From e968abc042d7dbc57c4634b7cd35addcbaf25a42 Mon Sep 17 00:00:00 2001 From: Steve Cliff Date: Sun, 3 May 2026 11:13:22 +0100 Subject: [PATCH] ci: fix race-trip in enrollment fixture + bump golangci-lint to v2.1.6 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - host_credentials_test.go's CreateEnrollmentToken fixture passed 1<<20 as the TTL (third arg, time.Duration) — that's ~1ms in nanoseconds. Local non-race runs finished inside the window, but -race overhead blew the deadline so the token was already expired by the time GetEnrollmentTokenAttachments / ConsumeEnrollmentToken ran. Use time.Hour instead, which matches the spirit of a per-test fixture. - Lint pin v1.61.0 was built against Go 1.23 and refuses to load a config targeting newer toolchains. go.mod is on 1.25, so the lint step exited 3 ('the Go language version used to build golangci-lint is lower than the targeted Go version'). Bumping to v2.1.6, which supports Go 1.25. Both failures showed up only on the Gitea runner because local make target runs go test without -race and lint hadn't been re-run after the go.mod toolchain bump. --- .gitea/workflows/ci.yml | 5 ++++- internal/server/http/host_credentials_test.go | 5 +++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index 35c4c33..d2e3eb0 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -38,7 +38,10 @@ jobs: cache: true - uses: golangci/golangci-lint-action@v6 with: - version: v1.61.0 + # v1.61 was built against Go 1.23 and refuses to load a + # config that targets a newer toolchain — go.mod is on 1.25. + # Bumping to a v2.x release built against current Go. + version: v2.1.6 args: --timeout=5m build: diff --git a/internal/server/http/host_credentials_test.go b/internal/server/http/host_credentials_test.go index d1667be..af2d286 100644 --- a/internal/server/http/host_credentials_test.go +++ b/internal/server/http/host_credentials_test.go @@ -4,6 +4,7 @@ import ( "context" "encoding/json" "testing" + "time" ) // TestEnrollmentTransfersRepoCreds verifies the round-trip: @@ -28,7 +29,7 @@ func TestEnrollmentTransfersRepoCreds(t *testing.T) { if err != nil { t.Fatalf("encrypt: %v", err) } - if err := st.CreateEnrollmentToken(ctx, tokHash, 1<<20, enc, ""); err != nil { + if err := st.CreateEnrollmentToken(ctx, tokHash, time.Hour, enc, ""); err != nil { t.Fatalf("create token: %v", err) } @@ -93,7 +94,7 @@ func TestEnrollmentTokenWithoutCreds(t *testing.T) { ctx := context.Background() const tokHash = "no-creds-token" - if err := st.CreateEnrollmentToken(ctx, tokHash, 1<<20, "", ""); err != nil { + if err := st.CreateEnrollmentToken(ctx, tokHash, time.Hour, "", ""); err != nil { t.Fatalf("create: %v", err) } att, err := st.GetEnrollmentTokenAttachments(ctx, tokHash)