sysdiglabs · pgcrooks-sysdig · Jan 28, 2025 · Jan 23, 2025 · Jan 23, 2025 · Jan 23, 2025
diff --git a/.github/workflows/presubmit.yml b/.github/workflows/presubmit.yml
@@ -2,63 +2,61 @@ name: presubmit
 
 on:
   pull_request:
-    branches: [ dev ]
+    branches:
+      - dev
 
 env:
   GO_VERSION: 1.23.x
+  GOLINT_ARGS: -v --allow-parallel-runners --timeout=10m --disable errcheck
 
 jobs:
-  test-pkg-lib:
-    name: Test pkg lib
+  test:
     runs-on: ubuntu-latest
-
     steps:
-      - name: Set up Go
-        uses: actions/setup-go@v5
-        with:
-          go-version: ${{ env.GO_VERSION }}
-        id: go
-
-      - name: Check out code
+      - name: Checkout ⤵️
         uses: actions/checkout@v4
 
-      - name: Test
-        run: |
-          cd pkg
-          go test -v ./...
-
-  test-cfn-runtime:
-    name: Test CloudFormation Runtime
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Set up Go
+      - name: Setup Go 🛠️
         uses: actions/setup-go@v5
         with:
           go-version: ${{ env.GO_VERSION }}
-        id: go
 
-      - name: Check out code
-        uses: actions/checkout@v4
+      - name: Test pkg library 🔎
+        run: |
+          cd pkg
+          go test ./...
 
-      - name: Test
+      - name: Test CloudFormation runtime 🔎
         run: |
-          make -C runtimes/cloudformation test
+          cd runtimes/cloudformation
+          go test ./...
+
+      - name: Lint pkg library 🪥
+        uses: golangci/golangci-lint-action@v6
+        with:
+          version: v1.60
+          working-directory: ./pkg
+          args: ${{ env.GOLINT_ARGS }}
+
+      - name: Lint CloudFormation runtime 🪥
+        uses: golangci/golangci-lint-action@v6
+        with:
+          version: v1.60
+          working-directory: ./runtimes/cloudformation/cmd/handler
+          args: ${{ env.GOLINT_ARGS }}
 
-  build-cfn-runtime:
-    name: Build CloudFormation runtime
+  build:
     runs-on: ubuntu-latest
-
     steps:
-      - name: Set up Go
+      - name: Checkout ⤵️
+        uses: actions/checkout@v4
+
+      - name: Setup Go 🛠️
         uses: actions/setup-go@v5
         with:
           go-version: ${{ env.GO_VERSION }}
-        id: go
-
-      - name: Check out code
-        uses: actions/checkout@v4
 
-      - name: Build agent-kilt handler
+      - name: Build handler 🏗️
         run: |
-          make -C runtimes/cloudformation clean cmd/handler/handler
+          cd runtimes/cloudformation/cmd/handler
+          go build .
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -1,4 +1,4 @@
-name: Release agent-kilt
+name: release
 
 on:
   push:
@@ -7,39 +7,54 @@ on:
 
 env:
   GO_VERSION: 1.23.x
+  GOLINT_ARGS: -v --allow-parallel-runners --timeout=10m --disable errcheck
 
 jobs:
   release:
-    name: Release
     runs-on: ubuntu-latest
     steps:
-      - name: Set up Go
+      - name: Checkout ⤵️
+        uses: actions/checkout@v4
+
+      - name: Setup Go 🛠️
         uses: actions/setup-go@v5
         with:
           go-version: ${{ env.GO_VERSION }}
-        id: go
 
-      - name: Checkout Code
-        uses: actions/checkout@v4
+      - name: Test pkg library 🔎
+        run: |
+          cd pkg
+          go test ./...
+
+      - name: Lint pkg library 🪥
+        uses: golangci/golangci-lint-action@v6
         with:
-          fetch-depth: 0
+          version: v1.60
+          working-directory: ./pkg
+          args: ${{ env.GOLINT_ARGS }}
 
-      - name: Build agent-kilt handler
+      - name: Test CloudFormation runtime 🔎
         run: |
-          make -C runtimes/cloudformation clean cmd/handler/handler
+          cd runtimes/cloudformation
+          go test ./...
+
+      - name: Lint CloudFormation runtime 🪥
+        uses: golangci/golangci-lint-action@v6
+        with:
+          version: v1.60
+          working-directory: ./runtimes/cloudformation/cmd/handler
+          args: ${{ env.GOLINT_ARGS }}
 
-      - name: Archive build
+      - name: Build handler 🏗️
         run: |
-          zip -j agent-kilt.zip runtimes/cloudformation/cmd/handler/handler
-          sha256sum agent-kilt.zip > checksums.txt
+          cd runtimes/cloudformation/cmd/handler
+          go build .
 
-      - name: Create GitHub Release
-        id: create_release
+      - name: Create release 🌟
         uses: softprops/action-gh-release@v2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           files: |
-            agent-kilt.zip
-            checksums.txt
+            runtimes/cloudformation/cmd/handler/handler
           name: ${{ github.ref_name }}
diff --git a/pkg/kilt/build.go b/pkg/kilt/build.go
@@ -179,12 +179,10 @@ func applyPatch(container *gabs.Container, config *configuration.Config, patchCo
 	}
 
 	capabilities := config.GetStringList("build.capabilities")
-	if capabilities != nil {
-		for _, c := range capabilities {
-			err = container.ArrayAppend(c, "LinuxParameters", "Capabilities", "Add")
-			if err != nil {
-				return nil, fmt.Errorf("could not append to LinuxParameters.Capabilities.Add: %w", err)
-			}
+	for _, c := range capabilities {
+		err = container.ArrayAppend(c, "LinuxParameters", "Capabilities", "Add")
+		if err != nil {
+			return nil, fmt.Errorf("could not append to LinuxParameters.Capabilities.Add: %w", err)
 		}
 	}
 
@@ -229,7 +227,7 @@ func applyPatch(container *gabs.Container, config *configuration.Config, patchCo
 				})
 
 				sidecarEntryPoint := mount.GetKey("entry_point").GetStringList()
-				if sidecarEntryPoint != nil && len(sidecarEntryPoint) > 0 {
+				if len(sidecarEntryPoint) > 0 {
 					sidecar.Set(sidecarEntryPoint, "EntryPoint")
 				}
 

diff --git a/pkg/kilt/hocon_test.go b/pkg/kilt/hocon_test.go
@@ -1,17 +1,18 @@
 package kilt
 
 import (
-	"github.com/Jeffail/gabs/v2"
 	"os"
 	"testing"
 
+	"github.com/Jeffail/gabs/v2"
+
 	"github.com/stretchr/testify/assert"
 )
 
 func toStringOrEmpty(c interface{}) string {
-	switch c.(type) {
+	switch c := c.(type) {
 	case string:
-		return c.(string)
+		return c
 	default:
 		return ""
 	}

diff --git a/runtimes/cloudformation/Makefile b/runtimes/cloudformation/Makefile
diff --git a/runtimes/cloudformation/cmd/cfn-apply-kilt/main.go b/runtimes/cloudformation/cmd/cfn-apply-kilt/main.go
@@ -3,7 +3,6 @@ package main
 import (
 	"context"
 	"fmt"
-	"io/ioutil"
 	"os"
 
 	"github.com/rs/zerolog"
@@ -16,13 +15,13 @@ func main() {
 		_, _ = fmt.Fprintf(os.Stderr, "Usage: %s KILT_DEFINITION TEMPLATE\n", os.Args[0])
 		return
 	}
-	kiltDef, err := ioutil.ReadFile(os.Args[1])
+	kiltDef, err := os.ReadFile(os.Args[1])
 	if err != nil {
 		_, _ = fmt.Fprintf(os.Stderr, "Cannot read kilt definition %s: %s\n", os.Args[1], err)
 		return
 	}
 
-	template, err := ioutil.ReadFile(os.Args[2])
+	template, err := os.ReadFile(os.Args[2])
 	if err != nil {
 		_, _ = fmt.Fprintf(os.Stderr, "Cannot read template %s: %s\n", os.Args[2], err)
 		return

diff --git a/runtimes/cloudformation/cmd/handler/main.go b/runtimes/cloudformation/cmd/handler/main.go
@@ -3,10 +3,11 @@ package main
 import (
 	"context"
 	"encoding/json"
-	"github.com/Jeffail/gabs/v2"
 	"os"
 	"strings"
 
+	"github.com/Jeffail/gabs/v2"
+
 	"github.com/sysdiglabs/agent-kilt/runtimes/cloudformation/config"
 
 	"github.com/sysdiglabs/agent-kilt/runtimes/cloudformation/cfnpatcher"
@@ -31,12 +32,17 @@ type MacroOutput struct {
 	Fragment  json.RawMessage `json:"fragment"`
 }
 
+var (
+	version = "dev"
+)
+
 func HandleRequest(configuration *cfnpatcher.Configuration, ctx context.Context, event MacroInput) (MacroOutput, error) {
 	l := log.With().
 		Str("region", event.Region).
 		Str("account", event.AccountID).
 		Str("requestId", event.RequestID).
 		Str("transformId", event.TransformID).
+		Str("handlerVersion", version).
 		Logger()
 	loggerCtx := l.WithContext(ctx)
 	result, err := cfnpatcher.Patch(loggerCtx, configuration, event.Fragment, event.TemplateParameterValues)
@@ -50,6 +56,7 @@ func HandleRequest(configuration *cfnpatcher.Configuration, ctx context.Context,
 func PatchLocalFile(configuration *cfnpatcher.Configuration, ctx context.Context, inputFile string) ([]byte, error) {
 	l := log.With().
 		Str("region", "local").
+		Str("handlerVersion", version).
 		Logger()
 	loggerCtx := l.WithContext(ctx)
 

diff --git a/runtimes/cloudformation/config/http.go b/runtimes/cloudformation/config/http.go
@@ -2,7 +2,7 @@ package config
 
 import (
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 )
 
@@ -11,7 +11,7 @@ func FromWeb(url string) string {
 	if err != nil {
 		panic(fmt.Errorf("could not perform http request: %w", err))
 	}
-	data, err := ioutil.ReadAll(resp.Body)
+	data, err := io.ReadAll(resp.Body)
 	defer resp.Body.Close()
 
 	if err != nil {

diff --git a/runtimes/cloudformation/config/s3.go b/runtimes/cloudformation/config/s3.go
@@ -2,7 +2,7 @@ package config
 
 import (
 	"fmt"
-	"io/ioutil"
+	"io"
 	"strings"
 
 	"github.com/aws/aws-sdk-go/aws/session"
@@ -34,7 +34,7 @@ func FromS3(path string, decompress bool) string {
 		panic(fmt.Errorf("could not retrieve %s: %w", path, err))
 	}
 
-	config, err := ioutil.ReadAll(obj.Body)
+	config, err := io.ReadAll(obj.Body)
 	defer obj.Body.Close()
 
 	if err != nil {

diff --git a/runtimes/cloudformation/config/util.go b/runtimes/cloudformation/config/util.go
@@ -4,7 +4,7 @@ import (
 	"bytes"
 	"compress/gzip"
 	"fmt"
-	"io/ioutil"
+	"io"
 )
 
 func decompressBytes(data []byte) []byte {
@@ -13,7 +13,7 @@ func decompressBytes(data []byte) []byte {
 		panic(fmt.Errorf("error constructing decompressor: %w", err))
 	}
 
-	decompressedData, err := ioutil.ReadAll(reader)
+	decompressedData, err := io.ReadAll(reader)
 	if err != nil {
 		panic(fmt.Errorf("error reading gzipped stream: %w", err))
 	}