Merge branch 'main' into results-google-sheet

.github/workflows/pre-main.yaml

@@ -237,7 +237,7 @@ jobs:
         run: ./certsuite run --label-filter="${SMOKE_TESTS_LABELS_FILTER}" --output-dir=certsuite-out --log-level="${SMOKE_TESTS_LOG_LEVEL}"
 
       - name: Upload smoke test results as an artifact
-        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         if: always()
         with:
           name: smoke-tests
@@ -251,7 +251,7 @@ jobs:
         run: ./certsuite run --label-filter=preflight --log-level="${SMOKE_TESTS_LOG_LEVEL}"
 
       - name: Upload preflight smoke test results as an artifact
-        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         if: always()
         with:
           name: preflight-smoke-tests
@@ -387,14 +387,23 @@ jobs:
             --label-filter="${SMOKE_TESTS_LABELS_FILTER}"
 
       - name: Run sanity check on collector
+        id: collector_sanity_check
         uses: ./collector/.github/actions/run-sanity-check
         with:
           working_directory: collector
           collector_username: ${COLLECTOR_CIUSER}
           collector_password: ${COLLECTOR_CIPASSWORD}
+        continue-on-error: true
+
+      - name: Send chat msg to dev team if collector's sanity check failed.
+        if: ${{ steps.collector_sanity_check.outcome == 'failure' }}
+        uses: ./.github/actions/slack-webhook-sender
+        with:
+          message: 'Collector sanity check has failed'
+          slack_webhook: '${{ secrets.SLACK_ALERT_WEBHOOK_URL }}'
 
       - name: Upload container test results as an artifact
-        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         if: always()
         with:
           name: smoke-tests-container

.github/workflows/qe-hosted.yml

@@ -49,7 +49,7 @@ jobs:
           outputs: type=docker,dest=/tmp/testimage.tar
 
       - name: Store image as artifact
-        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: testimage
           path: /tmp/testimage.tar

.github/workflows/qe-ocp-arm-416.yaml

@@ -44,7 +44,7 @@ jobs:
           outputs: type=docker,dest=/tmp/testimage.tar
 
       - name: Store image as artifact
-        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: testimage
           path: /tmp/testimage.tar

.github/workflows/qe-ocp-pre-main.yaml

@@ -41,7 +41,7 @@ jobs:
           outputs: type=docker,dest=/tmp/testimage.tar
 
       - name: Store image as artifact
-        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: testimage
           path: /tmp/testimage.tar

.github/workflows/scorecard.yml

@@ -59,7 +59,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: SARIF file
           path: results.sarif

.github/workflows/update-rhcos-mapping.yml

@@ -38,7 +38,7 @@ jobs:
         run: make test
 
       - name: Create PR
-        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
+        uses: peter-evans/create-pull-request@4320041ed380b20e97d388d56a7fb4f9b8c20e79 # v7.0.0
         env:
           GITHUB_TOKEN: ${{ secrets.UPDATE_CERTIFIED_DB_TOKEN }}
         with:

.golangci.yml

@@ -24,13 +24,11 @@ linters-settings:
         # do not include the "operation" and "assign"
         checks: argument,case,condition,return
   govet:
-    settings:
-      printf:
-        funcs:
-          - (github.com/golangci/golangci-lint/pkg/logutils.Log).Infof
-          - (github.com/golangci/golangci-lint/pkg/logutils.Log).Warnf
-          - (github.com/golangci/golangci-lint/pkg/logutils.Log).Errorf
-          - (github.com/golangci/golangci-lint/pkg/logutils.Log).Fatalf
+    disable:
+      - printf
+  gosec:
+    excludes: 
+      - G115
   lll:
     line-length: 250
   maligned:
@@ -92,7 +90,6 @@ linters:
   # - prealloc
   # - revive
   # - copyloopvar
-  # - structcheck
   # - testpackage
   # - wsl
 issues:

internal/cli/cli.go

@@ -63,7 +63,6 @@ func PrintBanner() {
 type cliCheckLogSniffer struct{}
 
 func isTTY() bool {
-	//nolint:gosec
 	return term.IsTerminal(int(os.Stdin.Fd()))
 }
 
@@ -95,7 +94,6 @@ func updateRunningCheckLine(checkName string, stopChan <-chan bool) {
 }
 
 func getTerminalWidth() int {
-	//nolint:gosec
 	width, _, _ := term.GetSize(int(os.Stdin.Fd()))
 	return width
 }

internal/clientsholder/command.go

@@ -39,7 +39,7 @@ func (clientsholder *ClientsHolder) ExecCommandContainer(
 	commandStr := []string{"sh", "-c", command}
 	var buffOut bytes.Buffer
 	var buffErr bytes.Buffer
-	//nolint:govet
+
 	log.Debug(fmt.Sprintf("execute command on ns=%s, pod=%s container=%s, cmd: %s", ctx.GetNamespace(), ctx.GetPodName(), ctx.GetContainerName(), strings.Join(commandStr, " ")))
 	req := clientsholder.K8sClient.CoreV1().RESTClient().
 		Post().

internal/results/archiver.go

@@ -19,7 +19,6 @@ const (
 )
 
 func generateZipFileName() string {
-	//nolint:govet
 	return fmt.Sprintf(time.Now().Format(tarGzFileNamePrefixLayout) + "-" + tarGzFileNameSuffix)
 }
 

pkg/provider/containers.go

@@ -80,11 +80,9 @@ func (c *Container) GetUID() (string, error) {
 		uid = split[len(split)-1]
 	}
 	if uid == "" {
-		//nolint:govet
 		log.Debug(fmt.Sprintf("could not find uid of %s/%s/%s\n", c.Namespace, c.Podname, c.Name))
 		return "", errors.New("cannot determine container UID")
 	}
-	//nolint:govet
 	log.Debug(fmt.Sprintf("uid of %s/%s/%s=%s\n", c.Namespace, c.Podname, c.Name, uid))
 	return uid, nil
 }
@@ -138,7 +136,6 @@ func (c *Container) SetPreflightResults(preflightImageCache map[string]Preflight
 	}
 
 	// Take all of the Preflight logs and stick them into our log.
-	//nolint:govet
 	log.Info(logbytes.String())
 
 	// Store the Preflight test results into the container's PreflightResults var and into the cache.

pkg/provider/operators.go

@@ -114,7 +114,6 @@ func (op *Operator) SetPreflightResults(env *TestEnvironment) error {
 	}
 
 	// Take all of the preflight logs and stick them into our log.
-	//nolint:govet
 	log.Info(logbytes.String())
 
 	e := os.RemoveAll("artifacts/")

tests/accesscontrol/suite.go

@@ -732,7 +732,6 @@ func testAutomountServiceToken(check *checksdb.Check, env *provider.TestEnvironm
 		client := clientsholder.GetClientsHolder()
 		podPassed, newMsg := rbac.EvaluateAutomountTokens(client.K8sClient.CoreV1(), put)
 		if !podPassed {
-			//nolint:govet
 			check.LogError(newMsg)
 			nonCompliantObjects = append(nonCompliantObjects, testhelper.NewPodReportObject(put.Namespace, put.Name, newMsg, false))
 		} else {
@@ -916,7 +915,6 @@ func testNoSSHDaemonsAllowed(check *checksdb.Check, env *provider.TestEnvironmen
 		}
 
 		// 2. Check if SSH port is listening
-		//nolint:gosec
 		sshPortInfo := netutil.PortInfo{PortNumber: int32(sshServicePortNumber), Protocol: sshServicePortProtocol}
 		listeningPorts, err := netutil.GetListeningPorts(cut)
 		if err != nil {

tests/lifecycle/scaling/deployment_scaling_test.go

@@ -75,7 +75,6 @@ func TestScaleDeploymentFunc(t *testing.T) {
 	for _, tc := range testCases {
 		var runtimeObjects []runtime.Object
 		intVar := new(int32)
-		//nolint:gosec
 		*intVar = int32(tc.replicaCount)
 		tempDP := generateDeployment(tc.deploymentName, intVar)
 		runtimeObjects = append(runtimeObjects, tempDP)
@@ -89,7 +88,6 @@ func TestScaleDeploymentFunc(t *testing.T) {
 		// Get the deployment from the fake API
 		dp, err := c.K8sClient.AppsV1().Deployments("namespace1").Get(context.TODO(), tc.deploymentName, metav1.GetOptions{})
 		assert.Nil(t, err)
-		//nolint:gosec
 		assert.Equal(t, int32(tc.replicaCount), *dp.Spec.Replicas)
 	}
 }
@@ -144,7 +142,6 @@ func TestScaleHpaDeploymentFunc(t *testing.T) {
 
 	for _, tc := range testCases {
 		intVar := new(int32)
-		//nolint:gosec
 		*intVar = int32(tc.replicaCount)
 		tempDP := generateDeployment(tc.deploymentName, intVar)
 
@@ -187,7 +184,6 @@ func TestScaleHpaDeploymentFunc(t *testing.T) {
 		// Get the deployment from the fake API
 		hpa, err := c.AutoscalingV1().HorizontalPodAutoscalers("namespace1").Get(context.TODO(), "hpaName", metav1.GetOptions{})
 		assert.Nil(t, err)
-		//nolint:gosec
 		assert.Equal(t, int32(tc.expectedReplicaCount), hpa.Spec.MaxReplicas)
 	}
 }

tests/lifecycle/suite.go

@@ -582,7 +582,6 @@ func testPodsRecreation(check *checksdb.Check, env *provider.TestEnvironment) {
 	needsPostMortemInfo := true
 	defer func() {
 		if needsPostMortemInfo {
-			//nolint:govet
 			check.LogDebug(postmortem.Log())
 		}
 		// Since we are possible exiting early, we need to make sure we set the result at the end of the function.

tests/networking/netutil/netutil.go

@@ -61,7 +61,6 @@ func parseListeningPorts(cmdOut string) (map[PortInfo]bool, error) {
 			return nil, fmt.Errorf("string to int conversion error, err: %v", err)
 		}
 		protocol := strings.ToUpper(fields[indexProtocol])
-		//nolint:gosec
 		portInfo := PortInfo{int32(port), protocol}
 
 		portSet[portInfo] = true

tests/platform/hugepages/hugepages.go

@@ -290,7 +290,6 @@ func logMcKernelArgumentsHugepages(hugepagesPerSize map[int]int, defhugepagesz i
 	for size, count := range hugepagesPerSize {
 		sb.WriteString(fmt.Sprintf(", size=%dkB - count=%d", size, count))
 	}
-	//nolint:govet
 	log.Info(sb.String())
 }
 

webserver/webserver.go

@@ -224,7 +224,6 @@ func runHandler(w http.ResponseWriter, r *http.Request) {
 	log.SetLogger(log.GetMultiLogger(buf))
 
 	jsonData := r.FormValue("jsonData") // "jsonData" is the name of the JSON input field
-	//nolint:govet
 	log.Info(jsonData)
 	var data RequestedData
 	if err := json.Unmarshal([]byte(jsonData), &data); err != nil {