Update to go1.13rc1

This commit is contained in:
Ludovic Fernandez 2019-08-26 15:06:05 +02:00 committed by Traefiker Bot
parent e1831c4c60
commit 89150e1164
12 changed files with 128 additions and 61 deletions

View file

@ -37,6 +37,7 @@
"gochecknoinits",
"gochecknoglobals",
"bodyclose", # Too many false-positive and panics.
"typecheck", # v1.17.1 and Go1.13 => bug
]
[issues]

View file

@ -2,19 +2,19 @@
set -e
curl -O https://dl.google.com/go/go1.12.linux-amd64.tar.gz
curl -O https://dl.google.com/go/go"${GO_VERSION}".linux-amd64.tar.gz
tar -xvf go1.12.linux-amd64.tar.gz
rm -rf go1.12.linux-amd64.tar.gz
tar -xvf go"${GO_VERSION}".linux-amd64.tar.gz
rm -rf go"${GO_VERSION}".linux-amd64.tar.gz
sudo mkdir -p /usr/local/golang/1.12/go
sudo mv go /usr/local/golang/1.12/
sudo mkdir -p /usr/local/golang/"${GO_VERSION}"/go
sudo mv go /usr/local/golang/"${GO_VERSION}"/
sudo rm /usr/local/bin/go
sudo chmod +x /usr/local/golang/1.12/go/bin/go
sudo ln -s /usr/local/golang/1.12/go/bin/go /usr/local/bin/go
sudo chmod +x /usr/local/golang/"${GO_VERSION}"/go/bin/go
sudo ln -s /usr/local/golang/"${GO_VERSION}"/go/bin/go /usr/local/bin/go
export GOROOT="/usr/local/golang/1.12/go"
export GOTOOLDIR="/usr/local/golang/1.12/go/pkg/tool/linux_amd64"
export GOROOT="/usr/local/golang/${GO_VERSION}/go"
export GOTOOLDIR="/usr/local/golang/${GO_VERSION}/go/pkg/tool/linux_amd64"
go version

View file

@ -7,6 +7,7 @@ sudo dd if=/dev/zero of=/swapfile bs=1M count=3072
sudo mkswap /swapfile
sudo swapon /swapfile
sudo rm -rf /home/runner/.rbenv
sudo rm -rf /usr/local/golang/{1.4.3,1.5.4,1.6.4,1.7.6,1.8.6,1.9.7,1.10.3,1.11}
#export DOCKER_VERSION=18.06.3
source .semaphoreci/vars
if [ -z "${PULL_REQUEST_NUMBER}" ]; then SHOULD_TEST="-*-"; else TEMP_STORAGE=$(curl --silent https://patch-diff.githubusercontent.com/raw/containous/traefik/pull/${PULL_REQUEST_NUMBER}.diff | patch --dry-run -p1 -R || true); fi
@ -17,11 +18,21 @@ echo ${SHOULD_TEST}
#if [ -n "$SHOULD_TEST" ]; then sudo -E apt-get -yq update; fi
#if [ -n "$SHOULD_TEST" ]; then sudo -E apt-get -yq --no-install-suggests --no-install-recommends --force-yes install docker-ce=${DOCKER_VERSION}*; fi
if [ -n "$SHOULD_TEST" ]; then docker version; fi
export GO_VERSION=1.12
if [ -f "./go.mod" ]; then GO_VERSION="$(grep '^go .*' go.mod | awk '{print $2}')"; export GO_VERSION; fi
if [ "${GO_VERSION}" == '1.13' ]; then export GO_VERSION=1.13rc1; fi
echo "Selected Go version: ${GO_VERSION}"
if [ -f "./.semaphoreci/golang.sh" ]; then ./.semaphoreci/golang.sh; fi
if [ -f "./.semaphoreci/golang.sh" ]; then export GOROOT="/usr/local/golang/1.12/go"; fi
if [ -f "./.semaphoreci/golang.sh" ]; then export GOTOOLDIR="/usr/local/golang/1.12/go/pkg/tool/linux_amd64"; fi
if [ -f "./.semaphoreci/golang.sh" ]; then export GOROOT="/usr/local/golang/${GO_VERSION}/go"; fi
if [ -f "./.semaphoreci/golang.sh" ]; then export GOTOOLDIR="/usr/local/golang/${GO_VERSION}/go/pkg/tool/linux_amd64"; fi
go version
if [ -f "./go.mod" ]; then export GO111MODULE=on; fi
if [ -f "./go.mod" ]; then export GOPROXY=https://proxy.golang.org; fi
if [ -f "./go.mod" ]; then go mod download; fi
sudo rm -rf /usr/local/golang/1.4.3/ /usr/local/golang/1.5.4/ /usr/local/golang/1.6.4 /usr/local/golang/1.7.6 /usr/local/golang/1.8.6 /usr/local/golang/1.9.7 /usr/local/golang/1.10.3
df

View file

@ -1,4 +1,4 @@
FROM golang:1.12-alpine
FROM golang:1.13rc1-alpine
RUN apk --update upgrade \
&& apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \

View file

@ -33,14 +33,6 @@ import (
"github.com/vulcand/oxy/roundrobin"
)
func init() {
goDebug := os.Getenv("GODEBUG")
if len(goDebug) > 0 {
goDebug += ","
}
os.Setenv("GODEBUG", goDebug+"tls13=1")
}
func main() {
// traefik config inits
tConfig := cmd.NewTraefikConfiguration()

View file

@ -28,7 +28,7 @@ Successfully tagged traefik-webui:latest
[...]
docker build -t "traefik-dev:4475--feature-documentation" -f build.Dockerfile .
Sending build context to Docker daemon 279MB
Step 1/10 : FROM golang:1.12-alpine
Step 1/10 : FROM golang:1.13rc1-alpine
---> f4bfb3d22bda
[...]
Successfully built 5c3c1a911277
@ -60,7 +60,7 @@ PRE_TARGET= make test-unit
Requirements:
- `go` v1.12+
- `go` v1.13+
- environment variable `GO111MODULE=on`
!!! tip "Source Directory"

View file

@ -12,7 +12,7 @@ RUN yarn install
RUN npm run build
# BUILD
FROM golang:1.12-alpine as gobuild
FROM golang:1.13rc1-alpine as gobuild
RUN apk --update upgrade \
&& apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \

2
go.mod
View file

@ -1,6 +1,6 @@
module github.com/containous/traefik/v2
go 1.12
go 1.13
require (
github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect

View file

@ -31,12 +31,12 @@
[http.services.service1]
[http.services.service1.loadBalancer]
[[http.services.service1.loadBalancer.servers]]
url = "http://127.0.0.1:9010"
url = "{{ .Server1 }}"
[http.services.service2]
[http.services.service2.loadBalancer]
[[http.services.service2.loadBalancer.servers]]
url = "http://127.0.0.1:9020"
url = "{{ .Server2 }}"
[[tls.certificates]]
certFile = "fixtures/https/snitest.com.cert"

View file

@ -30,12 +30,12 @@
[http.services.service1]
[http.services.service1.loadBalancer]
[[http.services.service1.loadBalancer.servers]]
url = "http://127.0.0.1:9010"
url = "{{ .Server1 }}"
[http.services.service2]
[http.services.service2.loadBalancer]
[[http.services.service2.loadBalancer.servers]]
url = "http://127.0.0.1:9020"
url = "{{ .Server2 }}"
[[tls.certificates]]
certFile = "fixtures/https/snitest.com.cert"

View file

@ -501,7 +501,21 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthentication(c *check.C) {
// TestWithClientCertificateAuthentication
// Use two CA:s and test that clients with client signed by either of them can connect
func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check.C) {
file := s.adaptFile(c, "fixtures/https/clientca/https_2ca1config.toml", struct{}{})
server1 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server1")) }))
server2 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server2")) }))
defer func() {
server1.Close()
server2.Close()
}()
file := s.adaptFile(c, "fixtures/https/clientca/https_2ca1config.toml", struct {
Server1 string
Server2 string
}{
Server1: server1.URL,
Server2: server2.URL,
})
defer os.Remove(file)
cmd, display := s.traefikCmd(withConfigFile(file))
defer display(c)
@ -513,24 +527,32 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check
err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 1*time.Second, try.BodyContains("Host(`snitest.org`)"))
c.Assert(err, checker.IsNil)
req, err := http.NewRequest(http.MethodGet, "https://127.0.0.1:4443", nil)
c.Assert(err, checker.IsNil)
req.Host = "snitest.com"
tlsConfig := &tls.Config{
InsecureSkipVerify: true,
ServerName: "snitest.com",
Certificates: []tls.Certificate{},
}
// Connection without client certificate should fail
_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server"))
// Connect with client signed by ca1
client := http.Client{
Transport: &http.Transport{TLSClientConfig: tlsConfig},
Timeout: 1 * time.Second,
}
// Connection without client certificate should fail
_, err = client.Do(req)
c.Assert(err, checker.NotNil)
cert, err := tls.LoadX509KeyPair("fixtures/https/clientca/client1.crt", "fixtures/https/clientca/client1.key")
c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
conn, err := tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server"))
conn.Close()
// Connect with client signed by ca1
_, err = client.Do(req)
c.Assert(err, checker.IsNil)
// Connect with client signed by ca2
tlsConfig = &tls.Config{
@ -538,14 +560,19 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check
ServerName: "snitest.com",
Certificates: []tls.Certificate{},
}
cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client2.crt", "fixtures/https/clientca/client2.key")
c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
conn, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server"))
client = http.Client{
Transport: &http.Transport{TLSClientConfig: tlsConfig},
Timeout: 1 * time.Second,
}
conn.Close()
// Connect with client signed by ca1
_, err = client.Do(req)
c.Assert(err, checker.IsNil)
// Connect with client signed by ca3 should fail
tlsConfig = &tls.Config{
@ -553,18 +580,38 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check
ServerName: "snitest.com",
Certificates: []tls.Certificate{},
}
cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client3.crt", "fixtures/https/clientca/client3.key")
c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server"))
client = http.Client{
Transport: &http.Transport{TLSClientConfig: tlsConfig},
Timeout: 1 * time.Second,
}
// Connect with client signed by ca1
_, err = client.Do(req)
c.Assert(err, checker.NotNil)
}
// TestWithClientCertificateAuthentication
// Use two CA:s in two different files and test that clients with client signed by either of them can connect
func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleFiles(c *check.C) {
file := s.adaptFile(c, "fixtures/https/clientca/https_2ca2config.toml", struct{}{})
server1 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server1")) }))
server2 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server2")) }))
defer func() {
server1.Close()
server2.Close()
}()
file := s.adaptFile(c, "fixtures/https/clientca/https_2ca2config.toml", struct {
Server1 string
Server2 string
}{
Server1: server1.URL,
Server2: server2.URL,
})
defer os.Remove(file)
cmd, display := s.traefikCmd(withConfigFile(file))
defer display(c)
@ -576,24 +623,32 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleF
err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 1*time.Second, try.BodyContains("Host(`snitest.org`)"))
c.Assert(err, checker.IsNil)
req, err := http.NewRequest(http.MethodGet, "https://127.0.0.1:4443", nil)
c.Assert(err, checker.IsNil)
req.Host = "snitest.com"
tlsConfig := &tls.Config{
InsecureSkipVerify: true,
ServerName: "snitest.com",
Certificates: []tls.Certificate{},
}
client := http.Client{
Transport: &http.Transport{TLSClientConfig: tlsConfig},
Timeout: 1 * time.Second,
}
// Connection without client certificate should fail
_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server"))
_, err = client.Do(req)
c.Assert(err, checker.NotNil)
// Connect with client signed by ca1
cert, err := tls.LoadX509KeyPair("fixtures/https/clientca/client1.crt", "fixtures/https/clientca/client1.key")
c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
conn, err := tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server"))
conn.Close()
_, err = client.Do(req)
c.Assert(err, checker.IsNil)
// Connect with client signed by ca2
tlsConfig = &tls.Config{
@ -601,13 +656,18 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleF
ServerName: "snitest.com",
Certificates: []tls.Certificate{},
}
cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client2.crt", "fixtures/https/clientca/client2.key")
c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
conn, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server"))
conn.Close()
client = http.Client{
Transport: &http.Transport{TLSClientConfig: tlsConfig},
Timeout: 1 * time.Second,
}
_, err = client.Do(req)
c.Assert(err, checker.IsNil)
// Connect with client signed by ca3 should fail
tlsConfig = &tls.Config{
@ -615,12 +675,18 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleF
ServerName: "snitest.com",
Certificates: []tls.Certificate{},
}
cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client3.crt", "fixtures/https/clientca/client3.key")
c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server"))
client = http.Client{
Transport: &http.Transport{TLSClientConfig: tlsConfig},
Timeout: 1 * time.Second,
}
_, err = client.Do(req)
c.Assert(err, checker.NotNil)
}
func (s *HTTPSSuite) TestWithRootCAsContentForHTTPSOnBackend(c *check.C) {

View file

@ -27,11 +27,6 @@ var host = flag.Bool("host", false, "run host integration tests")
var showLog = flag.Bool("tlog", false, "always show Traefik logs")
func Test(t *testing.T) {
check.TestingT(t)
}
func init() {
flag.Parse()
if !*integration {
log.Info("Integration tests disabled.")
return
@ -69,6 +64,8 @@ func init() {
check.Suite(&ProxyProtocolSuite{})
check.Suite(&TCPSuite{})
}
check.TestingT(t)
}
var traefikBinary = "../dist/traefik"