ory · zepatrik · Jul 31, 2024 · Jul 30, 2024 · Jul 30, 2024 · Jul 30, 2024
@@ -48,15 +48,15 @@ jobs:
         uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: ${{ steps.grype-scan.outputs.sarif }}
-      - name: Kubescape scanner
-        uses: kubescape/github-action@main
-        id: kubescape
-        with:
-          image: oryd/kratos:${{ env.SHA_SHORT }}
-          verbose: true
-          format: pretty-printer
-          # can't whitelist CVE yet: https://github.com/kubescape/kubescape/pull/1568
-          severityThreshold: critical
+      #      - name: Kubescape scanner
+      #        uses: kubescape/github-action@main
+      #        id: kubescape
+      #        with:
+      #          verbose: true
+      #          format: pretty-printer
+      #          # can't whitelist CVE yet: https://github.com/kubescape/kubescape/pull/1568
+      #          image: oryd/kratos:${{ env.SHA_SHORT }}
+      #          severityThreshold: critical
       - name: Trivy Scanner
         uses: aquasecurity/trivy-action@master
         if: ${{ always() }}
@@ -89,5 +89,5 @@ jobs:
         shell: bash
         run: |
           echo "::group::Hadolint Scan Details"
-          echo "${HADOLINT_RESULTS}" | jq '.' 
+          echo "${HADOLINT_RESULTS}" | jq '.'
           echo "::endgroup::"
@@ -17,14 +17,14 @@
 	"github.com/ory/x/fetcher"
 
 	"github.com/Masterminds/sprig/v3"
-	lru "github.com/hashicorp/golang-lru"
+	lru "github.com/hashicorp/golang-lru/v2"
 	"github.com/pkg/errors"
 )
 
 //go:embed courier/builtin/templates/*
 var templates embed.FS
 
-var Cache, _ = lru.New(16)
+var Cache, _ = lru.New[string, Template](16)
 
 type Template interface {
 	Execute(wr io.Writer, data interface{}) error
@@ -36,7 +36,7 @@
 
 func loadBuiltInTemplate(filesystem fs.FS, name string, html bool) (Template, error) {
 	if t, found := Cache.Get(name); found {
-		return t.(Template), nil
+		return t, nil
 	}
 
 	file, err := filesystem.Open(name)
@@ -77,18 +77,16 @@
 }
 
 func loadRemoteTemplate(ctx context.Context, d templateDependencies, url string, html bool) (t Template, err error) {
-	var b []byte
 	if t, found := Cache.Get(url); found {
-		b = t.([]byte)
-	} else {
-		f := fetcher.NewFetcher(fetcher.WithClient(d.HTTPClient(ctx)))
-		bb, err := f.FetchContext(ctx, url)
-		if err != nil {
-			return nil, errors.WithStack(err)
-		}
-		b = bb.Bytes()
-		_ = Cache.Add(url, b)
+		return t, nil
+	}
+
+	f := fetcher.NewFetcher(fetcher.WithClient(d.HTTPClient(ctx)))
+	bb, err := f.FetchContext(ctx, url)
+	if err != nil {
+		return nil, errors.WithStack(err)
 	}
+	b := bb.Bytes()
 
 	if html {
 		t, err = htemplate.New(url).Funcs(sprig.HermeticHtmlFuncMap()).Parse(string(b))
@@ -101,13 +99,14 @@
 			return nil, errors.WithStack(err)
 		}
 	}
+	Cache.Add(url, t)
 
 	return t, nil
 }
 
 func loadTemplate(filesystem fs.FS, name, pattern string, html bool) (Template, error) {
 	if t, found := Cache.Get(name); found {
-		return t.(Template), nil
+		return t, nil
 	}
 
 	matches, _ := fs.Glob(filesystem, name)

@@ -21,7 +21,7 @@ import (
 	"github.com/ory/kratos/internal"
 	"github.com/ory/x/fetcher"
 
-	lru "github.com/hashicorp/golang-lru"
+	lru "github.com/hashicorp/golang-lru/v2"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
@@ -51,20 +51,20 @@ func TestLoadTextTemplate(t *testing.T) {
 	})
 
 	t.Run("method=fallback to bundled", func(t *testing.T) {
-		template.Cache, _ = lru.New(16) // prevent Cache hit
+		template.Cache, _ = lru.New[string, template.Template](16) // prevent Cache hit
 		actual := executeTextTemplate(t, "some/inexistent/dir", "test_stub/email.body.gotmpl", "", nil)
 		assert.Contains(t, actual, "stub email")
 	})
 
 	t.Run("method=with Sprig functions", func(t *testing.T) {
-		template.Cache, _ = lru.New(16)                     // prevent Cache hit
-		m := map[string]interface{}{"input": "hello world"} // create a simple model
+		template.Cache, _ = lru.New[string, template.Template](16) // prevent Cache hit
+		m := map[string]interface{}{"input": "hello world"}        // create a simple model
 		actual := executeTextTemplate(t, "courier/builtin/templates/test_stub", "email.body.sprig.gotmpl", "", m)
 		assert.Contains(t, actual, "HelloWorld,HELLOWORLD")
 	})
 
 	t.Run("method=sprig should not support non-hermetic", func(t *testing.T) {
-		template.Cache, _ = lru.New(16)
+		template.Cache, _ = lru.New[string, template.Template](16)
 		ctx := context.Background()
 		_, reg := internal.NewFastRegistryWithMocks(t)
 
@@ -80,8 +80,8 @@ func TestLoadTextTemplate(t *testing.T) {
 	})
 
 	t.Run("method=html with nested templates", func(t *testing.T) {
-		template.Cache, _ = lru.New(16)              // prevent Cache hit
-		m := map[string]interface{}{"lang": "en_US"} // create a simple model
+		template.Cache, _ = lru.New[string, template.Template](16) // prevent Cache hit
+		m := map[string]interface{}{"lang": "en_US"}               // create a simple model
 		actual := executeHTMLTemplate(t, "courier/builtin/templates/test_stub", "email.body.html.gotmpl", "email.body.html*", m)
 		assert.Contains(t, actual, "lang=en_US")
 	})