From 5922818f1da78851cbc26222e82db8e122e33424 Mon Sep 17 00:00:00 2001 From: Tim Hardeck Date: Wed, 19 Nov 2025 17:49:04 +0100 Subject: [PATCH 1/4] Fix remaining golangci-lint issues --- internal/cmd/agent/deployer/internal/diff/diff.go | 2 +- .../diff/kubernetes_vendor/pkg/api/v1/endpoints/util.go | 2 +- internal/cmd/controller/agentmanagement/agent/manifest_test.go | 3 +++ 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/internal/cmd/agent/deployer/internal/diff/diff.go b/internal/cmd/agent/deployer/internal/diff/diff.go index c6682d7a5d..dbe05b8ff2 100644 --- a/internal/cmd/agent/deployer/internal/diff/diff.go +++ b/internal/cmd/agent/deployer/internal/diff/diff.go @@ -488,7 +488,7 @@ func normalizeEndpoint(un *unstructured.Unstructured, o options) { if gvk.Group != "" || gvk.Kind != "Endpoints" { return } - //nolint: staticcheck // Endpoints is deprecated but still supported; see fleet#3760. + //nolint:staticcheck // Endpoints is deprecated but still supported; see fleet#3760. var ep corev1.Endpoints err := runtime.DefaultUnstructuredConverter.FromUnstructured(un.Object, &ep) if err != nil { diff --git a/internal/cmd/agent/deployer/internal/diff/kubernetes_vendor/pkg/api/v1/endpoints/util.go b/internal/cmd/agent/deployer/internal/diff/kubernetes_vendor/pkg/api/v1/endpoints/util.go index d42233d67d..8901c578c2 100644 --- a/internal/cmd/agent/deployer/internal/diff/kubernetes_vendor/pkg/api/v1/endpoints/util.go +++ b/internal/cmd/agent/deployer/internal/diff/kubernetes_vendor/pkg/api/v1/endpoints/util.go @@ -63,7 +63,7 @@ func hashObject(hasher hash.Hash, obj interface{}) []byte { return hasher.Sum(nil) } -//nolint:staticcheck // EndpointSubset is deprecated but still supported; see fleet#3760. +//nolint:staticcheck,nolintlint // EndpointSubset is deprecated but still supported; see fleet#3760. type subsetsByHash []v1.EndpointSubset func (sl subsetsByHash) Len() int { return len(sl) } diff --git a/internal/cmd/controller/agentmanagement/agent/manifest_test.go b/internal/cmd/controller/agentmanagement/agent/manifest_test.go index 4a21eaaf9a..b2eb82838e 100644 --- a/internal/cmd/controller/agentmanagement/agent/manifest_test.go +++ b/internal/cmd/controller/agentmanagement/agent/manifest_test.go @@ -112,6 +112,7 @@ func TestManifestAgentTolerations(t *testing.T) { t.Fatal("there were no deployments returned from the manifests") } + //nolint:SA5011 // agent is checked for nil above; t.Fatal prevents execution if nil if !cmp.Equal(agent.Spec.Template.Spec.Tolerations, testCase.expectedTolerations, cmpOpt) { t.Fatalf("tolerations were not as expected: %v", agent.Spec.Template.Spec.Tolerations) } @@ -160,6 +161,7 @@ func TestManifestAgentHostNetwork(t *testing.T) { t.Fatal("there were no deployments returned from the manifests") } + //nolint:SA5011 // agent is checked for nil above; t.Fatal prevents execution if nil if !cmp.Equal(agent.Spec.Template.Spec.HostNetwork, testCase.expectedNetwork) { t.Fatalf("hostNetwork is not as expected: %v", agent.Spec.Template.Spec.HostNetwork) } @@ -232,6 +234,7 @@ func TestManifestAgentAffinity(t *testing.T) { t.Fatal("there were no deployments returned from the manifests") } + //nolint:SA5011 // agent is checked for nil above; t.Fatal prevents execution if nil if !cmp.Equal(agent.Spec.Template.Spec.Affinity, testCase.expectedAffinity) { t.Fatalf("affinity was not as expected: %v %v", testCase.expectedAffinity, agent.Spec.Template.Spec.Affinity) } From 5ed02c5553ce1913ccf0792955ef384d6dd70c70 Mon Sep 17 00:00:00 2001 From: Tim Hardeck Date: Fri, 21 Nov 2025 06:48:29 +0100 Subject: [PATCH 2/4] Add linter gocritic and fix issues --- .golangci.json | 1 + benchmarks/cmd/dataset.go | 8 ++-- benchmarks/cmd/report.go | 7 ++-- benchmarks/record/record.go | 7 ++-- .../cli/apply/apply_online_test.go | 10 ++--- integrationtests/cli/helpers.go | 6 +-- .../controller/bundle/userid_logging_test.go | 4 +- .../bundledeployment/userid_logging_test.go | 8 +--- .../gitjob/controller/userid_logging_test.go | 8 +--- .../helmops/controller/userid_logging_test.go | 8 +--- internal/bundlereader/charturl.go | 4 +- internal/bundlereader/helm_test.go | 2 +- internal/bundlereader/loaddirectory.go | 4 +- internal/bundlereader/loaddirectory_test.go | 6 +-- internal/bundlereader/resources.go | 2 +- internal/cmd/agent/deployer/deployer.go | 7 ++-- .../cmd/agent/deployer/desiredset/style.go | 7 ++-- .../cmd/agent/deployer/internal/diff/diff.go | 32 +++++++-------- .../normalizers/knowntypes_normalizer.go | 7 ++-- .../agent/deployer/monitor/updatestatus.go | 7 ++-- .../cmd/agent/deployer/summary/summarizers.go | 7 ++-- internal/cmd/builder.go | 4 +- internal/cmd/cli/apply.go | 9 +++-- internal/cmd/cli/gitcloner/cloner_test.go | 12 +++--- .../clusterregistrationtoken/handler.go | 9 +++-- .../agentmanagement/scheduling/scheduling.go | 9 +++-- .../controller/agentmanagement/secret/util.go | 2 +- .../controller/gitops/reconciler/gitjob.go | 15 +++---- .../gitops/reconciler/gitjob_controller.go | 10 ++--- .../gitops/reconciler/gitjob_test.go | 3 +- .../helmops/reconciler/helmop_controller.go | 7 ++-- .../reconciler/helmop_controller_test.go | 6 +-- internal/cmd/controller/target/target_test.go | 40 +++++++++---------- internal/mocks/orastarget_mock.go | 2 +- internal/ocistorage/secret_test.go | 9 +++-- internal/resourcestatus/resourcekey_test.go | 8 ++-- pkg/cert/cabundle_test.go | 7 ++-- pkg/git/fetch_test.go | 6 +-- pkg/git/netutils.go | 13 +++--- pkg/webhook/parser.go | 2 +- 40 files changed, 161 insertions(+), 164 deletions(-) diff --git a/.golangci.json b/.golangci.json index d55e7b28f0..b78497324e 100644 --- a/.golangci.json +++ b/.golangci.json @@ -14,6 +14,7 @@ "errorlint", "funlen", "ginkgolinter", + "gocritic", "gocyclo", "gosec", "govet", diff --git a/benchmarks/cmd/dataset.go b/benchmarks/cmd/dataset.go index 74f9f1d155..0a8694f8e1 100644 --- a/benchmarks/cmd/dataset.go +++ b/benchmarks/cmd/dataset.go @@ -88,12 +88,12 @@ func calculate(sample *parser.Sample, dsPop Dataset, scores scoresByXP) { } if _, ok := sample.Experiments[experiment]; !ok { - //fmt.Printf("missing experiment %s\n", name) + // fmt.Printf("missing experiment %s\n", name) continue } if _, ok := sample.Experiments[experiment].Measurements[measurement]; !ok { - //fmt.Printf("missing measurement %s for experiments %s\n", measurement, name) + // fmt.Printf("missing measurement %s for experiments %s\n", measurement, name) continue } @@ -104,7 +104,7 @@ func calculate(sample *parser.Sample, dsPop Dataset, scores scoresByXP) { // calculate zscore m := sample.Experiments[experiment].Measurements[measurement] zscore := stat.StdScore(m.Value, mean, stddev) - //fmt.Printf("zscore %s - %s %v %v %v\n", experiment, measurement, m, mean, zscore) + // fmt.Printf("zscore %s - %s %v %v %v\n", experiment, measurement, m, mean, zscore) // store in dsPop sg.Mean = mean @@ -125,7 +125,7 @@ func calculate(sample *parser.Sample, dsPop Dataset, scores scoresByXP) { avg := stat.Mean(xp.ZScores, xp.Weights) xp.MeanZScore = avg scores[name] = xp - //fmt.Printf("%s %v %v %v\n", name, avg, xp.ZScores, xp.Weights) + // fmt.Printf("%s %v %v %v\n", name, avg, xp.ZScores, xp.Weights) } } diff --git a/benchmarks/cmd/report.go b/benchmarks/cmd/report.go index 70adea4026..ef10c0da65 100644 --- a/benchmarks/cmd/report.go +++ b/benchmarks/cmd/report.go @@ -195,11 +195,12 @@ func newTableZScore(rows map[string]Row) *table.Table { r.AppendCell(table.C(fmt.Sprintf("%.02fs", row.StdDevDuration))) r.AppendCell(table.C(fmt.Sprintf("%.02f", row.ZScore))) } - if row.ZScore < 0 { + switch { + case row.ZScore < 0: r.AppendCell(table.C("better")) - } else if row.ZScore > 0 { + case row.ZScore > 0: r.AppendCell(table.C("worse")) - } else { + default: r.AppendCell(table.C("")) } diff --git a/benchmarks/record/record.go b/benchmarks/record/record.go index 25fe7412b9..7f8bf67a49 100644 --- a/benchmarks/record/record.go +++ b/benchmarks/record/record.go @@ -172,11 +172,12 @@ func Nodes(ctx context.Context, experiment *gm.Experiment) { for _, image := range node.Status.Images { name := "" // in k3d, the first image name contains the hash, not the tag - if len(image.Names) == 0 { + switch { + case len(image.Names) == 0: continue - } else if len(image.Names) > 1 { + case len(image.Names) > 1: name = image.Names[1] - } else { + default: name = image.Names[0] } images[name] = struct{}{} diff --git a/integrationtests/cli/apply/apply_online_test.go b/integrationtests/cli/apply/apply_online_test.go index 9c640513e3..32eca9ca85 100644 --- a/integrationtests/cli/apply/apply_online_test.go +++ b/integrationtests/cli/apply/apply_online_test.go @@ -35,7 +35,7 @@ var _ = Describe("Fleet apply online", Label("online"), func() { ) JustBeforeEach(func() { - //Setting up all the needed mocked interfaces for the test + // Setting up all the needed mocked interfaces for the test ctrl = gomock.NewController(GinkgoT()) clientMock = mocks.NewMockK8sClient(ctrl) clientMock.EXPECT().Get( @@ -68,7 +68,7 @@ var _ = Describe("Fleet apply online", Label("online"), func() { BeforeEach(func() { name = "labels_update" dirs = []string{cli.AssetsPath + "labels_update"} - //bundle in the cluster + // bundle in the cluster oldBundle = &fleet.Bundle{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ @@ -129,7 +129,7 @@ data: BeforeEach(func() { name = "labels_update" dirs = []string{cli.AssetsPath + "labels_update"} - //bundle in the cluster + // bundle in the cluster oldBundle = &fleet.Bundle{ ObjectMeta: metav1.ObjectMeta{ Namespace: "foo", @@ -160,7 +160,7 @@ data: ts := metav1.NewTime(time.Now()) name = "labels_update" dirs = []string{cli.AssetsPath + "labels_update"} - //bundle in the cluster + // bundle in the cluster oldBundle = &fleet.Bundle{ ObjectMeta: metav1.ObjectMeta{ Namespace: "foo", @@ -224,7 +224,7 @@ data: BeforeEach(func() { name = "labels_update" dirs = []string{cli.AssetsPath + "labels_update"} - //bundle in the cluster + // bundle in the cluster oldBundle = &fleet.Bundle{ ObjectMeta: metav1.ObjectMeta{ Namespace: "foo", diff --git a/integrationtests/cli/helpers.go b/integrationtests/cli/helpers.go index 10924d7e7e..2231510910 100644 --- a/integrationtests/cli/helpers.go +++ b/integrationtests/cli/helpers.go @@ -71,10 +71,8 @@ func IsResourcePresentInBundle(resourcePath string, resources []v1alpha1.BundleR if resource.Content == resourceFileEncoded { return true, nil } - } else { - if strings.ReplaceAll(resource.Content, "\n", "") == strings.ReplaceAll(string(resourceFile), "\n", "") { - return true, nil - } + } else if strings.ReplaceAll(resource.Content, "\n", "") == strings.ReplaceAll(string(resourceFile), "\n", "") { + return true, nil } } diff --git a/integrationtests/controller/bundle/userid_logging_test.go b/integrationtests/controller/bundle/userid_logging_test.go index cafb745df4..db45e548a8 100644 --- a/integrationtests/controller/bundle/userid_logging_test.go +++ b/integrationtests/controller/bundle/userid_logging_test.go @@ -72,9 +72,7 @@ var _ = Describe("Bundle UserID logging", func() { return bundle.Status.ObservedGeneration }).Should(BeNumerically(">", 0)) - Eventually(func() string { - return logsBuffer.String() - }).Should(ContainSubstring(bundle.Name)) + Eventually(logsBuffer.String).Should(ContainSubstring(bundle.Name)) } When("Bundle has user ID label", func() { diff --git a/integrationtests/controller/bundledeployment/userid_logging_test.go b/integrationtests/controller/bundledeployment/userid_logging_test.go index 681be6749e..e381194af7 100644 --- a/integrationtests/controller/bundledeployment/userid_logging_test.go +++ b/integrationtests/controller/bundledeployment/userid_logging_test.go @@ -63,9 +63,7 @@ var _ = Describe("UserID logging", func() { }) It("logs userID in reconciliation", func() { - Eventually(func() string { - return logsBuffer.String() - }).Should(ContainSubstring(bd.Name)) + Eventually(logsBuffer.String).Should(ContainSubstring(bd.Name)) logs := logsBuffer.String() bdLogs := utils.ExtractResourceLogs(logs, bd.Name) @@ -117,9 +115,7 @@ var _ = Describe("UserID logging", func() { }) It("does not log userID in reconciliation", func() { - Eventually(func() string { - return logsBuffer.String() - }).Should(ContainSubstring(bd.Name)) + Eventually(logsBuffer.String).Should(ContainSubstring(bd.Name)) logs := logsBuffer.String() bdLogs := utils.ExtractResourceLogs(logs, bd.Name) diff --git a/integrationtests/gitjob/controller/userid_logging_test.go b/integrationtests/gitjob/controller/userid_logging_test.go index 6618158318..80ec3c1185 100644 --- a/integrationtests/gitjob/controller/userid_logging_test.go +++ b/integrationtests/gitjob/controller/userid_logging_test.go @@ -55,9 +55,7 @@ var _ = Describe("GitRepo UserID logging", func() { }) It("includes userID in log output", func() { - Eventually(func() string { - return logsBuffer.String() - }, timeout).Should(Or( + Eventually(logsBuffer.String, timeout).Should(Or( ContainSubstring(`"userID":"`+userID+`"`), ContainSubstring(`"userID": "`+userID+`"`), )) @@ -74,9 +72,7 @@ var _ = Describe("GitRepo UserID logging", func() { }) It("does not include userID in log output", func() { - Eventually(func() string { - return logsBuffer.String() - }, timeout).Should(ContainSubstring(gitrepo.Name)) + Eventually(logsBuffer.String, timeout).Should(ContainSubstring(gitrepo.Name)) logs := logsBuffer.String() gitrepoLogs := utils.ExtractResourceLogs(logs, gitrepo.Name) diff --git a/integrationtests/helmops/controller/userid_logging_test.go b/integrationtests/helmops/controller/userid_logging_test.go index 0b3fe724cb..d1fb7d1e30 100644 --- a/integrationtests/helmops/controller/userid_logging_test.go +++ b/integrationtests/helmops/controller/userid_logging_test.go @@ -60,9 +60,7 @@ var _ = Describe("HelmOp UserID logging", func() { }) It("includes userID in log output", func() { - Eventually(func() string { - return logsBuffer.String() - }, timeout).Should(Or( + Eventually(logsBuffer.String, timeout).Should(Or( ContainSubstring(`"userID":"`+userID+`"`), ContainSubstring(`"userID": "`+userID+`"`), )) @@ -79,9 +77,7 @@ var _ = Describe("HelmOp UserID logging", func() { }) It("does not include userID in log output", func() { - Eventually(func() string { - return logsBuffer.String() - }, timeout).Should(ContainSubstring(helmop.Name)) + Eventually(logsBuffer.String, timeout).Should(ContainSubstring(helmop.Name)) logs := logsBuffer.String() helmopLogs := utils.ExtractResourceLogs(logs, helmop.Name) diff --git a/internal/bundlereader/charturl.go b/internal/bundlereader/charturl.go index 1d4239a787..be55d5a1e7 100644 --- a/internal/bundlereader/charturl.go +++ b/internal/bundlereader/charturl.go @@ -72,7 +72,7 @@ func ChartVersion(ctx context.Context, location fleet.HelmOptions, a Auth) (stri } if !strings.HasSuffix(location.Repo, "/") { - location.Repo = location.Repo + "/" + location.Repo += "/" } chart, err := getHelmChartVersion(ctx, location, a) @@ -104,7 +104,7 @@ func chartURL(ctx context.Context, location fleet.HelmOptions, auth Auth, isHelm } if !strings.HasSuffix(location.Repo, "/") { - location.Repo = location.Repo + "/" + location.Repo += "/" } chart, err := getHelmChartVersion(ctx, location, auth) diff --git a/internal/bundlereader/helm_test.go b/internal/bundlereader/helm_test.go index 4f103fab2b..057768aca2 100644 --- a/internal/bundlereader/helm_test.go +++ b/internal/bundlereader/helm_test.go @@ -85,7 +85,7 @@ func checksumPrefix(helm *fleet.HelmOptions) string { if helm == nil { return "none" } - return fmt.Sprintf(".chart/%x", sha256.Sum256([]byte(helm.Chart + ":" + helm.Repo + ":" + helm.Version)[:])) + return fmt.Sprintf(".chart/%x", sha256.Sum256([]byte(helm.Chart+":"+helm.Repo+":"+helm.Version))) } func createChartDir(dir string) error { diff --git a/internal/bundlereader/loaddirectory.go b/internal/bundlereader/loaddirectory.go index f79d35519b..dbcb99b4c4 100644 --- a/internal/bundlereader/loaddirectory.go +++ b/internal/bundlereader/loaddirectory.go @@ -110,9 +110,7 @@ func (xt *ignoreTree) findNode(path string, isDir bool, nodesRoute []*ignoreTree for _, c := range xt.children { if steps := c.findNode(path, isDir, nodesRoute); steps != nil { - crossed := append(nodesRoute, steps...) - - return crossed + return append(nodesRoute, steps...) } } diff --git a/internal/bundlereader/loaddirectory_test.go b/internal/bundlereader/loaddirectory_test.go index 65b5578c0b..8f1592f857 100644 --- a/internal/bundlereader/loaddirectory_test.go +++ b/internal/bundlereader/loaddirectory_test.go @@ -584,10 +584,8 @@ func TestGetContent(t *testing.T) { files, err := bundlereader.GetContent(context.Background(), root, c.source, "", c.auth, false, ignoreApplyConfigs) if c.expectedErr == nil { require.NoError(t, err) - } else { - if !c.expectedErr.Match([]byte(err.Error())) { - assert.Failf(t, "expected error to match", "expected: %s, got: %s", c.expectedErr.String(), err.Error()) - } + } else if !c.expectedErr.Match([]byte(err.Error())) { + assert.Failf(t, "expected error to match", "expected: %s, got: %s", c.expectedErr.String(), err.Error()) } assert.Len(t, files, len(c.expectedFiles)) diff --git a/internal/bundlereader/resources.go b/internal/bundlereader/resources.go index c39af91fba..8ea772c03a 100644 --- a/internal/bundlereader/resources.go +++ b/internal/bundlereader/resources.go @@ -258,7 +258,7 @@ func checksum(helm *fleet.HelmOptions) string { if helm == nil { return "none" } - return fmt.Sprintf(".chart/%x", sha256.Sum256([]byte(helm.Chart + ":" + helm.Repo + ":" + helm.Version)[:])) + return fmt.Sprintf(".chart/%x", sha256.Sum256([]byte(helm.Chart+":"+helm.Repo+":"+helm.Version))) } // loadDirectories loads all resources from a bundle's directories diff --git a/internal/cmd/agent/deployer/deployer.go b/internal/cmd/agent/deployer/deployer.go index 8687ae3731..e9a5d511a1 100644 --- a/internal/cmd/agent/deployer/deployer.go +++ b/internal/cmd/agent/deployer/deployer.go @@ -121,7 +121,8 @@ func (d *Deployer) helmdeploy(ctx context.Context, logger logr.Logger, bd *fleet m *manifest.Manifest err error ) - if bd.Spec.OCIContents { + switch { + case bd.Spec.OCIContents: oci := ocistorage.NewOCIWrapper() secretID := client.ObjectKey{Name: manifestID, Namespace: bd.Namespace} opts, err := ocistorage.ReadOptsFromSecret(ctx, d.upstreamClient, secretID) @@ -142,12 +143,12 @@ func (d *Deployer) helmdeploy(ctx context.Context, logger logr.Logger, bd *fleet if actualID != manifestID { return "", fmt.Errorf("invalid or corrupt manifest. Expecting id: %q, got %q", manifestID, actualID) } - } else if bd.Spec.HelmChartOptions != nil { + case bd.Spec.HelmChartOptions != nil: m, err = bundlereader.GetManifestFromHelmChart(ctx, d.upstreamClient, bd) if err != nil { return "", err } - } else { + default: m, err = d.lookup.Get(ctx, d.upstreamClient, manifestID) if err != nil { return "", err diff --git a/internal/cmd/agent/deployer/desiredset/style.go b/internal/cmd/agent/deployer/desiredset/style.go index 0339a1b172..89cbdfdbfe 100644 --- a/internal/cmd/agent/deployer/desiredset/style.go +++ b/internal/cmd/agent/deployer/desiredset/style.go @@ -36,11 +36,12 @@ func getMergeStyle(gvk schema.GroupVersionKind) (types.PatchType, strategicpatch versionedObject, err := scheme.Scheme.New(gvk) - if runtime.IsNotRegisteredError(err) || gvk.Kind == "CustomResourceDefinition" { + switch { + case runtime.IsNotRegisteredError(err) || gvk.Kind == "CustomResourceDefinition": patchType = types.MergePatchType - } else if err != nil { + case err != nil: return patchType, nil, err - } else { + default: patchType = types.StrategicMergePatchType lookupPatchMeta, err = strategicpatch.NewPatchMetaFromStruct(versionedObject) if err != nil { diff --git a/internal/cmd/agent/deployer/internal/diff/diff.go b/internal/cmd/agent/deployer/internal/diff/diff.go index dbe05b8ff2..961d5fe4b2 100644 --- a/internal/cmd/agent/deployer/internal/diff/diff.go +++ b/internal/cmd/agent/deployer/internal/diff/diff.go @@ -76,36 +76,35 @@ func Diff(config, live *unstructured.Unstructured, opts ...Option) (*DiffResult, orig, err := GetLastAppliedConfigAnnotation(live) if err != nil { o.log.V(1).Info(fmt.Sprintf("Failed to get last applied configuration: %v", err)) - } else { - if orig != nil && config != nil { - Normalize(orig, opts...) - dr, err := ThreeWayDiff(orig, config, live) - if err == nil { - return dr, nil - } - o.log.V(1).Info(fmt.Sprintf("three-way diff calculation failed: %v. Falling back to two-way diff", err)) + } else if orig != nil && config != nil { + Normalize(orig, opts...) + dr, err := ThreeWayDiff(orig, config, live) + if err == nil { + return dr, nil } + o.log.V(1).Info(fmt.Sprintf("three-way diff calculation failed: %v. Falling back to two-way diff", err)) } return TwoWayDiff(config, live) } // TwoWayDiff performs a three-way diff and uses specified config as a recently applied config func TwoWayDiff(config, live *unstructured.Unstructured) (*DiffResult, error) { - if live != nil && config != nil { + switch { + case live != nil && config != nil: return ThreeWayDiff(config, config.DeepCopy(), live) - } else if live != nil { + case live != nil: liveData, err := json.Marshal(live) if err != nil { return nil, err } return &DiffResult{Modified: false, NormalizedLive: liveData, PredictedLive: []byte("null")}, nil - } else if config != nil { + case config != nil: predictedLiveData, err := json.Marshal(config.Object) if err != nil { return nil, err } return &DiffResult{Modified: true, NormalizedLive: []byte("null"), PredictedLive: predictedLiveData}, nil - } else { + default: return nil, errors.New("both live and config are null objects") } } @@ -417,11 +416,12 @@ func Normalize(un *unstructured.Unstructured, opts ...Option) { unstructured.RemoveNestedField(un.Object, "metadata", "creationTimestamp") gvk := un.GroupVersionKind() - if gvk.Group == "" && gvk.Kind == "Secret" { + switch { + case gvk.Group == "" && gvk.Kind == "Secret": NormalizeSecret(un, opts...) - } else if gvk.Group == "rbac.authorization.k8s.io" && (gvk.Kind == "ClusterRole" || gvk.Kind == "Role") { + case gvk.Group == "rbac.authorization.k8s.io" && (gvk.Kind == "ClusterRole" || gvk.Kind == "Role"): normalizeRole(un, o) - } else if gvk.Group == "" && gvk.Kind == "Endpoints" { + case gvk.Group == "" && gvk.Kind == "Endpoints": normalizeEndpoint(un, o) } @@ -629,7 +629,7 @@ func HideSecretData(target *unstructured.Unstructured, live *unstructured.Unstru replacement, ok := valToReplacement[val] if !ok { replacement = nextReplacement - nextReplacement = nextReplacement + "++++" + nextReplacement += "++++" valToReplacement[val] = replacement } data[k] = replacement diff --git a/internal/cmd/agent/deployer/internal/normalizers/knowntypes_normalizer.go b/internal/cmd/agent/deployer/internal/normalizers/knowntypes_normalizer.go index 4e7584a758..076de671a6 100644 --- a/internal/cmd/agent/deployer/internal/normalizers/knowntypes_normalizer.go +++ b/internal/cmd/agent/deployer/internal/normalizers/knowntypes_normalizer.go @@ -62,12 +62,13 @@ func getGroupKindForOverrideKey(key string) (string, string, error) { var group, kind string parts := strings.Split(key, "/") - if len(parts) == 2 { + switch len(parts) { + case 2: group = parts[0] kind = parts[1] - } else if len(parts) == 1 { + case 1: kind = parts[0] - } else { + default: return "", "", fmt.Errorf("override key must be / or , got: '%s' ", key) } return group, kind, nil diff --git a/internal/cmd/agent/deployer/monitor/updatestatus.go b/internal/cmd/agent/deployer/monitor/updatestatus.go index 7719a10b77..9d1348cdb2 100644 --- a/internal/cmd/agent/deployer/monitor/updatestatus.go +++ b/internal/cmd/agent/deployer/monitor/updatestatus.go @@ -256,11 +256,12 @@ func calculateResourceCounts(all []fleet.BundleDeploymentResource, nonReady []fl DesiredReady: calculateDesiredReady(resourceKeys, modified), } for _, r := range modified { - if r.Create { + switch { + case r.Create: counts.Missing++ - } else if r.Delete { + case r.Delete: counts.Orphaned++ - } else { + default: counts.Modified++ } delete(resourceKeys, fleet.ResourceKey{ diff --git a/internal/cmd/agent/deployer/summary/summarizers.go b/internal/cmd/agent/deployer/summary/summarizers.go index 4856152224..454b0d7161 100644 --- a/internal/cmd/agent/deployer/summary/summarizers.go +++ b/internal/cmd/agent/deployer/summary/summarizers.go @@ -406,13 +406,14 @@ func checkActive(obj data.Object, _ []Condition, summary fleetv1.Summary) fleetv func checkPhase(obj data.Object, _ []Condition, summary fleetv1.Summary) fleetv1.Summary { phase := obj.String("status", "phase") - if phase == "Succeeded" { + switch { + case phase == "Succeeded": summary.State = "succeeded" summary.Transitioning = false - } else if phase == "Bound" { + case phase == "Bound": summary.State = "bound" summary.Transitioning = false - } else if phase != "" && summary.State == "" { + case phase != "" && summary.State == "": summary.State = phase } return summary diff --git a/internal/cmd/builder.go b/internal/cmd/builder.go index c1c0133ae9..fd09cbc8d7 100644 --- a/internal/cmd/builder.go +++ b/internal/cmd/builder.go @@ -203,7 +203,7 @@ func assignSlices(app *cobra.Command, slices map[string]reflect.Value) error { return err } if s != nil { - v.Set(reflect.ValueOf(s[:])) + v.Set(reflect.ValueOf(s)) } } return nil @@ -217,7 +217,7 @@ func assignArrays(app *cobra.Command, arrays map[string]reflect.Value) error { return err } if s != nil { - v.Set(reflect.ValueOf(s[:])) + v.Set(reflect.ValueOf(s)) } } return nil diff --git a/internal/cmd/cli/apply.go b/internal/cmd/cli/apply.go index 326c4acf12..5aad8276b1 100644 --- a/internal/cmd/cli/apply.go +++ b/internal/cmd/cli/apply.go @@ -142,13 +142,14 @@ func (a *Apply) run(cmd *cobra.Command, args []string) error { return fmt.Errorf("adding auth to opts: %w", err) } - if a.File == "-" { + switch { + case a.File == "-": opts.BundleReader = os.Stdin if len(args) != 1 { return fmt.Errorf("the bundle name is required as the first argument") } name = args[0] - } else if a.File != "" { + case a.File != "": f, err := os.Open(a.File) if err != nil { return err @@ -159,9 +160,9 @@ func (a *Apply) run(cmd *cobra.Command, args []string) error { return fmt.Errorf("the bundle name is required as the first argument") } name = args[0] - } else if len(args) < 1 { + case len(args) < 1: return fmt.Errorf("at least one arguments is required BUNDLE_NAME") - } else { + default: name = args[0] args = args[1:] } diff --git a/internal/cmd/cli/gitcloner/cloner_test.go b/internal/cmd/cli/gitcloner/cloner_test.go index 55b50c6ff6..8f8726c0e9 100644 --- a/internal/cmd/cli/gitcloner/cloner_test.go +++ b/internal/cmd/cli/gitcloner/cloner_test.go @@ -212,11 +212,13 @@ udiSlDctMM/X3ZM2JN5M1rtAJ2WR3ZQtmWbOjZAbG2Eq t.Run(name, func(t *testing.T) { c := Cloner{} err := c.CloneRepo(test.opts) - if err == nil && test.expectedErr != nil { - t.Fatalf("err expected to be [%v], got [%v]", test.expectedErr, err) - } else if test.expectedErr != nil && err == nil { - t.Fatalf("err expected to be [%v], got [%v]", test.expectedErr, err) - } else if test.expectedErr != nil && err != nil { + if test.expectedErr == nil && err != nil { + t.Fatalf("err unexpected: %v", err) + } + if test.expectedErr != nil { + if err == nil { + t.Fatalf("err expected to be [%v], got [%v]", test.expectedErr, err) + } if !cmp.Equal(test.expectedErr.Error(), err.Error()) { t.Fatalf("err expected to be [%s], got [%s]", test.expectedErr.Error(), err.Error()) } diff --git a/internal/cmd/controller/agentmanagement/controllers/clusterregistrationtoken/handler.go b/internal/cmd/controller/agentmanagement/controllers/clusterregistrationtoken/handler.go index 4c2d78b7d8..f9500262e0 100644 --- a/internal/cmd/controller/agentmanagement/controllers/clusterregistrationtoken/handler.go +++ b/internal/cmd/controller/agentmanagement/controllers/clusterregistrationtoken/handler.go @@ -80,18 +80,19 @@ func (h *handler) OnChange(token *fleet.ClusterRegistrationToken, status fleet.C ) status.SecretName = "" sa, err := h.serviceAccountCache.Get(token.Namespace, saName) - if apierror.IsNotFound(err) { + switch { + case apierror.IsNotFound(err): logrus.Infof("ClusterRegistrationToken SA does not exist %v", saName) // secret doesn't exist - } else if err != nil { + case err != nil: return nil, status, err - } else if len(sa.Secrets) > 0 { + case len(sa.Secrets) > 0: status.SecretName = token.Name secrets, err = h.clusterRegistrationSecret(token, sa.Secrets[0].Name) if err != nil { return nil, status, err } - } else if len(sa.Secrets) == 0 { + case len(sa.Secrets) == 0: // Kubernetes 1.24 doesn't populate serviceAccount.Secrets: // "This field should not be used to find auto-generated // service account token secrets for use outside of pods." diff --git a/internal/cmd/controller/agentmanagement/scheduling/scheduling.go b/internal/cmd/controller/agentmanagement/scheduling/scheduling.go index 8ccfa5f5fd..3b58fdb547 100644 --- a/internal/cmd/controller/agentmanagement/scheduling/scheduling.go +++ b/internal/cmd/controller/agentmanagement/scheduling/scheduling.go @@ -37,16 +37,17 @@ func PodDisruptionBudget(agentNamespace string, pdbs *fleet.PodDisruptionBudgetS }, } - if pdbs.MaxUnavailable == "" && pdbs.MinAvailable == "" { + switch { + case pdbs.MaxUnavailable == "" && pdbs.MinAvailable == "": logrus.Warnf("Neither MaxUnavailable nor MinAvailable is set, defaulting to 0 for MaxUnavailable") pdbSpec.MaxUnavailable = &intstr.IntOrString{IntVal: 0} - } else if pdbs.MaxUnavailable != "" && (pdbs.MinAvailable == "" || pdbs.MinAvailable == "0") { + case pdbs.MaxUnavailable != "" && (pdbs.MinAvailable == "" || pdbs.MinAvailable == "0"): mu := intstr.Parse(pdbs.MaxUnavailable) pdbSpec.MaxUnavailable = &mu - } else if pdbs.MinAvailable != "" && (pdbs.MaxUnavailable == "" || pdbs.MaxUnavailable == "0") { + case pdbs.MinAvailable != "" && (pdbs.MaxUnavailable == "" || pdbs.MaxUnavailable == "0"): ma := intstr.Parse(pdbs.MinAvailable) pdbSpec.MinAvailable = &ma - } else if pdbs.MaxUnavailable != "" && pdbs.MinAvailable != "" { + case pdbs.MaxUnavailable != "" && pdbs.MinAvailable != "": return &policyv1.PodDisruptionBudget{}, fmt.Errorf("both MaxUnavailable (%s) and MinAvailable (%s) are set, not creating PDB", pdbs.MaxUnavailable, pdbs.MinAvailable) } diff --git a/internal/cmd/controller/agentmanagement/secret/util.go b/internal/cmd/controller/agentmanagement/secret/util.go index 369ff76922..3f43a7dd0b 100644 --- a/internal/cmd/controller/agentmanagement/secret/util.go +++ b/internal/cmd/controller/agentmanagement/secret/util.go @@ -62,7 +62,7 @@ func createServiceAccountTokenSecret(sa *corev1.ServiceAccount, secretsControlle return nil, fmt.Errorf("error getting secret: %w", err) } } - //Kubernetes auto populates the secret token after it is created, for which we should wait + // Kubernetes auto populates the secret token after it is created, for which we should wait logrus.Infof("Waiting for service account token key to be populated for secret %s/%s", secret.Namespace, secret.Name) if _, ok := secret.Data[corev1.ServiceAccountTokenKey]; !ok { for { diff --git a/internal/cmd/controller/gitops/reconciler/gitjob.go b/internal/cmd/controller/gitops/reconciler/gitjob.go index b08c200049..b8505f3b8b 100644 --- a/internal/cmd/controller/gitops/reconciler/gitjob.go +++ b/internal/cmd/controller/gitops/reconciler/gitjob.go @@ -514,11 +514,12 @@ func (r *GitJobReconciler) newGitCloner( } branch, rev := obj.Spec.Branch, obj.Spec.Revision - if branch != "" { + switch { + case branch != "": args = append(args, "--branch", branch) - } else if rev != "" { + case rev != "": args = append(args, "--revision", rev) - } else { + default: args = append(args, "--branch", "master") } @@ -641,7 +642,7 @@ func readIntEnvVar(logger logr.Logger, getter func() (int, error), envVarName st func argsAndEnvs( gitrepo *v1alpha1.GitRepo, logger logr.Logger, - CACertsPathOverride string, + caCertsPathOverride string, knownHosts KnownHostsGetter, drivenScanSeparator string, helmInsecureSkipTLS bool, @@ -731,7 +732,7 @@ func argsAndEnvs( "/etc/fleet/helm/ssh-privatekey", } - if CACertsPathOverride == "" { + if caCertsPathOverride == "" { helmArgs = append(helmArgs, "--cacerts-file", "/etc/fleet/helm/cacerts", @@ -759,10 +760,10 @@ func argsAndEnvs( }) } - if CACertsPathOverride != "" { + if caCertsPathOverride != "" { helmArgs := []string{ "--cacerts-file", - CACertsPathOverride, + caCertsPathOverride, } if gitrepo.Spec.HelmRepoURLRegex != "" { helmArgs = append(helmArgs, "--helm-repo-url-regex", gitrepo.Spec.HelmRepoURLRegex) diff --git a/internal/cmd/controller/gitops/reconciler/gitjob_controller.go b/internal/cmd/controller/gitops/reconciler/gitjob_controller.go index a55ff6efbb..d520512033 100644 --- a/internal/cmd/controller/gitops/reconciler/gitjob_controller.go +++ b/internal/cmd/controller/gitops/reconciler/gitjob_controller.go @@ -289,10 +289,8 @@ func (r *GitJobReconciler) manageGitJob(ctx context.Context, logger logr.Logger, } if err != nil { r.Recorder.Event(gitrepo, fleetevent.Warning, "Failed", err.Error()) - } else { - if oldCommit != gitrepo.Status.Commit { - r.Recorder.Event(gitrepo, fleetevent.Normal, "GotNewCommit", gitrepo.Status.Commit) - } + } else if oldCommit != gitrepo.Status.Commit { + r.Recorder.Event(gitrepo, fleetevent.Normal, "GotNewCommit", gitrepo.Status.Commit) } } @@ -771,7 +769,7 @@ func filterFleetCLIJobOutput(output string) string { lines := strings.Split(output, "\n") s := "" for _, l := range lines { - s = s + getFleetCLIErrorsFromLine(l) + s += getFleetCLIErrorsFromLine(l) } s = strings.Trim(s, "\n") @@ -816,7 +814,7 @@ func getFleetCLIErrorsFromLine(l string) string { } // check if there's more to parse if close+1 < len(l) { - s = s + getFleetCLIErrorsFromLine(l[close+1:]) + s += getFleetCLIErrorsFromLine(l[close+1:]) } return s diff --git a/internal/cmd/controller/gitops/reconciler/gitjob_test.go b/internal/cmd/controller/gitops/reconciler/gitjob_test.go index 42e71f6a1c..79c77ba249 100644 --- a/internal/cmd/controller/gitops/reconciler/gitjob_test.go +++ b/internal/cmd/controller/gitops/reconciler/gitjob_test.go @@ -1618,7 +1618,8 @@ func TestNewJob(t *testing.T) { // tolerations check // tolerations will be the default ones plus the deployment ones - expectedTolerations := append(defaultTolerations, test.deploymentTolerations...) + expectedTolerations := append([]corev1.Toleration{}, defaultTolerations...) + expectedTolerations = append(expectedTolerations, test.deploymentTolerations...) if !cmp.Equal(expectedTolerations, job.Spec.Template.Spec.Tolerations) { t.Fatalf("job tolerations differ. Expecting: %v and found: %v", test.deploymentTolerations, job.Spec.Template.Spec.Tolerations) } diff --git a/internal/cmd/controller/helmops/reconciler/helmop_controller.go b/internal/cmd/controller/helmops/reconciler/helmop_controller.go index 3877305e86..0138f67b29 100644 --- a/internal/cmd/controller/helmops/reconciler/helmop_controller.go +++ b/internal/cmd/controller/helmops/reconciler/helmop_controller.go @@ -557,7 +557,8 @@ func validate(h fleet.HelmOp) error { return fmt.Errorf("helm options invalid: %s", msg) } - if strings.HasSuffix(strings.ToLower(h.Spec.Helm.Chart), ".tgz") { + switch { + case strings.HasSuffix(strings.ToLower(h.Spec.Helm.Chart), ".tgz"): if len(h.Spec.Helm.Repo) > 0 { return fail("tarball chart with a non-empty repo field") } @@ -565,11 +566,11 @@ func validate(h fleet.HelmOp) error { if len(h.Spec.Helm.Version) > 0 { return fail("tarball chart with a non-empty version field") } - } else if strings.HasPrefix(strings.ToLower(h.Spec.Helm.Repo), "oci://") { + case strings.HasPrefix(strings.ToLower(h.Spec.Helm.Repo), "oci://"): if len(h.Spec.Helm.Chart) > 0 { return fail("OCI repository with a non-empty chart field") } - } else { // Expecting full reference: chart + repo + optional version + default: // Expecting full reference: chart + repo + optional version if len(h.Spec.Helm.Chart) == 0 { return fail("non-OCI repository with an empty chart field") } diff --git a/internal/cmd/controller/helmops/reconciler/helmop_controller_test.go b/internal/cmd/controller/helmops/reconciler/helmop_controller_test.go index e9085757bd..e17c62e558 100644 --- a/internal/cmd/controller/helmops/reconciler/helmop_controller_test.go +++ b/internal/cmd/controller/helmops/reconciler/helmop_controller_test.go @@ -283,7 +283,7 @@ func TestReconcile_Validate(t *testing.T) { Namespace: c.helmop.Namespace, } bundle.Spec.HelmOpOptions = &fleet.BundleHelmOptions{ - SecretName: "foo", //prevent collision errors; the value does not matter. + SecretName: "foo", // prevent collision errors; the value does not matter. } return nil @@ -1219,7 +1219,7 @@ func TestReconcile_ManagePollingJobs(t *testing.T) { client.EXPECT().Get(gomock.Any(), namespacedName, matchesBundle(c.helmOp.Name, c.helmOp.Namespace), gomock.Any()).DoAndReturn( func(ctx context.Context, req types.NamespacedName, b *fleet.Bundle, opts ...interface{}) error { b.Spec.HelmOpOptions = &fleet.BundleHelmOptions{ - SecretName: "foo", //prevent collision errors; the value does not matter. + SecretName: "foo", // prevent collision errors; the value does not matter. } return nil }).AnyTimes() @@ -1227,7 +1227,7 @@ func TestReconcile_ManagePollingJobs(t *testing.T) { client.EXPECT().Get(gomock.Any(), namespacedName, &fleet.Bundle{}, gomock.Any()).DoAndReturn( func(ctx context.Context, req types.NamespacedName, b *fleet.Bundle, opts ...interface{}) error { b.Spec.HelmOpOptions = &fleet.BundleHelmOptions{ - SecretName: "foo", //prevent collision errors; the value does not matter. + SecretName: "foo", // prevent collision errors; the value does not matter. } return nil }).AnyTimes() diff --git a/internal/cmd/controller/target/target_test.go b/internal/cmd/controller/target/target_test.go index 6ea1258ece..e10790bfbe 100644 --- a/internal/cmd/controller/target/target_test.go +++ b/internal/cmd/controller/target/target_test.go @@ -468,12 +468,12 @@ func TestDisablePreProcessFlagEnabled(t *testing.T) { ExpectedValue: "${ non_existent_function }", }, } { - if field, ok := valuesObj[testCase.Key]; !ok { + field, ok := valuesObj[testCase.Key] + if !ok { t.Fatalf("key %s not found", testCase.Key) - } else { - if field != testCase.ExpectedValue { - t.Fatalf("key %s was not the expected value. Expected: '%s' Actual: '%s'", testCase.Key, testCase.ExpectedValue, field) - } + } + if field != testCase.ExpectedValue { + t.Fatalf("key %s was not the expected value. Expected: '%s' Actual: '%s'", testCase.Key, testCase.ExpectedValue, field) } } @@ -507,23 +507,23 @@ func TestDisablePreProcessFlagDisabled(t *testing.T) { key := "clusterName" expectedValue := "test-cluster" - if field, ok := valuesObj[key]; !ok { + field, ok := valuesObj[key] + if !ok { t.Fatalf("key %s not found", key) - } else { - if field != expectedValue { - t.Fatalf("key %s was not the expected value. Expected: '%s' Actual: '%s'", key, field, expectedValue) - } + } + if field != expectedValue { + t.Fatalf("key %s was not the expected value. Expected: '%s' Actual: '%s'", key, field, expectedValue) } key = "overridden" expectedValue = "something_templated" - if field, ok := valuesObj[key]; !ok { + field, ok = valuesObj[key] + if !ok { t.Fatalf("key %s not found", key) - } else { - if field != expectedValue { - t.Fatalf("key %s was not the expected value. Expected: '%s' Actual: '%s'", key, field, expectedValue) - } + } + if field != expectedValue { + t.Fatalf("key %s was not the expected value. Expected: '%s' Actual: '%s'", key, field, expectedValue) } } @@ -551,12 +551,12 @@ func TestDisablePreProcessFlagMissing(t *testing.T) { key := "clusterName" expectedValue := "test-cluster" - if field, ok := valuesObj[key]; !ok { + field, ok := valuesObj[key] + if !ok { t.Fatalf("key %s not found", key) - } else { - if field != expectedValue { - t.Fatalf("key %s was not the expected value. Expected: '%s' Actual: '%s'", key, field, expectedValue) - } + } + if field != expectedValue { + t.Fatalf("key %s was not the expected value. Expected: '%s' Actual: '%s'", key, field, expectedValue) } } diff --git a/internal/mocks/orastarget_mock.go b/internal/mocks/orastarget_mock.go index d3cfef2bb5..de9dba766f 100644 --- a/internal/mocks/orastarget_mock.go +++ b/internal/mocks/orastarget_mock.go @@ -9,8 +9,8 @@ import ( io "io" reflect "reflect" - gomock "go.uber.org/mock/gomock" v1 "github.com/opencontainers/image-spec/specs-go/v1" + gomock "go.uber.org/mock/gomock" ) // MockTarget is a mock of Target interface. diff --git a/internal/ocistorage/secret_test.go b/internal/ocistorage/secret_test.go index aff91d2ec6..f622e2b4a8 100644 --- a/internal/ocistorage/secret_test.go +++ b/internal/ocistorage/secret_test.go @@ -206,19 +206,20 @@ func getSecretFromMockK8sClient( secretType string, wantNotFound bool, wantErrorMessage string) { - if wantErrorMessage != "" { + switch { + case wantErrorMessage != "": mockClient.EXPECT().Get(gomock.Any(), ns, gomock.Any()).DoAndReturn( func(_ context.Context, _ types.NamespacedName, secret *corev1.Secret, _ ...interface{}) error { return errors.New(wantErrorMessage) }, ) - } else if wantNotFound { + case wantNotFound: mockClient.EXPECT().Get(gomock.Any(), ns, gomock.Any()).DoAndReturn( func(_ context.Context, _ types.NamespacedName, secret *corev1.Secret, _ ...interface{}) error { return apierrors.NewNotFound(schema.GroupResource{}, "TEST ERROR") }, ) - } else if ns.Name == "" { + case ns.Name == "": // verify that when the name is not set it uses the default secret name. mockClient.EXPECT().Get(gomock.Any(), gomock.Any(), gomock.Any()).DoAndReturn( func(_ context.Context, key types.NamespacedName, secret *corev1.Secret, _ ...interface{}) error { @@ -228,7 +229,7 @@ func getSecretFromMockK8sClient( return nil }, ) - } else if ns.Name != "" { + default: mockClient.EXPECT().Get(gomock.Any(), gomock.Any(), gomock.Any()).DoAndReturn( func(_ context.Context, key types.NamespacedName, secret *corev1.Secret, _ ...interface{}) error { Expect(ns.Name).To(Equal(key.Name)) diff --git a/internal/resourcestatus/resourcekey_test.go b/internal/resourcestatus/resourcekey_test.go index 950d88fe20..fc2af5254d 100644 --- a/internal/resourcestatus/resourcekey_test.go +++ b/internal/resourcestatus/resourcekey_test.go @@ -364,13 +364,13 @@ func TestPerClusterStateTruncation(t *testing.T) { size := 0 for _, r := range res { for _, s := range r.PerClusterState.Ready { - size = size + len(s) + size += len(s) } for _, s := range r.PerClusterState.NotReady { - size = size + len(s) + size += len(s) } for _, s := range r.PerClusterState.Missing { - size = size + len(s) + size += len(s) } } return size @@ -383,7 +383,7 @@ func TestPerClusterStateTruncation(t *testing.T) { for c := range maxCluster { for b := range maxBundle { items[n] = percluster(b, c) - n = n + 1 + n++ } } diff --git a/pkg/cert/cabundle_test.go b/pkg/cert/cabundle_test.go index f77c394440..a3421aade2 100644 --- a/pkg/cert/cabundle_test.go +++ b/pkg/cert/cabundle_test.go @@ -205,11 +205,12 @@ func TestGetRancherCABundle(t *testing.T) { tc.secretGets(mockClient) bundle, err := cert.GetRancherCABundle(context.Background(), mockClient) - if tc.expectedErr == nil && err != nil { + switch { + case tc.expectedErr == nil && err != nil: t.Errorf("expected nil error, got %q", err.Error()) - } else if tc.expectedErr != nil && err == nil { + case tc.expectedErr != nil && err == nil: t.Errorf("expected error %q, got nil", tc.expectedErr.Error()) - } else if err != nil && tc.expectedErr != nil && err.Error() != tc.expectedErr.Error() { + case err != nil && tc.expectedErr != nil && err.Error() != tc.expectedErr.Error(): t.Errorf("expected %q, got %q", tc.expectedErr.Error(), err.Error()) } diff --git a/pkg/git/fetch_test.go b/pkg/git/fetch_test.go index a667a61aa5..f791754fae 100644 --- a/pkg/git/fetch_test.go +++ b/pkg/git/fetch_test.go @@ -42,7 +42,7 @@ func newTestClient(objs ...client.Object) client.Client { Build() } -func newTestGithubServer(refs []string, TLSCfg *tls.Config) *httptest.Server { +func newTestGithubServer(refs []string, tlsCfg *tls.Config) *httptest.Server { // fake response from github with capabilities header := "001e# service=git-upload-pack\n01552ada7cca738877df8459b3a34839a15e5683edaa HEAD\x00" header += "multi_ack thin-pack side-band side-band-64k ofs-delta shallow deepen-since deepen-not deepen-relative no-progress include-tag multi_ack_detailed allow-tip-sha1-in-want allow-reachable-sha1-in-want no-done symref=HEAD:refs/heads/master filter object-format=sha1 agent=git/github-f133c3a1d7e6\n" @@ -61,8 +61,8 @@ func newTestGithubServer(refs []string, TLSCfg *tls.Config) *httptest.Server { }) ts := httptest.NewUnstartedServer(mux) - if TLSCfg != nil { - ts.TLS = TLSCfg + if tlsCfg != nil { + ts.TLS = tlsCfg ts.StartTLS() } else { ts.Start() diff --git a/pkg/git/netutils.go b/pkg/git/netutils.go index 8af76e4517..0dafd4ba69 100644 --- a/pkg/git/netutils.go +++ b/pkg/git/netutils.go @@ -55,17 +55,18 @@ func GetAuthFromSecret(url string, creds *corev1.Secret, knownHosts string) (tra if err != nil { return nil, err } - if creds.Data["known_hosts"] != nil { + switch { + case creds.Data["known_hosts"] != nil: auth.HostKeyCallback, err = fleetssh.CreateKnownHostsCallBack(creds.Data["known_hosts"]) if err != nil { return nil, err } - } else if len(knownHosts) > 0 { + case len(knownHosts) > 0: auth.HostKeyCallback, err = fleetssh.CreateKnownHostsCallBack([]byte(knownHosts)) if err != nil { return nil, err } - } else { + default: //nolint:gosec // G106: Use of ssh InsecureIgnoreHostKey should be audited auth.HostKeyCallback = ssh.InsecureIgnoreHostKey() } @@ -84,7 +85,7 @@ func GetAuthFromSecret(url string, creds *corev1.Secret, knownHosts string) (tra // GetHTTPClientFromSecret returns a HTTP client filled from the information in the given secret // and optional CABundle and insecureTLSVerify -func GetHTTPClientFromSecret(creds *corev1.Secret, CABundle []byte, insecureTLSVerify bool, timeout time.Duration) (*http.Client, error) { +func GetHTTPClientFromSecret(creds *corev1.Secret, caBundle []byte, insecureTLSVerify bool, timeout time.Duration) (*http.Client, error) { var ( username string password string @@ -105,8 +106,8 @@ func GetHTTPClientFromSecret(creds *corev1.Secret, CABundle []byte, insecureTLSV } } - if len(CABundle) > 0 { - cert, err := x509.ParseCertificate(CABundle) + if len(caBundle) > 0 { + cert, err := x509.ParseCertificate(caBundle) if err != nil { return nil, err } diff --git a/pkg/webhook/parser.go b/pkg/webhook/parser.go index 8827a391a4..b5008bda84 100644 --- a/pkg/webhook/parser.go +++ b/pkg/webhook/parser.go @@ -25,7 +25,7 @@ const ( func parseWebhook(r *http.Request, secret *corev1.Secret) (interface{}, error) { switch { - //Gogs needs to be checked before Github since it carries both Gogs and (incompatible) Github headers + // Gogs needs to be checked before Github since it carries both Gogs and (incompatible) Github headers case r.Header.Get("X-Gogs-Event") != "": return parseGogs(r, secret) case r.Header.Get("X-GitHub-Event") != "": From 3775fc0af3c2359712942c601550b85e61583ab9 Mon Sep 17 00:00:00 2001 From: Tim Hardeck Date: Mon, 24 Nov 2025 11:55:02 +0100 Subject: [PATCH 3/4] Adapt TLS and CA variable names to follow the rules but also keep the known writing of the abbreviation. --- pkg/git/fetch_test.go | 6 +++--- pkg/git/netutils.go | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/pkg/git/fetch_test.go b/pkg/git/fetch_test.go index f791754fae..b99345a555 100644 --- a/pkg/git/fetch_test.go +++ b/pkg/git/fetch_test.go @@ -42,7 +42,7 @@ func newTestClient(objs ...client.Object) client.Client { Build() } -func newTestGithubServer(refs []string, tlsCfg *tls.Config) *httptest.Server { +func newTestGithubServer(refs []string, cfgTLS *tls.Config) *httptest.Server { // fake response from github with capabilities header := "001e# service=git-upload-pack\n01552ada7cca738877df8459b3a34839a15e5683edaa HEAD\x00" header += "multi_ack thin-pack side-band side-band-64k ofs-delta shallow deepen-since deepen-not deepen-relative no-progress include-tag multi_ack_detailed allow-tip-sha1-in-want allow-reachable-sha1-in-want no-done symref=HEAD:refs/heads/master filter object-format=sha1 agent=git/github-f133c3a1d7e6\n" @@ -61,8 +61,8 @@ func newTestGithubServer(refs []string, tlsCfg *tls.Config) *httptest.Server { }) ts := httptest.NewUnstartedServer(mux) - if tlsCfg != nil { - ts.TLS = tlsCfg + if cfgTLS != nil { + ts.TLS = cfgTLS ts.StartTLS() } else { ts.Start() diff --git a/pkg/git/netutils.go b/pkg/git/netutils.go index 0dafd4ba69..a5785e66ae 100644 --- a/pkg/git/netutils.go +++ b/pkg/git/netutils.go @@ -85,7 +85,7 @@ func GetAuthFromSecret(url string, creds *corev1.Secret, knownHosts string) (tra // GetHTTPClientFromSecret returns a HTTP client filled from the information in the given secret // and optional CABundle and insecureTLSVerify -func GetHTTPClientFromSecret(creds *corev1.Secret, caBundle []byte, insecureTLSVerify bool, timeout time.Duration) (*http.Client, error) { +func GetHTTPClientFromSecret(creds *corev1.Secret, bundleCA []byte, insecureTLSVerify bool, timeout time.Duration) (*http.Client, error) { var ( username string password string @@ -106,8 +106,8 @@ func GetHTTPClientFromSecret(creds *corev1.Secret, caBundle []byte, insecureTLSV } } - if len(caBundle) > 0 { - cert, err := x509.ParseCertificate(caBundle) + if len(bundleCA) > 0 { + cert, err := x509.ParseCertificate(bundleCA) if err != nil { return nil, err } From ce7ca3e942792cce41cd7790ce79470d6ae33315 Mon Sep 17 00:00:00 2001 From: Tim Hardeck Date: Mon, 24 Nov 2025 17:04:08 +0100 Subject: [PATCH 4/4] Improve CACertsPathOverride naming in gitjob.go --- internal/cmd/controller/gitops/reconciler/gitjob.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/internal/cmd/controller/gitops/reconciler/gitjob.go b/internal/cmd/controller/gitops/reconciler/gitjob.go index b8505f3b8b..91aae8c647 100644 --- a/internal/cmd/controller/gitops/reconciler/gitjob.go +++ b/internal/cmd/controller/gitops/reconciler/gitjob.go @@ -642,7 +642,7 @@ func readIntEnvVar(logger logr.Logger, getter func() (int, error), envVarName st func argsAndEnvs( gitrepo *v1alpha1.GitRepo, logger logr.Logger, - caCertsPathOverride string, + pathOverrideCACerts string, knownHosts KnownHostsGetter, drivenScanSeparator string, helmInsecureSkipTLS bool, @@ -732,7 +732,7 @@ func argsAndEnvs( "/etc/fleet/helm/ssh-privatekey", } - if caCertsPathOverride == "" { + if pathOverrideCACerts == "" { helmArgs = append(helmArgs, "--cacerts-file", "/etc/fleet/helm/cacerts", @@ -760,10 +760,10 @@ func argsAndEnvs( }) } - if caCertsPathOverride != "" { + if pathOverrideCACerts != "" { helmArgs := []string{ "--cacerts-file", - caCertsPathOverride, + pathOverrideCACerts, } if gitrepo.Spec.HelmRepoURLRegex != "" { helmArgs = append(helmArgs, "--helm-repo-url-regex", gitrepo.Spec.HelmRepoURLRegex)