Update to go1.13rc1

2019-08-26 15:06:05 +02:00 · 2019-08-26 15:06:05 +02:00 · 89150e1164
commit 89150e1164
parent e1831c4c60
12 changed files with 128 additions and 61 deletions
--- a/.golangci.toml
+++ b/.golangci.toml
@ -37,6 +37,7 @@
    "gochecknoinits",
    "gochecknoglobals",
    "bodyclose", # Too many false-positive and panics.
+    "typecheck", # v1.17.1 and Go1.13 => bug
  ]

 [issues]
--- a/.semaphoreci/golang.sh
+++ b/.semaphoreci/golang.sh
@ -2,19 +2,19 @@

 set -e

-curl -O https://dl.google.com/go/go1.12.linux-amd64.tar.gz
+curl -O https://dl.google.com/go/go"${GO_VERSION}".linux-amd64.tar.gz

-tar -xvf go1.12.linux-amd64.tar.gz
-rm -rf go1.12.linux-amd64.tar.gz
+tar -xvf go"${GO_VERSION}".linux-amd64.tar.gz
+rm -rf go"${GO_VERSION}".linux-amd64.tar.gz

-sudo mkdir -p /usr/local/golang/1.12/go
-sudo mv go /usr/local/golang/1.12/
+sudo mkdir -p /usr/local/golang/"${GO_VERSION}"/go
+sudo mv go /usr/local/golang/"${GO_VERSION}"/

 sudo rm /usr/local/bin/go
-sudo chmod +x /usr/local/golang/1.12/go/bin/go
-sudo ln -s /usr/local/golang/1.12/go/bin/go /usr/local/bin/go
+sudo chmod +x /usr/local/golang/"${GO_VERSION}"/go/bin/go
+sudo ln -s /usr/local/golang/"${GO_VERSION}"/go/bin/go /usr/local/bin/go

-export GOROOT="/usr/local/golang/1.12/go"
-export GOTOOLDIR="/usr/local/golang/1.12/go/pkg/tool/linux_amd64"
+export GOROOT="/usr/local/golang/${GO_VERSION}/go"
+export GOTOOLDIR="/usr/local/golang/${GO_VERSION}/go/pkg/tool/linux_amd64"

 go version
--- a/.semaphoreci/setup.sh
+++ b/.semaphoreci/setup.sh
@ -7,6 +7,7 @@ sudo dd if=/dev/zero of=/swapfile bs=1M count=3072
 sudo mkswap /swapfile
 sudo swapon /swapfile
 sudo rm -rf /home/runner/.rbenv
+sudo rm -rf /usr/local/golang/{1.4.3,1.5.4,1.6.4,1.7.6,1.8.6,1.9.7,1.10.3,1.11}
 #export DOCKER_VERSION=18.06.3
 source .semaphoreci/vars
 if [ -z "${PULL_REQUEST_NUMBER}" ]; then SHOULD_TEST="-*-"; else TEMP_STORAGE=$(curl --silent https://patch-diff.githubusercontent.com/raw/containous/traefik/pull/${PULL_REQUEST_NUMBER}.diff | patch --dry-run -p1 -R || true); fi
@ -17,11 +18,21 @@ echo ${SHOULD_TEST}
 #if [ -n "$SHOULD_TEST" ]; then sudo -E apt-get -yq update; fi
 #if [ -n "$SHOULD_TEST" ]; then sudo -E apt-get -yq --no-install-suggests --no-install-recommends --force-yes install docker-ce=${DOCKER_VERSION}*; fi
 if [ -n "$SHOULD_TEST" ]; then docker version; fi
+
+export GO_VERSION=1.12
+if [ -f "./go.mod" ]; then GO_VERSION="$(grep '^go .*' go.mod | awk '{print $2}')"; export GO_VERSION; fi
+if [ "${GO_VERSION}" == '1.13' ]; then export GO_VERSION=1.13rc1; fi
+echo "Selected Go version: ${GO_VERSION}"
+
 if [ -f "./.semaphoreci/golang.sh" ]; then ./.semaphoreci/golang.sh; fi
-if [ -f "./.semaphoreci/golang.sh" ]; then export GOROOT="/usr/local/golang/1.12/go"; fi
-if [ -f "./.semaphoreci/golang.sh" ]; then export GOTOOLDIR="/usr/local/golang/1.12/go/pkg/tool/linux_amd64"; fi
+if [ -f "./.semaphoreci/golang.sh" ]; then export GOROOT="/usr/local/golang/${GO_VERSION}/go"; fi
+if [ -f "./.semaphoreci/golang.sh" ]; then export GOTOOLDIR="/usr/local/golang/${GO_VERSION}/go/pkg/tool/linux_amd64"; fi
+go version
+
 if [ -f "./go.mod" ]; then export GO111MODULE=on; fi
 if [ -f "./go.mod" ]; then export GOPROXY=https://proxy.golang.org; fi
 if [ -f "./go.mod" ]; then go mod download; fi
-sudo rm -rf /usr/local/golang/1.4.3/ /usr/local/golang/1.5.4/ /usr/local/golang/1.6.4 /usr/local/golang/1.7.6 /usr/local/golang/1.8.6 /usr/local/golang/1.9.7 /usr/local/golang/1.10.3
+
 df
+
+
--- a/build.Dockerfile
+++ b/build.Dockerfile
@ -1,4 +1,4 @@
-FROM golang:1.12-alpine
+FROM golang:1.13rc1-alpine

 RUN apk --update upgrade \
    && apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \
--- a/cmd/traefik/traefik.go
+++ b/cmd/traefik/traefik.go
@ -33,14 +33,6 @@ import (
 	"github.com/vulcand/oxy/roundrobin"
 )

-func init() {
-	goDebug := os.Getenv("GODEBUG")
-	if len(goDebug) > 0 {
-		goDebug += ","
-	}
-	os.Setenv("GODEBUG", goDebug+"tls13=1")
-}
-
 func main() {
 	// traefik config inits
 	tConfig := cmd.NewTraefikConfiguration()
--- a/docs/content/contributing/building-testing.md
+++ b/docs/content/contributing/building-testing.md
@ -28,7 +28,7 @@ Successfully tagged traefik-webui:latest
 [...]
 docker build  -t "traefik-dev:4475--feature-documentation" -f build.Dockerfile .
 Sending build context to Docker daemon    279MB
-Step 1/10 : FROM golang:1.12-alpine
+Step 1/10 : FROM golang:1.13rc1-alpine
 ---> f4bfb3d22bda
 [...]
 Successfully built 5c3c1a911277
@ -60,7 +60,7 @@ PRE_TARGET= make test-unit

 Requirements:

- `go` v1.12+
+- `go` v1.13+
 - environment variable `GO111MODULE=on`

 !!! tip "Source Directory"
--- a/exp.Dockerfile
+++ b/exp.Dockerfile
@ -12,7 +12,7 @@ RUN yarn install
 RUN npm run build

 # BUILD
-FROM golang:1.12-alpine as gobuild
+FROM golang:1.13rc1-alpine as gobuild

 RUN apk --update upgrade \
    && apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \
--- a/go.mod
+++ b/go.mod
@ -1,6 +1,6 @@
 module github.com/containous/traefik/v2

-go 1.12
+go 1.13

 require (
 	github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect
--- a/integration/fixtures/https/clientca/https_2ca1config.toml
+++ b/integration/fixtures/https/clientca/https_2ca1config.toml
@ -31,12 +31,12 @@
  [http.services.service1]
    [http.services.service1.loadBalancer]
      [[http.services.service1.loadBalancer.servers]]
-        url = "http://127.0.0.1:9010"
+        url = "{{ .Server1 }}"

  [http.services.service2]
    [http.services.service2.loadBalancer]
      [[http.services.service2.loadBalancer.servers]]
-        url = "http://127.0.0.1:9020"
+        url = "{{ .Server2 }}"

 [[tls.certificates]]
  certFile = "fixtures/https/snitest.com.cert"
--- a/integration/fixtures/https/clientca/https_2ca2config.toml
+++ b/integration/fixtures/https/clientca/https_2ca2config.toml
@ -30,12 +30,12 @@
  [http.services.service1]
    [http.services.service1.loadBalancer]
      [[http.services.service1.loadBalancer.servers]]
-        url = "http://127.0.0.1:9010"
+        url = "{{ .Server1 }}"

  [http.services.service2]
    [http.services.service2.loadBalancer]
      [[http.services.service2.loadBalancer.servers]]
-        url = "http://127.0.0.1:9020"
+        url = "{{ .Server2 }}"

 [[tls.certificates]]
  certFile = "fixtures/https/snitest.com.cert"
--- a/integration/https_test.go
+++ b/integration/https_test.go
@ -501,7 +501,21 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthentication(c *check.C) {
 // TestWithClientCertificateAuthentication
 // Use two CA:s and test that clients with client signed by either of them can connect
 func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check.C) {
-	file := s.adaptFile(c, "fixtures/https/clientca/https_2ca1config.toml", struct{}{})
+	server1 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server1")) }))
+	server2 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server2")) }))
+	defer func() {
+		server1.Close()
+		server2.Close()
+	}()
+
+	file := s.adaptFile(c, "fixtures/https/clientca/https_2ca1config.toml", struct {
+		Server1 string
+		Server2 string
+	}{
+		Server1: server1.URL,
+		Server2: server2.URL,
+	})
+
 	defer os.Remove(file)
 	cmd, display := s.traefikCmd(withConfigFile(file))
 	defer display(c)
@ -513,24 +527,32 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check
 	err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 1*time.Second, try.BodyContains("Host(`snitest.org`)"))
 	c.Assert(err, checker.IsNil)

+	req, err := http.NewRequest(http.MethodGet, "https://127.0.0.1:4443", nil)
+	c.Assert(err, checker.IsNil)
+	req.Host = "snitest.com"
+
 	tlsConfig := &tls.Config{
 		InsecureSkipVerify: true,
 		ServerName:         "snitest.com",
 		Certificates:       []tls.Certificate{},
 	}
-	// Connection without client certificate should fail
-	_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server"))

-	// Connect with client signed by ca1
+	client := http.Client{
+		Transport: &http.Transport{TLSClientConfig: tlsConfig},
+		Timeout:   1 * time.Second,
+	}
+
+	// Connection without client certificate should fail
+	_, err = client.Do(req)
+	c.Assert(err, checker.NotNil)
+
 	cert, err := tls.LoadX509KeyPair("fixtures/https/clientca/client1.crt", "fixtures/https/clientca/client1.key")
 	c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
 	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)

-	conn, err := tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server"))
-
-	conn.Close()
+	// Connect with client signed by ca1
+	_, err = client.Do(req)
+	c.Assert(err, checker.IsNil)

 	// Connect with client signed by ca2
 	tlsConfig = &tls.Config{
@ -538,14 +560,19 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check
 		ServerName:         "snitest.com",
 		Certificates:       []tls.Certificate{},
 	}
+
 	cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client2.crt", "fixtures/https/clientca/client2.key")
 	c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
 	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)

-	conn, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server"))
+	client = http.Client{
+		Transport: &http.Transport{TLSClientConfig: tlsConfig},
+		Timeout:   1 * time.Second,
+	}

-	conn.Close()
+	// Connect with client signed by ca1
+	_, err = client.Do(req)
+	c.Assert(err, checker.IsNil)

 	// Connect with client signed by ca3 should fail
 	tlsConfig = &tls.Config{
@ -553,18 +580,38 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check
 		ServerName:         "snitest.com",
 		Certificates:       []tls.Certificate{},
 	}
+
 	cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client3.crt", "fixtures/https/clientca/client3.key")
 	c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
 	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)

-	_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server"))
+	client = http.Client{
+		Transport: &http.Transport{TLSClientConfig: tlsConfig},
+		Timeout:   1 * time.Second,
+	}
+
+	// Connect with client signed by ca1
+	_, err = client.Do(req)
+	c.Assert(err, checker.NotNil)
 }

 // TestWithClientCertificateAuthentication
 // Use two CA:s in two different files and test that clients with client signed by either of them can connect
 func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleFiles(c *check.C) {
-	file := s.adaptFile(c, "fixtures/https/clientca/https_2ca2config.toml", struct{}{})
+	server1 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server1")) }))
+	server2 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server2")) }))
+	defer func() {
+		server1.Close()
+		server2.Close()
+	}()
+
+	file := s.adaptFile(c, "fixtures/https/clientca/https_2ca2config.toml", struct {
+		Server1 string
+		Server2 string
+	}{
+		Server1: server1.URL,
+		Server2: server2.URL,
+	})
 	defer os.Remove(file)
 	cmd, display := s.traefikCmd(withConfigFile(file))
 	defer display(c)
@ -576,24 +623,32 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleF
 	err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 1*time.Second, try.BodyContains("Host(`snitest.org`)"))
 	c.Assert(err, checker.IsNil)

+	req, err := http.NewRequest(http.MethodGet, "https://127.0.0.1:4443", nil)
+	c.Assert(err, checker.IsNil)
+	req.Host = "snitest.com"
+
 	tlsConfig := &tls.Config{
 		InsecureSkipVerify: true,
 		ServerName:         "snitest.com",
 		Certificates:       []tls.Certificate{},
 	}
+
+	client := http.Client{
+		Transport: &http.Transport{TLSClientConfig: tlsConfig},
+		Timeout:   1 * time.Second,
+	}
+
 	// Connection without client certificate should fail
-	_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server"))
+	_, err = client.Do(req)
+	c.Assert(err, checker.NotNil)

 	// Connect with client signed by ca1
 	cert, err := tls.LoadX509KeyPair("fixtures/https/clientca/client1.crt", "fixtures/https/clientca/client1.key")
 	c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
 	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)

-	conn, err := tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server"))
-
-	conn.Close()
+	_, err = client.Do(req)
+	c.Assert(err, checker.IsNil)

 	// Connect with client signed by ca2
 	tlsConfig = &tls.Config{
@ -601,13 +656,18 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleF
 		ServerName:         "snitest.com",
 		Certificates:       []tls.Certificate{},
 	}
+
 	cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client2.crt", "fixtures/https/clientca/client2.key")
 	c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
 	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)

-	conn, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server"))
-	conn.Close()
+	client = http.Client{
+		Transport: &http.Transport{TLSClientConfig: tlsConfig},
+		Timeout:   1 * time.Second,
+	}
+
+	_, err = client.Do(req)
+	c.Assert(err, checker.IsNil)

 	// Connect with client signed by ca3 should fail
 	tlsConfig = &tls.Config{
@ -615,12 +675,18 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleF
 		ServerName:         "snitest.com",
 		Certificates:       []tls.Certificate{},
 	}
+
 	cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client3.crt", "fixtures/https/clientca/client3.key")
 	c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
 	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)

-	_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server"))
+	client = http.Client{
+		Transport: &http.Transport{TLSClientConfig: tlsConfig},
+		Timeout:   1 * time.Second,
+	}
+
+	_, err = client.Do(req)
+	c.Assert(err, checker.NotNil)
 }

 func (s *HTTPSSuite) TestWithRootCAsContentForHTTPSOnBackend(c *check.C) {
--- a/integration/integration_test.go
+++ b/integration/integration_test.go
@ -27,11 +27,6 @@ var host = flag.Bool("host", false, "run host integration tests")
 var showLog = flag.Bool("tlog", false, "always show Traefik logs")

 func Test(t *testing.T) {
-	check.TestingT(t)
-}
-
-func init() {
-	flag.Parse()
 	if !*integration {
 		log.Info("Integration tests disabled.")
 		return
@ -69,6 +64,8 @@ func init() {
 		check.Suite(&ProxyProtocolSuite{})
 		check.Suite(&TCPSuite{})
 	}
+
+	check.TestingT(t)
 }

 var traefikBinary = "../dist/traefik"