Initial commit

Author: stbenjam

.github/workflows/go.yml

@@ -0,0 +1,25 @@
+name: Go
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: Set up Go
+      uses: actions/setup-go@v2
+      with:
+        go-version: 1.17
+
+    - name: All
+      run: make
+
+    - name: Test
+      run: make test

.github/workflows/golangci-lint.yml

@@ -0,0 +1,20 @@
+name: golangci-lint
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+permissions:
+  contents: read
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v2
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v2
+        with:
+          # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
+          version: latest

.gitignore

@@ -0,0 +1,3 @@
+noemptyhttpproxy.so
+noemptyhttpproxy
+

Dockerfile

@@ -0,0 +1,9 @@
+FROM docker.io/library/golang:1.18 as builder
+
+COPY / /noemptyhttpproxy
+WORKDIR /noemptyhttpproxy
+RUN CGO_ENABLED=0 make
+
+FROM docker.io/library/golang:1.18
+COPY --from=builder /noemptyhttpproxy/noemptyhttpproxy /usr/bin/
+CMD ["noemptyhttpproxy"]

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 Stephen Benjamin
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

Makefile

@@ -0,0 +1,17 @@
+all: noemptyhttpproxy.so noemptyhttpproxy
+.PHONY: lint test
+
+clean:
+	rm -f noemptyhttpproxy.so noemptyhttpproxy
+
+test:
+	go test ./...
+
+lint:
+	golangci-lint run ./...
+
+noemptyhttpproxy:
+	go build ./cmd/noemptyhttpproxy
+
+noemptyhttpproxy.so:
+	go build -buildmode=plugin ./plugin/noemptyhttpproxy.go

README.md

@@ -0,0 +1,28 @@
+# no-empty-http-proxy
+
+When creating an HTTP Client with a custom transport, it's common to leave Proxy unspecified like this:
+
+```go
+	c := http.Client{
+		Transport: &http.Transport{
+			TLSClientConfig: tlsConfig,
+		},
+	}
+```
+
+However, it's good practice to set Proxy to `http.ProxyFromEnvironment` like this:
+
+```go
+	c := http.Client{
+		Transport: &http.Transport{
+			TLSClientConfig: tlsConfig,
+			Proxy:           http.ProxyFromEnvironment,
+		},
+	}
+```
+
+Leaving Proxy setting blank will cause problems later when someone inevitably tries to use your software with the
+standard proxy environment variables set, and finds out it doesn't work.
+
+This linter forces a definition of the Proxy variable on an `http.Transport.` If you really absolutely do not want a
+proxy, explicitly set the field to `nil`.

cmd/noemptyhttpproxy/main.go

@@ -0,0 +1,11 @@
+package main
+
+import (
+	"golang.org/x/tools/go/analysis/singlechecker"
+
+	"github.com/stbenjam/no-empty-http-proxy/pkg/analyzer"
+)
+
+func main() {
+	singlechecker.Main(analyzer.Analyzer)
+}

go.mod

@@ -0,0 +1,5 @@
+module github.com/stbenjam/no-empty-http-proxy
+
+go 1.16
+
+require golang.org/x/tools v0.1.10

go.sum

@@ -0,0 +1,29 @@
+github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3 h1:kQgndtyPBW/JIYERgdxfwMYh3AVStj88WQTlNDi2a+o=
+golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211019181941-9d821ace8654 h1:id054HUawV2/6IGm2IV8KZQjqtwAOo2CYlOToYqa0d0=
+golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.1.10 h1:QjFRCZxdOhBJ/UNgnBZLbNV13DlbnK0quyivTnXJM20=
+golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

pkg/analyzer/analyzer.go

@@ -0,0 +1,53 @@
+package analyzer
+
+import (
+	"go/ast"
+
+	"golang.org/x/tools/go/analysis/passes/inspect"
+	"golang.org/x/tools/go/ast/inspector"
+
+	"golang.org/x/tools/go/analysis"
+)
+
+var Analyzer = &analysis.Analyzer{
+	Name:     "noemptyhttpproxy",
+	Doc:      "Checks for lack of Proxy setting on HTTP Transport",
+	Run:      run,
+	Requires: []*analysis.Analyzer{inspect.Analyzer},
+}
+
+func run(pass *analysis.Pass) (interface{}, error) {
+	inspector := pass.ResultOf[inspect.Analyzer].(*inspector.Inspector)
+	nodeFilter := []ast.Node{
+		(*ast.CompositeLit)(nil),
+	}
+
+	inspector.Preorder(nodeFilter, func(node ast.Node) {
+		compLit := node.(*ast.CompositeLit)
+
+		if sel, ok := compLit.Type.(*ast.SelectorExpr); ok {
+			gopkg, ok := sel.X.(*ast.Ident)
+			if !ok {
+				return
+			}
+
+			if sel.Sel.Name == "Transport" && gopkg.Name == "http" {
+				foundProxy := false
+				for _, element := range compLit.Elts {
+					if kvExpr, ok := element.(*ast.KeyValueExpr); ok {
+						if ident, ok := kvExpr.Key.(*ast.Ident); ok && ident.Name == "Proxy" {
+							foundProxy = true
+						}
+					}
+				}
+
+				if !foundProxy {
+					pass.Reportf(node.Pos(), "http.Transport should set Proxy; http.ProxyFromEnvironment is typical, but you may explicitly set to nil")
+				}
+			}
+		}
+
+	})
+
+	return nil, nil
+}

pkg/analyzer/analyzer_test.go

@@ -0,0 +1,19 @@
+package analyzer
+
+import (
+	"os"
+	"path/filepath"
+	"testing"
+
+	"golang.org/x/tools/go/analysis/analysistest"
+)
+
+func TestAll(t *testing.T) {
+	wd, err := os.Getwd()
+	if err != nil {
+		t.Fatalf("Failed to get wd: %s", err)
+	}
+
+	testdata := filepath.Join(filepath.Dir(filepath.Dir(wd)), "testdata")
+	analysistest.Run(t, testdata, Analyzer, "p")
+}

plugin/noemptyhttpproxy.go

@@ -0,0 +1,18 @@
+package main
+
+import (
+	"golang.org/x/tools/go/analysis"
+
+	"github.com/stbenjam/no-empty-http-proxy/pkg/analyzer"
+)
+
+type analyzerPlugin struct{}
+
+func (*analyzerPlugin) GetAnalyzers() []*analysis.Analyzer {
+	return []*analysis.Analyzer{
+		analyzer.Analyzer,
+	}
+}
+
+// This must be defined and named 'AnalyzerPlugin'
+var AnalyzerPlugin analyzerPlugin //nolint

testdata/src/p/p.go

@@ -0,0 +1,30 @@
+package p
+
+import (
+	"net/http"
+	"net/url"
+)
+
+func _() {
+	_ = http.Client{
+		Transport: &http.Transport{}, // want "http.Transport should set Proxy"
+	}
+
+	_ = http.Transport{} // want "http.Transport should set Proxy"
+
+	_ = http.Client{
+		Transport: &http.Transport{
+			Proxy: http.ProxyFromEnvironment,
+		},
+	}
+
+	_ = http.Transport{
+		Proxy: func(*http.Request) (*url.URL, error) {
+			return nil, nil
+		},
+	}
+
+	_ = http.Transport{
+		Proxy: nil,
+	}
+}