update workflows (#1124)

acoshift · web-flow · commit 3bc0bdfe5e11 · 2023-04-28T23:32:47.000+10:00
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -13,7 +13,7 @@ jobs:
 
     steps:
     - name: Checkout repo
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
 
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v1
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -9,12 +9,17 @@ jobs:
       fail-fast: false
       matrix:
         postgres:
+          - '15'
+          - '14'
           - '13'
           - '12'
           - '11'
           - '10'
           - '9.6'
         go:
+          - '1.20'
+          - '1.19'
+          - '1.18'
           - '1.17'
           - '1.16'
           - '1.15'
@@ -169,10 +174,10 @@ jobs:
         docker exec pg createuser -h localhost -U postgres -DRS pqgosslcert
 
     - name: check out code into the Go module directory
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
 
     - name: set up go
-      uses: actions/setup-go@v2
+      uses: actions/setup-go@v4
       with:
         go-version: ${{ matrix.go }}
       id: go
diff --git a/ssl_test.go b/ssl_test.go
@@ -8,6 +8,7 @@ import (
 	"crypto/tls"
 	"crypto/x509"
 	"database/sql"
+	"errors"
 	"fmt"
 	"io"
 	"net"
@@ -86,11 +87,13 @@ func TestSSLVerifyFull(t *testing.T) {
 	if err == nil {
 		t.Fatal("expected error")
 	}
-	_, ok := err.(x509.UnknownAuthorityError)
-	if !ok {
-		_, ok := err.(x509.HostnameError)
-		if !ok {
-			t.Fatalf("expected x509.UnknownAuthorityError or x509.HostnameError, got %#+v", err)
+	{
+		var x509err x509.UnknownAuthorityError
+		if !errors.As(err, &x509err) {
+			var x509err x509.HostnameError
+			if !errors.As(err, &x509err) {
+				t.Fatalf("expected x509.UnknownAuthorityError or x509.HostnameError, got %#+v", err)
+			}
 		}
 	}
 
@@ -101,9 +104,11 @@ func TestSSLVerifyFull(t *testing.T) {
 	if err == nil {
 		t.Fatal("expected error")
 	}
-	_, ok = err.(x509.HostnameError)
-	if !ok {
-		t.Fatalf("expected x509.HostnameError, got %#+v", err)
+	{
+		var x509err x509.HostnameError
+		if !errors.As(err, &x509err) {
+			t.Fatalf("expected x509.HostnameError, got %#+v", err)
+		}
 	}
 	// OK
 	_, err = openSSLConn(t, rootCert+"host=postgres sslmode=verify-full user=pqgossltest")
@@ -126,9 +131,11 @@ func TestSSLRequireWithRootCert(t *testing.T) {
 	if err == nil {
 		t.Fatal("expected error")
 	}
-	_, ok := err.(x509.UnknownAuthorityError)
-	if !ok {
-		t.Fatalf("expected x509.UnknownAuthorityError, got %s, %#+v", err, err)
+	{
+		var x509err x509.UnknownAuthorityError
+		if !errors.As(err, &x509err) {
+			t.Fatalf("expected x509.UnknownAuthorityError, got %s, %#+v", err, err)
+		}
 	}
 
 	nonExistentCertPath := filepath.Join(os.Getenv("PQSSLCERTTEST_PATH"), "non_existent.crt")
@@ -164,15 +171,17 @@ func TestSSLVerifyCA(t *testing.T) {
 	// Not OK according to the system CA
 	{
 		_, err := openSSLConn(t, "host=postgres sslmode=verify-ca user=pqgossltest")
-		if _, ok := err.(x509.UnknownAuthorityError); !ok {
+		var x509err x509.UnknownAuthorityError
+		if !errors.As(err, &x509err) {
 			t.Fatalf("expected %T, got %#+v", x509.UnknownAuthorityError{}, err)
 		}
 	}
 
 	// Still not OK according to the system CA; empty sslrootcert is treated as unspecified.
 	{
 		_, err := openSSLConn(t, "host=postgres sslmode=verify-ca user=pqgossltest sslrootcert=''")
-		if _, ok := err.(x509.UnknownAuthorityError); !ok {
+		var x509err x509.UnknownAuthorityError
+		if !errors.As(err, &x509err) {
 			t.Fatalf("expected %T, got %#+v", x509.UnknownAuthorityError{}, err)
 		}
 	}
@@ -243,23 +252,26 @@ func TestSSLClientCertificates(t *testing.T) {
 	// Cert present, key not specified, should fail
 	{
 		_, err := openSSLConn(t, baseinfo+" sslcert="+sslcert)
-		if _, ok := err.(*os.PathError); !ok {
+		var pathErr *os.PathError
+		if !errors.As(err, &pathErr) {
 			t.Fatalf("expected %T, got %#+v", (*os.PathError)(nil), err)
 		}
 	}
 
 	// Cert present, empty key specified, should fail
 	{
 		_, err := openSSLConn(t, baseinfo+" sslcert="+sslcert+" sslkey=''")
-		if _, ok := err.(*os.PathError); !ok {
+		var pathErr *os.PathError
+		if !errors.As(err, &pathErr) {
 			t.Fatalf("expected %T, got %#+v", (*os.PathError)(nil), err)
 		}
 	}
 
 	// Cert present, non-existent key, should fail
 	{
 		_, err := openSSLConn(t, baseinfo+" sslcert="+sslcert+" sslkey=/tmp/filedoesnotexist")
-		if _, ok := err.(*os.PathError); !ok {
+		var pathErr *os.PathError
+		if !errors.As(err, &pathErr) {
 			t.Fatalf("expected %T, got %#+v", (*os.PathError)(nil), err)
 		}
 	}

Original file line number	Diff line number	Diff line change
`@@ -8,6 +8,7 @@ import (`
`8`	`8`	`"crypto/tls"`
`9`	`9`	`"crypto/x509"`
`10`	`10`	`"database/sql"`
	`11`	`+ "errors"`
`11`	`12`	`"fmt"`
`12`	`13`	`"io"`
`13`	`14`	`"net"`
`@@ -86,11 +87,13 @@ func TestSSLVerifyFull(t *testing.T) {`
`86`	`87`	`if err == nil {`
`87`	`88`	`t.Fatal("expected error")`
`88`	`89`	`}`
`89`		`- _, ok := err.(x509.UnknownAuthorityError)`
`90`		`- if !ok {`
`91`		`- _, ok := err.(x509.HostnameError)`
`92`		`- if !ok {`
`93`		`- t.Fatalf("expected x509.UnknownAuthorityError or x509.HostnameError, got %#+v", err)`
	`90`	`+ {`
	`91`	`+ var x509err x509.UnknownAuthorityError`
	`92`	`+ if !errors.As(err, &x509err) {`
	`93`	`+ var x509err x509.HostnameError`
	`94`	`+ if !errors.As(err, &x509err) {`
	`95`	`+ t.Fatalf("expected x509.UnknownAuthorityError or x509.HostnameError, got %#+v", err)`
	`96`	`+ }`
`94`	`97`	`}`
`95`	`98`	`}`
`96`	`99`
`@@ -101,9 +104,11 @@ func TestSSLVerifyFull(t *testing.T) {`
`101`	`104`	`if err == nil {`
`102`	`105`	`t.Fatal("expected error")`
`103`	`106`	`}`
`104`		`- _, ok = err.(x509.HostnameError)`
`105`		`- if !ok {`
`106`		`- t.Fatalf("expected x509.HostnameError, got %#+v", err)`
	`107`	`+ {`
	`108`	`+ var x509err x509.HostnameError`
	`109`	`+ if !errors.As(err, &x509err) {`
	`110`	`+ t.Fatalf("expected x509.HostnameError, got %#+v", err)`
	`111`	`+ }`
`107`	`112`	`}`
`108`	`113`	`// OK`
`109`	`114`	`_, err = openSSLConn(t, rootCert+"host=postgres sslmode=verify-full user=pqgossltest")`
`@@ -126,9 +131,11 @@ func TestSSLRequireWithRootCert(t *testing.T) {`
`126`	`131`	`if err == nil {`
`127`	`132`	`t.Fatal("expected error")`
`128`	`133`	`}`
`129`		`- _, ok := err.(x509.UnknownAuthorityError)`
`130`		`- if !ok {`
`131`		`- t.Fatalf("expected x509.UnknownAuthorityError, got %s, %#+v", err, err)`
	`134`	`+ {`
	`135`	`+ var x509err x509.UnknownAuthorityError`
	`136`	`+ if !errors.As(err, &x509err) {`
	`137`	`+ t.Fatalf("expected x509.UnknownAuthorityError, got %s, %#+v", err, err)`
	`138`	`+ }`
`132`	`139`	`}`
`133`	`140`
`134`	`141`	`nonExistentCertPath := filepath.Join(os.Getenv("PQSSLCERTTEST_PATH"), "non_existent.crt")`
`@@ -164,15 +171,17 @@ func TestSSLVerifyCA(t *testing.T) {`
`164`	`171`	`// Not OK according to the system CA`
`165`	`172`	`{`
`166`	`173`	`_, err := openSSLConn(t, "host=postgres sslmode=verify-ca user=pqgossltest")`
`167`		`- if _, ok := err.(x509.UnknownAuthorityError); !ok {`
	`174`	`+ var x509err x509.UnknownAuthorityError`
	`175`	`+ if !errors.As(err, &x509err) {`
`168`	`176`	`t.Fatalf("expected %T, got %#+v", x509.UnknownAuthorityError{}, err)`
`169`	`177`	`}`
`170`	`178`	`}`
`171`	`179`
`172`	`180`	`// Still not OK according to the system CA; empty sslrootcert is treated as unspecified.`
`173`	`181`	`{`
`174`	`182`	`_, err := openSSLConn(t, "host=postgres sslmode=verify-ca user=pqgossltest sslrootcert=''")`
`175`		`- if _, ok := err.(x509.UnknownAuthorityError); !ok {`
	`183`	`+ var x509err x509.UnknownAuthorityError`
	`184`	`+ if !errors.As(err, &x509err) {`
`176`	`185`	`t.Fatalf("expected %T, got %#+v", x509.UnknownAuthorityError{}, err)`
`177`	`186`	`}`
`178`	`187`	`}`
`@@ -243,23 +252,26 @@ func TestSSLClientCertificates(t *testing.T) {`
`243`	`252`	`// Cert present, key not specified, should fail`
`244`	`253`	`{`
`245`	`254`	`_, err := openSSLConn(t, baseinfo+" sslcert="+sslcert)`
`246`		`- if _, ok := err.(*os.PathError); !ok {`
	`255`	`+ var pathErr *os.PathError`
	`256`	`+ if !errors.As(err, &pathErr) {`
`247`	`257`	`t.Fatalf("expected %T, got %#+v", (*os.PathError)(nil), err)`
`248`	`258`	`}`
`249`	`259`	`}`
`250`	`260`
`251`	`261`	`// Cert present, empty key specified, should fail`
`252`	`262`	`{`
`253`	`263`	`_, err := openSSLConn(t, baseinfo+" sslcert="+sslcert+" sslkey=''")`
`254`		`- if _, ok := err.(*os.PathError); !ok {`
	`264`	`+ var pathErr *os.PathError`
	`265`	`+ if !errors.As(err, &pathErr) {`
`255`	`266`	`t.Fatalf("expected %T, got %#+v", (*os.PathError)(nil), err)`
`256`	`267`	`}`
`257`	`268`	`}`
`258`	`269`
`259`	`270`	`// Cert present, non-existent key, should fail`
`260`	`271`	`{`
`261`	`272`	`_, err := openSSLConn(t, baseinfo+" sslcert="+sslcert+" sslkey=/tmp/filedoesnotexist")`
`262`		`- if _, ok := err.(*os.PathError); !ok {`
	`273`	`+ var pathErr *os.PathError`
	`274`	`+ if !errors.As(err, &pathErr) {`
`263`	`275`	`t.Fatalf("expected %T, got %#+v", (*os.PathError)(nil), err)`
`264`	`276`	`}`
`265`	`277`	`}`