[1.48] Upgrade go to 1.20 (#6227)

* Upgrade to go 1.20
* SA1019: rnd.Seed has been deprecated since Go 1.20
* Fix Linters
* Fix CI for this branch
* Swagger update

.github/workflows/build-backend.yml

@@ -19,7 +19,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.19.4
+          go-version: 1.20.3
 
       - name: Cache Go deps
         uses: actions/cache@v3

.github/workflows/config/.golangci.yml

@@ -1,7 +1,15 @@
+run:
+  skip-files:
+    - doc.go
+    - ".*\\.pb\\.go$"
+  skip-dirs:
+    - frontend  
+  timeout: 5m
+  tests: true  
 linters:
   enable:
     - goimports
 
 linters-settings:
   goimports:
-    local-prefixes: github.com/kiali/kiali
+    local-prefixes: github.com/kiali/kiali

.github/workflows/kiali-ci.yml

@@ -2,9 +2,13 @@ name: Kiali Go CI
 
 on:
   push:
-    branches: [master]
+    branches:
+    - master
+    - v*.*
   pull_request:
-    branches: [master]
+    branches:
+    - master
+    - v*.*
 
 jobs:
   build:
@@ -14,7 +18,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
-          go-version: 1.19.4
+          go-version: 1.20.3
 
       - name: Check out code into the Go module directory
         uses: actions/checkout@v2

.github/workflows/release.yml

@@ -217,7 +217,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v2
       with:
-        go-version: 1.19.4
+        go-version: 1.20.3
 
     - name: Cache Go deps
       uses: actions/cache@v3

Makefile

@@ -28,7 +28,7 @@ VERSION_LABEL ?= ${VERSION}
 # The go commands and the minimum Go version that must be used to build the app.
 GO ?= go
 GOFMT ?= $(shell ${GO} env GOROOT)/bin/gofmt
-GO_VERSION_KIALI = 1.19.4
+GO_VERSION_KIALI = 1.20.3
 
 SWAGGER_VERSION ?= 0.27.0
 

business/authentication/context.go

@@ -0,0 +1,17 @@
+package authentication
+
+import (
+	"context"
+)
+
+type contextKey string
+
+var ContextKeyAuthInfo contextKey = "authInfo"
+
+func SetAuthInfoContext(ctx context.Context, value interface{}) context.Context {
+	return context.WithValue(ctx, ContextKeyAuthInfo, value)
+}
+
+func GetAuthInfoContext(ctx context.Context) interface{} {
+	return ctx.Value(ContextKeyAuthInfo)
+}

business/authentication/openid_auth_controller.go

@@ -8,7 +8,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"net/url"
 	"os"
@@ -875,7 +875,7 @@ func (p *openidFlowHelper) requestOpenIdToken(redirect_uri string) *openidFlowHe
 	}
 
 	defer response.Body.Close()
-	rawTokenResponse, err := ioutil.ReadAll(response.Body)
+	rawTokenResponse, err := io.ReadAll(response.Body)
 	if err != nil {
 		p.Error = fmt.Errorf("failed to read token response from IdP: %w", err)
 		return p
@@ -971,7 +971,7 @@ func createHttpClient(toUrl string) (*http.Client, error) {
 	var cafile []byte
 	if _, customCaErr := os.Stat(OpenIdServerCAFile); customCaErr == nil {
 		var caReadErr error
-		if cafile, caReadErr = ioutil.ReadFile(OpenIdServerCAFile); caReadErr != nil {
+		if cafile, caReadErr = os.ReadFile(OpenIdServerCAFile); caReadErr != nil {
 			return nil, fmt.Errorf("failed to read the OpenId CA certificate: %w", caReadErr)
 		}
 	} else if !errors.Is(customCaErr, os.ErrNotExist) {
@@ -1129,7 +1129,7 @@ func getOpenIdJwks() (*jose.JSONWebKeySet, error) {
 		// Parse the Keys document
 		var oidcKeys jose.JSONWebKeySet
 
-		rawMetadata, err := ioutil.ReadAll(response.Body)
+		rawMetadata, err := io.ReadAll(response.Body)
 		if err != nil {
 			return nil, fmt.Errorf("failed to read OpenId JWKS document: %s", err.Error())
 		}
@@ -1185,7 +1185,7 @@ func getOpenIdMetadata() (*openIdMetadata, error) {
 		// Parse JSON document
 		var metadata openIdMetadata
 
-		rawMetadata, err := ioutil.ReadAll(response.Body)
+		rawMetadata, err := io.ReadAll(response.Body)
 		if err != nil {
 			return nil, fmt.Errorf("failed to read OpenId Metadata: %s", err.Error())
 		}

business/authentication/openid_auth_controller_test.go

@@ -25,13 +25,13 @@ import (
 )
 
 // Token built with the debugger at jwt.io. Subject is system:serviceaccount:k8s_user
-//{
-//"sub": "jdoe@domain.com",
-//"name": "John Doe",
-//"iat": 1516239022,
-//"nonce": "1ba9b834d08ac81feb34e208402eb18e909be084518c328510940184",
-//"exp": 1311281970
-//}
+// {
+// "sub": "jdoe@domain.com",
+// "name": "John Doe",
+// "iat": 1516239022,
+// "nonce": "1ba9b834d08ac81feb34e208402eb18e909be084518c328510940184",
+// "exp": 1311281970
+// }
 const openIdTestToken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqZG9lQGRvbWFpbi5jb20iLCJuYW1lIjoiSm9obiBEb2UiLCJpYXQiOjE1MTYyMzkwMjIsIm5vbmNlIjoiMWJhOWI4MzRkMDhhYzgxZmViMzRlMjA4NDAyZWIxOGU5MDliZTA4NDUxOGMzMjg1MTA5NDAxODQiLCJleHAiOjE2MzgzMTY4MDF9.agHBziXM7SDLBKCnA6BvjWenU1n6juL8Fz3go4MSzyw"
 
 /*** Implicit flow tests ***/
@@ -1447,7 +1447,7 @@ func TestOpenIdCodeFlowShouldRejectMissingState(t *testing.T) {
 	cfg.LoginToken.ExpirationSeconds = 1
 	config.Set(cfg)
 
-	uri := fmt.Sprintf("/api/authenticate?code=f0code")
+	uri := "/api/authenticate?code=f0code"
 	request := httptest.NewRequest(http.MethodGet, uri, nil)
 	request.AddCookie(&http.Cookie{
 		Name:  OpenIdNonceCookieName,

business/authentication/token_auth_controller.go

@@ -39,9 +39,7 @@ type sessionPayload struct {
 }
 
 // UserSessionData tokenResponse
-//
 // This is used for returning the token
-//
 // swagger:model UserSessionData
 type UserSessionData struct {
 	// The expired time for the token

business/checkers/serviceentries/workload_entry_address_match.go

@@ -1,8 +1,6 @@
 package serviceentries
 
 import (
-	"fmt"
-
 	"istio.io/client-go/pkg/apis/networking/v1alpha3"
 	"k8s.io/apimachinery/pkg/labels"
 
@@ -51,7 +49,7 @@ func (in HasMatchingWorkloadEntryAddress) Check() ([]*models.IstioCheck, bool) {
 		if _, found := seAddresses[weAddress]; !found {
 			// Add validation: WorkloadEntry.Address should be part of the Service Entry Addresses list
 			validation := models.Build("serviceentries.workloadentries.addressmatch",
-				fmt.Sprint("spec/addresses"))
+				"spec/addresses")
 			validations = append(validations, &validation)
 		}
 	}

business/dashboards.go

@@ -238,7 +238,7 @@ func (in *DashboardsService) GetDashboard(authInfo *api.AuthInfo, params models.
 }
 
 // SearchExplicitDashboards will check annotations of all supplied pods to extract a unique list of dashboards
-//	Accepted annotations are "kiali.io/runtimes" and "kiali.io/dashboards"
+// Accepted annotations are "kiali.io/runtimes" and "kiali.io/dashboards"
 func (in *DashboardsService) SearchExplicitDashboards(pods []models.Pod) []models.Runtime {
 	uniqueRefsList := extractUniqueDashboards(pods)
 	if len(uniqueRefsList) > 0 {

business/openshift_oauth.go

@@ -7,9 +7,10 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"net/url"
+	"os"
 	"strings"
 	"time"
 
@@ -149,7 +150,7 @@ func (in *OpenshiftOAuthService) GetUserInfo(token string) (*OAuthUser, error) {
 
 func getKialiNamespace() (string, error) {
 	if kialiNamespace == "" {
-		namespace, err := ioutil.ReadFile("/var/run/secrets/kubernetes.io/serviceaccount/namespace")
+		namespace, err := os.ReadFile("/var/run/secrets/kubernetes.io/serviceaccount/namespace")
 		if err != nil {
 			return "", err
 		}
@@ -246,7 +247,7 @@ func request(method string, url string, auth *string) ([]byte, error) {
 
 func requestWithTimeout(method string, url string, auth *string, timeout time.Duration) ([]byte, error) {
 	certPool := x509.NewCertPool()
-	cert, err := ioutil.ReadFile("/run/secrets/kubernetes.io/serviceaccount/ca.crt")
+	cert, err := os.ReadFile("/run/secrets/kubernetes.io/serviceaccount/ca.crt")
 
 	if err != nil {
 		return nil, fmt.Errorf("failed to get root CA certificates: %s", err)
@@ -282,7 +283,7 @@ func requestWithTimeout(method string, url string, auth *string, timeout time.Du
 
 	defer response.Body.Close()
 
-	body, err := ioutil.ReadAll(response.Body)
+	body, err := io.ReadAll(response.Body)
 
 	if err != nil {
 		return nil, fmt.Errorf("Failed to read response body for api endpoint [%s] for oauth consumption, error: %s", url, err)

business/services.go

@@ -280,14 +280,16 @@ func (in *SvcService) buildKubernetesServices(svcs []core_v1.Service, pods []cor
 // The only way to identify it is to check that the service has an address in the current cluster.
 // To avoid side effects, Kiali will process only services that belongs to the current cluster.
 // This should be revisited on more multi-cluster deployments scenarios.
-//     "hostname": "test-svc.evil.svc.cluster.local",
-//    "clusterVIPs": {
-//      "Addresses": {
-//        "istio-west": [
-//          "0.0.0.0"
-//        ]
-//      }
-//    },
+//
+//	{
+//		"hostname": "test-svc.evil.svc.cluster.local",
+//		"clusterVIPs": {
+//			"Addresses": {
+//				"istio-west": [
+//					"0.0.0.0"
+//				]
+//			}
+//	}
 func (in *SvcService) getClusterId() string {
 	// By default Istio uses "Kubernetes" as clusterId for single control planes scenarios.
 	// This clusterId is propagated into the Istio Registry and we need it to filter services in multi-cluster scenarios.

business/services_test.go

@@ -2,7 +2,7 @@ package business
 
 import (
 	"context"
-	"io/ioutil"
+	"os"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -53,7 +53,7 @@ func TestParseRegistryServices(t *testing.T) {
 	svc := SvcService{k8s: nil, businessLayer: NewWithBackends(k8s, nil, nil)}
 
 	servicesz := "../tests/data/registry/services-registryz.json"
-	bServicesz, err := ioutil.ReadFile(servicesz)
+	bServicesz, err := os.ReadFile(servicesz)
 	assert.NoError(err)
 	rServices := map[string][]byte{
 		"istiod1": bServicesz,
@@ -64,7 +64,7 @@ func TestParseRegistryServices(t *testing.T) {
 	assert.Equal(3, len(registryServices))
 
 	configz := "../tests/data/registry/services-configz.json"
-	bConfigz, err2 := ioutil.ReadFile(configz)
+	bConfigz, err2 := os.ReadFile(configz)
 	assert.NoError(err2)
 	rConfig := map[string][]byte{
 		"istiod1": bConfigz,
@@ -92,7 +92,7 @@ func TestFilterLocalIstioRegistry(t *testing.T) {
 	config.Set(conf)
 
 	servicesz := "../tests/data/registry/istio-east-registryz.json"
-	bServicesz, err := ioutil.ReadFile(servicesz)
+	bServicesz, err := os.ReadFile(servicesz)
 	assert.NoError(err)
 	rServices := map[string][]byte{
 		"istiod1": bServicesz,

config/config.go

@@ -4,7 +4,6 @@ import (
 	"embed"
 	"fmt"
 	"io/fs"
-	"io/ioutil"
 	"os"
 	"sort"
 	"strings"
@@ -887,7 +886,7 @@ func Marshal(conf *Config) (yamlString string, err error) {
 // LoadFromFile reads the YAML from the given file, parses the content, and returns its Config object representation.
 func LoadFromFile(filename string) (conf *Config, err error) {
 	log.Debugf("Reading YAML config from [%s]", filename)
-	fileContent, err := ioutil.ReadFile(filename)
+	fileContent, err := os.ReadFile(filename)
 	if err != nil {
 		return nil, fmt.Errorf("failed to load config file [%v]. error=%v", filename, err)
 	}
@@ -898,7 +897,7 @@ func LoadFromFile(filename string) (conf *Config, err error) {
 	}
 
 	// Read OIDC secret, if present
-	if oidcSecret, oidcErr := ioutil.ReadFile(OidcClientSecretFile); oidcErr == nil {
+	if oidcSecret, oidcErr := os.ReadFile(OidcClientSecretFile); oidcErr == nil {
 		conf.Auth.OpenId.ClientSecret = string(oidcSecret)
 	} else {
 		if !os.IsNotExist(oidcErr) {
@@ -919,7 +918,7 @@ func SaveToFile(filename string, conf *Config) (err error) {
 	}
 
 	log.Debugf("Writing YAML config to [%s]", filename)
-	err = ioutil.WriteFile(filename, []byte(fileContent), 0640)
+	err = os.WriteFile(filename, []byte(fileContent), 0640)
 	return
 }
 

doc.go

@@ -610,27 +610,6 @@ type AppListResponse struct {
 	Body models.AppList
 }
 
-// serviceHealthResponse contains aggregated health from various sources, for a given service
-// swagger:response serviceHealthResponse
-type serviceHealthResponse struct {
-	// in:body
-	Body models.ServiceHealth
-}
-
-// appHealthResponse contains aggregated health from various sources, for a given app
-// swagger:response appHealthResponse
-type appHealthResponse struct {
-	// in:body
-	Body models.AppHealth
-}
-
-// workloadHealthResponse contains aggregated health from various sources, for a given workload
-// swagger:response workloadHealthResponse
-type workloadHealthResponse struct {
-	// in:body
-	Body models.WorkloadHealth
-}
-
 // namespaceAppHealthResponse is a map of app name x health
 // swagger:response namespaceAppHealthResponse
 type namespaceAppHealthResponse struct {

go.mod

@@ -1,6 +1,6 @@
 module github.com/kiali/kiali
 
-go 1.19
+go 1.20
 
 require (
 	github.com/NYTimes/gziphandler v1.1.1