From 376b83050ae868b44bcfd6424bea03ebc51741b5 Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Mon, 19 Aug 2024 15:45:32 -0700 Subject: [PATCH] upgrade linter and fix new lint errors --- cmd/pinniped/cmd/kubeconfig.go | 1 - hack/lib/lint-version.txt | 2 +- internal/certauthority/certauthority_test.go | 1 - internal/dynamiccert/provider_test.go | 6 ------ .../fositestorage/authorizationcode/authorizationcode.go | 2 +- internal/kubeclient/kubeclient_test.go | 2 -- internal/registry/clientsecretrequest/rest.go | 3 ++- 7 files changed, 4 insertions(+), 13 deletions(-) diff --git a/cmd/pinniped/cmd/kubeconfig.go b/cmd/pinniped/cmd/kubeconfig.go index 67f602d97..defe624ca 100644 --- a/cmd/pinniped/cmd/kubeconfig.go +++ b/cmd/pinniped/cmd/kubeconfig.go @@ -745,7 +745,6 @@ func validateKubeconfig(ctx context.Context, flags getKubeconfigParams, kubeconf func countCACerts(pemData []byte) int { pool := x509.NewCertPool() pool.AppendCertsFromPEM(pemData) - //nolint:staticcheck // since we're not using .Subjects() to access the system pool return len(pool.Subjects()) } diff --git a/hack/lib/lint-version.txt b/hack/lib/lint-version.txt index 5b1ab2700..f6c9d766c 100644 --- a/hack/lib/lint-version.txt +++ b/hack/lib/lint-version.txt @@ -1 +1 @@ -1.59.1 +1.60.1 diff --git a/internal/certauthority/certauthority_test.go b/internal/certauthority/certauthority_test.go index 13b0ca1b1..cd438f220 100644 --- a/internal/certauthority/certauthority_test.go +++ b/internal/certauthority/certauthority_test.go @@ -209,7 +209,6 @@ func TestPool(t *testing.T) { require.NoError(t, err) pool := ca.Pool() - //nolint:staticcheck // since we're not using .Subjects() to access the system pool require.Len(t, pool.Subjects(), 1) } diff --git a/internal/dynamiccert/provider_test.go b/internal/dynamiccert/provider_test.go index 08212cb6b..f4e9c3fd9 100644 --- a/internal/dynamiccert/provider_test.go +++ b/internal/dynamiccert/provider_test.go @@ -42,7 +42,6 @@ func TestProviderWithDynamicServingCertificateController(t *testing.T) { cert, err := tls.X509KeyPair(certPEM, keyPEM) require.NoError(t, err) - //nolint:staticcheck // since we're not using .Subjects() to access the system pool return pool.Subjects(), []tls.Certificate{cert} }, }, @@ -71,7 +70,6 @@ func TestProviderWithDynamicServingCertificateController(t *testing.T) { certKey.UnsetCertKeyContent() - //nolint:staticcheck // since we're not using .Subjects() to access the system pool return pool.Subjects(), []tls.Certificate{cert} }, }, @@ -90,7 +88,6 @@ func TestProviderWithDynamicServingCertificateController(t *testing.T) { cert, err := tls.X509KeyPair(certPEM, keyPEM) require.NoError(t, err) - //nolint:staticcheck // since we're not using .Subjects() to access the system pool return newCA.Pool().Subjects(), []tls.Certificate{cert} }, }, @@ -114,7 +111,6 @@ func TestProviderWithDynamicServingCertificateController(t *testing.T) { ok := pool.AppendCertsFromPEM(ca.CurrentCABundleContent()) require.True(t, ok, "should have valid non-empty CA bundle") - //nolint:staticcheck // since we're not using .Subjects() to access the system pool return pool.Subjects(), []tls.Certificate{cert} }, }, @@ -142,7 +138,6 @@ func TestProviderWithDynamicServingCertificateController(t *testing.T) { err = ca.SetCertKeyContent(newOtherCA.Bundle(), caKey) require.NoError(t, err) - //nolint:staticcheck // since we're not using .Subjects() to access the system pool return newOtherCA.Pool().Subjects(), []tls.Certificate{cert} }, }, @@ -226,7 +221,6 @@ func poolSubjects(pool *x509.CertPool) [][]byte { if pool == nil { return nil } - //nolint:staticcheck // since we're not using .Subjects() to access the system pool return pool.Subjects() } diff --git a/internal/fositestorage/authorizationcode/authorizationcode.go b/internal/fositestorage/authorizationcode/authorizationcode.go index c9dc80720..550b47a31 100644 --- a/internal/fositestorage/authorizationcode/authorizationcode.go +++ b/internal/fositestorage/authorizationcode/authorizationcode.go @@ -189,7 +189,7 @@ type errSerializationFailureWithCause struct { } func (e *errSerializationFailureWithCause) Is(err error) bool { - return stderrors.Is(fosite.ErrSerializationFailure, err) + return stderrors.Is(err, fosite.ErrSerializationFailure) } func (e *errSerializationFailureWithCause) Unwrap() error { diff --git a/internal/kubeclient/kubeclient_test.go b/internal/kubeclient/kubeclient_test.go index c4b082d59..b5def24e9 100644 --- a/internal/kubeclient/kubeclient_test.go +++ b/internal/kubeclient/kubeclient_test.go @@ -949,7 +949,6 @@ func TestUnwrap(t *testing.T) { server, restConfig := fakekubeapi.Start(t, nil) - //nolint:staticcheck // since we're not using .Subjects() to access the system pool serverSubjects := server.Client().Transport.(*http.Transport).TLSClientConfig.RootCAs.Subjects() t.Run("regular client", func(t *testing.T) { @@ -1148,7 +1147,6 @@ func testUnwrap(t *testing.T, client *Client, serverSubjects [][]byte, tlsConfig require.Equal(t, ptlsConfig.NextProtos, tlsConfig.NextProtos) // x509.CertPool has some embedded functions that make it hard to compare so just look at the subjects - //nolint:staticcheck // since we're not using .Subjects() to access the system pool require.Equal(t, serverSubjects, tlsConfig.RootCAs.Subjects()) }) } diff --git a/internal/registry/clientsecretrequest/rest.go b/internal/registry/clientsecretrequest/rest.go index 27f7b5fb9..3973fa55b 100644 --- a/internal/registry/clientsecretrequest/rest.go +++ b/internal/registry/clientsecretrequest/rest.go @@ -7,6 +7,7 @@ package clientsecretrequest import ( "context" "encoding/hex" + "errors" "fmt" "io" "slices" @@ -241,7 +242,7 @@ func (r *REST) validateRequest( if !ok { msg := "no namespace information found in request context" traceValidationFailure(tracer, msg) - return nil, apierrors.NewInternalError(fmt.Errorf(msg)) + return nil, apierrors.NewInternalError(errors.New(msg)) } if err := rest.EnsureObjectNamespaceMatchesRequestNamespace(requestNamespace, clientSecretRequest); err != nil { traceValidationFailure(tracer, err.Error())