mirror
/
dex
mirror of https://github.com/dexidp/dex.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge pull request #3913 from dexidp/update-go 

build: update Go version
pull/3903/head
Márk Sági-Kazár 1 year ago committed by GitHub
parent
3e90ce928d c9da08e69b
commit
3ddb5a7f7e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
14 changed files with 350 additions and 81 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      .envrc
  2. 15
      .github/workflows/artifacts.yaml
  3. 6
      .github/workflows/ci.yaml
  4. 1
      .gitignore
  5. 23
      .golangci.yml
  6. 4
      Makefile
  7. 2
      api/v2/go.mod
  8. 2
      connector/saml/saml.go
  9. 2
      examples/go.mod
  10. 286
      flake.lock
  11. 75
      flake.nix
  12. 2
      go.mod
  13. 2
      server/introspectionhandler.go
  14. 4
      storage/ent/mysql_test.go

7
.envrc
Unescape View File

@ -1,7 +1,6 @@
if ! has nix_direnv_version || ! nix_direnv_version 3.0.5; then
source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.5/direnvrc" "sha256-RuwIS+QKFj/T9M2TFXScjBsLR6V3A17YVoEW/Q6AZ1w="
if ! has nix_direnv_version || ! nix_direnv_version 3.0.6; then
source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.6/direnvrc" "sha256-RYcUJaRMf8oF5LznDrlCXbkOQrywm0HDv1VjYGaJGdM="
fi
use flake
use flake . --impure
dotenv_if_exists

15
.github/workflows/artifacts.yaml
Unescape View File

@ -44,7 +44,6 @@ jobs:
id-token: write
security-events: write
outputs:
name: ${{ steps.image-name.outputs.value }}
digest: ${{ steps.build.outputs.digest }}
@ -203,8 +202,7 @@ jobs:
with:
path: cache/db
key: trivy-cache-${{ steps.date.outputs.date }}
restore-keys:
trivy-cache-
restore-keys: trivy-cache-
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0
@ -212,12 +210,13 @@ jobs:
input: image
format: sarif
output: trivy-results.sarif
scan-type: 'fs'
scan-ref: '.'
scan-type: "fs"
scan-ref: "."
cache-dir: "./cache"
env:
TRIVY_SKIP_DB_UPDATE: true
TRIVY_SKIP_JAVA_DB_UPDATE: true
# Disable skipping trivy cache for now
# env:
# TRIVY_SKIP_DB_UPDATE: true
# TRIVY_SKIP_JAVA_DB_UPDATE: true
## Trivy-db uses `0600` permissions.
## But `action/cache` use `runner` user by default

6
.github/workflows/ci.yaml
Unescape View File

@ -2,7 +2,7 @@ name: CI
on:
push:
branches: [ master ]
branches: [master]
pull_request:
permissions:
@ -71,7 +71,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version: "1.21"
go-version: "1.23"
- name: Download tool dependencies
run: make deps
@ -142,7 +142,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version: "1.21"
go-version: "1.23"
- name: Download golangci-lint
run: make bin/golangci-lint

1
.gitignore vendored
Unescape View File

@ -1,3 +1,4 @@
/.devenv/
/.direnv/
/.idea/
/bin/

23
.golangci.yml
Unescape View File

@ -1,28 +1,27 @@
run:
timeout: 4m
skip-dirs:
- storage/ent/db # generated ent code
linters-settings:
depguard:
rules:
deprecated:
deny:
- pkg: "io/ioutil"
desc: "The 'io/ioutil' package is deprecated. Use corresponding 'os' or 'io' functions instead."
rules:
deprecated:
deny:
- pkg: "io/ioutil"
desc: "The 'io/ioutil' package is deprecated. Use corresponding 'os' or 'io' functions instead."
gci:
local-prefixes: github.com/dexidp/dex
sections:
- standard
- default
- prefix(github.com/dexidp/dex)
goimports:
local-prefixes: github.com/dexidp/dex
linters:
disable-all: true
enable:
- depguard
- dogsled
- exhaustive
- exportloopref
- gci
- gochecknoinits
- gocritic
@ -92,3 +91,7 @@ linters:
# - nestif
# - testpackage
# - wsl
issues:
exclude-dirs:
- storage/ent/db # generated ent code

4
Makefile
Unescape View File

@ -18,8 +18,8 @@ export GOBIN=$(PWD)/bin
LD_FLAGS="-w -X main.version=$(VERSION)"
# Dependency versions
GOLANGCI_VERSION = 1.56.2
GOTESTSUM_VERSION ?= 1.10.1
GOLANGCI_VERSION = 1.63.4
GOTESTSUM_VERSION ?= 1.12.0
PROTOC_VERSION = 24.4
PROTOC_GEN_GO_VERSION = 1.32.0

2
api/v2/go.mod
Unescape View File

@ -1,6 +1,6 @@
module github.com/dexidp/dex/api/v2
go 1.21
go 1.23
require (
google.golang.org/grpc v1.65.0

2
connector/saml/saml.go
Unescape View File

@ -467,7 +467,7 @@ func (p *provider) validateStatus(status *status) error {
if statusMessage != nil && statusMessage.Value != "" {
errorMessage += " -> " + statusMessage.Value
}
return fmt.Errorf(errorMessage)
return errors.New(errorMessage)
}
return nil
}

2
examples/go.mod
Unescape View File

@ -1,6 +1,6 @@
module github.com/dexidp/dex/examples
go 1.21
go 1.23
require (
github.com/coreos/go-oidc/v3 v3.11.0

286
flake.lock
Unescape View File

@ -1,58 +1,292 @@
{
"nodes": {
"flake-utils": {
"cachix": {
"inputs": {
"systems": "systems"
"devenv": [
"devenv"
],
"flake-compat": [
"devenv"
],
"git-hooks": [
"devenv"
],
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1728672398,
"narHash": "sha256-KxuGSoVUFnQLB2ZcYODW7AVPAh9JqRlD5BrfsC/Q4qs=",
"owner": "cachix",
"repo": "cachix",
"rev": "aac51f698309fd0f381149214b7eee213c66ef0a",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "latest",
"repo": "cachix",
"type": "github"
}
},
"devenv": {
"inputs": {
"cachix": "cachix",
"flake-compat": "flake-compat",
"git-hooks": "git-hooks",
"nix": "nix",
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1736426010,
"narHash": "sha256-d0rE+u8/rQjXLvDobz1StGTfqvRKvq+8kVsHnIGVD1o=",
"owner": "cachix",
"repo": "devenv",
"rev": "1c384bc4be3ee571511fbbc6fdc94fe47d60f6cf",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"devenv",
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1712014858,
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1736143030,
"narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"git-hooks": {
"inputs": {
"flake-compat": [
"devenv"
],
"gitignore": "gitignore",
"nixpkgs": [
"devenv",
"nixpkgs"
],
"nixpkgs-stable": [
"devenv"
]
},
"locked": {
"lastModified": 1730302582,
"narHash": "sha256-W1MIJpADXQCgosJZT8qBYLRuZls2KSiKdpnTVdKBuvU=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "af8a16fe5c264f5e9e18bcee2859b40a656876cf",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"devenv",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"libgit2": {
"flake": false,
"locked": {
"lastModified": 1697646580,
"narHash": "sha256-oX4Z3S9WtJlwvj0uH9HlYcWv+x1hqp8mhXl7HsLu2f0=",
"owner": "libgit2",
"repo": "libgit2",
"rev": "45fd9ed7ae1a9b74b957ef4f337bc3c8b3df01b5",
"type": "github"
},
"original": {
"owner": "libgit2",
"repo": "libgit2",
"type": "github"
}
},
"nix": {
"inputs": {
"flake-compat": [
"devenv"
],
"flake-parts": "flake-parts",
"libgit2": "libgit2",
"nixpkgs": "nixpkgs_2",
"nixpkgs-23-11": [
"devenv"
],
"nixpkgs-regression": [
"devenv"
],
"pre-commit-hooks": [
"devenv"
]
},
"locked": {
"lastModified": 1705309234,
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
"lastModified": 1727438425,
"narHash": "sha256-X8ES7I1cfNhR9oKp06F6ir4Np70WGZU5sfCOuNBEwMg=",
"owner": "domenkozar",
"repo": "nix",
"rev": "f6c5ae4c1b2e411e6b1e6a8181cc84363d6a7546",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"owner": "domenkozar",
"ref": "devenv-2.24",
"repo": "nix",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1708807242,
"narHash": "sha256-sRTRkhMD4delO/hPxxi+XwLqPn8BuUq6nnj4JqLwOu0=",
"lastModified": 1730531603,
"narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "73de017ef2d18a04ac4bfd0c02650007ccb31c2a",
"rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d",
"type": "github"
},
"original": {
"id": "nixpkgs",
"owner": "NixOS",
"ref": "nixos-unstable",
"type": "indirect"
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs"
"nixpkgs-lib": {
"locked": {
"lastModified": 1735774519,
"narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
}
},
"systems": {
"nixpkgs_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"lastModified": 1717432640,
"narHash": "sha256-+f9c4/ZX5MWDOuB1rKoWj+lBNm0z0rs4CK47HBLxy1o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "88269ab3044128b7c2f4c7d68448b2fb50456870",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1716977621,
"narHash": "sha256-Q1UQzYcMJH4RscmpTkjlgqQDX5yi1tZL0O345Ri6vXQ=",
"owner": "cachix",
"repo": "devenv-nixpkgs",
"rev": "4267e705586473d3e5c8d50299e71503f16a6fb6",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "rolling",
"repo": "devenv-nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1736241350,
"narHash": "sha256-CHd7yhaDigUuJyDeX0SADbTM9FXfiWaeNyY34FL1wQU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8c9fd3e564728e90829ee7dbac6edc972971cd0f",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"devenv": "devenv",
"flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_4"
}
}
},
"root": "root",

75
flake.nix
Unescape View File

@ -1,27 +1,58 @@
{
description = "OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors";
inputs = {
nixpkgs.url = "nixpkgs/nixos-unstable";
flake-utils.url = "github:numtide/flake-utils";
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
flake-parts.url = "github:hercules-ci/flake-parts";
devenv.url = "github:cachix/devenv";
};
outputs = { self, nixpkgs, flake-utils, ... }:
flake-utils.lib.eachDefaultSystem (
system:
let
pkgs = nixpkgs.legacyPackages.${system};
buildDeps = with pkgs; [ git go_1_21 gnumake ];
devDeps = with pkgs;
buildDeps ++ [
golangci-lint
gotestsum
protobuf
protoc-gen-go
protoc-gen-go-grpc
kind
];
in
{ devShell = pkgs.mkShell { buildInputs = devDeps; }; }
);
outputs =
inputs@{ flake-parts, ... }:
flake-parts.lib.mkFlake { inherit inputs; } {
imports = [
inputs.devenv.flakeModule
];
systems = [
"x86_64-linux"
"x86_64-darwin"
"aarch64-darwin"
"aarch64-linux"
];
perSystem =
{
pkgs,
lib,
system,
...
}:
rec {
devenv.shells = {
default = {
languages = {
go = {
enable = true;
package = pkgs.go_1_23;
};
};
packages = with pkgs; [
gnumake
golangci-lint
gotestsum
protobuf
protoc-gen-go
protoc-gen-go-grpc
kind
];
# https://github.com/cachix/devenv/issues/528#issuecomment-1556108767
containers = pkgs.lib.mkForce { };
};
ci = devenv.shells.default;
};
};
};
}

2
go.mod
Unescape View File

@ -1,6 +1,6 @@
module github.com/dexidp/dex
go 1.21
go 1.23
require (
cloud.google.com/go/compute/metadata v0.5.2

2
server/introspectionhandler.go
Unescape View File

@ -170,7 +170,7 @@ func (s *Server) getTokenFromRequest(r *http.Request) (string, TokenTypeEnum, er
return "", 0, newIntrospectBadRequestError(fmt.Sprintf("HTTP method is \"%s\", expected \"POST\".", r.Method))
} else if err := r.ParseForm(); err != nil {
return "", 0, newIntrospectBadRequestError("Unable to parse HTTP body, make sure to send a properly formatted form request body.")
} else if r.PostForm == nil || len(r.PostForm) == 0 {
} else if len(r.PostForm) == 0 {
return "", 0, newIntrospectBadRequestError("The POST body can not be empty.")
} else if !r.PostForm.Has("token") {
return "", 0, newIntrospectBadRequestError("The POST body doesn't contain 'token' parameter.")

4
storage/ent/mysql_test.go
Unescape View File

@ -31,7 +31,9 @@ func mysqlTestConfig(host string, port uint64) *MySQL {
Port: uint16(port),
},
SSL: SSL{
Mode: mysqlSSLSkipVerify,
// This was originally mysqlSSLSkipVerify. It lead to handshake errors.
// See https://github.com/go-sql-driver/mysql/issues/1635 for more details.
Mode: mysqlSSLFalse,
},
params: map[string]string{
"innodb_lock_wait_timeout": "1",

Write Preview
Loading…
Cancel
Save