Enable depguard in more packages (#5963)

.golangci.yml

@@ -32,6 +32,12 @@ linters-settings:
         - "**/admission/*.go"
         - "**/alertmanager/*.go"
         - "**/alertmanager/**/*.go"
+        - "**/apis/*.go"
+        - "**/apis/**/*.go"
+        - "**/assets/*.go"
+        - "**/client/*.go"
+        - "**/client/**/*.go"
+        - "**/informers/*.go"
         deny:
         - pkg: "github.com/pkg/errors"
           dsc: Should be replaced with standard lib errors or fmt.Errorf

pkg/assets/store.go

@@ -19,9 +19,9 @@ import (
 	"crypto/tls"
 	"crypto/x509"
 	"encoding/pem"
+	"errors"
 	"fmt"
 
-	"github.com/pkg/errors"
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	corev1client "k8s.io/client-go/kubernetes/typed/core/v1"
@@ -70,7 +70,7 @@ func assetKeyFunc(obj interface{}) (string, error) {
 	case *v1.Secret:
 		return fmt.Sprintf("1/%s/%s", v.GetNamespace(), v.GetName()), nil
 	}
-	return "", errors.Errorf("unsupported type: %T", obj)
+	return "", fmt.Errorf("unsupported type: %T", obj)
 }
 
 // addTLSAssets processes the given SafeTLSConfig and adds the referenced CA, certificate and key to the store.
@@ -84,18 +84,18 @@ func (s *Store) addTLSAssets(ctx context.Context, ns string, tlsConfig monitorin
 
 	ca, err = s.GetKey(ctx, ns, tlsConfig.CA)
 	if err != nil {
-		return errors.Wrap(err, "failed to get CA")
+		return fmt.Errorf("failed to get CA: %w", err)
 	}
 
 	cert, err = s.GetKey(ctx, ns, tlsConfig.Cert)
 	if err != nil {
-		return errors.Wrap(err, "failed to get cert")
+		return fmt.Errorf("failed to get cert: %w", err)
 	}
 
 	if tlsConfig.KeySecret != nil {
 		key, err = s.GetSecretKey(ctx, ns, *tlsConfig.KeySecret)
 		if err != nil {
-			return errors.Wrap(err, "failed to get key")
+			return fmt.Errorf("failed to get key: %w", err)
 		}
 	}
 
@@ -106,7 +106,7 @@ func (s *Store) addTLSAssets(ctx context.Context, ns string, tlsConfig monitorin
 		}
 		_, err = x509.ParseCertificate(block.Bytes)
 		if err != nil {
-			return errors.Wrap(err, "failed to parse CA certificate")
+			return fmt.Errorf("failed to parse CA certificate: %w", err)
 		}
 		s.TLSAssets[TLSAssetKeyFromSelector(ns, tlsConfig.CA)] = TLSAsset(ca)
 	}
@@ -114,7 +114,7 @@ func (s *Store) addTLSAssets(ctx context.Context, ns string, tlsConfig monitorin
 	if cert != "" && key != "" {
 		_, err = tls.X509KeyPair([]byte(cert), []byte(key))
 		if err != nil {
-			return errors.Wrap(err, "failed to load X509 key pair")
+			return fmt.Errorf("failed to load X509 key pair: %w", err)
 		}
 		s.TLSAssets[TLSAssetKeyFromSelector(ns, tlsConfig.Cert)] = TLSAsset(cert)
 		s.TLSAssets[TLSAssetKeyFromSelector(ns, monitoringv1.SecretOrConfigMap{Secret: tlsConfig.KeySecret})] = TLSAsset(key)
@@ -131,7 +131,7 @@ func (s *Store) AddSafeTLSConfig(ctx context.Context, ns string, tlsConfig *moni
 
 	err := tlsConfig.Validate()
 	if err != nil {
-		return errors.Wrap(err, "failed to validate TLS configuration")
+		return fmt.Errorf("failed to validate TLS configuration: %w", err)
 	}
 
 	return s.addTLSAssets(ctx, ns, *tlsConfig)
@@ -145,7 +145,7 @@ func (s *Store) AddTLSConfig(ctx context.Context, ns string, tlsConfig *monitori
 
 	err := tlsConfig.Validate()
 	if err != nil {
-		return errors.Wrap(err, "failed to validate TLS configuration")
+		return fmt.Errorf("failed to validate TLS configuration: %w", err)
 	}
 
 	return s.addTLSAssets(ctx, ns, tlsConfig.SafeTLSConfig)
@@ -159,12 +159,12 @@ func (s *Store) AddBasicAuth(ctx context.Context, ns string, ba *monitoringv1.Ba
 
 	username, err := s.GetSecretKey(ctx, ns, ba.Username)
 	if err != nil {
-		return errors.Wrap(err, "failed to get basic auth username")
+		return fmt.Errorf("failed to get basic auth username: %w", err)
 	}
 
 	password, err := s.GetSecretKey(ctx, ns, ba.Password)
 	if err != nil {
-		return errors.Wrap(err, "failed to get basic auth password")
+		return fmt.Errorf("failed to get basic auth password: %w", err)
 	}
 
 	s.BasicAuthAssets[key] = BasicAuthCredentials{
@@ -187,12 +187,12 @@ func (s *Store) AddOAuth2(ctx context.Context, ns string, oauth2 *monitoringv1.O
 
 	clientID, err := s.GetKey(ctx, ns, oauth2.ClientID)
 	if err != nil {
-		return errors.Wrap(err, "failed to get oauth2 client id")
+		return fmt.Errorf("failed to get oauth2 client id: %w", err)
 	}
 
 	clientSecret, err := s.GetSecretKey(ctx, ns, oauth2.ClientSecret)
 	if err != nil {
-		return errors.Wrap(err, "failed to get oauth2 client secret")
+		return fmt.Errorf("failed to get oauth2 client secret: %w", err)
 	}
 
 	s.OAuth2Assets[key] = OAuth2Credentials{
@@ -215,7 +215,7 @@ func (s *Store) addToken(ctx context.Context, ns string, sel *v1.SecretKeySelect
 
 	token, err := s.GetSecretKey(ctx, ns, *sel)
 	if err != nil {
-		return errors.Wrap(err, "failed to get token from secret")
+		return fmt.Errorf("failed to get token from secret: %w", err)
 	}
 
 	s.TokenAssets[key] = Token(token)
@@ -226,7 +226,7 @@ func (s *Store) addToken(ctx context.Context, ns string, sel *v1.SecretKeySelect
 func (s *Store) AddBearerToken(ctx context.Context, ns string, sel *v1.SecretKeySelector, key string) error {
 	err := s.addToken(ctx, ns, sel, key)
 	if err != nil {
-		return errors.Wrap(err, "failed to get bearer token")
+		return fmt.Errorf("failed to get bearer token: %w", err)
 	}
 	return nil
 }
@@ -242,7 +242,7 @@ func (s *Store) AddSafeAuthorizationCredentials(ctx context.Context, namespace s
 
 	err := s.addToken(ctx, namespace, auth.Credentials, key)
 	if err != nil {
-		return errors.Wrapf(err, "failed to get authorization token of type %q", auth.Type)
+		return fmt.Errorf("failed to get authorization token of type %q: %w", auth.Type, err)
 	}
 	return nil
 }
@@ -258,7 +258,7 @@ func (s *Store) AddAuthorizationCredentials(ctx context.Context, namespace strin
 
 	err := s.addToken(ctx, namespace, auth.Credentials, key)
 	if err != nil {
-		return errors.Wrapf(err, "failed to get authorization token of type %q", auth.Type)
+		return fmt.Errorf("failed to get authorization token of type %q: %w", auth.Type, err)
 	}
 	return nil
 }
@@ -277,13 +277,13 @@ func (s *Store) AddSigV4(ctx context.Context, ns string, sigv4 *monitoringv1.Sig
 
 	accessKey, err := s.GetSecretKey(ctx, ns, *sigv4.AccessKey)
 	if err != nil {
-		return errors.Wrap(err, "failed to read SigV4 access-key")
+		return fmt.Errorf("failed to read SigV4 access-key: %w", err)
 	}
 	sigV4Credentials.AccessKeyID = accessKey
 
 	secretKey, err := s.GetSecretKey(ctx, ns, *sigv4.SecretKey)
 	if err != nil {
-		return errors.Wrap(err, "failed to read SigV4 secret-key")
+		return fmt.Errorf("failed to read SigV4 secret-key: %w", err)
 	}
 	sigV4Credentials.SecretKeyID = secretKey
 
@@ -313,23 +313,23 @@ func (s *Store) GetConfigMapKey(ctx context.Context, namespace string, sel v1.Co
 		},
 	})
 	if err != nil {
-		return "", errors.Wrapf(err, "unexpected store error when getting configmap %q", sel.Name)
+		return "", fmt.Errorf("unexpected store error when getting configmap %q: %w", sel.Name, err)
 	}
 
 	if !exists {
 		cm, err := s.cmClient.ConfigMaps(namespace).Get(ctx, sel.Name, metav1.GetOptions{})
 		if err != nil {
-			return "", errors.Wrapf(err, "unable to get configmap %q", sel.Name)
+			return "", fmt.Errorf("unable to get configmap %q: %w", sel.Name, err)
 		}
 		if err = s.objStore.Add(cm); err != nil {
-			return "", errors.Wrapf(err, "unexpected store error when adding configmap %q", sel.Name)
+			return "", fmt.Errorf("unexpected store error when adding configmap %q: %w", sel.Name, err)
 		}
 		obj = cm
 	}
 
 	cm := obj.(*v1.ConfigMap)
 	if _, found := cm.Data[sel.Key]; !found {
-		return "", errors.Errorf("key %q in configmap %q not found", sel.Key, sel.Name)
+		return "", fmt.Errorf("key %q in configmap %q not found", sel.Key, sel.Name)
 	}
 
 	return cm.Data[sel.Key], nil
@@ -344,23 +344,23 @@ func (s *Store) GetSecretKey(ctx context.Context, namespace string, sel v1.Secre
 		},
 	})
 	if err != nil {
-		return "", errors.Wrapf(err, "unexpected store error when getting secret %q", sel.Name)
+		return "", fmt.Errorf("unexpected store error when getting secret %q: %w", sel.Name, err)
 	}
 
 	if !exists {
 		secret, err := s.sClient.Secrets(namespace).Get(ctx, sel.Name, metav1.GetOptions{})
 		if err != nil {
-			return "", errors.Wrapf(err, "unable to get secret %q", sel.Name)
+			return "", fmt.Errorf("unable to get secret %q: %w", sel.Name, err)
 		}
 		if err = s.objStore.Add(secret); err != nil {
-			return "", errors.Wrapf(err, "unexpected store error when adding secret %q", sel.Name)
+			return "", fmt.Errorf("unexpected store error when adding secret %q: %w", sel.Name, err)
 		}
 		obj = secret
 	}
 
 	secret := obj.(*v1.Secret)
 	if _, found := secret.Data[sel.Key]; !found {
-		return "", errors.Errorf("key %q in secret %q not found", sel.Key, sel.Name)
+		return "", fmt.Errorf("key %q in secret %q not found", sel.Key, sel.Name)
 	}
 
 	return string(secret.Data[sel.Key]), nil

pkg/informers/informers.go

@@ -15,9 +15,9 @@
 package informers
 
 import (
+	"fmt"
 	"sort"
 
-	"github.com/pkg/errors"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
@@ -64,7 +64,7 @@ func NewInformersForResource(ifs FactoriesForNamespaces, resource schema.GroupVe
 	for _, ns := range namespaces {
 		informer, err := ifs.ForResource(ns, resource)
 		if err != nil {
-			return nil, errors.Wrapf(err, "error getting informer in namespace %q for resource %v", ns, resource)
+			return nil, fmt.Errorf("error getting informer in namespace %q for resource %v: %w", ns, resource, err)
 		}
 		informers = append(informers, informer)
 	}