lint: import statement order (#3085)

* lint: import statement order

* lint

cmd/crowdsec/lapiclient.go

@@ -10,8 +10,8 @@ import (
 
 	"github.com/crowdsecurity/crowdsec/pkg/apiclient"
 	"github.com/crowdsecurity/crowdsec/pkg/csconfig"
-	"github.com/crowdsecurity/crowdsec/pkg/cwversion"
 	"github.com/crowdsecurity/crowdsec/pkg/cwhub"
+	"github.com/crowdsecurity/crowdsec/pkg/cwversion"
 	"github.com/crowdsecurity/crowdsec/pkg/models"
 )
 

cmd/notification-file/main.go

@@ -11,10 +11,11 @@ import (
 	"sync"
 	"time"
 
-	"github.com/crowdsecurity/crowdsec/pkg/protobufs"
 	"github.com/hashicorp/go-hclog"
 	plugin "github.com/hashicorp/go-plugin"
 	"gopkg.in/yaml.v3"
+
+	"github.com/crowdsecurity/crowdsec/pkg/protobufs"
 )
 
 var (
@@ -69,7 +70,7 @@ func (r *LogRotate) rotateLogs(cfg PluginConfig) {
 	}
 	// Reopen the FileWriter
 	FileWriter.Close()
-	FileWriter, err = os.OpenFile(cfg.LogPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
+	FileWriter, err = os.OpenFile(cfg.LogPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0o644)
 	if err != nil {
 		logger.Error("Failed to reopen log file", "error", err)
 	}
@@ -173,7 +174,7 @@ func WriteToFileWithCtx(ctx context.Context, cfg PluginConfig, log string) error
 		// The file has been rotated outside our control
 		logger.Info("Log file has been rotated or missing attempting to reopen it")
 		FileWriter.Close()
-		FileWriter, err = os.OpenFile(cfg.LogPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
+		FileWriter, err = os.OpenFile(cfg.LogPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0o644)
 		if err != nil {
 			return err
 		}
@@ -213,7 +214,7 @@ func (s *FilePlugin) Configure(ctx context.Context, config *protobufs.Config) (*
 		return &protobufs.Empty{}, err
 	}
 	FileWriteMutex = &sync.Mutex{}
-	FileWriter, err = os.OpenFile(d.LogPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
+	FileWriter, err = os.OpenFile(d.LogPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0o644)
 	if err != nil {
 		logger.Error("Failed to open log file", "error", err)
 		return &protobufs.Empty{}, err
@@ -230,7 +231,7 @@ func (s *FilePlugin) Configure(ctx context.Context, config *protobufs.Config) (*
 }
 
 func main() {
-	var handshake = plugin.HandshakeConfig{
+	handshake := plugin.HandshakeConfig{
 		ProtocolVersion:  1,
 		MagicCookieKey:   "CROWDSEC_PLUGIN_KEY",
 		MagicCookieValue: os.Getenv("CROWDSEC_PLUGIN_KEY"),

cmd/notification-sentinel/main.go

@@ -11,10 +11,11 @@ import (
 	"strings"
 	"time"
 
-	"github.com/crowdsecurity/crowdsec/pkg/protobufs"
 	"github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/go-plugin"
 	"gopkg.in/yaml.v3"
+
+	"github.com/crowdsecurity/crowdsec/pkg/protobufs"
 )
 
 type PluginConfig struct {
@@ -54,7 +55,6 @@ func (s *SentinelPlugin) getAuthorizationHeader(now string, length int, pluginNa
 }
 
 func (s *SentinelPlugin) Notify(ctx context.Context, notification *protobufs.Notification) (*protobufs.Empty, error) {
-
 	if _, ok := s.PluginConfigByName[notification.Name]; !ok {
 		return nil, fmt.Errorf("invalid plugin config name %s", notification.Name)
 	}
@@ -73,7 +73,6 @@ func (s *SentinelPlugin) Notify(ctx context.Context, notification *protobufs.Not
 	now := time.Now().UTC().Format("Mon, 02 Jan 2006 15:04:05 GMT")
 
 	authorization, err := s.getAuthorizationHeader(now, len(notification.Text), notification.Name)
-
 	if err != nil {
 		return &protobufs.Empty{}, err
 	}
@@ -113,7 +112,7 @@ func (s *SentinelPlugin) Configure(ctx context.Context, config *protobufs.Config
 }
 
 func main() {
-	var handshake = plugin.HandshakeConfig{
+	handshake := plugin.HandshakeConfig{
 		ProtocolVersion:  1,
 		MagicCookieKey:   "CROWDSEC_PLUGIN_KEY",
 		MagicCookieValue: os.Getenv("CROWDSEC_PLUGIN_KEY"),

pkg/acquisition/acquisition.go

@@ -30,9 +30,8 @@ import (
 	s3acquisition "github.com/crowdsecurity/crowdsec/pkg/acquisition/modules/s3"
 	syslogacquisition "github.com/crowdsecurity/crowdsec/pkg/acquisition/modules/syslog"
 	wineventlogacquisition "github.com/crowdsecurity/crowdsec/pkg/acquisition/modules/wineventlog"
-	"github.com/crowdsecurity/crowdsec/pkg/exprhelpers"
-
 	"github.com/crowdsecurity/crowdsec/pkg/csconfig"
+	"github.com/crowdsecurity/crowdsec/pkg/exprhelpers"
 	"github.com/crowdsecurity/crowdsec/pkg/types"
 )
 
@@ -124,7 +123,6 @@ func DataSourceConfigure(commonConfig configuration.DataSourceCommonCfg, metrics
 		/* configure the actual datasource */
 		if err := dataSrc.Configure(yamlConfig, subLogger, metricsLevel); err != nil {
 			return nil, fmt.Errorf("failed to configure datasource %s: %w", commonConfig.Source, err)
-
 		}
 		return &dataSrc, nil
 	}
@@ -181,7 +179,6 @@ func LoadAcquisitionFromDSN(dsn string, labels map[string]string, transformExpr
 func GetMetricsLevelFromPromCfg(prom *csconfig.PrometheusCfg) int {
 	if prom == nil {
 		return configuration.METRICS_FULL
-
 	}
 	if !prom.Enabled {
 		return configuration.METRICS_NONE
@@ -194,7 +191,6 @@ func GetMetricsLevelFromPromCfg(prom *csconfig.PrometheusCfg) int {
 		return configuration.METRICS_FULL
 	}
 	return configuration.METRICS_FULL
-
 }
 
 // LoadAcquisitionFromFile unmarshals the configuration item and checks its availability

pkg/acquisition/modules/appsec/appsec.go

@@ -3,34 +3,34 @@ package appsecacquisition
 import (
 	"context"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"net"
 	"net/http"
 	"os"
 	"sync"
 	"time"
 
-	"github.com/crowdsecurity/crowdsec/pkg/csconfig"
-
-	"github.com/crowdsecurity/crowdsec/pkg/acquisition/configuration"
-	"github.com/crowdsecurity/crowdsec/pkg/appsec"
-	"github.com/crowdsecurity/crowdsec/pkg/types"
-	"github.com/crowdsecurity/go-cs-lib/trace"
 	"github.com/google/uuid"
 	"github.com/prometheus/client_golang/prometheus"
 	log "github.com/sirupsen/logrus"
 	"gopkg.in/tomb.v2"
 	"gopkg.in/yaml.v2"
+
+	"github.com/crowdsecurity/go-cs-lib/trace"
+
+	"github.com/crowdsecurity/crowdsec/pkg/acquisition/configuration"
+	"github.com/crowdsecurity/crowdsec/pkg/appsec"
+	"github.com/crowdsecurity/crowdsec/pkg/csconfig"
+	"github.com/crowdsecurity/crowdsec/pkg/types"
 )
 
 const (
 	InBand    = "inband"
 	OutOfBand = "outofband"
 )
 
-var (
-	DefaultAuthCacheDuration = (1 * time.Minute)
-)
+var DefaultAuthCacheDuration = (1 * time.Minute)
 
 // configuration structure of the acquis for the application security engine
 type AppsecSourceConfig struct {
@@ -94,10 +94,9 @@ type BodyResponse struct {
 }
 
 func (w *AppsecSource) UnmarshalConfig(yamlConfig []byte) error {
-
 	err := yaml.UnmarshalStrict(yamlConfig, &w.config)
 	if err != nil {
-		return fmt.Errorf("Cannot parse appsec configuration: %w", err)
+		return fmt.Errorf("cannot parse appsec configuration: %w", err)
 	}
 
 	if w.config.ListenAddr == "" && w.config.ListenSocket == "" {
@@ -122,7 +121,7 @@ func (w *AppsecSource) UnmarshalConfig(yamlConfig []byte) error {
 	}
 
 	if w.config.AppsecConfig == "" && w.config.AppsecConfigPath == "" {
-		return fmt.Errorf("appsec_config or appsec_config_path must be set")
+		return errors.New("appsec_config or appsec_config_path must be set")
 	}
 
 	if w.config.Name == "" {
@@ -177,26 +176,25 @@ func (w *AppsecSource) Configure(yamlConfig []byte, logger *log.Entry, MetricsLe
 	if w.config.AppsecConfigPath != "" {
 		err := appsecCfg.LoadByPath(w.config.AppsecConfigPath)
 		if err != nil {
-			return fmt.Errorf("unable to load appsec_config : %s", err)
+			return fmt.Errorf("unable to load appsec_config: %w", err)
 		}
 	} else if w.config.AppsecConfig != "" {
 		err := appsecCfg.Load(w.config.AppsecConfig)
 		if err != nil {
-			return fmt.Errorf("unable to load appsec_config : %s", err)
+			return fmt.Errorf("unable to load appsec_config: %w", err)
 		}
 	} else {
-		return fmt.Errorf("no appsec_config provided")
+		return errors.New("no appsec_config provided")
 	}
 
 	w.AppsecRuntime, err = appsecCfg.Build()
 	if err != nil {
-		return fmt.Errorf("unable to build appsec_config : %s", err)
+		return fmt.Errorf("unable to build appsec_config: %w", err)
 	}
 
 	err = w.AppsecRuntime.ProcessOnLoadRules()
-
 	if err != nil {
-		return fmt.Errorf("unable to process on load rules : %s", err)
+		return fmt.Errorf("unable to process on load rules: %w", err)
 	}
 
 	w.AppsecRunners = make([]AppsecRunner, w.config.Routines)
@@ -207,15 +205,15 @@ func (w *AppsecSource) Configure(yamlConfig []byte, logger *log.Entry, MetricsLe
 		wrt := *w.AppsecRuntime
 		wrt.Logger = w.logger.Dup().WithField("runner_uuid", appsecRunnerUUID)
 		runner := AppsecRunner{
-			inChan: w.InChan,
-			UUID:   appsecRunnerUUID,
-			logger: w.logger.WithField("runner_uuid", appsecRunnerUUID),
+			inChan:        w.InChan,
+			UUID:          appsecRunnerUUID,
+			logger:        w.logger.WithField("runner_uuid", appsecRunnerUUID),
 			AppsecRuntime: &wrt,
 			Labels:        w.config.Labels,
 		}
 		err := runner.Init(appsecCfg.GetDataDir())
 		if err != nil {
-			return fmt.Errorf("unable to initialize runner : %s", err)
+			return fmt.Errorf("unable to initialize runner: %w", err)
 		}
 		w.AppsecRunners[nbRoutine] = runner
 	}
@@ -228,7 +226,7 @@ func (w *AppsecSource) Configure(yamlConfig []byte, logger *log.Entry, MetricsLe
 }
 
 func (w *AppsecSource) ConfigureByDSN(dsn string, labels map[string]string, logger *log.Entry, uuid string) error {
-	return fmt.Errorf("AppSec datasource does not support command line acquisition")
+	return errors.New("AppSec datasource does not support command line acquisition")
 }
 
 func (w *AppsecSource) GetMode() string {
@@ -240,7 +238,7 @@ func (w *AppsecSource) GetName() string {
 }
 
 func (w *AppsecSource) OneShotAcquisition(out chan types.Event, t *tomb.Tomb) error {
-	return fmt.Errorf("AppSec datasource does not support command line acquisition")
+	return errors.New("AppSec datasource does not support command line acquisition")
 }
 
 func (w *AppsecSource) StreamingAcquisition(out chan types.Event, t *tomb.Tomb) error {
@@ -262,7 +260,7 @@ func (w *AppsecSource) StreamingAcquisition(out chan types.Event, t *tomb.Tomb)
 				_ = os.RemoveAll(w.config.ListenSocket)
 				listener, err := net.Listen("unix", w.config.ListenSocket)
 				if err != nil {
-					return fmt.Errorf("Appsec server failed: %w", err)
+					return fmt.Errorf("appsec server failed: %w", err)
 				}
 				defer listener.Close()
 				if w.config.CertFilePath != "" && w.config.KeyFilePath != "" {
@@ -271,7 +269,7 @@ func (w *AppsecSource) StreamingAcquisition(out chan types.Event, t *tomb.Tomb)
 					err = w.server.Serve(listener)
 				}
 				if err != nil && err != http.ErrServerClosed {
-					return fmt.Errorf("Appsec server failed: %w", err)
+					return fmt.Errorf("appsec server failed: %w", err)
 				}
 			}
 			return nil
@@ -287,7 +285,7 @@ func (w *AppsecSource) StreamingAcquisition(out chan types.Event, t *tomb.Tomb)
 				}
 
 				if err != nil && err != http.ErrServerClosed {
-					return fmt.Errorf("Appsec server failed: %w", err)
+					return fmt.Errorf("appsec server failed: %w", err)
 				}
 			}
 			return nil
@@ -334,7 +332,6 @@ func (w *AppsecSource) IsAuth(apiKey string) bool {
 	defer resp.Body.Close()
 
 	return resp.StatusCode == http.StatusOK
-
 }
 
 // should this be in the runner ?
@@ -401,5 +398,4 @@ func (w *AppsecSource) appsecHandler(rw http.ResponseWriter, r *http.Request) {
 	} else {
 		rw.Write(body)
 	}
-
 }

pkg/acquisition/modules/appsec/appsec_hooks_test.go

@@ -5,12 +5,13 @@ import (
 	"net/url"
 	"testing"
 
-	"github.com/crowdsecurity/crowdsec/pkg/appsec"
-	"github.com/crowdsecurity/crowdsec/pkg/appsec/appsec_rule"
-	"github.com/crowdsecurity/crowdsec/pkg/types"
 	"github.com/davecgh/go-spew/spew"
 	log "github.com/sirupsen/logrus"
 	"github.com/stretchr/testify/require"
+
+	"github.com/crowdsecurity/crowdsec/pkg/appsec"
+	"github.com/crowdsecurity/crowdsec/pkg/appsec/appsec_rule"
+	"github.com/crowdsecurity/crowdsec/pkg/types"
 )
 
 func TestAppsecOnMatchHooks(t *testing.T) {
@@ -41,7 +42,6 @@ func TestAppsecOnMatchHooks(t *testing.T) {
 				require.Equal(t, 403, responses[0].BouncerHTTPResponseCode)
 				require.Equal(t, 403, responses[0].UserHTTPResponseCode)
 				require.Equal(t, appsec.BanRemediation, responses[0].Action)
-
 			},
 		},
 		{

pkg/acquisition/modules/appsec/appsec_lnx_test.go

@@ -6,15 +6,15 @@ package appsecacquisition
 import (
 	"testing"
 
+	log "github.com/sirupsen/logrus"
+	"github.com/stretchr/testify/require"
+
 	"github.com/crowdsecurity/crowdsec/pkg/appsec"
 	"github.com/crowdsecurity/crowdsec/pkg/appsec/appsec_rule"
 	"github.com/crowdsecurity/crowdsec/pkg/types"
-	log "github.com/sirupsen/logrus"
-	"github.com/stretchr/testify/require"
 )
 
 func TestAppsecRuleTransformsOthers(t *testing.T) {
-
 	log.SetLevel(log.TraceLevel)
 	tests := []appsecRuleTest{
 		{

pkg/acquisition/modules/appsec/appsec_remediation_test.go

@@ -5,14 +5,14 @@ import (
 	"net/url"
 	"testing"
 
+	"github.com/stretchr/testify/require"
+
 	"github.com/crowdsecurity/crowdsec/pkg/appsec"
 	"github.com/crowdsecurity/crowdsec/pkg/appsec/appsec_rule"
 	"github.com/crowdsecurity/crowdsec/pkg/types"
-	"github.com/stretchr/testify/require"
 )
 
 func TestAppsecDefaultPassRemediation(t *testing.T) {
-
 	tests := []appsecRuleTest{
 		{
 			name:             "Basic non-matching rule",
@@ -152,7 +152,6 @@ func TestAppsecDefaultPassRemediation(t *testing.T) {
 }
 
 func TestAppsecDefaultRemediation(t *testing.T) {
-
 	tests := []appsecRuleTest{
 		{
 			name:             "Basic matching rule",