Deprecate use of ioutil package (grpc#5906)

Resolves grpc#5897
cl1111 · Jan 3, 2023 · f2fbb0e · f2fbb0e
1 parent 8ec85e4
commit f2fbb0e
Show file tree

Hide file tree

Showing 36 changed files with 118 additions and 132 deletions.
diff --git a/authz/grpc_authz_end2end_test.go b/authz/grpc_authz_end2end_test.go
@@ -23,7 +23,6 @@ import (
 	"crypto/tls"
 	"crypto/x509"
 	"io"
-	"io/ioutil"
 	"net"
 	"os"
 	"testing"
@@ -434,9 +433,9 @@ func (s) TestAllowsRPCRequestWithPrincipalsFieldOnMTLSAuthenticatedConnection(t
 	if err != nil {
 		t.Fatalf("tls.LoadX509KeyPair(x509/server1_cert.pem, x509/server1_key.pem) failed: %v", err)
 	}
-	ca, err := ioutil.ReadFile(testdata.Path("x509/client_ca_cert.pem"))
+	ca, err := os.ReadFile(testdata.Path("x509/client_ca_cert.pem"))
 	if err != nil {
-		t.Fatalf("ioutil.ReadFile(x509/client_ca_cert.pem) failed: %v", err)
+		t.Fatalf("os.ReadFile(x509/client_ca_cert.pem) failed: %v", err)
 	}
 	certPool := x509.NewCertPool()
 	if !certPool.AppendCertsFromPEM(ca) {
@@ -464,9 +463,9 @@ func (s) TestAllowsRPCRequestWithPrincipalsFieldOnMTLSAuthenticatedConnection(t
 	if err != nil {
 		t.Fatalf("tls.LoadX509KeyPair(x509/client1_cert.pem, x509/client1_key.pem) failed: %v", err)
 	}
-	ca, err = ioutil.ReadFile(testdata.Path("x509/server_ca_cert.pem"))
+	ca, err = os.ReadFile(testdata.Path("x509/server_ca_cert.pem"))
 	if err != nil {
-		t.Fatalf("ioutil.ReadFile(x509/server_ca_cert.pem) failed: %v", err)
+		t.Fatalf("os.ReadFile(x509/server_ca_cert.pem) failed: %v", err)
 	}
 	roots := x509.NewCertPool()
 	if !roots.AppendCertsFromPEM(ca) {
@@ -602,8 +601,8 @@ func (s) TestFileWatcher_ValidPolicyRefresh(t *testing.T) {
 
 	// Rewrite the file with a different valid authorization policy.
 	valid2 := authzTests["AllowsRPCEmptyDenyMatchInAllow"]
-	if err := ioutil.WriteFile(file, []byte(valid2.authzPolicy), os.ModePerm); err != nil {
-		t.Fatalf("ioutil.WriteFile(%q) failed: %v", file, err)
+	if err := os.WriteFile(file, []byte(valid2.authzPolicy), os.ModePerm); err != nil {
+		t.Fatalf("os.WriteFile(%q) failed: %v", file, err)
 	}
 
 	// Verifying authorization decision.
@@ -649,8 +648,8 @@ func (s) TestFileWatcher_InvalidPolicySkipReload(t *testing.T) {
 	}
 
 	// Skips the invalid policy update, and continues to use the valid policy.
-	if err := ioutil.WriteFile(file, []byte("{}"), os.ModePerm); err != nil {
-		t.Fatalf("ioutil.WriteFile(%q) failed: %v", file, err)
+	if err := os.WriteFile(file, []byte("{}"), os.ModePerm); err != nil {
+		t.Fatalf("os.WriteFile(%q) failed: %v", file, err)
 	}
 
 	// Wait 40 ms for background go routine to read updated files.
@@ -700,8 +699,8 @@ func (s) TestFileWatcher_RecoversFromReloadFailure(t *testing.T) {
 	}
 
 	// Skips the invalid policy update, and continues to use the valid policy.
-	if err := ioutil.WriteFile(file, []byte("{}"), os.ModePerm); err != nil {
-		t.Fatalf("ioutil.WriteFile(%q) failed: %v", file, err)
+	if err := os.WriteFile(file, []byte("{}"), os.ModePerm); err != nil {
+		t.Fatalf("os.WriteFile(%q) failed: %v", file, err)
 	}
 
 	// Wait 120 ms for background go routine to read updated files.
@@ -715,8 +714,8 @@ func (s) TestFileWatcher_RecoversFromReloadFailure(t *testing.T) {
 
 	// Rewrite the file with a different valid authorization policy.
 	valid2 := authzTests["AllowsRPCEmptyDenyMatchInAllow"]
-	if err := ioutil.WriteFile(file, []byte(valid2.authzPolicy), os.ModePerm); err != nil {
-		t.Fatalf("ioutil.WriteFile(%q) failed: %v", file, err)
+	if err := os.WriteFile(file, []byte(valid2.authzPolicy), os.ModePerm); err != nil {
+		t.Fatalf("os.WriteFile(%q) failed: %v", file, err)
 	}
 
 	// Verifying authorization decision.

diff --git a/authz/grpc_authz_server_interceptors.go b/authz/grpc_authz_server_interceptors.go
@@ -20,7 +20,7 @@ import (
 	"bytes"
 	"context"
 	"fmt"
-	"io/ioutil"
+	"os"
 	"sync/atomic"
 	"time"
 	"unsafe"
@@ -140,7 +140,7 @@ func (i *FileWatcherInterceptor) run(ctx context.Context) {
 // constructor, if there is an error in reading the file or parsing the policy, the
 // previous internalInterceptors will not be replaced.
 func (i *FileWatcherInterceptor) updateInternalInterceptor() error {
-	policyContents, err := ioutil.ReadFile(i.policyFile)
+	policyContents, err := os.ReadFile(i.policyFile)
 	if err != nil {
 		return fmt.Errorf("policyFile(%s) read failed: %v", i.policyFile, err)
 	}

diff --git a/authz/grpc_authz_server_interceptors_test.go b/authz/grpc_authz_server_interceptors_test.go
@@ -20,7 +20,6 @@ package authz_test
 
 import (
 	"fmt"
-	"io/ioutil"
 	"os"
 	"path"
 	"testing"
@@ -34,15 +33,15 @@ func createTmpPolicyFile(t *testing.T, dirSuffix string, policy []byte) string {
 
 	// Create a temp directory. Passing an empty string for the first argument
 	// uses the system temp directory.
-	dir, err := ioutil.TempDir("", dirSuffix)
+	dir, err := os.MkdirTemp("", dirSuffix)
 	if err != nil {
-		t.Fatalf("ioutil.TempDir() failed: %v", err)
+		t.Fatalf("os.MkdirTemp() failed: %v", err)
 	}
 	t.Logf("Using tmpdir: %s", dir)
 	// Write policy into file.
 	filename := path.Join(dir, "policy.json")
-	if err := ioutil.WriteFile(filename, policy, os.ModePerm); err != nil {
-		t.Fatalf("ioutil.WriteFile(%q) failed: %v", filename, err)
+	if err := os.WriteFile(filename, policy, os.ModePerm); err != nil {
+		t.Fatalf("os.WriteFile(%q) failed: %v", filename, err)
 	}
 	t.Logf("Wrote policy %s to file at %s", string(policy), filename)
 	return filename

diff --git a/balancer/rls/control_channel_test.go b/balancer/rls/control_channel_test.go
@@ -24,7 +24,7 @@ import (
 	"crypto/x509"
 	"errors"
 	"fmt"
-	"io/ioutil"
+	"os"
 	"regexp"
 	"testing"
 	"time"
@@ -215,9 +215,9 @@ func makeTLSCreds(t *testing.T, certPath, keyPath, rootsPath string) credentials
 	if err != nil {
 		t.Fatalf("tls.LoadX509KeyPair(%q, %q) failed: %v", certPath, keyPath, err)
 	}
-	b, err := ioutil.ReadFile(testdata.Path(rootsPath))
+	b, err := os.ReadFile(testdata.Path(rootsPath))
 	if err != nil {
-		t.Fatalf("ioutil.ReadFile(%q) failed: %v", rootsPath, err)
+		t.Fatalf("os.ReadFile(%q) failed: %v", rootsPath, err)
 	}
 	roots := x509.NewCertPool()
 	if !roots.AppendCertsFromPEM(b) {

diff --git a/benchmark/benchmain/main.go b/benchmark/benchmain/main.go
@@ -46,7 +46,6 @@ import (
 	"flag"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"log"
 	"net"
 	"os"
@@ -881,5 +880,5 @@ func (nopCompressor) Type() string { return compModeNop }
 // nopDecompressor is a decompressor that just copies data.
 type nopDecompressor struct{}
 
-func (nopDecompressor) Do(r io.Reader) ([]byte, error) { return ioutil.ReadAll(r) }
+func (nopDecompressor) Do(r io.Reader) ([]byte, error) { return io.ReadAll(r) }
 func (nopDecompressor) Type() string                   { return compModeNop }
diff --git a/benchmark/stats/curve.go b/benchmark/stats/curve.go
@@ -23,7 +23,6 @@ import (
 	"encoding/csv"
 	"encoding/hex"
 	"fmt"
-	"io/ioutil"
 	"math"
 	"math/rand"
 	"os"
@@ -81,7 +80,7 @@ func (pcr *payloadCurveRange) chooseRandom() int {
 // sha256file is a helper function that returns a hex string matching the
 // SHA-256 sum of the input file.
 func sha256file(file string) (string, error) {
-	data, err := ioutil.ReadFile(file)
+	data, err := os.ReadFile(file)
 	if err != nil {
 		return "", err
 	}

diff --git a/binarylog/sink.go b/binarylog/sink.go
@@ -24,7 +24,7 @@ package binarylog
 
 import (
 	"fmt"
-	"io/ioutil"
+	"os"
 
 	pb "google.golang.org/grpc/binarylog/grpc_binarylog_v1"
 	iblog "google.golang.org/grpc/internal/binarylog"
@@ -60,7 +60,7 @@ func NewTempFileSink() (Sink, error) {
 	// Two other options to replace this function:
 	// 1. take filename as input.
 	// 2. export NewBufferedSink().
-	tempFile, err := ioutil.TempFile("/tmp", "grpcgo_binarylog_*.txt")
+	tempFile, err := os.CreateTemp("/tmp", "grpcgo_binarylog_*.txt")
 	if err != nil {
 		return nil, fmt.Errorf("failed to create temp file: %v", err)
 	}

diff --git a/credentials/oauth/oauth.go b/credentials/oauth/oauth.go
@@ -22,8 +22,8 @@ package oauth
 import (
 	"context"
 	"fmt"
-	"io/ioutil"
 	"net/url"
+	"os"
 	"sync"
 
 	"golang.org/x/oauth2"
@@ -73,7 +73,7 @@ type jwtAccess struct {
 
 // NewJWTAccessFromFile creates PerRPCCredentials from the given keyFile.
 func NewJWTAccessFromFile(keyFile string) (credentials.PerRPCCredentials, error) {
-	jsonKey, err := ioutil.ReadFile(keyFile)
+	jsonKey, err := os.ReadFile(keyFile)
 	if err != nil {
 		return nil, fmt.Errorf("credentials: failed to read the service account key file: %v", err)
 	}
@@ -192,7 +192,7 @@ func NewServiceAccountFromKey(jsonKey []byte, scope ...string) (credentials.PerR
 // NewServiceAccountFromFile constructs the PerRPCCredentials using the JSON key file
 // of a Google Developers service account.
 func NewServiceAccountFromFile(keyFile string, scope ...string) (credentials.PerRPCCredentials, error) {
-	jsonKey, err := ioutil.ReadFile(keyFile)
+	jsonKey, err := os.ReadFile(keyFile)
 	if err != nil {
 		return nil, fmt.Errorf("credentials: failed to read the service account key file: %v", err)
 	}

diff --git a/credentials/sts/sts.go b/credentials/sts/sts.go
@@ -33,9 +33,10 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"net/url"
+	"os"
 	"sync"
 	"time"
 
@@ -58,8 +59,8 @@ const (
 var (
 	loadSystemCertPool   = x509.SystemCertPool
 	makeHTTPDoer         = makeHTTPClient
-	readSubjectTokenFrom = ioutil.ReadFile
-	readActorTokenFrom   = ioutil.ReadFile
+	readSubjectTokenFrom = os.ReadFile
+	readActorTokenFrom   = os.ReadFile
 	logger               = grpclog.Component("credentials")
 )
 
@@ -306,7 +307,7 @@ func sendRequest(client httpDoer, req *http.Request) ([]byte, error) {
 	// When the http.Client returns a non-nil error, it is the
 	// responsibility of the caller to read the response body till an EOF is
 	// encountered and to close it.
-	body, err := ioutil.ReadAll(resp.Body)
+	body, err := io.ReadAll(resp.Body)
 	resp.Body.Close()
 	if err != nil {
 		return nil, err

diff --git a/credentials/sts/sts_test.go b/credentials/sts/sts_test.go
@@ -25,7 +25,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"net/http/httputil"
 	"strings"
@@ -123,7 +123,7 @@ func makeGoodResponse() *http.Response {
 		TokenType:       "Bearer",
 		ExpiresIn:       3600,
 	})
-	respBody := ioutil.NopCloser(bytes.NewReader(respJSON))
+	respBody := io.NopCloser(bytes.NewReader(respJSON))
 	return &http.Response{
 		Status:     "200 OK",
 		StatusCode: http.StatusOK,
@@ -330,7 +330,7 @@ func (s) TestGetRequestMetadataCacheExpiry(t *testing.T) {
 			TokenType:       "Bearer",
 			ExpiresIn:       expiresInSecs,
 		})
-		respBody := ioutil.NopCloser(bytes.NewReader(respJSON))
+		respBody := io.NopCloser(bytes.NewReader(respJSON))
 		resp := &http.Response{
 			Status:     "200 OK",
 			StatusCode: http.StatusOK,
@@ -366,15 +366,15 @@ func (s) TestGetRequestMetadataBadResponses(t *testing.T) {
 			response: &http.Response{
 				Status:     "200 OK",
 				StatusCode: http.StatusOK,
-				Body:       ioutil.NopCloser(strings.NewReader("not JSON")),
+				Body:       io.NopCloser(strings.NewReader("not JSON")),
 			},
 		},
 		{
 			name: "no access token",
 			response: &http.Response{
 				Status:     "200 OK",
 				StatusCode: http.StatusOK,
-				Body:       ioutil.NopCloser(strings.NewReader("{}")),
+				Body:       io.NopCloser(strings.NewReader("{}")),
 			},
 		},
 	}
@@ -669,7 +669,7 @@ func (s) TestSendRequest(t *testing.T) {
 			resp: &http.Response{
 				Status:     "200 OK",
 				StatusCode: http.StatusOK,
-				Body:       ioutil.NopCloser(errReader{}),
+				Body:       io.NopCloser(errReader{}),
 			},
 			wantErr: true,
 		},
@@ -678,7 +678,7 @@ func (s) TestSendRequest(t *testing.T) {
 			resp: &http.Response{
 				Status:     "400 BadRequest",
 				StatusCode: http.StatusBadRequest,
-				Body:       ioutil.NopCloser(strings.NewReader("")),
+				Body:       io.NopCloser(strings.NewReader("")),
 			},
 			wantErr: true,
 		},

diff --git a/credentials/tls.go b/credentials/tls.go
@@ -23,9 +23,9 @@ import (
 	"crypto/tls"
 	"crypto/x509"
 	"fmt"
-	"io/ioutil"
 	"net"
 	"net/url"
+	"os"
 
 	credinternal "google.golang.org/grpc/internal/credentials"
 )
@@ -166,7 +166,7 @@ func NewClientTLSFromCert(cp *x509.CertPool, serverNameOverride string) Transpor
 // it will override the virtual host name of authority (e.g. :authority header
 // field) in requests.
 func NewClientTLSFromFile(certFile, serverNameOverride string) (TransportCredentials, error) {
-	b, err := ioutil.ReadFile(certFile)
+	b, err := os.ReadFile(certFile)
 	if err != nil {
 		return nil, err
 	}

diff --git a/credentials/tls/certprovider/pemfile/watcher.go b/credentials/tls/certprovider/pemfile/watcher.go
@@ -32,7 +32,7 @@ import (
 	"crypto/x509"
 	"errors"
 	"fmt"
-	"io/ioutil"
+	"os"
 	"path/filepath"
 	"time"
 
@@ -154,12 +154,12 @@ func (w *watcher) updateIdentityDistributor() {
 		return
 	}
 
-	certFileContents, err := ioutil.ReadFile(w.opts.CertFile)
+	certFileContents, err := os.ReadFile(w.opts.CertFile)
 	if err != nil {
 		logger.Warningf("certFile (%s) read failed: %v", w.opts.CertFile, err)
 		return
 	}
-	keyFileContents, err := ioutil.ReadFile(w.opts.KeyFile)
+	keyFileContents, err := os.ReadFile(w.opts.KeyFile)
 	if err != nil {
 		logger.Warningf("keyFile (%s) read failed: %v", w.opts.KeyFile, err)
 		return
@@ -191,7 +191,7 @@ func (w *watcher) updateRootDistributor() {
 		return
 	}
 
-	rootFileContents, err := ioutil.ReadFile(w.opts.RootFile)
+	rootFileContents, err := os.ReadFile(w.opts.RootFile)
 	if err != nil {
 		logger.Warningf("rootFile (%s) read failed: %v", w.opts.RootFile, err)
 		return