Update to go1.13rc1

ldez · traefiker · commit 89150e1164b1 · 2019-08-26T06:06:05.000-07:00
diff --git a/.golangci.toml b/.golangci.toml
@@ -37,6 +37,7 @@
     "gochecknoinits",
     "gochecknoglobals",
     "bodyclose", # Too many false-positive and panics.
+    "typecheck", # v1.17.1 and Go1.13 => bug
   ]
 
 [issues]
diff --git a/.semaphoreci/golang.sh b/.semaphoreci/golang.sh
@@ -2,19 +2,19 @@
 
 set -e
 
-curl -O https://dl.google.com/go/go1.12.linux-amd64.tar.gz
+curl -O https://dl.google.com/go/go"${GO_VERSION}".linux-amd64.tar.gz
 
-tar -xvf go1.12.linux-amd64.tar.gz
-rm -rf go1.12.linux-amd64.tar.gz
+tar -xvf go"${GO_VERSION}".linux-amd64.tar.gz
+rm -rf go"${GO_VERSION}".linux-amd64.tar.gz
 
-sudo mkdir -p /usr/local/golang/1.12/go
-sudo mv go /usr/local/golang/1.12/
+sudo mkdir -p /usr/local/golang/"${GO_VERSION}"/go
+sudo mv go /usr/local/golang/"${GO_VERSION}"/
 
 sudo rm /usr/local/bin/go
-sudo chmod +x /usr/local/golang/1.12/go/bin/go
-sudo ln -s /usr/local/golang/1.12/go/bin/go /usr/local/bin/go
+sudo chmod +x /usr/local/golang/"${GO_VERSION}"/go/bin/go
+sudo ln -s /usr/local/golang/"${GO_VERSION}"/go/bin/go /usr/local/bin/go
 
-export GOROOT="/usr/local/golang/1.12/go"
-export GOTOOLDIR="/usr/local/golang/1.12/go/pkg/tool/linux_amd64"
+export GOROOT="/usr/local/golang/${GO_VERSION}/go"
+export GOTOOLDIR="/usr/local/golang/${GO_VERSION}/go/pkg/tool/linux_amd64"
 
 go version
diff --git a/.semaphoreci/setup.sh b/.semaphoreci/setup.sh
@@ -7,6 +7,7 @@ sudo dd if=/dev/zero of=/swapfile bs=1M count=3072
 sudo mkswap /swapfile
 sudo swapon /swapfile
 sudo rm -rf /home/runner/.rbenv
+sudo rm -rf /usr/local/golang/{1.4.3,1.5.4,1.6.4,1.7.6,1.8.6,1.9.7,1.10.3,1.11}
 #export DOCKER_VERSION=18.06.3
 source .semaphoreci/vars
 if [ -z "${PULL_REQUEST_NUMBER}" ]; then SHOULD_TEST="-*-"; else TEMP_STORAGE=$(curl --silent https://patch-diff.githubusercontent.com/raw/containous/traefik/pull/${PULL_REQUEST_NUMBER}.diff | patch --dry-run -p1 -R || true); fi
@@ -16,12 +17,22 @@ echo ${TEMP_STORAGE}
 echo ${SHOULD_TEST}
 #if [ -n "$SHOULD_TEST" ]; then sudo -E apt-get -yq update; fi
 #if [ -n "$SHOULD_TEST" ]; then sudo -E apt-get -yq --no-install-suggests --no-install-recommends --force-yes install docker-ce=${DOCKER_VERSION}*; fi
-if [ -n "$SHOULD_TEST" ]; then   docker version; fi
+if [ -n "$SHOULD_TEST" ]; then docker version; fi
+
+export GO_VERSION=1.12
+if [ -f "./go.mod" ]; then GO_VERSION="$(grep '^go .*' go.mod | awk '{print $2}')"; export GO_VERSION; fi
+if [ "${GO_VERSION}" == '1.13' ]; then export GO_VERSION=1.13rc1; fi
+echo "Selected Go version: ${GO_VERSION}"
+
 if [ -f "./.semaphoreci/golang.sh" ]; then ./.semaphoreci/golang.sh; fi
-if [ -f "./.semaphoreci/golang.sh" ]; then export GOROOT="/usr/local/golang/1.12/go"; fi
-if [ -f "./.semaphoreci/golang.sh" ]; then export GOTOOLDIR="/usr/local/golang/1.12/go/pkg/tool/linux_amd64"; fi
+if [ -f "./.semaphoreci/golang.sh" ]; then export GOROOT="/usr/local/golang/${GO_VERSION}/go"; fi
+if [ -f "./.semaphoreci/golang.sh" ]; then export GOTOOLDIR="/usr/local/golang/${GO_VERSION}/go/pkg/tool/linux_amd64"; fi
+go version
+
 if [ -f "./go.mod" ]; then export GO111MODULE=on; fi
 if [ -f "./go.mod" ]; then export GOPROXY=https://proxy.golang.org; fi
 if [ -f "./go.mod" ]; then go mod download; fi
-sudo rm -rf /usr/local/golang/1.4.3/ /usr/local/golang/1.5.4/ /usr/local/golang/1.6.4 /usr/local/golang/1.7.6 /usr/local/golang/1.8.6 /usr/local/golang/1.9.7 /usr/local/golang/1.10.3
+
 df
+
+
diff --git a/build.Dockerfile b/build.Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.12-alpine
+FROM golang:1.13rc1-alpine
 
 RUN apk --update upgrade \
     && apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \
diff --git a/cmd/traefik/traefik.go b/cmd/traefik/traefik.go
@@ -33,14 +33,6 @@ import (
 	"github.com/vulcand/oxy/roundrobin"
 )
 
-func init() {
-	goDebug := os.Getenv("GODEBUG")
-	if len(goDebug) > 0 {
-		goDebug += ","
-	}
-	os.Setenv("GODEBUG", goDebug+"tls13=1")
-}
-
 func main() {
 	// traefik config inits
 	tConfig := cmd.NewTraefikConfiguration()
diff --git a/docs/content/contributing/building-testing.md b/docs/content/contributing/building-testing.md
@@ -28,7 +28,7 @@ Successfully tagged traefik-webui:latest
 [...]
 docker build  -t "traefik-dev:4475--feature-documentation" -f build.Dockerfile .
 Sending build context to Docker daemon    279MB
-Step 1/10 : FROM golang:1.12-alpine
+Step 1/10 : FROM golang:1.13rc1-alpine
  ---> f4bfb3d22bda
 [...]
 Successfully built 5c3c1a911277
@@ -60,7 +60,7 @@ PRE_TARGET= make test-unit
 
 Requirements:
 
-- `go` v1.12+
+- `go` v1.13+
 - environment variable `GO111MODULE=on`
 
 !!! tip "Source Directory"
diff --git a/exp.Dockerfile b/exp.Dockerfile
@@ -12,7 +12,7 @@ RUN yarn install
 RUN npm run build
 
 # BUILD
-FROM golang:1.12-alpine as gobuild
+FROM golang:1.13rc1-alpine as gobuild
 
 RUN apk --update upgrade \
     && apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \
diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/containous/traefik/v2
 
-go 1.12
+go 1.13
 
 require (
 	github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect
diff --git a/integration/fixtures/https/clientca/https_2ca1config.toml b/integration/fixtures/https/clientca/https_2ca1config.toml
@@ -31,12 +31,12 @@
   [http.services.service1]
     [http.services.service1.loadBalancer]
       [[http.services.service1.loadBalancer.servers]]
-        url = "http://127.0.0.1:9010"
+        url = "{{ .Server1 }}"
 
   [http.services.service2]
     [http.services.service2.loadBalancer]
       [[http.services.service2.loadBalancer.servers]]
-        url = "http://127.0.0.1:9020"
+        url = "{{ .Server2 }}"
 
 [[tls.certificates]]
   certFile = "fixtures/https/snitest.com.cert"
diff --git a/integration/fixtures/https/clientca/https_2ca2config.toml b/integration/fixtures/https/clientca/https_2ca2config.toml
@@ -30,12 +30,12 @@
   [http.services.service1]
     [http.services.service1.loadBalancer]
       [[http.services.service1.loadBalancer.servers]]
-        url = "http://127.0.0.1:9010"
+        url = "{{ .Server1 }}"
 
   [http.services.service2]
     [http.services.service2.loadBalancer]
       [[http.services.service2.loadBalancer.servers]]
-        url = "http://127.0.0.1:9020"
+        url = "{{ .Server2 }}"
 
 [[tls.certificates]]
   certFile = "fixtures/https/snitest.com.cert"
diff --git a/integration/https_test.go b/integration/https_test.go
@@ -501,7 +501,21 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthentication(c *check.C) {
 // TestWithClientCertificateAuthentication
 // Use two CA:s and test that clients with client signed by either of them can connect
 func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check.C) {
-	file := s.adaptFile(c, "fixtures/https/clientca/https_2ca1config.toml", struct{}{})
+	server1 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server1")) }))
+	server2 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server2")) }))
+	defer func() {
+		server1.Close()
+		server2.Close()
+	}()
+
+	file := s.adaptFile(c, "fixtures/https/clientca/https_2ca1config.toml", struct {
+		Server1 string
+		Server2 string
+	}{
+		Server1: server1.URL,
+		Server2: server2.URL,
+	})
+
 	defer os.Remove(file)
 	cmd, display := s.traefikCmd(withConfigFile(file))
 	defer display(c)
@@ -513,58 +527,91 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAs(c *check
 	err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 1*time.Second, try.BodyContains("Host(`snitest.org`)"))
 	c.Assert(err, checker.IsNil)
 
+	req, err := http.NewRequest(http.MethodGet, "https://127.0.0.1:4443", nil)
+	c.Assert(err, checker.IsNil)
+	req.Host = "snitest.com"
+
 	tlsConfig := &tls.Config{
 		InsecureSkipVerify: true,
 		ServerName:         "snitest.com",
 		Certificates:       []tls.Certificate{},
 	}
+
+	client := http.Client{
+		Transport: &http.Transport{TLSClientConfig: tlsConfig},
+		Timeout:   1 * time.Second,
+	}
+
 	// Connection without client certificate should fail
-	_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server"))
+	_, err = client.Do(req)
+	c.Assert(err, checker.NotNil)
 
-	// Connect with client signed by ca1
 	cert, err := tls.LoadX509KeyPair("fixtures/https/clientca/client1.crt", "fixtures/https/clientca/client1.key")
 	c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
 	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
 
-	conn, err := tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server"))
-
-	conn.Close()
+	// Connect with client signed by ca1
+	_, err = client.Do(req)
+	c.Assert(err, checker.IsNil)
 
 	// Connect with client signed by ca2
 	tlsConfig = &tls.Config{
 		InsecureSkipVerify: true,
 		ServerName:         "snitest.com",
 		Certificates:       []tls.Certificate{},
 	}
+
 	cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client2.crt", "fixtures/https/clientca/client2.key")
 	c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
 	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
 
-	conn, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server"))
+	client = http.Client{
+		Transport: &http.Transport{TLSClientConfig: tlsConfig},
+		Timeout:   1 * time.Second,
+	}
 
-	conn.Close()
+	// Connect with client signed by ca1
+	_, err = client.Do(req)
+	c.Assert(err, checker.IsNil)
 
 	// Connect with client signed by ca3 should fail
 	tlsConfig = &tls.Config{
 		InsecureSkipVerify: true,
 		ServerName:         "snitest.com",
 		Certificates:       []tls.Certificate{},
 	}
+
 	cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client3.crt", "fixtures/https/clientca/client3.key")
 	c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
 	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
 
-	_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server"))
+	client = http.Client{
+		Transport: &http.Transport{TLSClientConfig: tlsConfig},
+		Timeout:   1 * time.Second,
+	}
+
+	// Connect with client signed by ca1
+	_, err = client.Do(req)
+	c.Assert(err, checker.NotNil)
 }
 
 // TestWithClientCertificateAuthentication
 // Use two CA:s in two different files and test that clients with client signed by either of them can connect
 func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleFiles(c *check.C) {
-	file := s.adaptFile(c, "fixtures/https/clientca/https_2ca2config.toml", struct{}{})
+	server1 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server1")) }))
+	server2 := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Write([]byte("server2")) }))
+	defer func() {
+		server1.Close()
+		server2.Close()
+	}()
+
+	file := s.adaptFile(c, "fixtures/https/clientca/https_2ca2config.toml", struct {
+		Server1 string
+		Server2 string
+	}{
+		Server1: server1.URL,
+		Server2: server2.URL,
+	})
 	defer os.Remove(file)
 	cmd, display := s.traefikCmd(withConfigFile(file))
 	defer display(c)
@@ -576,51 +623,70 @@ func (s *HTTPSSuite) TestWithClientCertificateAuthenticationMultipleCAsMultipleF
 	err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 1*time.Second, try.BodyContains("Host(`snitest.org`)"))
 	c.Assert(err, checker.IsNil)
 
+	req, err := http.NewRequest(http.MethodGet, "https://127.0.0.1:4443", nil)
+	c.Assert(err, checker.IsNil)
+	req.Host = "snitest.com"
+
 	tlsConfig := &tls.Config{
 		InsecureSkipVerify: true,
 		ServerName:         "snitest.com",
 		Certificates:       []tls.Certificate{},
 	}
+
+	client := http.Client{
+		Transport: &http.Transport{TLSClientConfig: tlsConfig},
+		Timeout:   1 * time.Second,
+	}
+
 	// Connection without client certificate should fail
-	_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server"))
+	_, err = client.Do(req)
+	c.Assert(err, checker.NotNil)
 
 	// Connect with client signed by ca1
 	cert, err := tls.LoadX509KeyPair("fixtures/https/clientca/client1.crt", "fixtures/https/clientca/client1.key")
 	c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
 	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
 
-	conn, err := tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server"))
-
-	conn.Close()
+	_, err = client.Do(req)
+	c.Assert(err, checker.IsNil)
 
 	// Connect with client signed by ca2
 	tlsConfig = &tls.Config{
 		InsecureSkipVerify: true,
 		ServerName:         "snitest.com",
 		Certificates:       []tls.Certificate{},
 	}
+
 	cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client2.crt", "fixtures/https/clientca/client2.key")
 	c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
 	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
 
-	conn, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.IsNil, check.Commentf("failed to connect to server"))
-	conn.Close()
+	client = http.Client{
+		Transport: &http.Transport{TLSClientConfig: tlsConfig},
+		Timeout:   1 * time.Second,
+	}
+
+	_, err = client.Do(req)
+	c.Assert(err, checker.IsNil)
 
 	// Connect with client signed by ca3 should fail
 	tlsConfig = &tls.Config{
 		InsecureSkipVerify: true,
 		ServerName:         "snitest.com",
 		Certificates:       []tls.Certificate{},
 	}
+
 	cert, err = tls.LoadX509KeyPair("fixtures/https/clientca/client3.crt", "fixtures/https/clientca/client3.key")
 	c.Assert(err, checker.IsNil, check.Commentf("unable to load client certificate and key"))
 	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
 
-	_, err = tls.Dial("tcp", "127.0.0.1:4443", tlsConfig)
-	c.Assert(err, checker.NotNil, check.Commentf("should not be allowed to connect to server"))
+	client = http.Client{
+		Transport: &http.Transport{TLSClientConfig: tlsConfig},
+		Timeout:   1 * time.Second,
+	}
+
+	_, err = client.Do(req)
+	c.Assert(err, checker.NotNil)
 }
 
 func (s *HTTPSSuite) TestWithRootCAsContentForHTTPSOnBackend(c *check.C) {
diff --git a/integration/integration_test.go b/integration/integration_test.go
@@ -27,11 +27,6 @@ var host = flag.Bool("host", false, "run host integration tests")
 var showLog = flag.Bool("tlog", false, "always show Traefik logs")
 
 func Test(t *testing.T) {
-	check.TestingT(t)
-}
-
-func init() {
-	flag.Parse()
 	if !*integration {
 		log.Info("Integration tests disabled.")
 		return
@@ -69,6 +64,8 @@ func init() {
 		check.Suite(&ProxyProtocolSuite{})
 		check.Suite(&TCPSuite{})
 	}
+
+	check.TestingT(t)
 }
 
 var traefikBinary = "../dist/traefik"

Original file line number	Diff line number	Diff line change
`@@ -37,6 +37,7 @@`
`37`	`37`	`"gochecknoinits",`
`38`	`38`	`"gochecknoglobals",`
`39`	`39`	`"bodyclose", # Too many false-positive and panics.`
	`40`	`+ "typecheck", # v1.17.1 and Go1.13 => bug`
`40`	`41`	`]`
`41`	`42`
`42`	`43`	`[issues]`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-FROM golang:1.12-alpine`
	`1`	`+FROM golang:1.13rc1-alpine`
`2`	`2`
`3`	`3`	`RUN apk --update upgrade \`
`4`	`4`	`&& apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \`