Merge pull request #13972 from Luap99/staticcheck

enable staticcheck linter

.golangci.yml

@@ -32,7 +32,6 @@ linters:
     - predeclared
     - thelper
     - ifshort
-    - staticcheck
     - forbidigo
     - exhaustive
     - unparam

Makefile

@@ -877,7 +877,7 @@ install.tools: .install.goimports .install.gitvalidation .install.md2man .instal
 
 .PHONY: .install.golangci-lint
 .install.golangci-lint: .gopathok
-	VERSION=1.45.0 GOBIN=$(GOBIN) ./hack/install_golangci.sh
+	VERSION=1.45.2 GOBIN=$(GOBIN) ./hack/install_golangci.sh
 
 .PHONY: .install.bats
 .install.bats: .gopathok

cmd/podman/containers/create.go

@@ -286,8 +286,6 @@ func CreateInit(c *cobra.Command, vals entities.ContainerCreateOptions, isInfra
 	if !isInfra && c.Flag("entrypoint").Changed {
 		val := c.Flag("entrypoint").Value.String()
 		vals.Entrypoint = &val
-	} else if isInfra && c.Flag("infra-command").Changed {
-
 	}
 
 	// Docker-compatibility: the "-h" flag for run/create is reserved for
@@ -297,7 +295,7 @@ func CreateInit(c *cobra.Command, vals entities.ContainerCreateOptions, isInfra
 }
 
 func PullImage(imageName string, cliVals entities.ContainerCreateOptions) (string, error) {
-	pullPolicy, err := config.ValidatePullPolicy(cliVals.Pull)
+	pullPolicy, err := config.ParsePullPolicy(cliVals.Pull)
 	if err != nil {
 		return "", err
 	}
@@ -383,7 +381,7 @@ func createPodIfNecessary(cmd *cobra.Command, s *specgen.SpecGenerator, netOpts
 	podSpec := entities.PodSpec{}
 	podGen := specgen.NewPodSpecGenerator()
 	podSpec.PodSpecGen = *podGen
-	podGen, err = entities.ToPodSpecGen(*&podSpec.PodSpecGen, &createOptions)
+	podGen, err = entities.ToPodSpecGen(podSpec.PodSpecGen, &createOptions)
 	if err != nil {
 		return nil, err
 	}

cmd/podman/containers/export.go

@@ -11,7 +11,7 @@ import (
 	"github.com/containers/podman/v4/pkg/domain/entities"
 	"github.com/pkg/errors"
 	"github.com/spf13/cobra"
-	"golang.org/x/crypto/ssh/terminal"
+	"golang.org/x/term"
 )
 
 var (
@@ -69,7 +69,7 @@ func init() {
 func export(cmd *cobra.Command, args []string) error {
 	if len(exportOpts.Output) == 0 {
 		file := os.Stdout
-		if terminal.IsTerminal(int(file.Fd())) {
+		if term.IsTerminal(int(file.Fd())) {
 			return errors.Errorf("refusing to export to terminal. Use -o flag or redirect")
 		}
 		exportOpts.Output = "/dev/stdout"

cmd/podman/containers/run.go

@@ -18,7 +18,7 @@ import (
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
-	"golang.org/x/crypto/ssh/terminal"
+	"golang.org/x/term"
 )
 
 var (
@@ -112,7 +112,7 @@ func run(cmd *cobra.Command, args []string) error {
 	var err error
 
 	// TODO: Breaking change should be made fatal in next major Release
-	if cliVals.TTY && cliVals.Interactive && !terminal.IsTerminal(int(os.Stdin.Fd())) {
+	if cliVals.TTY && cliVals.Interactive && !term.IsTerminal(int(os.Stdin.Fd())) {
 		logrus.Warnf("The input device is not a TTY. The --tty and --interactive flags might not work properly")
 	}
 

cmd/podman/images/load.go

@@ -16,7 +16,7 @@ import (
 	"github.com/containers/podman/v4/pkg/util"
 	"github.com/pkg/errors"
 	"github.com/spf13/cobra"
-	"golang.org/x/crypto/ssh/terminal"
+	"golang.org/x/term"
 )
 
 var (
@@ -90,7 +90,7 @@ func load(cmd *cobra.Command, args []string) error {
 			return err
 		}
 	} else {
-		if terminal.IsTerminal(int(os.Stdin.Fd())) {
+		if term.IsTerminal(int(os.Stdin.Fd())) {
 			return errors.Errorf("cannot read from terminal. Use command-line redirection or the --input flag.")
 		}
 		outFile, err := ioutil.TempFile(util.Tmpdir(), "podman")

cmd/podman/images/save.go

@@ -14,7 +14,7 @@ import (
 	"github.com/containers/podman/v4/pkg/util"
 	"github.com/pkg/errors"
 	"github.com/spf13/cobra"
-	"golang.org/x/crypto/ssh/terminal"
+	"golang.org/x/term"
 )
 
 var (
@@ -109,7 +109,7 @@ func save(cmd *cobra.Command, args []string) (finalErr error) {
 	if len(saveOpts.Output) == 0 {
 		saveOpts.Quiet = true
 		fi := os.Stdout
-		if terminal.IsTerminal(int(fi.Fd())) {
+		if term.IsTerminal(int(fi.Fd())) {
 			return errors.Errorf("refusing to save to terminal. Use -o flag or redirect")
 		}
 		pipePath, cleanup, err := setupPipe()

cmd/podman/volumes/unmount.go

@@ -37,7 +37,6 @@ func volumeUnmount(cmd *cobra.Command, args []string) error {
 		return err
 	}
 	for _, r := range reports {
-		var errs utils.OutputErrors
 		if r.Err == nil {
 			fmt.Println(r.Id)
 		} else {

go.mod

@@ -68,6 +68,7 @@ require (
 	golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4
 	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
 	golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8
+	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
 	golang.org/x/text v0.3.7
 	google.golang.org/protobuf v1.28.0
 	gopkg.in/inf.v0 v0.9.1

libpod/container_inspect.go

@@ -845,7 +845,7 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named
 	// Do not include if privileged - assumed that all devices will be
 	// included.
 	var err error
-	hostConfig.Devices, err = c.GetDevices(*&hostConfig.Privileged, *ctrSpec, deviceNodes)
+	hostConfig.Devices, err = c.GetDevices(hostConfig.Privileged, *ctrSpec, deviceNodes)
 	if err != nil {
 		return nil, err
 	}

libpod/container_internal_linux.go

@@ -399,6 +399,9 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
 		}
 	}
 
+	// NewFromSpec() is deprecated according to its comment
+	// however the recommended replace just causes a nil map panic
+	//nolint:staticcheck
 	g := generate.NewFromSpec(c.config.Spec)
 
 	// If network namespace was requested, add it now
@@ -1520,6 +1523,10 @@ func (c *Container) checkpoint(ctx context.Context, options ContainerCheckpointO
 
 func (c *Container) generateContainerSpec() error {
 	// Make sure the newly created config.json exists on disk
+
+	// NewFromSpec() is deprecated according to its comment
+	// however the recommended replace just causes a nil map panic
+	//nolint:staticcheck
 	g := generate.NewFromSpec(c.config.Spec)
 
 	if err := c.saveSpec(g.Config); err != nil {

libpod/healthcheck_linux.go

@@ -56,7 +56,7 @@ func (c *Container) startTimer() error {
 		return errors.Wrapf(err, "unable to get systemd connection to start healthchecks")
 	}
 	defer conn.Close()
-	_, err = conn.StartUnit(fmt.Sprintf("%s.service", c.ID()), "fail", nil)
+	_, err = conn.StartUnitContext(context.Background(), fmt.Sprintf("%s.service", c.ID()), "fail", nil)
 	return err
 }
 

libpod/options.go

@@ -936,6 +936,9 @@ func WithUserNSFrom(nsCtr *Container) CtrCreateOption {
 		if err := JSONDeepCopy(nsCtr.IDMappings(), &ctr.config.IDMappings); err != nil {
 			return err
 		}
+		// NewFromSpec() is deprecated according to its comment
+		// however the recommended replace just causes a nil map panic
+		//nolint:staticcheck
 		g := generate.NewFromSpec(ctr.config.Spec)
 
 		g.ClearLinuxUIDMappings()

libpod/runtime_ctr.go

@@ -397,6 +397,10 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai
 	if ctr.restoreFromCheckpoint {
 		// Remove information about bind mount
 		// for new container from imported checkpoint
+
+		// NewFromSpec() is deprecated according to its comment
+		// however the recommended replace just causes a nil map panic
+		//nolint:staticcheck
 		g := generate.NewFromSpec(ctr.config.Spec)
 		g.RemoveMount("/dev/shm")
 		ctr.config.ShmDir = ""

pkg/api/handlers/libpod/manifests.go

@@ -100,10 +100,10 @@ func ManifestCreate(w http.ResponseWriter, r *http.Request) {
 	// gather all images for manifest list
 	var images []string
 	if len(query.Images) > 0 {
-		images = append(query.Images)
+		images = query.Images
 	}
 	if len(body.Images) > 0 {
-		images = append(body.Images)
+		images = body.Images
 	}
 
 	id, err := imageEngine.ManifestAdd(r.Context(), query.Name, images, body.ManifestAddOptions)
@@ -153,10 +153,10 @@ func ManifestInspect(w http.ResponseWriter, r *http.Request) {
 	utils.WriteResponse(w, http.StatusOK, schema2List)
 }
 
-// ManifestAdd remove digest from manifest list
+// ManifestAddV3 remove digest from manifest list
 //
-// Deprecated: As of 4.0.0 use ManifestModify instead
-func ManifestAdd(w http.ResponseWriter, r *http.Request) {
+// As of 4.0.0 use ManifestModify instead
+func ManifestAddV3(w http.ResponseWriter, r *http.Request) {
 	runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime)
 
 	// Wrapper to support 3.x with 4.x libpod
@@ -206,10 +206,10 @@ func ManifestAdd(w http.ResponseWriter, r *http.Request) {
 	utils.WriteResponse(w, http.StatusOK, handlers.IDResponse{ID: newID})
 }
 
-// ManifestRemoveDigest remove digest from manifest list
+// ManifestRemoveDigestV3 remove digest from manifest list
 //
-// Deprecated: As of 4.0.0 use ManifestModify instead
-func ManifestRemoveDigest(w http.ResponseWriter, r *http.Request) {
+// As of 4.0.0 use ManifestModify instead
+func ManifestRemoveDigestV3(w http.ResponseWriter, r *http.Request) {
 	runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime)
 	decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder)
 	query := struct {
@@ -242,7 +242,7 @@ func ManifestRemoveDigest(w http.ResponseWriter, r *http.Request) {
 
 // ManifestPushV3 push image to registry
 //
-// Deprecated: As of 4.0.0 use ManifestPush instead
+// As of 4.0.0 use ManifestPush instead
 func ManifestPushV3(w http.ResponseWriter, r *http.Request) {
 	runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime)
 	decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder)

pkg/api/server/register_manifest.go

@@ -167,7 +167,7 @@ func (s *APIServer) registerManifestHandlers(r *mux.Router) error {
 	//     $ref: "#/responses/BadParamError"
 	//   500:
 	//     $ref: "#/responses/InternalError"
-	v3.Handle("/{name:.*}/add", s.APIHandler(libpod.ManifestAdd)).Methods(http.MethodPost)
+	v3.Handle("/{name:.*}/add", s.APIHandler(libpod.ManifestAddV3)).Methods(http.MethodPost)
 	// swagger:operation DELETE /libpod/manifests/{name} manifests ManifestDeleteV3Libpod
 	// ---
 	// summary: Remove image from a manifest list
@@ -197,7 +197,7 @@ func (s *APIServer) registerManifestHandlers(r *mux.Router) error {
 	//     $ref: "#/responses/NoSuchManifest"
 	//   500:
 	//     $ref: "#/responses/InternalError"
-	v3.Handle("/{name:.*}", s.APIHandler(libpod.ManifestRemoveDigest)).Methods(http.MethodDelete)
+	v3.Handle("/{name:.*}", s.APIHandler(libpod.ManifestRemoveDigestV3)).Methods(http.MethodDelete)
 	// swagger:operation DELETE /libpod/manifests/{name} manifests ManifestDeleteLibpod
 	// ---
 	// summary: Delete manifest list

pkg/bindings/containers/attach.go

@@ -20,7 +20,7 @@ import (
 	"github.com/moby/term"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
-	"golang.org/x/crypto/ssh/terminal"
+	terminal "golang.org/x/term"
 )
 
 // The CloseWriter interface is used to determine whether we can do a  one-sided

pkg/bindings/containers/term_unix.go

@@ -9,11 +9,11 @@ import (
 	"os/signal"
 
 	sig "github.com/containers/podman/v4/pkg/signal"
-	"golang.org/x/crypto/ssh/terminal"
+	"golang.org/x/term"
 )
 
-func makeRawTerm(stdin *os.File) (*terminal.State, error) {
-	return terminal.MakeRaw(int(stdin.Fd()))
+func makeRawTerm(stdin *os.File) (*term.State, error) {
+	return term.MakeRaw(int(stdin.Fd()))
 }
 
 func notifyWinChange(ctx context.Context, winChange chan os.Signal, stdin *os.File, stdout *os.File) {
@@ -21,5 +21,5 @@ func notifyWinChange(ctx context.Context, winChange chan os.Signal, stdin *os.Fi
 }
 
 func getTermSize(stdin *os.File, stdout *os.File) (width, height int, err error) {
-	return terminal.GetSize(int(stdin.Fd()))
+	return term.GetSize(int(stdin.Fd()))
 }

pkg/bindings/containers/term_windows.go

@@ -6,12 +6,12 @@ import (
 	"time"
 
 	sig "github.com/containers/podman/v4/pkg/signal"
-	"golang.org/x/crypto/ssh/terminal"
 	"golang.org/x/sys/windows"
+	"golang.org/x/term"
 )
 
-func makeRawTerm(stdin *os.File) (*terminal.State, error) {
-	state, err := terminal.MakeRaw(int(stdin.Fd()))
+func makeRawTerm(stdin *os.File) (*term.State, error) {
+	state, err := term.MakeRaw(int(stdin.Fd()))
 	if err != nil {
 		return nil, err
 	}
@@ -51,7 +51,7 @@ func notifyWinChange(ctx context.Context, winChange chan os.Signal, stdin *os.Fi
 				break
 			}
 
-			w, h, err := terminal.GetSize(int(stdout.Fd()))
+			w, h, err := term.GetSize(int(stdout.Fd()))
 			if err != nil {
 				continue
 			}
@@ -65,5 +65,5 @@ func notifyWinChange(ctx context.Context, winChange chan os.Signal, stdin *os.Fi
 }
 
 func getTermSize(stdin *os.File, stdout *os.File) (width, height int, err error) {
-	return terminal.GetSize(int(stdout.Fd()))
+	return term.GetSize(int(stdout.Fd()))
 }

pkg/bindings/test/images_test.go

@@ -103,7 +103,7 @@ var _ = Describe("Podman images", func() {
 		Expect(len(errs)).To(BeZero())
 
 		Expect(inspectData.ID).To(Equal(response.Deleted[0]))
-		inspectData, err = images.GetImage(bt.conn, busybox.shortName, nil)
+		_, err = images.GetImage(bt.conn, busybox.shortName, nil)
 		code, _ := bindings.CheckResponseCode(err)
 		Expect(code).To(BeNumerically("==", http.StatusNotFound))
 
@@ -118,7 +118,7 @@ var _ = Describe("Podman images", func() {
 
 		// try to remove the image "alpine". This should fail since we are not force
 		// deleting hence image cannot be deleted until the container is deleted.
-		response, errs = images.Remove(bt.conn, []string{alpine.shortName}, nil)
+		_, errs = images.Remove(bt.conn, []string{alpine.shortName}, nil)
 		code, _ = bindings.CheckResponseCode(errs[0])
 		// FIXME FIXME FIXME: #12441: another invalid error
 		// FIXME FIXME FIXME: this time msg="Image used by SHA: ..."
@@ -126,7 +126,7 @@ var _ = Describe("Podman images", func() {
 
 		// Removing the image "alpine" where force = true
 		options := new(images.RemoveOptions).WithForce(true)
-		response, errs = images.Remove(bt.conn, []string{alpine.shortName}, options)
+		_, errs = images.Remove(bt.conn, []string{alpine.shortName}, options)
 		Expect(errs).To(Or(HaveLen(0), BeNil()))
 		// To be extra sure, check if the previously created container
 		// is gone as well.
@@ -135,11 +135,11 @@ var _ = Describe("Podman images", func() {
 		Expect(code).To(BeNumerically("==", http.StatusNotFound))
 
 		// Now make sure both images are gone.
-		inspectData, err = images.GetImage(bt.conn, busybox.shortName, nil)
+		_, err = images.GetImage(bt.conn, busybox.shortName, nil)
 		code, _ = bindings.CheckResponseCode(err)
 		Expect(code).To(BeNumerically("==", http.StatusNotFound))
 
-		inspectData, err = images.GetImage(bt.conn, alpine.shortName, nil)
+		_, err = images.GetImage(bt.conn, alpine.shortName, nil)
 		code, _ = bindings.CheckResponseCode(err)
 		Expect(code).To(BeNumerically("==", http.StatusNotFound))
 	})
@@ -230,8 +230,8 @@ var _ = Describe("Podman images", func() {
 		Expect(err).ToNot(HaveOccurred())
 		Expect(exists).To(BeFalse())
 		f, err := os.Open(filepath.Join(ImageCacheDir, alpine.tarballName))
-		defer f.Close()
 		Expect(err).ToNot(HaveOccurred())
+		defer f.Close()
 		names, err := images.Load(bt.conn, f)
 		Expect(err).ToNot(HaveOccurred())
 		Expect(names.Names[0]).To(Equal(alpine.name))
@@ -252,8 +252,6 @@ var _ = Describe("Podman images", func() {
 		Expect(names.Names[0]).To(Equal(alpine.name))
 
 		// load with a bad repo name should trigger a 500
-		f, err = os.Open(filepath.Join(ImageCacheDir, alpine.tarballName))
-		Expect(err).ToNot(HaveOccurred())
 		_, errs = images.Remove(bt.conn, []string{alpine.name}, nil)
 		Expect(len(errs)).To(BeZero())
 		exists, err = images.Exists(bt.conn, alpine.name, nil)
@@ -265,8 +263,8 @@ var _ = Describe("Podman images", func() {
 		// Export an image
 		exportPath := filepath.Join(bt.tempDirPath, alpine.tarballName)
 		w, err := os.Create(filepath.Join(bt.tempDirPath, alpine.tarballName))
-		defer w.Close()
 		Expect(err).ToNot(HaveOccurred())
+		defer w.Close()
 		err = images.Export(bt.conn, []string{alpine.name}, w, nil)
 		Expect(err).ToNot(HaveOccurred())
 		_, err = os.Stat(exportPath)
@@ -283,8 +281,8 @@ var _ = Describe("Podman images", func() {
 		Expect(err).ToNot(HaveOccurred())
 		Expect(exists).To(BeFalse())
 		f, err := os.Open(filepath.Join(ImageCacheDir, alpine.tarballName))
-		defer f.Close()
 		Expect(err).ToNot(HaveOccurred())
+		defer f.Close()
 		changes := []string{"CMD /bin/foobar"}
 		testMessage := "test_import"
 		options := new(images.ImportOptions).WithMessage(testMessage).WithChanges(changes).WithReference(alpine.name)

pkg/bindings/test/secrets_test.go

@@ -64,7 +64,7 @@ var _ = Describe("Podman secrets", func() {
 		Expect(data.Spec.Name).To(Equal(name))
 
 		// inspecting non-existent secret should fail
-		data, err = secrets.Inspect(connText, "notasecret", nil)
+		_, err = secrets.Inspect(connText, "notasecret", nil)
 		code, _ := bindings.CheckResponseCode(err)
 		Expect(code).To(BeNumerically("==", http.StatusNotFound))
 	})

pkg/domain/infra/abi/terminal/terminal_linux.go

@@ -10,13 +10,13 @@ import (
 	"github.com/containers/podman/v4/libpod/define"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
-	"golang.org/x/crypto/ssh/terminal"
+	"golang.org/x/term"
 )
 
 // ExecAttachCtr execs and attaches to a container
 func ExecAttachCtr(ctx context.Context, ctr *libpod.Container, execConfig *libpod.ExecConfig, streams *define.AttachStreams) (int, error) {
 	var resize chan define.TerminalSize
-	haveTerminal := terminal.IsTerminal(int(os.Stdin.Fd()))
+	haveTerminal := term.IsTerminal(int(os.Stdin.Fd()))
 
 	// Check if we are attached to a terminal. If we are, generate resize
 	// events, and set the terminal to raw mode
@@ -42,7 +42,7 @@ func ExecAttachCtr(ctx context.Context, ctr *libpod.Container, execConfig *libpo
 func StartAttachCtr(ctx context.Context, ctr *libpod.Container, stdout, stderr, stdin *os.File, detachKeys string, sigProxy bool, startContainer bool) error { //nolint: interfacer
 	resize := make(chan define.TerminalSize)
 
-	haveTerminal := terminal.IsTerminal(int(os.Stdin.Fd()))
+	haveTerminal := term.IsTerminal(int(os.Stdin.Fd()))
 
 	// Check if we are attached to a terminal. If we are, generate resize
 	// events, and set the terminal to raw mode

pkg/domain/infra/tunnel/pods.go

@@ -42,14 +42,14 @@ func (ic *ContainerEngine) PodKill(ctx context.Context, namesOrIds []string, opt
 	return reports, nil
 }
 
-func (ic *ContainerEngine) PodLogs(_ context.Context, nameOrIDs string, options entities.PodLogsOptions) error {
+func (ic *ContainerEngine) PodLogs(ctx context.Context, nameOrIDs string, options entities.PodLogsOptions) error {
 	// PodLogsOptions are similar but contains few extra fields like ctrName
 	// So cast other values as is so we can re-use the code
 	containerLogsOpts := entities.PodLogsOptionsToContainerLogsOptions(options)
 
 	// interface only accepts slice, keep everything consistent
 	name := []string{options.ContainerName}
-	return ic.ContainerLogs(nil, name, containerLogsOpts)
+	return ic.ContainerLogs(ctx, name, containerLogsOpts)
 }
 
 func (ic *ContainerEngine) PodPause(ctx context.Context, namesOrIds []string, options entities.PodPauseOptions) ([]*entities.PodPauseReport, error) {

pkg/machine/fcos.go

@@ -139,7 +139,7 @@ func getStreamURL(streamType string) url2.URL {
 
 // This should get Exported and stay put as it will apply to all fcos downloads
 // getFCOS parses fedoraCoreOS's stream and returns the image download URL and the release version
-func getFCOSDownload(imageStream string) (*fcosDownloadInfo, error) {
+func getFCOSDownload(imageStream string) (*fcosDownloadInfo, error) { // nolint:staticcheck
 	var (
 		fcosstable stream.Stream
 		altMeta    release.Release
@@ -149,6 +149,8 @@ func getFCOSDownload(imageStream string) (*fcosDownloadInfo, error) {
 	// This is being hard set to testing. Once podman4 is in the
 	// fcos trees, we should remove it and re-release at least on
 	// macs.
+	// TODO: remove when podman4.0 is in coreos
+	// nolint:staticcheck
 	imageStream = "podman-testing"
 
 	switch imageStream {

pkg/specgen/generate/kube/kube.go

@@ -82,7 +82,7 @@ func ToPodOpt(ctx context.Context, podName string, p entities.PodCreateOptions,
 		}
 		// dns options
 		if options := dnsConfig.Options; len(options) > 0 {
-			dnsOptions := make([]string, 0)
+			dnsOptions := make([]string, 0, len(options))
 			for _, opts := range options {
 				d := opts.Name
 				if opts.Value != nil {
@@ -90,6 +90,7 @@ func ToPodOpt(ctx context.Context, podName string, p entities.PodCreateOptions,
 				}
 				dnsOptions = append(dnsOptions, d)
 			}
+			p.Net.DNSOptions = dnsOptions
 		}
 	}
 	return p, nil
@@ -281,9 +282,6 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener
 		annotations = opts.Annotations
 	}
 	if opts.PodInfraID != "" {
-		if annotations == nil {
-
-		}
 		annotations[ann.SandboxID] = opts.PodInfraID
 		annotations[ann.ContainerType] = ann.ContainerTypeContainer
 	}

pkg/systemd/dbus.go

@@ -1,6 +1,7 @@
 package systemd
 
 import (
+	"context"
 	"fmt"
 	"os"
 	"path/filepath"
@@ -140,5 +141,5 @@ func ConnectToDBUS() (*dbus.Conn, error) {
 	if rootless.IsRootless() {
 		return newRootlessConnection()
 	}
-	return dbus.NewSystemdConnection()
+	return dbus.NewSystemdConnectionContext(context.Background())
 }

pkg/terminal/util.go

@@ -14,7 +14,7 @@ import (
 	"github.com/sirupsen/logrus"
 	"golang.org/x/crypto/ssh"
 	"golang.org/x/crypto/ssh/knownhosts"
-	"golang.org/x/crypto/ssh/terminal"
+	"golang.org/x/term"
 )
 
 var (
@@ -29,9 +29,9 @@ var (
 // Additionally, all input after `<secret>/n` is queued to podman command.
 func ReadPassword(prompt string) (pw []byte, err error) {
 	fd := int(os.Stdin.Fd())
-	if terminal.IsTerminal(fd) {
+	if term.IsTerminal(fd) {
 		fmt.Fprint(os.Stderr, prompt)
-		pw, err = terminal.ReadPassword(fd)
+		pw, err = term.ReadPassword(fd)
 		fmt.Fprintln(os.Stderr)
 		return
 	}

pkg/util/utils.go

@@ -28,7 +28,7 @@ import (
 	"github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
-	"golang.org/x/crypto/ssh/terminal"
+	"golang.org/x/term"
 )
 
 var containerConfig *config.Config
@@ -65,7 +65,7 @@ func ParseRegistryCreds(creds string) (*types.DockerAuthConfig, error) {
 	}
 	if password == "" {
 		fmt.Print("Password: ")
-		termPassword, err := terminal.ReadPassword(0)
+		termPassword, err := term.ReadPassword(0)
 		if err != nil {
 			return nil, errors.Wrapf(err, "could not read password from terminal")
 		}

test/e2e/checkpoint_test.go

@@ -1061,7 +1061,7 @@ var _ = Describe("Podman checkpoint", func() {
 
 		// Open a network connection to the redis server via initial port mapping
 		// This should fail
-		conn, err = net.DialTimeout("tcp4", fmt.Sprintf("localhost:%d", randomPort), time.Duration(3)*time.Second)
+		_, err = net.DialTimeout("tcp4", fmt.Sprintf("localhost:%d", randomPort), time.Duration(3)*time.Second)
 		Expect(err).ToNot(BeNil())
 		Expect(err.Error()).To(ContainSubstring("connection refused"))
 		// Open a network connection to the redis server via new port mapping

test/e2e/common_test.go

@@ -880,11 +880,11 @@ func (p *PodmanTestIntegration) makeOptions(args []string, noEvents, noCache boo
 
 func writeConf(conf []byte, confPath string) {
 	if _, err := os.Stat(filepath.Dir(confPath)); os.IsNotExist(err) {
-		if err := os.MkdirAll(filepath.Dir(confPath), 777); err != nil {
+		if err := os.MkdirAll(filepath.Dir(confPath), 0o777); err != nil {
 			fmt.Println(err)
 		}
 	}
-	if err := ioutil.WriteFile(confPath, conf, 777); err != nil {
+	if err := ioutil.WriteFile(confPath, conf, 0o777); err != nil {
 		fmt.Println(err)
 	}
 }

test/e2e/login_logout_test.go

@@ -188,6 +188,8 @@ var _ = Describe("Podman login and logout", func() {
 		Expect(session).To(ExitWithError())
 
 		session = podmanTest.Podman([]string{"logout", "--authfile", authFile, server})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(Exit(0))
 	})
 
 	It("podman login and logout with --tls-verify", func() {

test/e2e/push_test.go

@@ -220,6 +220,7 @@ var _ = Describe("Podman push", func() {
 
 		if setup.LineInOutputContains("Active: inactive") {
 			setup = SystemExec("systemctl", []string{"start", "docker"})
+			Expect(setup).Should(Exit(0))
 			defer func() {
 				stop := SystemExec("systemctl", []string{"stop", "docker"})
 				Expect(stop).Should(Exit(0))

test/e2e/systemd_activate_test.go

@@ -97,7 +97,7 @@ var _ = Describe("Systemd activate", func() {
 
 		// Emulate 'systemd stop podman.service'
 		activateSession.Signal(syscall.SIGTERM)
-		time.Sleep(2)
+		time.Sleep(100 * time.Millisecond)
 		Eventually(activateSession).Should(Exit(0))
 
 		abiSession := podman("inspect", "--format={{.State.Running}}", containerName)

test/utils/common_function_test.go

@@ -110,9 +110,8 @@ var _ = Describe("Common functions test", func() {
 		Expect(err).To(BeNil(), "Failed to write JSON to file.")
 
 		read, err := os.Open("/tmp/testJSON")
-		defer read.Close()
-
 		Expect(err).To(BeNil(), "Can not find the JSON file after we write it.")
+		defer read.Close()
 
 		bytes, _ := ioutil.ReadAll(read)
 		json.Unmarshal(bytes, compareData)

test/utils/utils.go

@@ -439,10 +439,10 @@ func tagOutputToMap(imagesOutput []string) map[string]map[string]bool {
 // GetHostDistributionInfo returns a struct with its distribution Name and version
 func GetHostDistributionInfo() HostOS {
 	f, err := os.Open(OSReleasePath)
-	defer f.Close()
 	if err != nil {
 		return HostOS{}
 	}
+	defer f.Close()
 
 	l := bufio.NewScanner(f)
 	host := HostOS{}

test/version/main.go

@@ -7,5 +7,5 @@ import (
 )
 
 func main() {
-	fmt.Printf(version.Version.String())
+	fmt.Print(version.Version.String())
 }

utils/utils_supported.go

@@ -6,6 +6,7 @@ package utils
 import (
 	"bufio"
 	"bytes"
+	"context"
 	"fmt"
 	"io/ioutil"
 	"os"
@@ -32,7 +33,7 @@ func RunUnderSystemdScope(pid int, slice string, unitName string) error {
 			return err
 		}
 	} else {
-		conn, err = systemdDbus.New()
+		conn, err = systemdDbus.NewWithContext(context.Background())
 		if err != nil {
 			return err
 		}
@@ -43,10 +44,10 @@ func RunUnderSystemdScope(pid int, slice string, unitName string) error {
 	properties = append(properties, newProp("Delegate", true))
 	properties = append(properties, newProp("DefaultDependencies", false))
 	ch := make(chan string)
-	_, err = conn.StartTransientUnit(unitName, "replace", properties, ch)
+	_, err = conn.StartTransientUnitContext(context.Background(), unitName, "replace", properties, ch)
 	if err != nil {
 		// On errors check if the cgroup already exists, if it does move the process there
-		if props, err := conn.GetUnitTypeProperties(unitName, "Scope"); err == nil {
+		if props, err := conn.GetUnitTypePropertiesContext(context.Background(), unitName, "Scope"); err == nil {
 			if cgroup, ok := props["ControlGroup"].(string); ok && cgroup != "" {
 				if err := moveUnderCgroup(cgroup, "", []uint32{uint32(pid)}); err == nil {
 					return nil

vendor/golang.org/x/crypto/ssh/terminal/terminal.go

@@ -1,76 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package terminal provides support functions for dealing with terminals, as
-// commonly found on UNIX systems.
-//
-// Deprecated: this package moved to golang.org/x/term.
-package terminal
-
-import (
-	"io"
-
-	"golang.org/x/term"
-)
-
-// EscapeCodes contains escape sequences that can be written to the terminal in
-// order to achieve different styles of text.
-type EscapeCodes = term.EscapeCodes
-
-// Terminal contains the state for running a VT100 terminal that is capable of
-// reading lines of input.
-type Terminal = term.Terminal
-
-// NewTerminal runs a VT100 terminal on the given ReadWriter. If the ReadWriter is
-// a local terminal, that terminal must first have been put into raw mode.
-// prompt is a string that is written at the start of each input line (i.e.
-// "> ").
-func NewTerminal(c io.ReadWriter, prompt string) *Terminal {
-	return term.NewTerminal(c, prompt)
-}
-
-// ErrPasteIndicator may be returned from ReadLine as the error, in addition
-// to valid line data. It indicates that bracketed paste mode is enabled and
-// that the returned line consists only of pasted data. Programs may wish to
-// interpret pasted data more literally than typed data.
-var ErrPasteIndicator = term.ErrPasteIndicator
-
-// State contains the state of a terminal.
-type State = term.State
-
-// IsTerminal returns whether the given file descriptor is a terminal.
-func IsTerminal(fd int) bool {
-	return term.IsTerminal(fd)
-}
-
-// ReadPassword reads a line of input from a terminal without local echo.  This
-// is commonly used for inputting passwords and other sensitive data. The slice
-// returned does not include the \n.
-func ReadPassword(fd int) ([]byte, error) {
-	return term.ReadPassword(fd)
-}
-
-// MakeRaw puts the terminal connected to the given file descriptor into raw
-// mode and returns the previous state of the terminal so that it can be
-// restored.
-func MakeRaw(fd int) (*State, error) {
-	return term.MakeRaw(fd)
-}
-
-// Restore restores the terminal connected to the given file descriptor to a
-// previous state.
-func Restore(fd int, oldState *State) error {
-	return term.Restore(fd, oldState)
-}
-
-// GetState returns the current state of a terminal which may be useful to
-// restore the terminal after a signal.
-func GetState(fd int) (*State, error) {
-	return term.GetState(fd)
-}
-
-// GetSize returns the dimensions of the given terminal.
-func GetSize(fd int) (width, height int, err error) {
-	return term.GetSize(fd)
-}

vendor/modules.txt

@@ -718,7 +718,6 @@ golang.org/x/crypto/ssh
 golang.org/x/crypto/ssh/agent
 golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
 golang.org/x/crypto/ssh/knownhosts
-golang.org/x/crypto/ssh/terminal
 # golang.org/x/net v0.0.0-20220225172249-27dd8689420f
 golang.org/x/net/context
 golang.org/x/net/html
@@ -744,6 +743,7 @@ golang.org/x/sys/unix
 golang.org/x/sys/windows
 golang.org/x/sys/windows/registry
 # golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
+## explicit
 golang.org/x/term
 # golang.org/x/text v0.3.7
 ## explicit