From 568d639458f14f8496f609ce963a006ec7a044c0 Mon Sep 17 00:00:00 2001
From: Jian Wang <jian.wang@suse.com>
Date: Fri, 14 Feb 2025 09:44:24 +0100
Subject: [PATCH] Bump go to v1.23.4

Signed-off-by: Jian Wang <jian.wang@suse.com>
---
 Dockerfile.dapper                     |  4 ++--
 go.mod                                |  2 +-
 pkg/lb/servicelb/manager.go           |  4 ++++
 pkg/webhook/loadbalancer/converter.go | 16 ++++++++++------
 pkg/webhook/loadbalancer/validator.go |  1 +
 5 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/Dockerfile.dapper b/Dockerfile.dapper
index c42291d4..dea69e44 100644
--- a/Dockerfile.dapper
+++ b/Dockerfile.dapper
@@ -1,11 +1,11 @@
-FROM registry.suse.com/bci/golang:1.22.8
+FROM registry.suse.com/bci/golang:1.23
 
 ARG DAPPER_HOST_ARCH
 ENV HOST_ARCH=${DAPPER_HOST_ARCH} ARCH=${DAPPER_HOST_ARCH}
 
 RUN zypper -n rm container-suseconnect && \
     zypper -n install git curl docker gzip tar wget awk
-RUN curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.57.1
+RUN curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.64.4
 
 # The docker version in dapper is too old to have buildx. Install it manually.
 RUN curl -sSfL https://github.com/docker/buildx/releases/download/v0.17.1/buildx-v0.17.1.linux-${ARCH} -o buildx-v0.17.1.linux-${ARCH} && \
diff --git a/go.mod b/go.mod
index 4a1e3018..ad656c8b 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/harvester/harvester-load-balancer
 
-go 1.22.8
+go 1.23.4
 
 replace (
 	github.com/containerd/containerd => github.com/containerd/containerd v1.6.18
diff --git a/pkg/lb/servicelb/manager.go b/pkg/lb/servicelb/manager.go
index 4b5773de..10137c02 100644
--- a/pkg/lb/servicelb/manager.go
+++ b/pkg/lb/servicelb/manager.go
@@ -441,11 +441,14 @@ func (m *Manager) generateOneProber(lb *lbv1.LoadBalancer, ep *discoveryv1.Endpo
 	if lb.Spec.HealthCheck.TimeoutSeconds == 0 {
 		option.Timeout = defaultTimeout
 	} else {
+		// escape gosec error: G115: integer overflow conversion uint -> int64 (gosec)
+		//#nosec
 		option.Timeout = time.Duration(lb.Spec.HealthCheck.TimeoutSeconds) * time.Second
 	}
 	if lb.Spec.HealthCheck.PeriodSeconds == 0 {
 		option.Period = defaultPeriod
 	} else {
+		//#nosec
 		option.Period = time.Duration(lb.Spec.HealthCheck.PeriodSeconds) * time.Second
 	}
 	if ep.Conditions.Ready != nil {
@@ -472,6 +475,7 @@ func unMarshalUID(uid string) (namespace, name string, err error) {
 }
 
 func marshalPorberAddress(lb *lbv1.LoadBalancer, ep *discoveryv1.Endpoint) string {
+	//#nosec
 	return ep.Addresses[0] + ":" + strconv.Itoa(int(lb.Spec.HealthCheck.Port))
 }
 
diff --git a/pkg/webhook/loadbalancer/converter.go b/pkg/webhook/loadbalancer/converter.go
index 05ec730b..4b1f35ee 100644
--- a/pkg/webhook/loadbalancer/converter.go
+++ b/pkg/webhook/loadbalancer/converter.go
@@ -96,9 +96,11 @@ func (c *converter) convertFromV1alpha1ToV1beta1(obj *unstructured.Unstructured)
 		for _, listener := range listeners {
 			l := listener.(map[string]interface{})
 			v1beta1Listeners = append(v1beta1Listeners, lbv1beta1.Listener{
-				Name:        l[keyName].(string),
-				Port:        int32(l[keyPort].(int64)),
-				Protocol:    corev1.Protocol(l[keyProtocol].(string)),
+				Name: l[keyName].(string),
+				//#nosec
+				Port:     int32(l[keyPort].(int64)),
+				Protocol: corev1.Protocol(l[keyProtocol].(string)),
+				//#nosec
 				BackendPort: int32(l[keyBackendPort].(int64)),
 			})
 		}
@@ -133,9 +135,11 @@ func (c *converter) convertFromV1beta1ToV1alpha1(obj *unstructured.Unstructured)
 		for _, listener := range listeners {
 			l := listener.(map[string]interface{})
 			v1alpha1Listeners = append(v1alpha1Listeners, &lbv1alpha1.Listener{
-				Name:        l[keyName].(string),
-				Port:        int32(l[keyPort].(int64)),
-				Protocol:    corev1.Protocol(l[keyProtocol].(string)),
+				Name: l[keyName].(string),
+				//#nosec
+				Port:     int32(l[keyPort].(int64)),
+				Protocol: corev1.Protocol(l[keyProtocol].(string)),
+				//#nosec
 				BackendPort: int32(l[keyBackendPort].(int64)),
 			})
 		}
diff --git a/pkg/webhook/loadbalancer/validator.go b/pkg/webhook/loadbalancer/validator.go
index 4be9fd95..56f638f5 100644
--- a/pkg/webhook/loadbalancer/validator.go
+++ b/pkg/webhook/loadbalancer/validator.go
@@ -138,6 +138,7 @@ func checkHealthyCheck(lb *lbv1.LoadBalancer) error {
 		wrongProtocol := false
 		for _, listener := range lb.Spec.Listeners {
 			// check listener port and protocol, only TCP is supported now
+			//#nosec
 			if uint(listener.BackendPort) == lb.Spec.HealthCheck.Port {
 				if listener.Protocol == corev1.ProtocolTCP {
 					if lb.Spec.HealthCheck.SuccessThreshold == 0 {