Update to go1.13rc1

This commit is contained in:
Ludovic Fernandez 2019-08-26 15:06:05 +02:00 committed by Traefiker Bot
parent e1831c4c60
commit 89150e1164
12 changed files with 128 additions and 61 deletions

View file

@ -37,6 +37,7 @@
"gochecknoinits", "gochecknoinits",
"gochecknoglobals", "gochecknoglobals",
"bodyclose", # Too many false-positive and panics. "bodyclose", # Too many false-positive and panics.
"typecheck", # v1.17.1 and Go1.13 => bug
] ]
[issues] [issues]

View file

@ -2,19 +2,19 @@
set -e set -e
curl -O https://dl.google.com/go/go1.12.linux-amd64.tar.gz curl -O https://dl.google.com/go/go"${GO_VERSION}".linux-amd64.tar.gz
tar -xvf go1.12.linux-amd64.tar.gz tar -xvf go"${GO_VERSION}".linux-amd64.tar.gz
rm -rf go1.12.linux-amd64.tar.gz rm -rf go"${GO_VERSION}".linux-amd64.tar.gz
sudo mkdir -p /usr/local/golang/1.12/go sudo mkdir -p /usr/local/golang/"${GO_VERSION}"/go
sudo mv go /usr/local/golang/1.12/ sudo mv go /usr/local/golang/"${GO_VERSION}"/
sudo rm /usr/local/bin/go sudo rm /usr/local/bin/go
sudo chmod +x /usr/local/golang/1.12/go/bin/go sudo chmod +x /usr/local/golang/"${GO_VERSION}"/go/bin/go
sudo ln -s /usr/local/golang/1.12/go/bin/go /usr/local/bin/go sudo ln -s /usr/local/golang/"${GO_VERSION}"/go/bin/go /usr/local/bin/go
export GOROOT="/usr/local/golang/1.12/go" export GOROOT="/usr/local/golang/${GO_VERSION}/go"
export GOTOOLDIR="/usr/local/golang/1.12/go/pkg/tool/linux_amd64" export GOTOOLDIR="/usr/local/golang/${GO_VERSION}/go/pkg/tool/linux_amd64"
go version go version

View file

@ -7,6 +7,7 @@ sudo dd if=/dev/zero of=/swapfile bs=1M count=3072
sudo mkswap /swapfile sudo mkswap /swapfile
sudo swapon /swapfile sudo swapon /swapfile
sudo rm -rf /home/runner/.rbenv sudo rm -rf /home/runner/.rbenv
sudo rm -rf /usr/local/golang/{1.4.3,1.5.4,1.6.4,1.7.6,1.8.6,1.9.7,1.10.3,1.11}
#export DOCKER_VERSION=18.06.3 #export DOCKER_VERSION=18.06.3
source .semaphoreci/vars source .semaphoreci/vars
if [ -z "${PULL_REQUEST_NUMBER}" ]; then SHOULD_TEST="-*-"; else TEMP_STORAGE=$(curl --silent https://patch-diff.githubusercontent.com/raw/containous/traefik/pull/${PULL_REQUEST_NUMBER}.diff | patch --dry-run -p1 -R || true); fi if [ -z "${PULL_REQUEST_NUMBER}" ]; then SHOULD_TEST="-*-"; else TEMP_STORAGE=$(curl --silent https://patch-diff.githubusercontent.com/raw/containous/traefik/pull/${PULL_REQUEST_NUMBER}.diff | patch --dry-run -p1 -R || true); fi
@ -17,11 +18,21 @@ echo ${SHOULD_TEST}
#if [ -n "$SHOULD_TEST" ]; then sudo -E apt-get -yq update; fi #if [ -n "$SHOULD_TEST" ]; then sudo -E apt-get -yq update; fi
#if [ -n "$SHOULD_TEST" ]; then sudo -E apt-get -yq --no-install-suggests --no-install-recommends --force-yes install docker-ce=${DOCKER_VERSION}*; fi #if [ -n "$SHOULD_TEST" ]; then sudo -E apt-get -yq --no-install-suggests --no-install-recommends --force-yes install docker-ce=${DOCKER_VERSION}*; fi
if [ -n "$SHOULD_TEST" ]; then docker version; fi if [ -n "$SHOULD_TEST" ]; then docker version; fi
export GO_VERSION=1.12
if [ -f "./go.mod" ]; then GO_VERSION="$(grep '^go .*' go.mod | awk '{print $2}')"; export GO_VERSION; fi
if [ "${GO_VERSION}" == '1.13' ]; then export GO_VERSION=1.13rc1; fi
echo "Selected Go version: ${GO_VERSION}"
if [ -f "./.semaphoreci/golang.sh" ]; then ./.semaphoreci/golang.sh; fi if [ -f "./.semaphoreci/golang.sh" ]; then ./.semaphoreci/golang.sh; fi
if [ -f "./.semaphoreci/golang.sh" ]; then export GOROOT="/usr/local/golang/1.12/go"; fi if [ -f "./.semaphoreci/golang.sh" ]; then export GOROOT="/usr/local/golang/${GO_VERSION}/go"; fi
if [ -f "./.semaphoreci/golang.sh" ]; then export GOTOOLDIR="/usr/local/golang/1.12/go/pkg/tool/linux_amd64"; fi if [ -f "./.semaphoreci/golang.sh" ]; then export GOTOOLDIR="/usr/local/golang/${GO_VERSION}/go/pkg/tool/linux_amd64"; fi
go version
if [ -f "./go.mod" ]; then export GO111MODULE=on; fi if [ -f "./go.mod" ]; then export GO111MODULE=on; fi
if [ -f "./go.mod" ]; then export GOPROXY=https://proxy.golang.org; fi if [ -f "./go.mod" ]; then export GOPROXY=https://proxy.golang.org; fi
if [ -f "./go.mod" ]; then go mod download; fi if [ -f "./go.mod" ]; then go mod download; fi
sudo rm -rf /usr/local/golang/1.4.3/ /usr/local/golang/1.5.4/ /usr/local/golang/1.6.4 /usr/local/golang/1.7.6 /usr/local/golang/1.8.6 /usr/local/golang/1.9.7 /usr/local/golang/1.10.3
df df

View file

@ -1,4 +1,4 @@
FROM golang:1.12-alpine FROM golang:1.13rc1-alpine
RUN apk --update upgrade \ RUN apk --update upgrade \
&& apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \ && apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \

View file

@ -33,14 +33,6 @@ import (
"github.com/vulcand/oxy/roundrobin" "github.com/vulcand/oxy/roundrobin"
) )
func init() {
goDebug := os.Getenv("GODEBUG")
if len(goDebug) > 0 {
goDebug += ","
}
os.Setenv("GODEBUG", goDebug+"tls13=1")
}
func main() { func main() {
// traefik config inits // traefik config inits
tConfig := cmd.NewTraefikConfiguration() tConfig := cmd.NewTraefikConfiguration()

View file

@ -28,7 +28,7 @@ Successfully tagged traefik-webui:latest
[...] [...]
docker build -t "traefik-dev:4475--feature-documentation" -f build.Dockerfile . docker build -t "traefik-dev:4475--feature-documentation" -f build.Dockerfile .
Sending build context to Docker daemon 279MB Sending build context to Docker daemon 279MB
Step 1/10 : FROM golang:1.12-alpine Step 1/10 : FROM golang:1.13rc1-alpine
---> f4bfb3d22bda ---> f4bfb3d22bda
[...] [...]
Successfully built 5c3c1a911277 Successfully built 5c3c1a911277
@ -60,7 +60,7 @@ PRE_TARGET= make test-unit
Requirements: Requirements:
- `go` v1.12+ - `go` v1.13+
- environment variable `GO111MODULE=on` - environment variable `GO111MODULE=on`
!!! tip "Source Directory" !!! tip "Source Directory"

View file

@ -12,7 +12,7 @@ RUN yarn install
RUN npm run build RUN npm run build
# BUILD # BUILD
FROM golang:1.12-alpine as gobuild FROM golang:1.13rc1-alpine as gobuild
RUN apk --update upgrade \ RUN apk --update upgrade \
&& apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \ && apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \

2
go.mod
View file

@ -1,6 +1,6 @@
module github.com/containous/traefik/v2 module github.com/containous/traefik/v2
go 1.12 go 1.13
require ( require (
github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect

View file

@ -31,12 +31,12 @@
[http.services.service1] [http.services.service1]
[http.services.service1.loadBalancer] [http.services.service1.loadBalancer]
[[http.services.service1.loadBalancer.servers]] [[http.services.service1.loadBalancer.servers]]
url = "http://127.0.0.1:9010" url = "{{ .Server1 }}"
[http.services.service2] [http.services.service2]
[http.services.service2.loadBalancer] [http.services.service2.loadBalancer]
[[http.services.service2.loadBalancer.servers]] [[http.services.service2.loadBalancer.servers]]
url = "http://127.0.0.1:9020" url = "{{ .Server2 }}"
[[tls.certificates]] [[tls.certificates]]
certFile = "fixtures/https/snitest.com.cert" certFile = "fixtures/https/snitest.com.cert"

View file

@ -30,12 +30,12 @@
[http.services.service1] [http.services.service1]
[http.services.service1.loadBalancer] [http.services.service1.loadBalancer]
[[http.services.service1.loadBalancer.servers]] [[http.services.service1.loadBalancer.servers]]
url = "http://127.0.0.1:9010" url = "{{ .Server1 }}"
[http.services.service2] [http.services.service2]
[http.services.service2.loadBalancer] [http.services.service2.loadBalancer]
[[http.services.service2.loadBalancer.servers]] [[http.services.service2.loadBalancer.servers]]
url = "http://127.0.0.1:9020" url = "{{ .Server2 }}"
[[tls.certificates]] [[tls.certificates]]
certFile = "fixtures/https/snitest.com.cert" certFile = "fixtures/https/snitest.com.cert"

View file

@ -501,7 +501,21 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthentication(c *check.C) {
// TestWithClientCertificateAuthentication // TestWithClientCertificateAuthentication
// Use two CA:s and test that clients with client signed by either of them can connect // Use two CA:s and test that clients with client signed by either of them can connect
func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check.C) { func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check.C) {
file := s.adaptFile(c, "fixtures/https/clientca/https_2ca1config.toml", struct{}{}) server1 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server1")) }))
server2 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server2")) }))
defer func() {
server1.Close()
server2.Close()
}()
file := s.adaptFile(c, "fixtures/https/clientca/https_2ca1config.toml", struct {
Server1 string
Server2 string
}{
Server1: server1.URL,
Server2: server2.URL,
})
defer os.Remove(file) defer os.Remove(file)
cmd, display := s.traefikCmd(withConfigFile(file)) cmd, display := s.traefikCmd(withConfigFile(file))
defer display(c) defer display(c)
@ -513,24 +527,32 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check
err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 1*time.Second, try.BodyContains("Host(`snitest.org`)")) err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 1*time.Second, try.BodyContains("Host(`snitest.org`)"))
c.Assert(err, checker.IsNil) c.Assert(err, checker.IsNil)
req, err := http.NewRequest(http.MethodGet, "https://127.0.0.1:4443", nil)
c.Assert(err, checker.IsNil)
req.Host = "snitest.com"
tlsConfig := &tls.Config{ tlsConfig := &tls.Config{
InsecureSkipVerify: true, InsecureSkipVerify: true,
ServerName: "snitest.com", ServerName: "snitest.com",
Certificates: []tls.Certificate{}, Certificates: []tls.Certificate{},
} }
// Connection without client certificate should fail
_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server"))
// Connect with client signed by ca1 client := http.Client{
Transport: &http.Transport{TLSClientConfig: tlsConfig},
Timeout: 1 * time.Second,
}
// Connection without client certificate should fail
_, err = client.Do(req)
c.Assert(err, checker.NotNil)
cert, err := tls.LoadX509KeyPair("fixtures/https/clientca/client1.crt", "fixtures/https/clientca/client1.key") cert, err := tls.LoadX509KeyPair("fixtures/https/clientca/client1.crt", "fixtures/https/clientca/client1.key")
c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key")) c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
tlsConfig.Certificates = append(tlsConfig.Certificates, cert) tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
conn, err := tls.Dial("tcp", "127.0.0.1:4443", tlsConfig) // Connect with client signed by ca1
c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server")) _, err = client.Do(req)
c.Assert(err, checker.IsNil)
conn.Close()
// Connect with client signed by ca2 // Connect with client signed by ca2
tlsConfig = &tls.Config{ tlsConfig = &tls.Config{
@ -538,14 +560,19 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check
ServerName: "snitest.com", ServerName: "snitest.com",
Certificates: []tls.Certificate{}, Certificates: []tls.Certificate{},
} }
cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client2.crt", "fixtures/https/clientca/client2.key") cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client2.crt", "fixtures/https/clientca/client2.key")
c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key")) c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
tlsConfig.Certificates = append(tlsConfig.Certificates, cert) tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
conn, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig) client = http.Client{
c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server")) Transport: &http.Transport{TLSClientConfig: tlsConfig},
Timeout: 1 * time.Second,
}
conn.Close() // Connect with client signed by ca1
_, err = client.Do(req)
c.Assert(err, checker.IsNil)
// Connect with client signed by ca3 should fail // Connect with client signed by ca3 should fail
tlsConfig = &tls.Config{ tlsConfig = &tls.Config{
@ -553,18 +580,38 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check
ServerName: "snitest.com", ServerName: "snitest.com",
Certificates: []tls.Certificate{}, Certificates: []tls.Certificate{},
} }
cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client3.crt", "fixtures/https/clientca/client3.key") cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client3.crt", "fixtures/https/clientca/client3.key")
c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key")) c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
tlsConfig.Certificates = append(tlsConfig.Certificates, cert) tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig) client = http.Client{
c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server")) Transport: &http.Transport{TLSClientConfig: tlsConfig},
Timeout: 1 * time.Second,
}
// Connect with client signed by ca1
_, err = client.Do(req)
c.Assert(err, checker.NotNil)
} }
// TestWithClientCertificateAuthentication // TestWithClientCertificateAuthentication
// Use two CA:s in two different files and test that clients with client signed by either of them can connect // Use two CA:s in two different files and test that clients with client signed by either of them can connect
func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleFiles(c *check.C) { func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleFiles(c *check.C) {
file := s.adaptFile(c, "fixtures/https/clientca/https_2ca2config.toml", struct{}{}) server1 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server1")) }))
server2 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server2")) }))
defer func() {
server1.Close()
server2.Close()
}()
file := s.adaptFile(c, "fixtures/https/clientca/https_2ca2config.toml", struct {
Server1 string
Server2 string
}{
Server1: server1.URL,
Server2: server2.URL,
})
defer os.Remove(file) defer os.Remove(file)
cmd, display := s.traefikCmd(withConfigFile(file)) cmd, display := s.traefikCmd(withConfigFile(file))
defer display(c) defer display(c)
@ -576,24 +623,32 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleF
err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 1*time.Second, try.BodyContains("Host(`snitest.org`)")) err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 1*time.Second, try.BodyContains("Host(`snitest.org`)"))
c.Assert(err, checker.IsNil) c.Assert(err, checker.IsNil)
req, err := http.NewRequest(http.MethodGet, "https://127.0.0.1:4443", nil)
c.Assert(err, checker.IsNil)
req.Host = "snitest.com"
tlsConfig := &tls.Config{ tlsConfig := &tls.Config{
InsecureSkipVerify: true, InsecureSkipVerify: true,
ServerName: "snitest.com", ServerName: "snitest.com",
Certificates: []tls.Certificate{}, Certificates: []tls.Certificate{},
} }
client := http.Client{
Transport: &http.Transport{TLSClientConfig: tlsConfig},
Timeout: 1 * time.Second,
}
// Connection without client certificate should fail // Connection without client certificate should fail
_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig) _, err = client.Do(req)
c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server")) c.Assert(err, checker.NotNil)
// Connect with client signed by ca1 // Connect with client signed by ca1
cert, err := tls.LoadX509KeyPair("fixtures/https/clientca/client1.crt", "fixtures/https/clientca/client1.key") cert, err := tls.LoadX509KeyPair("fixtures/https/clientca/client1.crt", "fixtures/https/clientca/client1.key")
c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key")) c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
tlsConfig.Certificates = append(tlsConfig.Certificates, cert) tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
conn, err := tls.Dial("tcp", "127.0.0.1:4443", tlsConfig) _, err = client.Do(req)
c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server")) c.Assert(err, checker.IsNil)
conn.Close()
// Connect with client signed by ca2 // Connect with client signed by ca2
tlsConfig = &tls.Config{ tlsConfig = &tls.Config{
@ -601,13 +656,18 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleF
ServerName: "snitest.com", ServerName: "snitest.com",
Certificates: []tls.Certificate{}, Certificates: []tls.Certificate{},
} }
cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client2.crt", "fixtures/https/clientca/client2.key") cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client2.crt", "fixtures/https/clientca/client2.key")
c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key")) c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
tlsConfig.Certificates = append(tlsConfig.Certificates, cert) tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
conn, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig) client = http.Client{
c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server")) Transport: &http.Transport{TLSClientConfig: tlsConfig},
conn.Close() Timeout: 1 * time.Second,
}
_, err = client.Do(req)
c.Assert(err, checker.IsNil)
// Connect with client signed by ca3 should fail // Connect with client signed by ca3 should fail
tlsConfig = &tls.Config{ tlsConfig = &tls.Config{
@ -615,12 +675,18 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleF
ServerName: "snitest.com", ServerName: "snitest.com",
Certificates: []tls.Certificate{}, Certificates: []tls.Certificate{},
} }
cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client3.crt", "fixtures/https/clientca/client3.key") cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client3.crt", "fixtures/https/clientca/client3.key")
c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key")) c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
tlsConfig.Certificates = append(tlsConfig.Certificates, cert) tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig) client = http.Client{
c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server")) Transport: &http.Transport{TLSClientConfig: tlsConfig},
Timeout: 1 * time.Second,
}
_, err = client.Do(req)
c.Assert(err, checker.NotNil)
} }
func (s *HTTPSSuite) TestWithRootCAsContentForHTTPSOnBackend(c *check.C) { func (s *HTTPSSuite) TestWithRootCAsContentForHTTPSOnBackend(c *check.C) {

View file

@ -27,11 +27,6 @@ var host = flag.Bool("host", false, "run host integration tests")
var showLog = flag.Bool("tlog", false, "always show Traefik logs") var showLog = flag.Bool("tlog", false, "always show Traefik logs")
func Test(t *testing.T) { func Test(t *testing.T) {
check.TestingT(t)
}
func init() {
flag.Parse()
if !*integration { if !*integration {
log.Info("Integration tests disabled.") log.Info("Integration tests disabled.")
return return
@ -69,6 +64,8 @@ func init() {
check.Suite(&ProxyProtocolSuite{}) check.Suite(&ProxyProtocolSuite{})
check.Suite(&TCPSuite{}) check.Suite(&TCPSuite{})
} }
check.TestingT(t)
} }
var traefikBinary = "../dist/traefik" var traefikBinary = "../dist/traefik"