forked from cilium/cilium
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.golangci.yaml
161 lines (149 loc) · 5 KB
/
.golangci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
# options for analysis running
run:
# default concurrency is a available CPU number
concurrency: 4
# timeout for analysis, e.g. 30s, 5m, default is 1m
timeout: 20m
# exit code when at least one issue was found, default is 1
issues-exit-code: 1
# include test files or not, default is true
tests: true
# default is true. Enables skipping of directories:
# vendor$, third_party$, testdata$, examples$, Godeps$, builtin$
skip-dirs-use-default: true
# which dirs to skip: they won't be analyzed;
# can use regexp here: generated.*, regexp is applied on full path;
# default value is empty list, but next dirs are always skipped independently
# from this option's value:
# vendor$, third_party$, testdata$, examples$, Godeps$, builtin$
# skip-dirs:
# - ^test.*
# by default isn't set. If set we pass it to "go list -mod={option}". From "go help modules":
# If invoked with -mod=readonly, the go command is disallowed from the implicit
# automatic updating of go.mod described above. Instead, it fails when any changes
# to go.mod are needed. This setting is most useful to check that go.mod does
# not need updates, such as in a continuous integration and testing system.
# If invoked with -mod=vendor, the go command assumes that the vendor
# directory holds the correct copies of dependencies and ignores
# the dependency descriptions in go.mod.
modules-download-mode: readonly
# which files to skip: they will be analyzed, but issues from them
# won't be reported. Default value is empty list, but there is
# no need to include all autogenerated files, we confidently recognize
# autogenerated files. If it's not please let us know.
skip-files:
# - ".*\\.my\\.go$"
# - lib/bad.go
# all available settings of specific linters
linters-settings:
depguard:
rules:
main:
deny:
- pkg: "math/rand$"
desc: "Use math/rand/v2 instead"
exhaustruct:
# Ensure that command-line flags are explicitly default-initialized.
include:
- '.+\.[Cc]onfig'
- '.+[Cc]fg'
exclude:
- '.+cache\.Config' # k8s
- '.+fqdn\.Config' # internal API
- '.+tls\.Config' # Go TLS
- '.+v3\.Config' # etcd
# Uninitialized config as input to tests is not as big of an issue as the
# scope is limited to the usage of the related structures in the test.
test: false
govet:
enable:
- nilness
goimports:
local-prefixes: github.com/cilium/cilium/
goheader:
values:
regexp:
PROJECT: 'Cilium|Hubble'
template: |-
SPDX-License-Identifier: Apache-2.0
Copyright Authors of {{ PROJECT }}
gosec:
includes:
- G402
gomodguard:
blocked:
modules:
- github.com/miekg/dns:
recommendations:
- github.com/cilium/dns
reason: "use the cilium fork directly to avoid replace directives in go.mod, see https://github.com/cilium/cilium/pull/27582"
- gopkg.in/check.v1:
recommendations:
- testing
- github.com/stretchr/testify/assert
reason: "gocheck has been deprecated, see https://github.com/cilium/cilium/issues/28596"
- github.com/cilium/checkmate:
recommendations:
- github.com/stretchr/testify/assert
- github.com/stretchr/testify/require
reason: "cilium/checkmate has been deprecated, see https://github.com/cilium/cilium/issues/28596"
- go.uber.org/multierr:
recommendations:
- errors
reason: "Go 1.20+ has support for combining multiple errors, see https://go.dev/doc/go1.20#errors"
stylecheck:
checks: ["ST1019"]
issues:
# Excluding configuration per-path, per-linter, per-text and per-source
exclude-rules:
- linters: [staticcheck]
text: "SA1019" # this is rule for deprecated method
- linters: [staticcheck]
text: "SA9003: empty branch"
- linters: [staticcheck]
text: "SA2001: empty critical section"
- linters: [err113]
text: "do not define dynamic errors, use wrapped static errors instead" # This rule to avoid opinionated check fmt.Errorf("text")
# Skip goimports check on generated files
- path: \\.(generated\\.deepcopy|pb)\\.go$
linters:
- goimports
# Skip goheader check on files imported and modified from upstream k8s
- path: "pkg/ipam/(cidrset|service)/.+\\.go"
linters:
- goheader
- path: "pkg/hubble/dropeventemitter/fake_recorder.go"
linters:
- goheader
linters:
disable-all: true
enable:
- depguard
- errorlint
- err113
- exhaustruct
- gofmt
- goimports
- govet
- ineffassign
- misspell
- staticcheck
- stylecheck
- unused
- goheader
- gosec
- gomodguard
- gosimple
# To enable later if makes sense
# - deadcode
# - errcheck
# - gocyclo
# - golint
# - gosec
# - gosimple
# - lll
# - maligned
# - misspell
# - prealloc
# - structcheck
# - typecheck