From f068e8e8ea1f4dba10fbca17f2d3d78076ff432a Mon Sep 17 00:00:00 2001
From: William Burton <williamburton@google.com>
Date: Thu, 23 May 2024 17:07:53 -0400
Subject: [PATCH 1/7] Add go vet to the actions

---
 .github/workflows/go.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index 12f9ac3c..dd3914d8 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -26,3 +26,6 @@ jobs:
 
     - name: Test
       run: go test -v ./...
+
+    - name: Vet
+      run: go vet -v ./...

From 82c7c28970ae6499e7739c30d75d29ccef4d07f0 Mon Sep 17 00:00:00 2001
From: William Burton <williamburton@google.com>
Date: Tue, 28 May 2024 16:56:00 -0400
Subject: [PATCH 2/7] Fix go vet finding in benchmark generate.

There was a loop variable being captured by a goroutine which might
change before the goroutine is executed.
---
 tools/benchmark/generate/main.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tools/benchmark/generate/main.go b/tools/benchmark/generate/main.go
index 4116de4a..3281fef7 100644
--- a/tools/benchmark/generate/main.go
+++ b/tools/benchmark/generate/main.go
@@ -723,7 +723,7 @@ func main() {
 		}
 		log.Printf("Generating %s...", b.Filename)
 		todo <- nil
-		go func() {
+		go func(b *RebuildBenchmark) {
 			ps := b.Generator(ctx)
 			out, err := json.MarshalIndent(ps, "", "  ")
 			if err != nil {
@@ -734,7 +734,7 @@ func main() {
 				log.Fatalf("error writing %s: %v", b.Filename, err)
 			}
 			done <- nil
-		}()
+		}(&b)
 	}
 	close(todo)
 	for range todo {

From 8478fedf3c21b06e00464e1f8dcfc946a4d36073 Mon Sep 17 00:00:00 2001
From: William Burton <williamburton@google.com>
Date: Tue, 28 May 2024 17:09:46 -0400
Subject: [PATCH 3/7] Enable gofmt in the go action.

---
 .github/workflows/go.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index dd3914d8..ed928c07 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -29,3 +29,6 @@ jobs:
 
     - name: Vet
       run: go vet -v ./...
+
+    - name: Format
+      run: '[ ! "$(gofmt -s -l .)" ]'

From aaa603b7885ee10cef38939119c6777484b48ba0 Mon Sep 17 00:00:00 2001
From: William Burton <williamburton@google.com>
Date: Tue, 28 May 2024 17:10:20 -0400
Subject: [PATCH 4/7] Fix gofmt issues.

These weren't caught yet because they fall under the "-s" simplify flag.

I borrowed the bash magic from https://github.com/digitalocean/godo/pull/396/commits/ea2c9712d13c5eb15425a88e73ab74232838c048
---
 internal/verifier/attestation_test.go     |  2 +-
 pkg/rebuild/rebuild/rebuildremote.go      | 10 +++++-----
 pkg/rebuild/rebuild/rebuildremote_test.go | 14 +++++++-------
 3 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/internal/verifier/attestation_test.go b/internal/verifier/attestation_test.go
index 25f2daf4..51ee3dde 100644
--- a/internal/verifier/attestation_test.go
+++ b/internal/verifier/attestation_test.go
@@ -48,7 +48,7 @@ func TestCreateAttestations(t *testing.T) {
 		BuildEnd:    must(time.Parse(time.RFC3339, "2024-01-01T00:00:00Z")),
 		BuildImages: map[string]string{"gcr.io/foo/bar": "abcd"},
 		Steps: []*cloudbuild.BuildStep{
-			&cloudbuild.BuildStep{
+			{
 				Name:       "gcr.io/foo/bar",
 				Script:     "./bar",
 				Status:     "SUCCESS",
diff --git a/pkg/rebuild/rebuild/rebuildremote.go b/pkg/rebuild/rebuild/rebuildremote.go
index edddb9cb..8a3ecd50 100644
--- a/pkg/rebuild/rebuild/rebuildremote.go
+++ b/pkg/rebuild/rebuild/rebuildremote.go
@@ -91,23 +91,23 @@ func makeBuild(t Target, dockerfile, imageUploadPath, rebuildUploadPath string,
 		Options:        &cloudbuild.BuildOptions{Logging: "GCS_ONLY"},
 		ServiceAccount: opts.BuildServiceAccount,
 		Steps: []*cloudbuild.BuildStep{
-			&cloudbuild.BuildStep{
+			{
 				Name:   "gcr.io/cloud-builders/docker",
 				Script: "cat <<'EOS' | docker buildx build --tag=img -\n" + dockerfile + "\nEOS",
 			},
-			&cloudbuild.BuildStep{
+			{
 				Name: "gcr.io/cloud-builders/docker",
 				Args: []string{"run", "--name=container", "img"},
 			},
-			&cloudbuild.BuildStep{
+			{
 				Name: "gcr.io/cloud-builders/docker",
 				Args: []string{"cp", "container:" + path.Join("/out", t.Artifact), path.Join("/workspace", t.Artifact)},
 			},
-			&cloudbuild.BuildStep{
+			{
 				Name:   "gcr.io/cloud-builders/docker",
 				Script: "docker save img | gzip > /workspace/image.tgz",
 			},
-			&cloudbuild.BuildStep{
+			{
 				Name: "gcr.io/cloud-builders/gsutil",
 				Script: fmt.Sprintf(
 					"gsutil cp -P gs://%s/gsutil_writeonly . && ./gsutil_writeonly %s && ./gsutil_writeonly %s",
diff --git a/pkg/rebuild/rebuild/rebuildremote_test.go b/pkg/rebuild/rebuild/rebuildremote_test.go
index fadc6e77..7847da2a 100644
--- a/pkg/rebuild/rebuild/rebuildremote_test.go
+++ b/pkg/rebuild/rebuild/rebuildremote_test.go
@@ -180,7 +180,7 @@ func TestDoCloudBuild(t *testing.T) {
 			Id:     "build-id",
 			Status: "QUEUED",
 			Steps: []*cloudbuild.BuildStep{
-				&cloudbuild.BuildStep{Name: "gcr.io/foo/bar", Script: "./bar"},
+				{Name: "gcr.io/foo/bar", Script: "./bar"},
 			},
 		}
 		afterBuild := &cloudbuild.Build{
@@ -188,7 +188,7 @@ func TestDoCloudBuild(t *testing.T) {
 			Status:     "SUCCESS",
 			FinishTime: "2024-05-08T15:23:00Z",
 			Steps: []*cloudbuild.BuildStep{
-				&cloudbuild.BuildStep{Name: "gcr.io/foo/bar", Script: "./bar"},
+				{Name: "gcr.io/foo/bar", Script: "./bar"},
 			},
 			Results: &cloudbuild.Results{BuildStepImages: []string{"sha256:abcd"}},
 		}
@@ -241,23 +241,23 @@ func TestMakeBuild(t *testing.T) {
 			Options:        &cloudbuild.BuildOptions{Logging: "GCS_ONLY"},
 			ServiceAccount: "test-service-account",
 			Steps: []*cloudbuild.BuildStep{
-				&cloudbuild.BuildStep{
+				{
 					Name:   "gcr.io/cloud-builders/docker",
 					Script: "cat <<'EOS' | docker buildx build --tag=img -\nFROM alpine:3.19\nEOS",
 				},
-				&cloudbuild.BuildStep{
+				{
 					Name: "gcr.io/cloud-builders/docker",
 					Args: []string{"run", "--name=container", "img"},
 				},
-				&cloudbuild.BuildStep{
+				{
 					Name: "gcr.io/cloud-builders/docker",
 					Args: []string{"cp", "container:/out/pkg-version.tgz", "/workspace/pkg-version.tgz"},
 				},
-				&cloudbuild.BuildStep{
+				{
 					Name:   "gcr.io/cloud-builders/docker",
 					Script: "docker save img | gzip > /workspace/image.tgz",
 				},
-				&cloudbuild.BuildStep{
+				{
 					Name: "gcr.io/cloud-builders/gsutil",
 					Script: ("" +
 						"gsutil cp -P gs://test-bootstrap/gsutil_writeonly . && " +

From 6008490a043ec655abbe447f7e6d91da089e5530 Mon Sep 17 00:00:00 2001
From: William Burton <williamburton@google.com>
Date: Wed, 29 May 2024 11:41:48 -0400
Subject: [PATCH 5/7] Add goimports to github actions.

---
 .github/workflows/go.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index ed928c07..f19c5e6b 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -32,3 +32,6 @@ jobs:
 
     - name: Format
       run: '[ ! "$(gofmt -s -l .)" ]'
+
+    - name: Imports
+      run: '[ ! "$(go install golang.org/x/tools/cmd/goimports > /dev/null && goimports -l .)" ]'

From e0f793fb272ed8674a2a66cad743c59ef8e6a6f3 Mon Sep 17 00:00:00 2001
From: William Burton <williamburton@google.com>
Date: Wed, 29 May 2024 11:43:35 -0400
Subject: [PATCH 6/7] Use matrix to test on multiple go versions.

---
 .github/workflows/go.yml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index f19c5e6b..3c0d8136 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -13,13 +13,17 @@ jobs:
 
   build:
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        go-version: ['1.21', '1.22']
+
     steps:
     - uses: actions/checkout@v4
 
-    - name: Set up Go
+    - name: Set up Go ${{matrix.go-version}}
       uses: actions/setup-go@v4
       with:
-        go-version: '1.21'
+        go-version: ${{matrix.go-version}}
 
     - name: Build
       run: go build -v ./...

From dbab125ab1a714fcba963d28b07a42a18304c272 Mon Sep 17 00:00:00 2001
From: William Burton <williamburton@google.com>
Date: Wed, 29 May 2024 11:47:29 -0400
Subject: [PATCH 7/7] Use go run instead of go install.

---
 .github/workflows/go.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index 3c0d8136..3e5a4972 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -38,4 +38,4 @@ jobs:
       run: '[ ! "$(gofmt -s -l .)" ]'
 
     - name: Imports
-      run: '[ ! "$(go install golang.org/x/tools/cmd/goimports > /dev/null && goimports -l .)" ]'
+      run: '[ ! "$(go run golang.org/x/tools/cmd/goimports -l .)" ]'