bump go 1.23; implement one iter.Seq (#14353)

* bump go 1.23; implement one iter.Seq

* fix linter issues

.github/actions/setup-go/action.yml

@@ -34,6 +34,7 @@ runs:
       with:
         go-version-file: ${{ inputs.go-version-file }}
         cache: false
+        check-latest: true
 
     - name: Get branch name
       if: ${{ inputs.only-modules == 'false' }}

.github/workflows/find-new-flaky-tests.yml

@@ -95,7 +95,6 @@ jobs:
       - name: Set up Go 1.21.9
         uses: actions/[email protected]
         with:
-          go-version: '1.21.9'
           cache: false
 
       - name: Install flakeguard

.github/workflows/integration-tests.yml

@@ -148,7 +148,7 @@ jobs:
       - name: Lint Go
         uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0
         with:
-          version: v1.59.1
+          version: v1.62.0
           # We already cache these directories in setup-go
           skip-pkg-cache: true
           skip-build-cache: true

.tool-versions

@@ -1,4 +1,4 @@
-golang 1.22.8
+golang 1.23.3
 mockery 2.46.3
 nodejs 20.13.1
 pnpm 9.4.0

core/chainlink.Dockerfile

@@ -1,5 +1,5 @@
 # Build image: Chainlink binary
-FROM golang:1.22-bullseye as buildgo
+FROM golang:1.23-bullseye as buildgo
 RUN go version
 WORKDIR /chainlink
 
@@ -31,7 +31,7 @@ RUN go list -m -f "{{.Dir}}" github.com/smartcontractkit/chainlink-feeds | xargs
 RUN go list -m -f "{{.Dir}}" github.com/smartcontractkit/chainlink-solana | xargs -I % ln -s % /chainlink-solana
 
 # Build image: Plugins
-FROM golang:1.22-bullseye as buildplugins
+FROM golang:1.23-bullseye as buildplugins
 RUN go version
 
 WORKDIR /chainlink-feeds

core/cmd/admin_commands.go

@@ -374,6 +374,7 @@ func (s *Shell) Profile(c *cli.Context) error {
 					}
 					respContent := string(b)
 					// taken from pprof.Profile https://github.com/golang/go/blob/release-branch.go1.20/src/net/http/pprof/pprof.go#L133
+					// note: no longer triggers as of 1.23
 					if strings.Contains(respContent, "profile duration exceeds server's WriteTimeout") {
 						errs <- fmt.Errorf("%w: %s", ErrProfileTooLong, respContent)
 					} else {

core/cmd/shell_remote_test.go

@@ -463,36 +463,6 @@ func TestShell_ChangePassword(t *testing.T) {
 	require.Contains(t, err.Error(), "Unauthorized")
 }
 
-func TestShell_Profile_InvalidSecondsParam(t *testing.T) {
-	t.Parallel()
-
-	app := startNewApplicationV2(t, nil)
-	u := cltest.NewUserWithSession(t, app.AuthenticationProvider())
-	enteredStrings := []string{u.Email, cltest.Password}
-	prompter := &cltest.MockCountingPrompter{T: t, EnteredStrings: enteredStrings}
-
-	client := app.NewAuthenticatingShell(prompter)
-
-	set := flag.NewFlagSet("test", 0)
-	flagSetApplyFromAction(client.RemoteLogin, set, "")
-
-	require.NoError(t, set.Set("file", "../internal/fixtures/apicredentials"))
-	require.NoError(t, set.Set("bypass-version-check", "true"))
-
-	c := cli.NewContext(nil, set, nil)
-	err := client.RemoteLogin(c)
-	require.NoError(t, err)
-
-	// pick a value larger than the default http service write timeout
-	d := app.Config.WebServer().HTTPWriteTimeout() + 2*time.Second
-	set.Uint("seconds", uint(d.Seconds()), "")
-	tDir := t.TempDir()
-	set.String("output_dir", tDir, "")
-	err = client.Profile(cli.NewContext(nil, set, nil))
-	wantErr := cmd.ErrProfileTooLong
-	require.ErrorAs(t, err, &wantErr)
-}
-
 func TestShell_Profile(t *testing.T) {
 	t.Parallel()
 

core/platform/monitoring.go

@@ -1,5 +1,10 @@
 package platform
 
+import (
+	"iter"
+	"slices"
+)
+
 // Observability keys
 const (
 	KeyCapabilityID        = "capabilityID"
@@ -12,4 +17,13 @@ const (
 	KeyStepRef             = "stepRef"
 )
 
-var OrderedLabelKeys = []string{KeyStepRef, KeyStepID, KeyTriggerID, KeyCapabilityID, KeyWorkflowExecutionID, KeyWorkflowID}
+func LabelKeysSorted() iter.Seq[string] {
+	return slices.Values([]string{
+		KeyStepRef,
+		KeyStepID,
+		KeyTriggerID,
+		KeyCapabilityID,
+		KeyWorkflowExecutionID,
+		KeyWorkflowID,
+	})
+}

core/scripts/go.mod

@@ -1,6 +1,6 @@
 module github.com/smartcontractkit/chainlink/core/scripts
 
-go 1.22.8
+go 1.23
 
 // Make sure we're working with the latest chainlink libs
 replace github.com/smartcontractkit/chainlink/v2 => ../../

core/services/keystore/keys/ocrkey/key_v2_test.go

@@ -0,0 +1,38 @@
+package ocrkey_test
+
+import (
+	"math/big"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+
+	"github.com/smartcontractkit/chainlink/v2/core/services/keystore/keys/ocrkey"
+)
+
+func assertKeyBundlesNotEqual(t *testing.T, pk1 ocrkey.KeyV2, pk2 ocrkey.KeyV2) {
+	assert.NotEqual(t, pk1.ID(), pk2.ID())
+	assert.NotEqual(t, pk1.ExportedOnChainSigning().X, pk2.ExportedOnChainSigning().X)
+	assert.NotEqual(t, pk1.ExportedOnChainSigning().Y, pk2.ExportedOnChainSigning().Y)
+	assert.NotEqual(t, pk1.ExportedOnChainSigning().D, pk2.ExportedOnChainSigning().D)
+	assert.NotEqual(t, pk1.ExportedOffChainSigning().PublicKey(), pk2.ExportedOffChainSigning().PublicKey())
+	assert.NotEqual(t, pk1.ExportedOffChainEncryption(), pk2.ExportedOffChainEncryption())
+}
+
+func TestOCRKeys_New(t *testing.T) {
+	t.Parallel()
+	pk1, err := ocrkey.NewV2()
+	require.NoError(t, err)
+	pk2, err := ocrkey.NewV2()
+	require.NoError(t, err)
+	pk3, err := ocrkey.NewV2()
+	require.NoError(t, err)
+	assertKeyBundlesNotEqual(t, pk1, pk2)
+	assertKeyBundlesNotEqual(t, pk1, pk3)
+	assertKeyBundlesNotEqual(t, pk2, pk3)
+}
+func TestOCRKeys_Raw_Key(t *testing.T) {
+	t.Parallel()
+	key := ocrkey.MustNewV2XXXTestingOnly(big.NewInt(1))
+	require.Equal(t, key.ID(), key.Raw().Key().ID())
+}

core/services/workflows/engine.go

@@ -1294,7 +1294,7 @@ func (e *workflowError) Error() string {
 	}
 
 	// prefix the error with the labels
-	for _, label := range platform.OrderedLabelKeys {
+	for label := range platform.LabelKeysSorted() {
 		// This will silently ignore any labels that are not present in the map
 		// are we ok with this?
 		if value, ok := e.labels[label]; ok {

deployment/go.mod

@@ -1,6 +1,6 @@
 module github.com/smartcontractkit/chainlink/deployment
 
-go 1.22.8
+go 1.23
 
 // Make sure we're working with the latest chainlink libs
 replace github.com/smartcontractkit/chainlink/v2 => ../

go.mod

@@ -1,6 +1,6 @@
 module github.com/smartcontractkit/chainlink/v2
 
-go 1.22.8
+go 1.23
 
 require (
 	github.com/Depado/ginprom v1.8.0

integration-tests/.tool-versions

@@ -1,4 +1,4 @@
-golang 1.22.8
+golang 1.23.3
 k3d 5.4.6
 kubectl 1.25.5
 nodejs 20.13.1

integration-tests/actions/actions.go

@@ -350,27 +350,31 @@ func SendFunds(logger zerolog.Logger, client *seth.Client, payload FundsToSendPa
 		return nil, err
 	}
 
-	var gasLimit int64
-	gasLimitRaw, err := client.EstimateGasLimitForFundTransfer(fromAddress, payload.ToAddress, payload.Amount)
+	gasLimit, err := client.EstimateGasLimitForFundTransfer(fromAddress, payload.ToAddress, payload.Amount)
 	if err != nil {
-		gasLimit = client.Cfg.Network.TransferGasFee
-	} else {
-		gasLimit = int64(gasLimitRaw)
+		transferGasFee := client.Cfg.Network.TransferGasFee
+		if transferGasFee < 0 {
+			return nil, fmt.Errorf("negative transfer gas fee: %d", transferGasFee)
+		}
+		gasLimit = uint64(transferGasFee)
 	}
 
 	gasPrice := big.NewInt(0)
 	gasFeeCap := big.NewInt(0)
 	gasTipCap := big.NewInt(0)
 
 	if payload.GasLimit != nil {
-		gasLimit = *payload.GasLimit
+		if *payload.GasLimit < 0 {
+			return nil, fmt.Errorf("negative gas limit: %d", *payload.GasLimit)
+		}
+		gasLimit = uint64(*payload.GasLimit)
 	}
 
 	if client.Cfg.Network.EIP1559DynamicFees {
 		// if any of the dynamic fees are not set, we need to either estimate them or read them from config
 		if payload.GasFeeCap == nil || payload.GasTipCap == nil {
 			// estimation or config reading happens here
-			txOptions := client.NewTXOpts(seth.WithGasLimit(uint64(gasLimit)))
+			txOptions := client.NewTXOpts(seth.WithGasLimit(gasLimit))
 			gasFeeCap = txOptions.GasFeeCap
 			gasTipCap = txOptions.GasTipCap
 		}
@@ -385,7 +389,7 @@ func SendFunds(logger zerolog.Logger, client *seth.Client, payload FundsToSendPa
 		}
 	} else {
 		if payload.GasPrice == nil {
-			txOptions := client.NewTXOpts(seth.WithGasLimit(uint64(gasLimit)))
+			txOptions := client.NewTXOpts(seth.WithGasLimit(gasLimit))
 			gasPrice = txOptions.GasPrice
 		} else {
 			gasPrice = payload.GasPrice
@@ -399,7 +403,7 @@ func SendFunds(logger zerolog.Logger, client *seth.Client, payload FundsToSendPa
 			Nonce:     nonce,
 			To:        &payload.ToAddress,
 			Value:     payload.Amount,
-			Gas:       uint64(gasLimit),
+			Gas:       gasLimit,
 			GasFeeCap: gasFeeCap,
 			GasTipCap: gasTipCap,
 		}
@@ -408,7 +412,7 @@ func SendFunds(logger zerolog.Logger, client *seth.Client, payload FundsToSendPa
 			Nonce:    nonce,
 			To:       &payload.ToAddress,
 			Value:    payload.Amount,
-			Gas:      uint64(gasLimit),
+			Gas:      gasLimit,
 			GasPrice: gasPrice,
 		}
 	}
@@ -429,7 +433,7 @@ func SendFunds(logger zerolog.Logger, client *seth.Client, payload FundsToSendPa
 		Str("To", payload.ToAddress.Hex()).
 		Str("Amount (wei/ether)", fmt.Sprintf("%s/%s", payload.Amount, conversions.WeiToEther(payload.Amount).Text('f', -1))).
 		Uint64("Nonce", nonce).
-		Int64("Gas Limit", gasLimit).
+		Uint64("Gas Limit", gasLimit).
 		Str("Gas Price", gasPrice.String()).
 		Str("Gas Fee Cap", gasFeeCap.String()).
 		Str("Gas Tip Cap", gasTipCap.String()).
@@ -449,7 +453,7 @@ func SendFunds(logger zerolog.Logger, client *seth.Client, payload FundsToSendPa
 		Str("TxHash", signedTx.Hash().String()).
 		Str("Amount (wei/ether)", fmt.Sprintf("%s/%s", payload.Amount, conversions.WeiToEther(payload.Amount).Text('f', -1))).
 		Uint64("Nonce", nonce).
-		Int64("Gas Limit", gasLimit).
+		Uint64("Gas Limit", gasLimit).
 		Str("Gas Price", gasPrice.String()).
 		Str("Gas Fee Cap", gasFeeCap.String()).
 		Str("Gas Tip Cap", gasTipCap.String()).
@@ -1038,7 +1042,7 @@ func GetLatestFinalizedBlockHeader(ctx context.Context, client *seth.Client, net
 	}
 	latestBlockNumber := header.Number.Uint64()
 	finalizedBlockNumber := latestBlockNumber - network.FinalityDepth
-	return client.Client.HeaderByNumber(ctx, big.NewInt(int64(finalizedBlockNumber)))
+	return client.Client.HeaderByNumber(ctx, new(big.Int).SetUint64(finalizedBlockNumber))
 }
 
 // SendLinkFundsToDeploymentAddresses sends LINK token to all addresses, but the root one, from the root address. It uses
@@ -1241,7 +1245,7 @@ func GetStalenessReportCleanupFn(t *testing.T, logger zerolog.Logger, chainClien
 			endBlock, err := chainClient.Client.BlockNumber(context.Background())
 			require.NoError(t, err, "Failed to get end block")
 
-			total, ok, reverted, stale, err := GenerateUpkeepReport(t, chainClient, big.NewInt(int64(startBlock)), big.NewInt(int64(endBlock)), registry, registryVersion)
+			total, ok, reverted, stale, err := GenerateUpkeepReport(t, chainClient, new(big.Int).SetUint64(startBlock), new(big.Int).SetUint64(endBlock), registry, registryVersion)
 			require.NoError(t, err, "Failed to get staleness data")
 			if stale > 0 || reverted > 0 {
 				logger.Warn().Int("Total upkeeps", total).Int("Successful upkeeps", ok).Int("Reverted Upkeeps", reverted).Int("Stale Upkeeps", stale).Msg("Staleness data")

integration-tests/actions/automationv2/actions.go

@@ -7,6 +7,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"math"
 	"math/big"
 	"strings"
 	"testing"
@@ -642,10 +643,15 @@ func calculateOCR2ConfigArgs(a *AutomationTest, S []int, oracleIdentities []conf
 		MaxUpkeepBatchSize:   a.PluginConfig.MaxUpkeepBatchSize,
 	})
 
+	rMax := a.PublicConfig.RMax
+	if rMax > math.MaxUint8 {
+		panic(fmt.Errorf("rmax overflows uint8: %d", rMax))
+	}
+
 	return ocr2.ContractSetConfigArgsForTests(
 		a.PublicConfig.DeltaProgress, a.PublicConfig.DeltaResend,
 		a.PublicConfig.DeltaRound, a.PublicConfig.DeltaGrace,
-		a.PublicConfig.DeltaStage, uint8(a.PublicConfig.RMax),
+		a.PublicConfig.DeltaStage, uint8(rMax),
 		S, oracleIdentities, offC,
 		nil,
 		a.PublicConfig.MaxDurationQuery, a.PublicConfig.MaxDurationObservation,

integration-tests/actions/keeper_helpers.go

@@ -670,15 +670,14 @@ Distribute your funds across multiple private keys and update your configuration
 func GetAndAssertCorrectConcurrency(client *seth.Client, minConcurrency int) (int, error) {
 	concurrency := client.Cfg.GetMaxConcurrency()
 
-	var msg string
-	if client.Cfg.IsSimulatedNetwork() {
-		msg = fmt.Sprintf(INSUFFICIENT_EPHEMERAL_KEYS, concurrency)
-	} else {
-		msg = fmt.Sprintf(INSUFFICIENT_STATIC_KEYS, concurrency)
-	}
-
 	if concurrency < minConcurrency {
-		return 0, fmt.Errorf(msg)
+		var err error
+		if client.Cfg.IsSimulatedNetwork() {
+			err = fmt.Errorf(INSUFFICIENT_EPHEMERAL_KEYS, concurrency)
+		} else {
+			err = fmt.Errorf(INSUFFICIENT_STATIC_KEYS, concurrency)
+		}
+		return 0, err
 	}
 
 	return concurrency, nil

integration-tests/actions/refund.go

@@ -5,6 +5,7 @@ import (
 	"crypto/ecdsa"
 	"encoding/json"
 	"fmt"
+	"math"
 	"math/big"
 	"regexp"
 	"strconv"
@@ -343,6 +344,9 @@ func returnAllFundsIfPossible(log zerolog.Logger, sethClient *seth.Client, fromP
 	if err != nil {
 		gasLimit = sethClient.Cfg.Network.TransferGasFee
 	} else {
+		if gasLimitRaw > math.MaxInt64 {
+			return fmt.Errorf("gas limit overflows int64: %d", gasLimitRaw)
+		}
 		gasLimit = int64(gasLimitRaw)
 	}
 

integration-tests/actions/vrf/vrfv2plus/setup_steps.go

@@ -105,7 +105,7 @@ func SetupVRFV2_5Environment(
 		return nil, nil, nil, err
 	}
 	l.Info().Str("Coordinator", vrfContracts.CoordinatorV2Plus.Address()).Msg("Registering Proving Key")
-	provingKey, err := VRFV2_5RegisterProvingKey(vrfKey, vrfContracts.CoordinatorV2Plus, uint64(assets.GWei(*configGeneral.CLNodeMaxGasPriceGWei).Int64()))
+	provingKey, err := VRFV2_5RegisterProvingKey(vrfKey, vrfContracts.CoordinatorV2Plus, assets.GWei(*configGeneral.CLNodeMaxGasPriceGWei).ToInt().Uint64())
 	if err != nil {
 		return nil, nil, nil, fmt.Errorf(vrfcommon.ErrGenericFormat, vrfcommon.ErrRegisteringProvingKey, err)
 	}