upgrade go and dependencies and fix CI

.github/dependabot.yml

@@ -10,6 +10,6 @@ updates:
     schedule:
       interval: "daily"
   - package-ecosystem: "github-actions"
-  directory: "/"
-  schedule:
-    interval: "daily"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,67 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '29 22 * * 0'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v3
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3

README.md

@@ -2,7 +2,7 @@
 
 A [Prometheus][prometheus] exporter that identifies out of date [BOSH][bosh] deployments.
 
-It queries [Github][github] and fetches available releases of canonical [BOSH][bosh] manifests
+It queries [GitHub][github] and fetches available releases of canonical [BOSH][bosh] manifests
 such as [cf-deployment][cf-deployment], then conciliates with actual running deployments
 fetched from [BOSH][bosh]  director.
 
@@ -29,16 +29,16 @@ $ docker run -p 9362:9362 orangeopensource/boshupdate-exporter <flags>
 
 ### BOSH
 
-This exporter can be deployed using the [Githubexporter BOSH Release][githubexporter-boshrelease].
+This exporter can be deployed using the BOSH Release: https://github.com/orange-cloudfoundry/boshupdate-boshrelease.
 
 ## Usage
 
-### Github Token
+### GitHub Token
 
-In order to connect to the [Github API][github_api] a `token` must be provided.
-The `token` can be created by following the [Github HowTo][github-create-token]
+In order to connect to the [GitHub API][github_api] a `token` must be provided.
+The `token` can be created by following the [GitHub HowTo][github-create-token]
 
-### Bosh deployment prerequites
+### Bosh deployment prerequisites
 
 The exporter identifies the version of a running deployment by extracting the `manifest_version`.
 
@@ -71,10 +71,10 @@ bosh:
   excludes: list[regexp]  # list of bosh deployment to exclude from scrap
 
 github:
-  token: <string>                          # your github token here
-  update_interval: 4h                      # interval between two github updates
+  token: <string>                          # your GitHub token here
+  update_interval: 4h                      # interval between two GitHub updates
   manifest_releases: map[string, manifest] # list of canonical manifests to monitor
-  generic_releases:  map[string, generic]  # list of generic github release to monitor
+  generic_releases:  map[string, generic]  # list of generic GitHub release to monitor
 ```
 
 
@@ -84,8 +84,8 @@ github:
 <name>:
     types: *release-types*
     format: *release-formatter*
-    owner: <string>        # github project's owner or organization
-    repo: <string>         # github project's name
+    owner: <string>        # GitHub project's owner or organization
+    repo: <string>         # GitHub project's name
     manifest: <string>     # remote path to main BOSH manifest
     ops: list[string]      # list of remote ops-file paths to apply to main manifest
     vars: list[string]     # list of remote vars-file paths to apply to main manifest
@@ -98,8 +98,8 @@ github:
 <name>:
     types: *release-types*
     format: *release-formatter*
-    owner: <string>     # github project's owner or organization
-    repo: <string>      # github project's name
+    owner: <string>     # GitHub project's owner or organization
+    repo: <string>      # GitHub project's name
 ```
 
 * *release-types*
@@ -109,10 +109,10 @@ github:
 list[string]
 
 # String must be one or more of the following values:
-# - release:       Github release which is neither in 'draft' nor 'pre' state
-# - pre_release:   Github release in 'pre' state
-# - draft_release: Github release in 'draft' state
-# - tag:           Github tag
+# - release:       GitHub release which is neither in 'draft' nor 'pre' state
+# - pre_release:   GitHub release in 'pre' state
+# - draft_release: GitHub release in 'draft' state
+# - tag:           GitHub tag
 ```
 
 * *format*
@@ -131,17 +131,17 @@ format:
 
 ### Flags
 
-| Flag / Environment Variable                                          | Required | Default         | Description                                                                                                                                                                                                                           |
-| ---------------------------                                          | -------- | -------         | -----------                                                                                                                                                                                                                           |
-| `config`<br />`BOSHUPDATE_EXPORTER_CONFIG`                           | No       | `config.yml`    | Path to configuration file                                                                                                                                                                                                            |
-| `metrics.namespace`<br />`BOSHUPDATE_EXPORTER_METRICS_NAMESPACE`     | No       | `boshupdate`    | Metrics Namespace                                                                                                                                                                                                                     |
-| `metrics.environment`<br />`BOSHUPDATE_EXPORTER_METRICS_ENVIRONMENT` | Yes      |                 | `environment` label to be attached to metrics                                                                                                                                                                                         |
-| `web.listen-address`<br />`BOSHUPDATE_EXPORTER_WEB_LISTEN_ADDRESS`   | No       | `:9362`         | Address to listen on for web interface and telemetry                                                                                                                                                                                  |
-| `web.telemetry-path`<br />`BOSHUPDATE_EXPORTER_WEB_TELEMETRY_PATH`   | No       | `/metrics`      | Path under which to expose Prometheus metrics                                                                                                                                                                                         |
-| `web.auth.username`<br />`BOSHUPDATE_EXPORTER_WEB_AUTH_USERNAME`     | No       |                 | Username for web interface basic auth                                                                                                                                                                                                 |
-| `web.auth.password`<br />`BOSHUPDATE_EXPORTER_WEB_AUTH_PASSWORD`     | No       |                 | Password for web interface basic auth                                                                                                                                                                                                 |
-| `web.tls.cert_file`<br />`BOSHUPDATE_EXPORTER_WEB_TLS_CERTFILE`      | No       |                 | Path to a file that contains the TLS certificate (PEM format). If the certificate is signed by a certificate authority, the file should be the concatenation of the server's certificate, any intermediates, and the CA's certificate |
-| `web.tls.key_file`<br />`BOSHUPDATE_EXPORTER_WEB_TLS_KEYFILE`        | No       |                 | Path to a file that contains the TLS private key (PEM format)                                                                                                                                                                         |
+| Flag / Environment Variable                                          | Required | Default      | Description                                                                                                                                                                                                                           |
+|----------------------------------------------------------------------|----------|--------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `config`<br />`BOSHUPDATE_EXPORTER_CONFIG`                           | No       | `config.yml` | Path to configuration file                                                                                                                                                                                                            |
+| `metrics.namespace`<br />`BOSHUPDATE_EXPORTER_METRICS_NAMESPACE`     | No       | `boshupdate` | Metrics Namespace                                                                                                                                                                                                                     |
+| `metrics.environment`<br />`BOSHUPDATE_EXPORTER_METRICS_ENVIRONMENT` | Yes      |              | `environment` label to be attached to metrics                                                                                                                                                                                         |
+| `web.listen-address`<br />`BOSHUPDATE_EXPORTER_WEB_LISTEN_ADDRESS`   | No       | `:9362`      | Address to listen on for web interface and telemetry                                                                                                                                                                                  |
+| `web.telemetry-path`<br />`BOSHUPDATE_EXPORTER_WEB_TELEMETRY_PATH`   | No       | `/metrics`   | Path under which to expose Prometheus metrics                                                                                                                                                                                         |
+| `web.auth.username`<br />`BOSHUPDATE_EXPORTER_WEB_AUTH_USERNAME`     | No       |              | Username for web interface basic auth                                                                                                                                                                                                 |
+| `web.auth.password`<br />`BOSHUPDATE_EXPORTER_WEB_AUTH_PASSWORD`     | No       |              | Password for web interface basic auth                                                                                                                                                                                                 |
+| `web.tls.cert_file`<br />`BOSHUPDATE_EXPORTER_WEB_TLS_CERTFILE`      | No       |              | Path to a file that contains the TLS certificate (PEM format). If the certificate is signed by a certificate authority, the file should be the concatenation of the server's certificate, any intermediates, and the CA's certificate |
+| `web.tls.key_file`<br />`BOSHUPDATE_EXPORTER_WEB_TLS_KEYFILE`        | No       |              | Path to a file that contains the TLS private key (PEM format)                                                                                                                                                                         |
 
 
 ### Metrics
@@ -152,7 +152,7 @@ The exporter returns the following  metrics:
 | Metric                                             | Description                                                                                   | Labels                                                                                                                                 |
 |----------------------------------------------------|-----------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------|
 | *metrics.namespace*_manifest_release               | Seconds from epoch since canonical manifest version if out-of-date, 0 means up-to-date        | `environment`, `name`, `version`, `owner`, `repo`                                                                                      |
-| *metrics.namespace*_manifest_bosh_release_info     | Information about recommended bosh releases used by last available canonical manifest release | `environment`, `manifest_name`, `onwer`, `repo`, `boshrelease_name`, `boshrelease_version`, `boshrelease_url`                          |
+| *metrics.namespace*_manifest_bosh_release_info     | Information about recommended bosh releases used by last available canonical manifest release | `environment`, `manifest_name`, `owner`, `repo`, `boshrelease_name`, `boshrelease_version`, `boshrelease_url`                          |
 | *metrics.namespace*_generic_release                | Seconds from epoch since repository version is out-of-date, 0 means up-to-date                | `environment`, `name`, `version`, `owner`, `repo`                                                                                      |
 | *metrics.namespace*_deployment_status              | Seconds from epoch since deployment is out-of-date, 0 means up-to-date                        | `environment`, `name`, `current`, `latest`                                                                                             |
 | *metrics.namespace*_deployment_bosh_release_status | Seconds from epoch since bosh release is out-of-date, 0 means up-to-date                      | `environment`, `manifest_name`, `manifest_current`, `manifest_latest`, `boshrelease_name`, `boshrelease_current`, `boshrelease_latest` |

boshupdate/bosh.go

@@ -128,7 +128,7 @@ func NewDirector(config BoshConfig) (director.Director, error) {
 		uaaURL := infos.Auth.Options["url"]
 		uaaURLStr, ok := uaaURL.(string)
 		if !ok {
-			return nil, fmt.Errorf("Expected UAA URL '%s' to be a string", uaaURL)
+			return nil, fmt.Errorf("expected UAA URL '%s' to be a string", uaaURL)
 		}
 		uaaCli, err := buildUAA(uaaURLStr, config, log)
 		if err != nil {

boshupdate/models.go

@@ -16,7 +16,7 @@ func (s *Formatter) Format(ref string) string {
 	return re.ReplaceAllString(ref, s.Replace)
 }
 
-// Match -
+// DoesMatch -
 func (s *Formatter) DoesMatch(ref string) bool {
 	re := regexp.MustCompile(s.Match)
 	return re.MatchString(ref)

go.mod

@@ -1,8 +1,6 @@
 module github.com/orange-cloudfoundry/boshupdate_exporter
 
-go 1.22
-
-toolchain go1.22.0
+go 1.22.3
 
 require (
 	github.com/Masterminds/semver v1.5.0
@@ -35,7 +33,7 @@ require (
 	github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d // indirect
 	github.com/pivotal-cf/paraphernalia v0.0.0-20180203224945-a64ae2051c20 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
-	github.com/prometheus/procfs v0.14.0 // indirect
+	github.com/prometheus/procfs v0.15.0 // indirect
 	github.com/xhit/go-str2duration/v2 v2.1.0 // indirect
 	golang.org/x/crypto v0.23.0 // indirect
 	golang.org/x/net v0.25.0 // indirect

go.sum

@@ -78,8 +78,8 @@ github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p
 github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
 github.com/prometheus/common v0.53.0 h1:U2pL9w9nmJwJDa4qqLQ3ZaePJ6ZTwt7cMD3AG3+aLCE=
 github.com/prometheus/common v0.53.0/go.mod h1:BrxBKv3FWBIGXw89Mg1AeBq7FSyRzXWI3l3e7W3RN5U=
-github.com/prometheus/procfs v0.14.0 h1:Lw4VdGGoKEZilJsayHf0B+9YgLGREba2C6xr+Fdfq6s=
-github.com/prometheus/procfs v0.14.0/go.mod h1:XL+Iwz8k8ZabyZfMFHPiilCniixqQarAy5Mu67pHlNQ=
+github.com/prometheus/procfs v0.15.0 h1:A82kmvXJq2jTu5YUhSGNlYoxh85zLnKgPz4bMZgI5Ek=
+github.com/prometheus/procfs v0.15.0/go.mod h1:Y0RJ/Y5g5wJpkTisOtqwDSo4HwhGmLB4VQSw2sQJLHk=
 github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
 github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=