[Test] Fix/goupgrade otel tracetest bump #6280

titpetric · 2024-05-15T09:13:48Z

User description

bump tracetest to 1.0.0, update usage
update docker compose to tracetest docs
reorg taskfiles to ci/tests/tracing

PR Type

enhancement, bug_fix

Description

Added a new function setGODEBUG in gateway/server.go to handle deprecated ciphers with Go 1.22.
Included unit tests for the new setGODEBUG function.
Updated Go version to 1.22 across multiple configuration files including GitHub Actions workflows, Dockerfile, and go.mod.
Updated README and various documentation to reflect the new Go version.
Updated tracetest to version 1.0.0 in docker-compose configurations.

Changes walkthrough 📝

Relevant files

Enhancement

server.go `Add setGODEBUG function to manage deprecated ciphers` gateway/server.go Added a function `setGODEBUG` to set the `GODEBUG` environment variable to re-enable deprecated ciphers. Called `setGODEBUG` in the `Start` function to ensure compatibility with Go 1.22.	+19/-0

Tests

server_test.go `Unit tests for setGODEBUG function` gateway/server_test.go Added unit tests for the `setGODEBUG` function to ensure it sets the environment variable correctly.	+18/-0
Taskfile.yml `Reorganize tracing tests Taskfile` ci/tests/tracing/Taskfile.yml Reorganized tasks and updated tracetest configuration for e2e tests.	+46/-0

Configuration changes

.yml `Update Go version in GitHub Actions workflows` .github/workflows/.yml Updated Go version to 1.22 in various GitHub Actions workflows to ensure compatibility with the latest Go release.
Dockerfile `Update Go version in Dockerfile` Dockerfile Updated the Go version in the Dockerfile to ensure the container uses the correct version for builds.	+2/-2
docker-compose.yml `Update tracetest version in docker-compose` ci/tests/tracing/docker-compose.yml Updated the tracetest image to version 1.0.0.	+2/-5

Documentation

README.md `Update Go version in README` README.md Updated the required Go version in the README to reflect the new version 1.22.	+1/-1

Dependencies

go.mod `Update Go version and dependencies in go.mod` go.mod Updated Go version to 1.22.3 and various dependencies to their newer versions.	+21/-23

💡 PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

…for happy path

# Conflicts: # .github/workflows/plugin-compiler-build.yml

…d ciphers

Co-authored-by: Jeffy Mathew <jeffy.mathew100@gmail.com>

…eway-dashboard-to-go-1-22

# Conflicts: # .github/workflows/release.yml

github-actions · 2024-05-15T09:14:56Z

API Changes

no api changes detected

github-actions · 2024-05-15T09:15:21Z

PR Description updated to latest commit (9c6ea3f)

github-actions · 2024-05-15T09:16:04Z

PR Review 🔍

⏱️ Estimated effort to review [1-5]	3, because the PR involves multiple changes across various configuration files and code, including environment variable management, unit tests, and updates to Go version in several Docker and CI configuration files. The complexity and breadth of the changes require careful review to ensure compatibility and correct functionality.
🧪 Relevant tests	Yes
⚡ Possible issues	Possible Security Issue: The PR introduces code to re-enable deprecated ciphers in Go 1.22 due to their deprecation for security concerns. This could potentially expose the system to older security vulnerabilities associated with these ciphers.
🔒 Security concerns	Yes, the PR re-enables deprecated ciphers which may introduce security vulnerabilities related to older TLS/SSL cipher suites that are known to be less secure.

Code feedback:

relevant file	gateway/server.go
suggestion	Consider logging the actual error message when setting the `GODEBUG` environment variable fails. This will help in diagnosing issues in environments where the configuration does not take effect. [important]
relevant line	mainLog.Warn("Could not set GODEBUG=tlsrsakex=1, some deprecated ciphers might stop working")

relevant file	gateway/server.go
suggestion	It's a good practice to avoid changing global state within your application. Consider using a more localized approach to manage the `GODEBUG` settings or document the global impact thoroughly. [important]
relevant line	err := os.Setenv("GODEBUG", goDebugVal)

relevant file	gateway/server_test.go
suggestion	Add more test cases to cover scenarios where the environment variable `GODEBUG` is partially set or contains other configurations to ensure that the string manipulation is robust. [medium]
relevant line	setGODEBUG()

relevant file	gateway/server.go
suggestion	Instead of manually concatenating strings to form the `GODEBUG` value, consider using more robust methods like `strings.Join` or formatting which can handle various edge cases more gracefully. [medium]
relevant line	goDebugVal = "tlsrsakex=1," + os.Getenv("GODEBUG")

github-actions · 2024-05-15T09:17:00Z

PR Code Suggestions ✨

Category	Suggestion	Score
Maintainability	Ensure version consistency by using variable interpolation in the Darwin install command The `install:darwin` task should use the variable interpolation for the version to maintain consistency with other platform-specific installation commands and to ensure that the version is correctly managed through the variable. ci/tests/tracing/tracetest/Taskfile.yml [27] +- brew install kubeshop/tracetest/tracetest@{{.version}} - Suggestion importance[1-10]: 10 Why: The suggestion is accurate and improves maintainability by using variable interpolation for the version in the Darwin install command, which aligns with the changes made in other parts of the file to use version variables.	10
Maintainability	Improve string concatenation readability and safety using `fmt.Sprintf` Instead of manually concatenating strings to form the `goDebugVal`, consider using `fmt.Sprintf` for better readability and maintainability. This approach also helps prevent potential issues with string manipulation. gateway/server.go [1583] -goDebugVal = "tlsrsakex=1," + os.Getenv("GODEBUG") +goDebugVal = fmt.Sprintf("tlsrsakex=1,%s", os.Getenv("GODEBUG")) Suggestion importance[1-10]: 7 Why: The suggestion correctly identifies a more readable and maintainable way to handle string concatenation in Go, which is a minor improvement in code quality.	7
Error handling	Enhance error handling by adding a retry mechanism or escalating the error It's a good practice to handle errors more robustly. Instead of just logging a warning when setting the `GODEBUG` environment variable fails, consider adding a retry mechanism or escalating the error handling by returning the error to the caller. gateway/server.go [1587] -mainLog.Warn("Could not set GODEBUG=tlsrsakex=1, some deprecated ciphers might stop working") +if err != nil { + mainLog.Error("Critical: Failed to set GODEBUG=tlsrsakex=1, retrying...") + // Implement retry logic or escalate error +} Suggestion importance[1-10]: 6 Why: The suggestion to improve error handling is valid and would make the system more robust. However, the specific implementation details like retry logic should be carefully designed based on the application's requirements.	6
Thread safety	Improve thread safety by avoiding global state modifications in favor of passing configuration explicitly To avoid potential race conditions or unexpected behavior in a multi-threaded environment, consider using a more thread-safe approach to manage environment variables, such as using a configuration struct passed to relevant functions instead of modifying global state. gateway/server.go [1585] -err := os.Setenv("GODEBUG", goDebugVal) +// Consider refactoring to use a config struct instead of global environment variables +type Config struct { + GoDebug string +} +// Use the config in relevant functions Suggestion importance[1-10]: 5 Why: The suggestion addresses a potential issue with thread safety due to global state modification. However, the impact might be limited depending on the actual usage and environment of the application.	5
Performance	Optimize performance by reducing redundant system calls Consider checking the return value of `os.Getenv("GODEBUG")` once and storing it in a variable instead of calling it twice. This will improve performance slightly by reducing the number of system calls. gateway/server.go [1580-1583] -if os.Getenv("GODEBUG") == "" { +currentGoDebug := os.Getenv("GODEBUG") +if currentGoDebug == "" { goDebugVal = "tlsrsakex=1" } else { - goDebugVal = "tlsrsakex=1," + os.Getenv("GODEBUG") + goDebugVal = "tlsrsakex=1," + currentGoDebug } Suggestion importance[1-10]: 5 Why: This is a valid optimization to reduce redundant system calls, which can slightly improve performance. However, the overall impact on performance might be minimal.	5
Possible issue	Review and test the updated version of `github.com/golang/protobuf` for compatibility issues Consider reviewing the necessity of updating `github.com/golang/protobuf` to `v1.5.4` as it might introduce breaking changes or dependencies that are not backward compatible. It's important to ensure that all dependent modules and functionalities are tested against the new version. go.mod [36] -github.com/golang/protobuf v1.5.4 +github.com/golang/protobuf v1.5.3 Suggestion importance[1-10]: 3 Why: The suggestion is valid in terms of caution but does not directly address a specific issue in the PR. The update from `v1.5.3` to `v1.5.4` is minor and typically does not introduce significant compatibility issues.	3
Possible issue	Verify the compatibility of the updated gRPC version with existing services The update of `google.golang.org/grpc` to `v1.63.2` should be carefully reviewed to ensure that it does not introduce any compatibility issues with existing RPC implementations, especially since gRPC versions can introduce significant changes in behavior and API usage. go.mod [71] -google.golang.org/grpc v1.63.2 +google.golang.org/grpc v1.62.1 Suggestion importance[1-10]: 3 Why: While it's generally good practice to review major dependency updates, the suggestion does not point out any specific issues with the update from `v1.62.1` to `v1.63.2`. This is a minor version update and usually handled well within the gRPC community standards for backward compatibility.	3

github-actions · 2024-05-15T09:24:05Z

💥 CI tests failed 🙈