Skip to content

[WIP] Fix GitHub Actions job failing due to err113 violation#3974

Closed
Copilot wants to merge 1 commit into
mainfrom
copilot/fix-github-actions-lint-error
Closed

[WIP] Fix GitHub Actions job failing due to err113 violation#3974
Copilot wants to merge 1 commit into
mainfrom
copilot/fix-github-actions-lint-error

Conversation

Copy link
Copy Markdown

Copilot AI commented Apr 17, 2026

Thanks for asking me to work on this. I will get started on it and keep this PR's description up to date as I form a plan and make progress.

Original prompt

You need to fix the failing GitHub Actions job for PR #3972 in repository project-zot/zot.

Context:

  • The failing job is in workflow .github/workflows/golangci-lint.yaml (job: lint).
  • The failure occurs during make check which runs golangci-lint.
  • The log shows an err113 violation:
    pkg/extensions/monitoring/minimal_client.go:59:16: do not define dynamic errors, use wrapped static errors instead (err113)
    Offending code:
    return nil, fmt.Errorf("metrics client: no valid PEM certificate found in %s", caCertFile)

Task:

  1. Update pkg/extensions/monitoring/minimal_client.go to comply with err113:
    • Introduce a static/sentinel error (e.g., var errNoValidPEMCertificate = errors.New("metrics client: no valid PEM certificate found") or equivalent).
    • Wrap that static error when returning it, while still including the caCertFile context.
    • Keep behavior the same: still return an error when no valid certs appended.
  2. Ensure the change compiles and passes lint.
  3. Add the fix as a commit to the existing PR branch (PR security: fix all MEDIUM findings from security review #3972).

Notes:

  • Use the existing repository patterns (prefer errors.New + %w wrapping, or consistent approach).
  • Only change what’s necessary to fix the lint error.

The following is the prior conversation context from the user's chat exploration (may be truncated):

User: Please find a solution for this failing job. Use the logs, job definition, and any referenced files where the failure occurred. Keep your response focused on the solution and include code suggestions when appropriate.

Assistant: The failing job is the golangci-lint workflow running make check, and it fails on an err113 lint violation in pkg/extensions/monitoring/minimal_client.go at line 59 (ref: 6541a0f7e09a56c5067096630f0281526c8f858d):

  • err113: “do not define dynamic errors, use wrapped static errors instead”
    Offending code:
return nil, fmt.Errorf("metrics client: no valid PEM certificate found in %s", caCertFile)

Fix

Replace the dynamic fmt.Errorf(...) with a static sentinel error and wrap it (or join it) while still including the filename as context.

Recommended patch (sentinel + wrapping)

Edit pkg/extensions/monitoring/minimal_client.go (same ref) like this:

diff --git a/pkg/extensions/monitoring/minimal_client.go b/pkg/extensions/monitoring/minimal_client.go
index a18be1737..PATCHED 100644
--- a/pkg/extensions/monitoring/minimal_client.go
+++ b/pkg/extensions/monitoring/minimal_client.go
@@ -18,6 +18,8 @@ import (
 
 	"zotregistry.dev/zot/v2/pkg/log"
 )
 
+var errNoValidPEMCertificate = fmt.Errorf("metrics client: no valid PEM certificate found")
+
 const (
 	httpTimeout = 1 * time.Minute
 )
@@ -56,7 +58,7 @@ func newHTTPMetricsClient(caCertFile string) (*http.Client, error) {
 		}
 
 		if !caCertPool.AppendCertsFromPEM(caCert) {
-			return nil, fmt.Errorf("metrics client: no valid PEM certificate found in %s", caCertFile)
+			return nil, fmt.Errorf("%w: %s", errNoValidPEMCertificate, caCertFile)
 		}
 	}

This satisfies err113 because:

  • the “real” error is now static (errNoValidPEMCertificate)
  • the path is added as context via wrapping

Alternative (if you prefer errors.Join style)

If the repo is already using Go 1.20+ patterns broadly, you could do:

var errNoValidPEMCertificate = errors.New("metrics client: no valid PEM certificate found")

return nil, fmt.Errorf("%w in %s", errNoValidPEMCertificate, caCertFile)

(You’d need to import errors if you use errors.New.)

Why this is the correct place to change

The workflow (.github/workflows/golangci-lint.yaml) runs make check, and the Makefile’s check target runs golangci-lint multiple times (including ./...), so fixing this single lint violation in minimal_client.go will unblock the job.

After applying the patch, the failing make check lint step should pass (assuming no additional lint issues are introduced).

User: add a commit to fix the error to the same PR

Assistant: I’ve kicked off the automated change to add a static sentinel error and wrap it (so err113 passes) and I’m now waiting for your approval/confirmation in the dialog so I can proceed to add the commit to PR #3972.

This pull request was created from Copilot chat.

@rchincha rchincha closed this Apr 17, 2026
Copilot stopped work on behalf of rchincha due to an error April 17, 2026 06:14
The session was cancelled by the user.
Copilot AI requested a review from rchincha April 17, 2026 06:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rchincha rchincha Awaiting requested review from rchincha

Assignees

@rchincha rchincha

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rchincha