Skip to content

chore(deps): update dependency golangci/golangci-lint to v2.12.1 #528

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
giorio94 merged 3 commits into from
May 4, 2026
Merged

chore(deps): update dependency golangci/golangci-lint to v2.12.1 #528

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d833af8
chore(deps): update dependency golangci/golangci-lint to v2.12.1
renovate[bot] May 4, 2026
8e284ba
lint: switch gomodguard to v2
giorio94 May 4, 2026
c582aca
generate: define constants for the CA certificate and key fields
giorio94 May 4, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/lint.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0
with:
# renovate: datasource=github-releases depName=golangci/golangci-lint
version: v2.11.4
version: v2.12.1
# use our .golangci.yml
args: "--verbose --modules-download-mode=vendor"
skip-cache: true
Expand Down
2 changes: 1 addition & 1 deletion .golangci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ linters:
- godoclint
- godot
- goheader
- gomodguard
- gomodguard_v2
- goprintffuncname
- gosec
- govet
Expand Down
29 changes: 18 additions & 11 deletions internal/generate/generate.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,13 @@ import (
"github.com/cilium/certgen/internal/logging/logfields"
)

const (
// caCrtField is the name of the field of a secret storing the CA certificate.
caCrtField = "ca.crt"
// caKeyField is the name of the field of a secret storing the CA key.
caKeyField = "ca.key"
)

// Cert contains the data and metadata of the certificate and keyfile.
type Cert struct {
CommonName string
Expand Down Expand Up @@ -138,9 +145,9 @@ func (c *Cert) StoreAsSecret(ctx context.Context, log *slog.Logger, k8sClient *k
Namespace: c.Namespace,
},
Data: map[string][]byte{
"ca.crt": helpers.EncodeCertificatePEM(c.CA.Root()),
"tls.crt": append(c.CertBytes, helpers.EncodeCertificatesPEM(c.CA.Intermediates())...),
"tls.key": c.KeyBytes,
caCrtField: helpers.EncodeCertificatePEM(c.CA.Root()),
"tls.crt": append(c.CertBytes, helpers.EncodeCertificatesPEM(c.CA.Intermediates())...),
"tls.key": c.KeyBytes,
},
Type: v1.SecretTypeTLS,
}
Expand Down Expand Up @@ -310,8 +317,8 @@ func (c *CA) StoreAsSecret(ctx context.Context, log *slog.Logger, k8sClient *kub
Namespace: c.SecretNamespace,
},
Data: map[string][]byte{
"ca.crt": helpers.EncodeCertificatesPEM(c.CACerts),
"ca.key": c.CAKeyBytes,
caCrtField: helpers.EncodeCertificatesPEM(c.CACerts),
caKeyField: c.CAKeyBytes,
},
}

Expand Down Expand Up @@ -352,7 +359,7 @@ func (c *CA) StoreAsConfigMap(ctx context.Context, log *slog.Logger, k8sClient *
Namespace: c.ConfigMapNamespace,
},
Data: map[string]string{
"ca.crt": string(helpers.EncodeCertificatesPEM(c.CACerts)),
caCrtField: string(helpers.EncodeCertificatesPEM(c.CACerts)),
},
}
scopedLog.Info("ConfigMap does not exist, creating it")
Expand All @@ -362,7 +369,7 @@ func (c *CA) StoreAsConfigMap(ctx context.Context, log *slog.Logger, k8sClient *
}

scopedLog.Info("Updating K8s ConfigMap")
cm.Data["ca.crt"] = string(helpers.EncodeCertificatesPEM(c.CACerts))
cm.Data[caCrtField] = string(helpers.EncodeCertificatesPEM(c.CACerts))
_, err = k8sConfigMaps.Update(ctx, cm, meta_v1.UpdateOptions{})
if err != nil {
return err
Expand All @@ -381,16 +388,16 @@ func (c *CA) LoadFromSecret(ctx context.Context, k8sClient *kubernetes.Clientset
return err
}

if len(secret.Data["ca.crt"]) == 0 {
if len(secret.Data[caCrtField]) == 0 {
return fmt.Errorf("secret %s/%s has no CA cert", c.SecretNamespace, c.SecretName)
}

if len(secret.Data["ca.key"]) == 0 {
if len(secret.Data[caKeyField]) == 0 {
return fmt.Errorf("secret %s/%s has no CA key", c.SecretNamespace, c.SecretName)
}

c.CAKeyBytes = secret.Data["ca.key"]
return c.loadKeyPair(secret.Data["ca.crt"])
c.CAKeyBytes = secret.Data[caKeyField]
return c.loadKeyPair(secret.Data[caCrtField])
}

// ValidateExpiry checks that no certificate in the CA chain has
Expand Down
Loading