diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index e74a341f..2d79ba23 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -21,4 +21,4 @@ jobs: go-version-file: 'go.mod' - uses: golangci/golangci-lint-action@v9 with: - version: v2.7.2 + version: v2.12.2 diff --git a/.golangci.yaml b/.golangci.yaml index 831c699c..70dd2b73 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -147,6 +147,7 @@ linters: - dupl - errcheck - funlen + - goconst - gocyclo - gosec path: _test\.go diff --git a/Dockerfile.release b/Dockerfile.release index 76d4742e..9f858f21 100644 --- a/Dockerfile.release +++ b/Dockerfile.release @@ -1,4 +1,4 @@ -FROM golang:1.25.9 +FROM golang:1.26.0 # See https://github.com/cli/cli/blob/trunk/docs/install_linux.md#debian-ubuntu-linux-raspberry-pi-os-apt # for the latest gh install instructions when the below didn't work diff --git a/cmd/helm.go b/cmd/helm.go index 0e657b42..b81077e4 100644 --- a/cmd/helm.go +++ b/cmd/helm.go @@ -352,7 +352,7 @@ func (d *diffCmd) template(isUpgrade bool) ([]byte, error) { // Note: dryRunMode="true" behaves like "client" (no cluster access). // Note: dryRunMode="false" behaves like "none" (no dry-run flag at all). // See https://github.com/databus23/helm-diff/issues/894 - if !slices.Contains([]string{"client", "true", "false"}, d.dryRunMode) { + if !slices.Contains([]string{dryRunNoOptDefVal, envTrue, envFalse}, d.dryRunMode) { flags = append(flags, "--dry-run=server") } } else { @@ -383,10 +383,10 @@ func (d *diffCmd) template(isUpgrade bool) ([]byte, error) { // additional dry-run flag here. In all other cases (Helm v3 or d.dryRunMode is "client"/"true"), // we add the appropriate dry-run mode below. // Note: dryRunMode="false" means no dry-run flag at all. - if d.dryRunMode == "false" { + if d.dryRunMode == envFalse { // "false" means no dry-run, skip adding any dry-run flag - } else if !(isHelmV4 && !slices.Contains([]string{"client", "true"}, d.dryRunMode)) { - if d.dryRunMode == "server" { + } else if !(isHelmV4 && !slices.Contains([]string{dryRunNoOptDefVal, envTrue}, d.dryRunMode)) { + if d.dryRunMode == dryRunServer { // This is for security reasons! // // We give helm-template the additional cluster access for the helm `lookup` function diff --git a/cmd/helpers.go b/cmd/helpers.go index 6379a104..fc56a8ef 100644 --- a/cmd/helpers.go +++ b/cmd/helpers.go @@ -17,7 +17,7 @@ var ( ) func isDebug() bool { - return os.Getenv("HELM_DEBUG") == "true" + return os.Getenv("HELM_DEBUG") == envTrue } func debugPrint(format string, a ...interface{}) { if isDebug() { diff --git a/cmd/upgrade.go b/cmd/upgrade.go index 7f90ff3a..b13fd53b 100644 --- a/cmd/upgrade.go +++ b/cmd/upgrade.go @@ -23,12 +23,15 @@ import ( ) var ( - validDryRunValues = []string{"server", "client", "true", "false"} + validDryRunValues = []string{dryRunServer, dryRunNoOptDefVal, envTrue, envFalse} ) const ( dryRunNoOptDefVal = "client" + dryRunNone = "none" + dryRunServer = "server" envTrue = "true" + envFalse = "false" ) type diffCmd struct { @@ -102,7 +105,7 @@ func (d *diffCmd) isAllowUnreleased() bool { // // See also https://github.com/helm/helm/pull/9426#discussion_r1181397259 func (d *diffCmd) clusterAccessAllowed() bool { - return d.dryRunMode == "none" || d.dryRunMode == "false" || d.dryRunMode == "server" + return d.dryRunMode == dryRunNone || d.dryRunMode == envFalse || d.dryRunMode == dryRunServer } const globalUsage = `Show a diff explaining what a helm upgrade would change. @@ -158,9 +161,9 @@ func newChartCommand() *cobra.Command { }, RunE: func(cmd *cobra.Command, args []string) error { if diff.dryRunMode == "" { - diff.dryRunMode = "none" + diff.dryRunMode = dryRunNone } else if !slices.Contains(validDryRunValues, diff.dryRunMode) { - return fmt.Errorf("flag %q must take a bool value or either %q or %q, but got %q", "dry-run", "client", "server", diff.dryRunMode) + return fmt.Errorf("flag %q must take a bool value or either %q or %q, but got %q", "dry-run", dryRunNoOptDefVal, dryRunServer, diff.dryRunMode) } // Suppress the command usage on error. See #77 for more info diff --git a/diff/diff.go b/diff/diff.go index fb66fd5e..26cf4bb7 100644 --- a/diff/diff.go +++ b/diff/diff.go @@ -32,6 +32,8 @@ type Options struct { SuppressedOutputLineRegex []string } +const kindSecret = "Secret" + // StructuredOutput returns true when the structured JSON output is requested. func (o *Options) StructuredOutput() bool { return o != nil && o.OutputFormat == "structured" @@ -213,7 +215,7 @@ func contentSearch(report *Report, possiblyRemoved []string, oldIndex map[string // Skip the length-ratio filter for Secrets: their raw content length can // differ greatly from the post-processed (redacted/decoded) length, so the // ratio would be an unreliable predictor of content similarity. - if oldContent.Kind != "Secret" { + if oldContent.Kind != kindSecret { ratio := float32(oldLen) / float32(newLen) if ratio < renameDetectionMinLengthRatio || ratio > renameDetectionMaxLengthRatio { continue @@ -351,7 +353,7 @@ func preHandleSecrets(old, new *manifest.MappingResult) (v1.Secret, v1.Secret, e // redactSecrets redacts secrets from the diff output. func redactSecrets(old, new *manifest.MappingResult) { - if (old != nil && old.Kind != "Secret") || (new != nil && new.Kind != "Secret") { + if (old != nil && old.Kind != kindSecret) || (new != nil && new.Kind != kindSecret) { return } serializer := json.NewYAMLSerializer(json.DefaultMetaFactory, scheme.Scheme, scheme.Scheme) @@ -402,7 +404,7 @@ func redactSecrets(old, new *manifest.MappingResult) { // decodeSecrets decodes secrets from the diff output. func decodeSecrets(old, new *manifest.MappingResult) { - if (old != nil && old.Kind != "Secret") || (new != nil && new.Kind != "Secret") { + if (old != nil && old.Kind != kindSecret) || (new != nil && new.Kind != kindSecret) { return } serializer := json.NewYAMLSerializer(json.DefaultMetaFactory, scheme.Scheme, scheme.Scheme) diff --git a/go.mod b/go.mod index d1201b2b..79eb4f45 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/databus23/helm-diff/v3 -go 1.25.9 +go 1.26.0 require ( github.com/Masterminds/semver/v3 v3.5.0