chore(util): Fix modernize linter (#26342)

Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>

util/argo/argo.go

@@ -7,7 +7,6 @@ import (
 	"fmt"
 	"regexp"
 	"slices"
-	"sort"
 	"strings"
 	"time"
 
@@ -105,7 +104,7 @@ func FilterByProjects(apps []argoappv1.Application, projects []string) []argoapp
 		projectsMap[projects[i]] = true
 	}
 	items := []argoappv1.Application{}
-	for i := 0; i < len(apps); i++ {
+	for i := range apps {
 		a := apps[i]
 		if _, ok := projectsMap[a.Spec.GetProject()]; ok {
 			items = append(items, a)
@@ -124,7 +123,7 @@ func FilterByProjectsP(apps []*argoappv1.Application, projects []string) []*argo
 		projectsMap[projects[i]] = true
 	}
 	items := []*argoappv1.Application{}
-	for i := 0; i < len(apps); i++ {
+	for i := range apps {
 		a := apps[i]
 		if _, ok := projectsMap[a.Spec.GetProject()]; ok {
 			items = append(items, a)
@@ -143,7 +142,7 @@ func FilterAppSetsByProjects(appsets []argoappv1.ApplicationSet, projects []stri
 		projectsMap[projects[i]] = true
 	}
 	items := []argoappv1.ApplicationSet{}
-	for i := 0; i < len(appsets); i++ {
+	for i := range appsets {
 		a := appsets[i]
 		if _, ok := projectsMap[a.Spec.Template.Spec.GetProject()]; ok {
 			items = append(items, a)
@@ -158,7 +157,7 @@ func FilterByRepo(apps []argoappv1.Application, repo string) []argoappv1.Applica
 		return apps
 	}
 	items := []argoappv1.Application{}
-	for i := 0; i < len(apps); i++ {
+	for i := range apps {
 		if apps[i].Spec.GetSource().RepoURL == repo {
 			items = append(items, apps[i])
 		}
@@ -172,7 +171,7 @@ func FilterByRepoP(apps []*argoappv1.Application, repo string) []*argoappv1.Appl
 		return apps
 	}
 	items := []*argoappv1.Application{}
-	for i := 0; i < len(apps); i++ {
+	for i := range apps {
 		if apps[i].Spec.GetSource().RepoURL == repo {
 			items = append(items, apps[i])
 		}
@@ -186,7 +185,7 @@ func FilterByPath(apps []argoappv1.Application, path string) []argoappv1.Applica
 		return apps
 	}
 	items := []argoappv1.Application{}
-	for i := 0; i < len(apps); i++ {
+	for i := range apps {
 		if apps[i].Spec.GetSource().Path == path {
 			items = append(items, apps[i])
 		}
@@ -200,7 +199,7 @@ func FilterByCluster(apps []argoappv1.Application, cluster string) []argoappv1.A
 		return apps
 	}
 	items := []argoappv1.Application{}
-	for i := 0; i < len(apps); i++ {
+	for i := range apps {
 		if apps[i].Spec.Destination.Server == cluster || apps[i].Spec.Destination.Name == cluster {
 			items = append(items, apps[i])
 		}
@@ -214,7 +213,7 @@ func FilterByName(apps []argoappv1.Application, name string) ([]argoappv1.Applic
 		return apps, nil
 	}
 	items := []argoappv1.Application{}
-	for i := 0; i < len(apps); i++ {
+	for i := range apps {
 		if apps[i].Name == name {
 			items = append(items, apps[i])
 			return items, nil
@@ -230,7 +229,7 @@ func FilterByNameP(apps []*argoappv1.Application, name string) []*argoappv1.Appl
 		return apps
 	}
 	items := []*argoappv1.Application{}
-	for i := 0; i < len(apps); i++ {
+	for i := range apps {
 		if apps[i].Name == name {
 			items = append(items, apps[i])
 			return items
@@ -257,7 +256,7 @@ func RefreshApp(appIf v1alpha1.ApplicationInterface, name string, refreshType ar
 	if err != nil {
 		return nil, fmt.Errorf("error marshaling metadata: %w", err)
 	}
-	for attempt := 0; attempt < 5; attempt++ {
+	for range 5 {
 		app, err := appIf.Patch(context.Background(), name, types.MergePatchType, patch, metav1.PatchOptions{})
 		if err == nil {
 			log.Infof("Requested app '%s' refresh", name)
@@ -721,9 +720,7 @@ func APIResourcesToStrings(resources []kube.APIResourceInfo, includeKinds bool)
 	for k := range resMap {
 		res = append(res, k)
 	}
-	sort.Slice(res, func(i, j int) bool {
-		return res[i] < res[j]
-	})
+	slices.Sort(res)
 	return res
 }
 

util/cert/cert_test.go

@@ -3,6 +3,7 @@ package cert
 import (
 	"os"
 	"path"
+	"strings"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -547,24 +548,24 @@ func TestGetCertBundlePathForRepository(t *testing.T) {
 }
 
 func TestTLSCertificateLimit(t *testing.T) {
-	var data string
+	var data strings.Builder
 	// Append one more than the max allowed
-	for i := 0; i < CertificateMaxEntriesPerStream+1; i++ {
-		data += TestTLSValidSingleCert
+	for range CertificateMaxEntriesPerStream + 1 {
+		data.WriteString(TestTLSValidSingleCert)
 	}
-	_, err := ParseTLSCertificatesFromData(data)
+	_, err := ParseTLSCertificatesFromData(data.String())
 	require.Error(t, err)
 	assert.Contains(t, err.Error(), "limit exceeded")
 }
 
 func TestSSHKnownHostsLimit(t *testing.T) {
-	var data string
+	var data strings.Builder
 	entry := "github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk=\n"
 	// Append one more than the max allowed
-	for i := 0; i < CertificateMaxEntriesPerStream+1; i++ {
-		data += entry
+	for range CertificateMaxEntriesPerStream + 1 {
+		data.WriteString(entry)
 	}
-	_, err := ParseSSHKnownHostsFromData(data)
+	_, err := ParseSSHKnownHostsFromData(data.String())
 	require.Error(t, err)
 	assert.Contains(t, err.Error(), "limit exceeded")
 }

util/git/client_test.go

@@ -1091,7 +1091,7 @@ func Test_LsFiles_RaceCondition(t *testing.T) {
 	var wg sync.WaitGroup
 	callLsFiles := func(client Client, expectedFile string) {
 		defer wg.Done()
-		for i := 0; i < 100; i++ {
+		for range 100 {
 			files, err := client.LsFiles("*", true)
 			require.NoError(t, err)
 			require.Contains(t, files, expectedFile)
@@ -1270,8 +1270,8 @@ func Test_GitNoDetachedMaintenance(t *testing.T) {
 	output, err := native.runCmdOutput(cmd, runOpts{CaptureStderr: true})
 	require.NoError(t, err)
 
-	lines := strings.Split(output, "\n")
-	for _, line := range lines {
+	lines := strings.SplitSeq(output, "\n")
+	for line := range lines {
 		if strings.Contains(line, "git maintenance run") {
 			assert.NotContains(t, output, "--detach", "Unexpected --detach when running git maintenance")
 			return

util/oidc/oidc.go

@@ -14,6 +14,7 @@ import (
 	"net/url"
 	"os"
 	"path"
+	"slices"
 	"strings"
 	"sync"
 	"time"
@@ -750,12 +751,7 @@ func OfflineAccess(scopes []string) bool {
 		return true
 	}
 	// See if scopes_supported has the "offline_access" scope.
-	for _, scope := range scopes {
-		if scope == gooidc.ScopeOfflineAccess {
-			return true
-		}
-	}
-	return false
+	return slices.Contains(scopes, gooidc.ScopeOfflineAccess)
 }
 
 // InferGrantType infers the proper grant flow depending on the OAuth2 client config and OIDC configuration.
@@ -764,10 +760,8 @@ func InferGrantType(oidcConf *OIDCConfiguration) string {
 	// Check the supported response types. If the list contains the response type 'code',
 	// then grant type is 'authorization_code'. This is preferred over the implicit
 	// grant type since refresh tokens cannot be issued that way.
-	for _, supportedType := range oidcConf.ResponseTypesSupported {
-		if supportedType == ResponseTypeCode {
-			return GrantTypeAuthorizationCode
-		}
+	if slices.Contains(oidcConf.ResponseTypesSupported, ResponseTypeCode) {
+		return GrantTypeAuthorizationCode
 	}
 
 	// Assume implicit otherwise

util/session/sessionmanager_test.go

@@ -7,6 +7,7 @@ import (
 	stderrors "errors"
 	"fmt"
 	"io"
+	"maps"
 	"math"
 	"net/http"
 	"net/http/httptest"
@@ -358,7 +359,6 @@ func TestSessionManager_WithAuthMiddleware(t *testing.T) {
 		},
 	}
 	for _, tc := range cases {
-		tc := tc
 		t.Run(tc.name, func(t *testing.T) {
 			// given
 			mux := http.NewServeMux()
@@ -616,13 +616,13 @@ func TestLoginRateLimiter(t *testing.T) {
 }
 
 func TestMaxUsernameLength(t *testing.T) {
-	username := ""
-	for i := 0; i < maxUsernameLength+1; i++ {
-		username += "a"
+	var username strings.Builder
+	for range maxUsernameLength + 1 {
+		username.WriteString("a")
 	}
 	settingsMgr := settings.NewSettingsManager(t.Context(), getKubeClient(t, "password", true), "argocd")
 	mgr := newSessionManager(settingsMgr, getProjLister(), NewUserStateStorage(nil))
-	err := mgr.VerifyUsernamePassword(username, "password")
+	err := mgr.VerifyUsernamePassword(username.String(), "password")
 	assert.ErrorContains(t, err, fmt.Sprintf(usernameTooLongError, maxUsernameLength))
 }
 
@@ -666,9 +666,7 @@ func getKubeClientWithConfig(config map[string]string, secretConfig map[string][
 	mergedSecretConfig := map[string][]byte{
 		"server.secretkey": []byte("Hello, world!"),
 	}
-	for key, value := range secretConfig {
-		mergedSecretConfig[key] = value
-	}
+	maps.Copy(mergedSecretConfig, secretConfig)
 
 	return fake.NewClientset(&corev1.ConfigMap{
 		ObjectMeta: metav1.ObjectMeta{
@@ -1307,7 +1305,7 @@ func Test_PickFailureAttemptWhenOverflowed(t *testing.T) {
 		}
 
 		// inside pickRandomNonAdminLoginFailure, it uses random, so we need to test it multiple times
-		for i := 0; i < 1000; i++ {
+		for range 1000 {
 			user := pickRandomNonAdminLoginFailure(failures, "test")
 			assert.Equal(t, "test2", *user)
 		}
@@ -1327,7 +1325,7 @@ func Test_PickFailureAttemptWhenOverflowed(t *testing.T) {
 		}
 
 		// inside pickRandomNonAdminLoginFailure, it uses random, so we need to test it multiple times
-		for i := 0; i < 1000; i++ {
+		for range 1000 {
 			user := pickRandomNonAdminLoginFailure(failures, "test")
 			assert.Equal(t, "test2", *user)
 		}

util/settings/settings.go

@@ -1196,7 +1196,7 @@ func (mgr *SettingsManager) GetHelmSettings() (*v1alpha1.HelmOptions, error) {
 	}
 	helmOptions := &v1alpha1.HelmOptions{}
 	if value, ok := argoCDCM.Data[helmValuesFileSchemesKey]; ok {
-		for _, item := range strings.Split(value, ",") {
+		for item := range strings.SplitSeq(value, ",") {
 			if item := strings.TrimSpace(item); item != "" {
 				helmOptions.ValuesFileSchemes = append(helmOptions.ValuesFileSchemes, item)
 			}
@@ -1550,8 +1550,8 @@ func updateSettingsFromConfigMap(settings *ArgoCDSettings, argoCDCM *corev1.Conf
 func getExtensionConfigs(cmData map[string]string) map[string]string {
 	result := make(map[string]string)
 	for k, v := range cmData {
-		if strings.HasPrefix(k, extensionConfig) {
-			extName := strings.TrimPrefix(strings.TrimPrefix(k, extensionConfig), ".")
+		if extName, found := strings.CutPrefix(k, extensionConfig); found {
+			extName = strings.TrimPrefix(extName, ".")
 			result[extName] = v
 		}
 	}
@@ -2156,7 +2156,7 @@ func (mgr *SettingsManager) InitializeSettings(insecureModeEnabled bool) (*ArgoC
 			now := time.Now().UTC()
 			if adminAccount.PasswordHash == "" {
 				randBytes := make([]byte, initialPasswordLength)
-				for i := 0; i < initialPasswordLength; i++ {
+				for i := range initialPasswordLength {
 					num, err := rand.Int(rand.Reader, big.NewInt(int64(len(letters))))
 					if err != nil {
 						return err
@@ -2370,8 +2370,7 @@ func (mgr *SettingsManager) GetSensitiveAnnotations() map[string]bool {
 	}
 
 	value = strings.ReplaceAll(value, " ", "")
-	keys := strings.Split(value, ",")
-	for _, k := range keys {
+	for k := range strings.SplitSeq(value, ",") {
 		annotationKeys[k] = true
 	}
 	return annotationKeys

util/webhook/webhook.go

@@ -131,10 +131,8 @@ func NewHandler(namespace string, applicationNamespaces []string, webhookParalle
 
 func (a *ArgoCDWebhookHandler) startWorkerPool(webhookParallelism int) {
 	compLog := log.WithField("component", "api-server-webhook")
-	for i := 0; i < webhookParallelism; i++ {
-		a.Add(1)
-		go func() {
-			defer a.Done()
+	for range webhookParallelism {
+		a.Go(func() {
 			for {
 				payload, ok := <-a.queue
 				if !ok {
@@ -142,7 +140,7 @@ func (a *ArgoCDWebhookHandler) startWorkerPool(webhookParallelism int) {
 				}
 				guard.RecoverAndLog(func() { a.HandleEvent(payload) }, compLog, panicMsgServer)
 			}
-		}()
+		})
 	}
 }