: %s", err)
+	}
+	err = flag.Set("logtostderr", "true")
+	if err != nil {
+		return fmt.Errorf("Failed to set flag: %s", err)
+	}
+	err = flag.Set("v", config.VLevel)
+	if err != nil {
+		return fmt.Errorf("Failed to set flag: %s", err)
+	}
 
 	if config.HelpRequested {
 		pflag.Usage()
@@ -59,7 +67,7 @@ func Main() error {
 
 	if config.EnablePprof {
 		go func() {
-			fmt.Fprintf(os.Stdout, http.ListenAndServe("0.0.0.0:6060", nil).Error())
+			fmt.Fprintf(os.Stdout, "%s\n", http.ListenAndServe("0.0.0.0:6060", nil).Error())
 		}()
 	}
 

cmd/kube-router/kube-router_test.go

@@ -18,8 +18,11 @@ func TestMainHelp(t *testing.T) {
 	wg := &sync.WaitGroup{}
 	wg.Add(1)
 	go func() {
-		io.Copy(stderrBuf, stderrR)
-		wg.Done()
+		defer wg.Done()
+		_, err := io.Copy(stderrBuf, stderrR)
+		if err != nil {
+			panic(err)
+		}
 	}()
 
 	origArgs := os.Args
@@ -37,7 +40,10 @@ func TestMainHelp(t *testing.T) {
 		t.Fatalf("could not open docs/user-guide.md: %s\n", err)
 	}
 	docBuf := bytes.NewBuffer(nil)
-	docBuf.ReadFrom(docF)
+	_, err = docBuf.ReadFrom(docF)
+	if err != nil {
+		t.Fatalf("could not read from buffer: %s\n", err)
+	}
 	docF.Close()
 
 	exp := append([]byte("```\n"), stderrBuf.Bytes()...)

pkg/cmd/kube-router.go

@@ -180,7 +180,7 @@ func (kr *KubeRouter) Run() error {
 	}
 
 	// Handle SIGINT and SIGTERM
-	ch := make(chan os.Signal)
+	ch := make(chan os.Signal, 1)
 	signal.Notify(ch, syscall.SIGINT, syscall.SIGTERM)
 	<-ch
 
@@ -211,7 +211,7 @@ func PrintVersion(logOutput bool) {
 	output := fmt.Sprintf("Running %v version %s, built on %s, %s\n", os.Args[0], version, buildDate, runtime.Version())
 
 	if !logOutput {
-		fmt.Fprintf(os.Stderr, output)
+		fmt.Fprintf(os.Stderr, "%s", output)
 	} else {
 		glog.Info(output)
 	}

pkg/controllers/netpol/network_policy_controller.go

@@ -32,7 +32,6 @@ import (
 )
 
 const (
-	networkPolicyAnnotation      = "net.beta.kubernetes.io/network-policy"
 	kubePodFirewallChainPrefix   = "KUBE-POD-FW-"
 	kubeNetworkPolicyChainPrefix = "KUBE-NWPLCY-"
 	kubeSourceIpSetPrefix        = "KUBE-SRC-"
@@ -968,6 +967,9 @@ func cleanupStaleRules(activePolicyChains, activePodFwChains, activePolicyIPSets
 
 	// find iptables chains and ipsets that are no longer used by comparing current to the active maps we were passed
 	chains, err := iptablesCmdHandler.ListChains("filter")
+	if err != nil {
+		return fmt.Errorf("Unable to list chains: %s", err)
+	}
 	for _, chain := range chains {
 		if strings.HasPrefix(chain, kubeNetworkPolicyChainPrefix) {
 			if _, ok := activePolicyChains[chain]; !ok {
@@ -1035,7 +1037,7 @@ func cleanupStaleRules(activePolicyChains, activePodFwChains, activePolicyIPSets
 		for podFwChain := range activePodFwChains {
 			podFwChainRules, err := iptablesCmdHandler.List("filter", podFwChain)
 			if err != nil {
-
+				return fmt.Errorf("Unable to list rules from the chain %s: %s", podFwChain, err)
 			}
 			for i, rule := range podFwChainRules {
 				if strings.Contains(rule, policyChain) {
@@ -1557,6 +1559,9 @@ func (npc *NetworkPolicyController) Cleanup() {
 	for i, rule := range forwardChainRules {
 		if strings.Contains(rule, kubePodFirewallChainPrefix) {
 			err = iptablesCmdHandler.Delete("filter", "FORWARD", strconv.Itoa(i-realRuleNo))
+			if err != nil {
+				glog.Errorf("Failed to delete iptables rule as part of cleanup: %s", err)
+			}
 			realRuleNo++
 		}
 	}
@@ -1573,12 +1578,19 @@ func (npc *NetworkPolicyController) Cleanup() {
 	for i, rule := range forwardChainRules {
 		if strings.Contains(rule, kubePodFirewallChainPrefix) {
 			err = iptablesCmdHandler.Delete("filter", "OUTPUT", strconv.Itoa(i-realRuleNo))
+			if err != nil {
+				glog.Errorf("Failed to delete iptables rule as part of cleanup: %s", err)
+			}
 			realRuleNo++
 		}
 	}
 
 	// flush and delete pod specific firewall chain
 	chains, err := iptablesCmdHandler.ListChains("filter")
+	if err != nil {
+		glog.Errorf("Unable to list chains: %s", err)
+		return
+	}
 	for _, chain := range chains {
 		if strings.HasPrefix(chain, kubePodFirewallChainPrefix) {
 			err = iptablesCmdHandler.ClearChain("filter", chain)
@@ -1596,6 +1608,10 @@ func (npc *NetworkPolicyController) Cleanup() {
 
 	// flush and delete per network policy specific chain
 	chains, err = iptablesCmdHandler.ListChains("filter")
+	if err != nil {
+		glog.Errorf("Unable to list chains: %s", err)
+		return
+	}
 	for _, chain := range chains {
 		if strings.HasPrefix(chain, kubeNetworkPolicyChainPrefix) {
 			err = iptablesCmdHandler.ClearChain("filter", chain)

pkg/controllers/proxy/network_service_graceful.go

@@ -18,11 +18,6 @@ type gracefulQueue struct {
 	queue []gracefulRequest
 }
 
-type gracefulQueueItem struct {
-	added   time.Time
-	service *ipvs.Service
-}
-
 type gracefulRequest struct {
 	ipvsSvc                   *ipvs.Service
 	ipvsDst                   *ipvs.Destination