TrueCloudLab/coredns
16
0
Fork 2
Code Issues Pull requests 4 Projects Releases Packages Wiki Activity Actions

presubmit: add whitespace test in go (#3629)

Browse source 
Automatically submitted.
This commit is contained in:
Miek Gieben 2020-01-28 11:13:11 +00:00 committed by corbot[bot]
parent 7ebc8ff5fe
commit 04292f1375
8 changed files with 66 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
.benchmark.sh
View file

@ -1,19 +0,0 @@
#!/usr/bin/env bash
set -e +o pipefail
# bit too spammy
return
if [ "$TRAVIS_PULL_REQUEST" != "false" ] ; then
echo -e "NOTE: The CPU benchmarks are performed on Travis VMs and vary wildly between runs," > .benchmark.body
echo -e " you can't trust them. The memory benchmarks are OK\n\n" >> .benchmark.body
awk '/^benchmark.*old/ { printf "%s\n%s\n", "```", $0 };
/^$/ { print "```" };
/^Bench/ { print $0 };
END{ print "```" }' .benchmark.log >> .benchmark.body
jq -n --arg body "$(cat .benchmark.body)" '{body: $body}' > .benchmark.json
curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST \
--data-binary "@.benchmark.json" \
"https://api.github.com/repos/${TRAVIS_REPO_SLUG}/issues/${TRAVIS_PULL_REQUEST}/comments"
fi

20
.github/SECURITY.md vendored
View file

@ -6,7 +6,7 @@ to ensure responsible handling of critical issues.
## Product Security Team (PST) ## Product Security Team (PST)
Security vulnerabilities should be handled quickly and sometimes privately. Security vulnerabilities should be handled quickly and sometimes privately.
The primary goal of this process is to reduce the total time users are vulnerable to publicly known exploits. The primary goal of this process is to reduce the total time users are vulnerable to publicly known exploits.
The Product Security Team (PST) is responsible for organizing the entire response including internal communication and external disclosure. The Product Security Team (PST) is responsible for organizing the entire response including internal communication and external disclosure.
@ -23,7 +23,7 @@ The initial Product Security Team will consist of the set of maintainers that vo
### Private Disclosure Processes ### Private Disclosure Processes
If you find a security vulnerability or any security related issues, If you find a security vulnerability or any security related issues,
please DO NOT file a public issue. Do not create a Github issue. please DO NOT file a public issue. Do not create a Github issue.
Instead, send your report privately to security@coredns.io. Instead, send your report privately to security@coredns.io.
Security reports are greatly appreciated and we will publicly thank you for it. Security reports are greatly appreciated and we will publicly thank you for it.
@ -36,7 +36,7 @@ For instance, that could include:
### Public Disclosure Processes ### Public Disclosure Processes
If you know of a publicly disclosed security vulnerability please IMMEDIATELY email security@coredns.io If you know of a publicly disclosed security vulnerability please IMMEDIATELY email security@coredns.io
to inform the Product Security Team (PST) about the vulnerability so we start the patch, release, and communication process. to inform the Product Security Team (PST) about the vulnerability so we start the patch, release, and communication process.
If possible the PST will ask the person making the public report if the issue can be handled via a private disclosure process If possible the PST will ask the person making the public report if the issue can be handled via a private disclosure process
@ -56,7 +56,7 @@ Note that given the current size of the CoreDNS community it is likely that the
The PST may decide to bring in additional contributors for added expertise depending on the area of the code that contains the vulnerability. The PST may decide to bring in additional contributors for added expertise depending on the area of the code that contains the vulnerability.
All of the timelines below are suggestions and assume a Private Disclosure. All of the timelines below are suggestions and assume a Private Disclosure.
If the Team is dealing with a Public Disclosure all timelines become ASAP. If the Team is dealing with a Public Disclosure all timelines become ASAP.
If the fix relies on another upstream project's disclosure timeline, that will adjust the process as well. If the fix relies on another upstream project's disclosure timeline, that will adjust the process as well.
We will work with the upstream project to fit their timeline and best protect our users. We will work with the upstream project to fit their timeline and best protect our users.
@ -88,14 +88,14 @@ discussed on the security@coredns.io mailing list.
### Fix Disclosure Process ### Fix Disclosure Process
With the Fix Development underway the CoreDNS Security Team needs to come up with an overall communication plan for the wider community. With the Fix Development underway the CoreDNS Security Team needs to come up with an overall communication plan for the wider community.
This Disclosure process should begin after the Team has developed a fix or mitigation This Disclosure process should begin after the Team has developed a fix or mitigation
so that a realistic timeline can be communicated to users. so that a realistic timeline can be communicated to users.
**Disclosure of Forthcoming Fix to Users** (Completed within 1-7 days of Disclosure) **Disclosure of Forthcoming Fix to Users** (Completed within 1-7 days of Disclosure)
- The Fix Lead will create a github issue in CoreDNS project to inform users that a security vulnerability - The Fix Lead will create a github issue in CoreDNS project to inform users that a security vulnerability
has been disclosed and that a fix will be made available, with an estimation of the Release Date. has been disclosed and that a fix will be made available, with an estimation of the Release Date.
It will include any mitigating steps users can take until a fix is available. It will include any mitigating steps users can take until a fix is available.
The communication to users should be actionable. The communication to users should be actionable.
@ -104,7 +104,7 @@ They should know when to block time to apply patches, understand exact mitigatio
**Optional Fix Disclosure to Private Distributors List** (Completed within 1-14 days of Disclosure): **Optional Fix Disclosure to Private Distributors List** (Completed within 1-14 days of Disclosure):
- The Fix Lead will make a determination with the help of the Fix Team if an issue is critical enough to require early disclosure to distributors. - The Fix Lead will make a determination with the help of the Fix Team if an issue is critical enough to require early disclosure to distributors.
Generally this Private Distributor Disclosure process should be reserved for remotely exploitable or privilege escalation issues. Generally this Private Distributor Disclosure process should be reserved for remotely exploitable or privilege escalation issues.
Otherwise, this process can be skipped. Otherwise, this process can be skipped.
- The Fix Lead will email the patches to coredns-distributors-announce@lists.cncf.io so distributors can prepare their own release to be available to users on the day of the issue's announcement. - The Fix Lead will email the patches to coredns-distributors-announce@lists.cncf.io so distributors can prepare their own release to be available to users on the day of the issue's announcement.
Distributors should read about the [Private Distributor List](#private-distributor-list) to find out the requirements for being added to this list. Distributors should read about the [Private Distributor List](#private-distributor-list) to find out the requirements for being added to this list.
@ -133,7 +133,7 @@ individuals to find out about security issues.
The information members receive on coredns-distributors-announce@lists.cncf.io must not be The information members receive on coredns-distributors-announce@lists.cncf.io must not be
made public, shared, nor even hinted at anywhere beyond the need-to-know within made public, shared, nor even hinted at anywhere beyond the need-to-know within
your specific team except with the list's explicit approval. your specific team except with the list's explicit approval.
This holds true until the public disclosure date/time that was agreed upon by the list. This holds true until the public disclosure date/time that was agreed upon by the list.
Members of the list and others may not use the information for anything other Members of the list and others may not use the information for anything other
than getting the issue fixed for your respective distribution's users. than getting the issue fixed for your respective distribution's users.
@ -144,7 +144,7 @@ find out information on a need-to-know basis.
In the unfortunate event you share the information beyond what is allowed by In the unfortunate event you share the information beyond what is allowed by
this policy, you _must_ urgently inform the security@coredns.io this policy, you _must_ urgently inform the security@coredns.io
mailing list of exactly what information leaked and to whom. mailing list of exactly what information leaked and to whom.
If you continue to leak information and break the policy outlined here, you If you continue to leak information and break the policy outlined here, you
will be removed from the list. will be removed from the list.

8
.presubmit/context
View file

@ -1,8 +0,0 @@
#!/usr/bin/env bash
echo "** presubmit/$(basename $0)"
if grep -lr "golang.org/x/net/context" "$@"; then
echo "** presubmit/$(basename $0): please use std lib's 'context' instead"
exit 1
fi

7
.presubmit/trailing-whitespace
View file

@ -1,7 +0,0 @@
#!/usr/bin/env bash
echo "** presubmit/$(basename $0)"
if grep -r '[[:blank:]]$' "$@"; then
echo "** presubmit/$(basename $0): please remove any trailing white space"
fi

2
coredns.1.md
View file

@ -4,7 +4,7 @@
## Synopsis ## Synopsis
*coredns* **[-conf FILE]** **[-dns.port PORT}** **[OPTION]**... *coredns* **[-conf FILE]** **[-dns.port PORT}** **[OPTION]**...
## Description ## Description

4
notes/coredns-005.md
View file

@ -31,7 +31,7 @@ added. Documentation can be found in
* *proxy*: fix a bug when a connection hangs and never gets release (#467) * *proxy*: fix a bug when a connection hangs and never gets release (#467)
* *proxy*: Fold *httpproxy* into it, which is now a normal proxy with a special `protocol`. For * *proxy*: Fold *httpproxy* into it, which is now a normal proxy with a special `protocol`. For
Monitoring an extra label was added: `proxy_proto` that shows the protocol used (`dns` or `https_google`). Monitoring an extra label was added: `proxy_proto` that shows the protocol used (`dns` or `https_google`).
See the [proxy README.md](https://github.com/coredns/coredns/blob/master/plugin/proxy/README.md) for details. See the [proxy README.md](https://github.com/coredns/coredns/blob/master/plugin/proxy/README.md) for details.
* *httpproxy*: removed because functionality is moved to *proxy*. * *httpproxy*: removed because functionality is moved to *proxy*.
* *kubernetes*: Now implements the full * *kubernetes*: Now implements the full
@ -43,7 +43,7 @@ added. Documentation can be found in
* *kubernetes*: Simplified the configuration of reverse zones. Instead of listing the zones in the * *kubernetes*: Simplified the configuration of reverse zones. Instead of listing the zones in the
zone list, you can just add a list of CIDRs using the `cidrs` option. zone list, you can just add a list of CIDRs using the `cidrs` option.
* *rewrite*: allow rewriting more bits of the incoming packet. This required some backward * *rewrite*: allow rewriting more bits of the incoming packet. This required some backward
*incompatible* changes, e.g. a new **FIELD** keyword is now required. See the *incompatible* changes, e.g. a new **FIELD** keyword is now required. See the
[rewrite README.md](https://github.com/coredns/coredns/blob/master/plugin/rewrite/README.md) for details. [rewrite README.md](https://github.com/coredns/coredns/blob/master/plugin/rewrite/README.md) for details.

6
notes/coredns-1.5.2.md
View file

@ -10,9 +10,9 @@ author = "coredns"
The CoreDNS team has released The CoreDNS team has released
[CoreDNS-1.5.2](https://github.com/coredns/coredns/releases/tag/v1.5.2). [CoreDNS-1.5.2](https://github.com/coredns/coredns/releases/tag/v1.5.2).
Small bugfixes and a change to Caddy's import path (mholt/caddy -> caddyserver/caddy). Doing Small bugfixes and a change to Caddy's import path (mholt/caddy -> caddyserver/caddy). Doing
a release helps plugins deal with the change better. a release helps plugins deal with the change better.
# Plugins # Plugins
* For all plugins that use the `upstream` directive it use removed from the documentation; it's still accepted * For all plugins that use the `upstream` directive it use removed from the documentation; it's still accepted

50
test/trailing_test.go Normal file
View file

@ -0,0 +1,50 @@
package test
import (
"bufio"
"fmt"
"os"
"path/filepath"
"strings"
"testing"
"unicode"
)
func TestTrailingWhitespace(t *testing.T) {
err := filepath.Walk("..", hasTrailingWhitespace)
if err != nil {
t.Fatal(err)
}
}
func hasTrailingWhitespace(path string, info os.FileInfo, _ error) error {
// Only handle regular files, skip files that are executable and skip file in the
// root that start with a .
if !info.Mode().IsRegular() {
return nil
}
if info.Mode().Perm()&0111 != 0 {
return nil
}
if strings.HasPrefix(path, "../.") {
return nil
}
println("looking at", path)
file, err := os.Open(path)
if err != nil {
return nil
}
defer file.Close()
scanner := bufio.NewScanner(file)
for scanner.Scan() {
text := scanner.Text()
trimmed := strings.TrimRightFunc(text, unicode.IsSpace)
if len(text) != len(trimmed) {
return fmt.Errorf("file %q has trailing whitespace, text: %q", path, text)
}
}
return scanner.Err()
}