chore: update linter, Go, and seihon

.github/workflows/go-cross.yml

@@ -11,7 +11,7 @@ jobs:
 
     strategy:
       matrix:
-        go-version: [ 1.14, 1.15, 1.x ]
+        go-version: [ 1.17, 1.x ]
         os: [ubuntu-latest, macos-latest, windows-latest]
 
     steps:
@@ -29,11 +29,16 @@ jobs:
       - name: Cache Go modules
         uses: actions/cache@v2
         with:
+          # In order:
+          # * Module download cache
+          # * Build cache (Linux)
+          # * Build cache (Mac)
+          # * Build cache (Windows)
           path: |
-            ~/go/pkg/mod              # Module download cache
-            ~/.cache/go-build         # Build cache (Linux)
-            ~/Library/Caches/go-build # Build cache (Mac)
-            '%LocalAppData%\go-build' # Build cache (Windows)
+            ~/go/pkg/mod
+            ~/.cache/go-build
+            ~/Library/Caches/go-build
+            %LocalAppData%\go-build
           key: ${{ runner.os }}-${{ matrix.go-version }}-go-${{ hashFiles('**/go.sum') }}
           restore-keys: |
             ${{ runner.os }}-${{ matrix.go-version }}-go-

.github/workflows/main.yml

@@ -14,9 +14,9 @@ jobs:
     name: Main Process
     runs-on: ubuntu-latest
     env:
-      GO_VERSION: 1.15
-      GOLANGCI_LINT_VERSION: v1.33.0
-      SEIHON_VERSION: v0.5.1
+      GO_VERSION: 1.17
+      GOLANGCI_LINT_VERSION: v1.43.0
+      SEIHON_VERSION: v0.8.5
       CGO_ENABLED: 0
 
     steps:
@@ -47,7 +47,6 @@ jobs:
           go mod tidy
           git diff --exit-code go.mod
           git diff --exit-code go.sum
-          go mod download
 
       # https://golangci-lint.run/usage/install#other-ci
       - name: Install golangci-lint ${{ env.GOLANGCI_LINT_VERSION }}

.golangci.toml

@@ -1,49 +0,0 @@
-[run]
-  deadline = "2m"
-  skip-files = []
-
-[linters-settings]
-
-  [linters-settings.govet]
-    check-shadowing = true
-
-  [linters-settings.gocyclo]
-    min-complexity = 12.0
-
-  [linters-settings.maligned]
-    suggest-new = true
-
-  [linters-settings.goconst]
-    min-len = 3.0
-    min-occurrences = 3.0
-
-  [linters-settings.misspell]
-    locale = "US"
-
-[linters]
-  enable-all = true
-  disable = [
-    "maligned",
-    "lll",
-    "gosec",
-    "dupl",
-    "prealloc",
-    "gochecknoglobals",
-    "gochecknoinits",
-    "gomnd",
-    "wsl",
-    "nlreturn",
-    "testpackage",
-    "paralleltest",
-    "tparallel",
-    "goerr113",
-    "wrapcheck",
-    "exhaustive",
-    "exhaustivestruct",
-  ]
-
-[issues]
-  exclude-use-default = false
-  max-per-linter = 0
-  max-same-issues = 0
-  exclude = []

.golangci.yml

@@ -0,0 +1,46 @@
+run:
+  deadline: 2m
+  skip-files: []
+linters-settings:
+  govet:
+    check-shadowing: true
+  gocyclo:
+    min-complexity: 12
+  goconst:
+    min-len: 3
+    min-occurrences: 3
+  misspell:
+    locale: US
+
+linters:
+  enable-all: true
+  disable:
+    - golint # deprecated
+    - scopelint # deprecated
+    - interfacer # deprecated
+    - maligned # deprecated
+    - lll
+    - gosec
+    - dupl
+    - prealloc
+    - gochecknoglobals
+    - gochecknoinits
+    - gomnd
+    - wsl
+    - nlreturn
+    - testpackage
+    - paralleltest
+    - tparallel
+    - goerr113
+    - wrapcheck
+    - exhaustive
+    - exhaustivestruct
+    - forbidigo
+    - varnamelen
+    - nilnil
+
+issues:
+  exclude-use-default: false
+  max-per-linter: 0
+  max-same-issues: 0
+  exclude: []

README.md

@@ -22,7 +22,7 @@ Tiny Go webserver that prints os information and HTTP request to output
 
 - `cert`: give me a certificate.
 - `key`: give me a key.
-- `port`: give me a port number. (default: 80)
+- `port`: give me a port number. (it can be also defined with `WHOAMI_PORT` environment variable) (default: 80)
 - `name`: give me a name. (it can be also defined with `WHOAMI_NAME` environment variable)
 
 ## Examples

app.go

@@ -2,10 +2,13 @@ package main
 
 import (
 	"bytes"
+	"crypto/tls"
+	"crypto/x509"
 	"encoding/json"
 	"flag"
 	"fmt"
 	"io"
+	"io/ioutil"
 	"log"
 	"net"
 	"net/http"
@@ -31,6 +34,7 @@ const (
 var (
 	cert string
 	key  string
+	ca   string
 	port string
 	name string
 )
@@ -38,7 +42,8 @@ var (
 func init() {
 	flag.StringVar(&cert, "cert", "", "give me a certificate")
 	flag.StringVar(&key, "key", "", "give me a key")
-	flag.StringVar(&port, "port", "80", "give me a port number")
+	flag.StringVar(&ca, "cacert", "", "give me a CA chain, enforces mutual TLS")
+	flag.StringVar(&port, "port", getEnv("WHOAMI_PORT", "80"), "give me a port number")
 	flag.StringVar(&name, "name", os.Getenv("WHOAMI_NAME"), "give me a name")
 }
 
@@ -60,11 +65,38 @@ func main() {
 	fmt.Println("Starting up on port " + port)
 
 	if len(cert) > 0 && len(key) > 0 {
-		log.Fatal(http.ListenAndServeTLS(":"+port, cert, key, nil))
+		server := &http.Server{
+			Addr: ":" + port,
+		}
+
+		if len(ca) > 0 {
+			server.TLSConfig = setupMutualTLS(ca)
+		}
+
+		log.Fatal(server.ListenAndServeTLS(cert, key))
 	}
 	log.Fatal(http.ListenAndServe(":"+port, nil))
 }
 
+func setupMutualTLS(ca string) *tls.Config {
+	clientCACert, err := ioutil.ReadFile(ca)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	clientCertPool := x509.NewCertPool()
+	clientCertPool.AppendCertsFromPEM(clientCACert)
+
+	tlsConfig := &tls.Config{
+		ClientAuth:               tls.RequireAndVerifyClientCert,
+		ClientCAs:                clientCertPool,
+		PreferServerCipherSuites: true,
+		MinVersion:               tls.VersionTLS12,
+	}
+
+	return tlsConfig
+}
+
 func benchHandler(w http.ResponseWriter, _ *http.Request) {
 	w.Header().Set("Connection", "keep-alive")
 	w.Header().Set("Content-Type", "text/plain")
@@ -274,3 +306,11 @@ func fillContent(length int64) io.ReadSeeker {
 
 	return bytes.NewReader(b)
 }
+
+func getEnv(key, fallback string) string {
+	value := os.Getenv(key)
+	if len(value) == 0 {
+		return fallback
+	}
+	return value
+}

go.mod

@@ -1,5 +1,5 @@
 module github.com/traefik/whoami
 
-go 1.13
+go 1.17
 
 require github.com/gorilla/websocket v1.4.2