edgexfoundry · lenny-goodell · Jan 10, 2022 · Nov 18, 2021 · Dec 10, 2021
diff --git a/.golangci.yml b/.golangci.yml
@@ -0,0 +1,4 @@
+linters:
+  disable:
+  enable:
+    - gosec
diff --git a/Makefile b/Makefile
@@ -1,12 +1,20 @@
-.PHONY: test
+.PHONY: test unittest lint 
 
 GO=CGO_ENABLED=0 GO111MODULE=on go
+ARCH=$(shell uname -m)
 
 tidy:
 	go mod tidy
 
-test:
+unittest:
 	$(GO) test ./... -coverprofile=coverage.out ./...
+
+lint:
+	@which golangci-lint >/dev/null || echo "WARNING: go linter not installed. To install, run\n  curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b \$$(go env GOPATH)/bin v1.42.1"
+	@if [ "z${ARCH}" = "zx86_64" ] && which golangci-lint >/dev/null ; then golangci-lint run --config .golangci.yml ; else echo "WARNING: Linting skipped (not on x86_64 or linter not installed)"; fi
+
+
+test: unittest lint
 	$(GO) vet ./...
 	gofmt -l $$(find . -type f -name '*.go'| grep -v "/vendor/")
 	[ "`gofmt -l $$(find . -type f -name '*.go'| grep -v "/vendor/")`" = "" ]

diff --git a/bootstrap/bootstrap.go b/bootstrap/bootstrap.go
@@ -54,7 +54,7 @@ func translateInterruptToCancel(ctx context.Context, wg *sync.WaitGroup, cancel
 	go func() {
 		defer wg.Done()
 
-		signalStream := make(chan os.Signal)
+		signalStream := make(chan os.Signal, 1)
 		defer func() {
 			signal.Stop(signalStream)
 			close(signalStream)
@@ -155,7 +155,7 @@ func RunAndReturnWaitGroup(
 	// call individual bootstrap handlers.
 	startedSuccessfully := true
 	for i := range handlers {
-		if handlers[i](ctx, &wg, startupTimer, dic) == false {
+		if !handlers[i](ctx, &wg, startupTimer, dic) {
 			cancel()
 			startedSuccessfully = false
 			break

diff --git a/bootstrap/messaging/messaging_test.go b/bootstrap/messaging/messaging_test.go
@@ -136,7 +136,7 @@ func TestValidateSecrets(t *testing.T) {
 			result := ValidateSecretData(test.AuthMode, "unit-test", &test.SecretData)
 			if test.ErrorExpectation {
 				require.Error(t, result, "Result should be an error")
-				assert.Equal(t, test.ErrorMessage, result.(error).Error())
+				assert.Equal(t, test.ErrorMessage, result.Error())
 			} else {
 				assert.Nil(t, result, "Should be nil")
 			}

diff --git a/bootstrap/secret/secret_test.go b/bootstrap/secret/secret_test.go
@@ -45,6 +45,7 @@ const (
 	expectedPath     = "/redisdb"
 )
 
+//nolint: gosec
 var testTokenResponse = `{"auth":{"accessor":"9OvxnrjgV0JTYMeBreak7YJ9","client_token":"s.oPJ8uuJCkTRb2RDdcNova8wg","entity_id":"","lease_duration":3600,"metadata":{"edgex-service-name":"edgex-core-data"},"orphan":true,"policies":["default","edgex-service-edgex-core-data"],"renewable":true,"token_policies":["default","edgex-service-edgex-core-data"],"token_type":"service"},"data":null,"lease_duration":0,"lease_id":"","renewable":false,"request_id":"ee749ee1-c8bf-6fa9-3ed5-644181fc25b0","warnings":null,"wrap_info":null}`
 var expectedSecrets = map[string]string{UsernameKey: expectedUsername, PasswordKey: expectedPassword}
 

diff --git a/bootstrap/secret/secure.go b/bootstrap/secret/secure.go
@@ -39,7 +39,8 @@ import (
 const (
 	TokenTypeConsul      = "consul"
 	AccessTokenAuthError = "HTTP response with status code 403"
-	SecretsAuthError     = "Received a '403' response"
+	//nolint: gosec
+	SecretsAuthError = "Received a '403' response"
 )
 
 // SecureProvider implements the SecretProvider interface

diff --git a/bootstrap/secret/secure_test.go b/bootstrap/secret/secure_test.go
@@ -186,6 +186,7 @@ func TestSecureProvider_SecretsUpdated(t *testing.T) {
 
 func TestSecureProvider_DefaultTokenExpiredCallback(t *testing.T) {
 	goodTokenFile := "good-token.json"
+	//nolint: gosec
 	badTokenFile := "bad-token.json"
 	sameTokenFile := "same-token.json"
 	newToken := "new token"

diff --git a/bootstrap/secret/types_test.go b/bootstrap/secret/types_test.go
@@ -115,7 +115,9 @@ func TestServiceSecrets_UnmarshalJson_Imported_true(t *testing.T) {
 func TestServiceSecrets_UnmarshalJson_Failed_Validation(t *testing.T) {
 	allGood := `{"secrets": [{"path": "auth","imported": false,"secretData": [{"key": "user1","value": "password1"}]}]}`
 	noPath := `{"secrets": [{"path": "","imported": false,"secretData": [{"key": "user1","value": "password1"}]}]}`
+	//nolint: gosec
 	noSecretData := `{"secrets": [{"path": "auth","imported": false}]}`
+	//nolint: gosec
 	emptySecretData := `{"secrets": [{"path": "auth","imported": false, "secretData": []}]}`
 	missingKey := `{"secrets": [{"path": "auth","imported": false,"secretData": [{"value": "password1"}]}]}`
 	missingValue := `{"secrets": [{"path": "auth","imported": false,"secretData": [{"key": "user1"}]}]}`