Fix golangci-lint errors (#10196)
* Fix golangci-lint errors Signed-off-by: z1cheng <imchench@gmail.com> * Fix dupl errors Signed-off-by: z1cheng <imchench@gmail.com> * Fix comments Signed-off-by: z1cheng <imchench@gmail.com> * Fix errcheck lint errors Signed-off-by: z1cheng <imchench@gmail.com> * Fix assert in e2e test Signed-off-by: z1cheng <imchench@gmail.com> * Not interrupt the waitForPodsReady Signed-off-by: z1cheng <imchench@gmail.com> * Replace string with constant Signed-off-by: z1cheng <imchench@gmail.com> * Fix comments Signed-off-by: z1cheng <imchench@gmail.com> * Revert write file permision Signed-off-by: z1cheng <imchench@gmail.com> --------- Signed-off-by: z1cheng <imchench@gmail.com>
This commit is contained in:
Chen Chen
GitHub
parent
46d87d3462
commit
b3060bfbd0
253 changed files with 2434 additions and 2113 deletions
|
|
@ -42,7 +42,7 @@ import (
|
|||
)
|
||||
|
||||
// generateRSACerts generates a self signed certificate using a self generated ca
|
||||
func generateRSACerts(host string) (*keyPair, *keyPair, error) {
|
||||
func generateRSACerts(host string) (newCert, newCa *keyPair, err error) {
|
||||
ca, err := newCA("self-sign-ca")
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
|
|
@ -57,7 +57,7 @@ func generateRSACerts(host string) (*keyPair, *keyPair, error) {
|
|||
CommonName: host,
|
||||
Usages: []x509.ExtKeyUsage{x509.ExtKeyUsageAny},
|
||||
}
|
||||
cert, err := newSignedCert(config, key, ca.Cert, ca.Key)
|
||||
cert, err := newSignedCert(&config, key, ca.Cert, ca.Key)
|
||||
if err != nil {
|
||||
return nil, nil, fmt.Errorf("unable to sign the server certificate: %v", err)
|
||||
}
|
||||
|
|
@ -139,11 +139,11 @@ func TestCACert(t *testing.T) {
|
|||
func TestGetFakeSSLCert(t *testing.T) {
|
||||
sslCert := GetFakeSSLCert()
|
||||
|
||||
if len(sslCert.PemCertKey) == 0 {
|
||||
if sslCert.PemCertKey == "" {
|
||||
t.Fatalf("expected PemCertKey to not be empty")
|
||||
}
|
||||
|
||||
if len(sslCert.PemFileName) == 0 {
|
||||
if sslCert.PemFileName == "" {
|
||||
t.Fatalf("expected PemFileName to not be empty")
|
||||
}
|
||||
|
||||
|
|
@ -195,7 +195,7 @@ func TestConfigureCRL(t *testing.T) {
|
|||
// Demo CRL from https://csrc.nist.gov/projects/pki-testing/sample-certificates-and-crls
|
||||
// Converted to PEM to be tested
|
||||
// SHA: ef21f9c97ec2ef84ba3b2ab007c858a6f760d813
|
||||
var crl = []byte(`-----BEGIN X509 CRL-----
|
||||
crl := []byte(`-----BEGIN X509 CRL-----
|
||||
MIIBYDCBygIBATANBgkqhkiG9w0BAQUFADBDMRMwEQYKCZImiZPyLGQBGRYDY29t
|
||||
MRcwFQYKCZImiZPyLGQBGRYHZXhhbXBsZTETMBEGA1UEAxMKRXhhbXBsZSBDQRcN
|
||||
MDUwMjA1MTIwMDAwWhcNMDUwMjA2MTIwMDAwWjAiMCACARIXDTA0MTExOTE1NTcw
|
||||
|
|
@ -237,6 +237,7 @@ fUNCdMGmr8FVF6IzTNYGmCuk/C4=
|
|||
t.Fatalf("the expected CRL SHA wasn't found")
|
||||
}
|
||||
}
|
||||
|
||||
func TestCreateSSLCert(t *testing.T) {
|
||||
cert, _, err := generateRSACerts("echoheaders")
|
||||
if err != nil {
|
||||
|
|
@ -339,12 +340,12 @@ func newPrivateKey() (*rsa.PrivateKey, error) {
|
|||
}
|
||||
|
||||
// newSignedCert creates a signed certificate using the given CA certificate and key
|
||||
func newSignedCert(cfg certutil.Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error) {
|
||||
func newSignedCert(cfg *certutil.Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error) {
|
||||
serial, err := rand.Int(rand.Reader, new(big.Int).SetInt64(math.MaxInt64))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if len(cfg.CommonName) == 0 {
|
||||
if cfg.CommonName == "" {
|
||||
return nil, errors.New("must specify a CommonName")
|
||||
}
|
||||
if len(cfg.Usages) == 0 {
|
||||
|
|
@ -389,7 +390,7 @@ func encodeCertPEM(cert *x509.Certificate) []byte {
|
|||
return pem.EncodeToMemory(&block)
|
||||
}
|
||||
|
||||
func newFakeCertificate(t *testing.T) ([]byte, string, string) {
|
||||
func newFakeCertificate(t *testing.T) (sslCert []byte, certFileName, keyFileName string) {
|
||||
cert, key := getFakeHostSSLCert("localhost")
|
||||
|
||||
certFile, err := os.CreateTemp("", "crt-")
|
||||
|
|
@ -423,10 +424,9 @@ func dialTestServer(port string, rootCertificates ...[]byte) error {
|
|||
return fmt.Errorf("failed to add root certificate")
|
||||
}
|
||||
}
|
||||
resp, err := tls.Dial("tcp", "localhost:"+port, &tls.Config{
|
||||
resp, err := tls.Dial("tcp", "localhost:"+port, &tls.Config{ //nolint:gosec // Ignore the gosec error in testing
|
||||
RootCAs: roots,
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -473,15 +473,14 @@ func TestTLSKeyReloader(t *testing.T) {
|
|||
}
|
||||
})
|
||||
|
||||
//TODO: fix
|
||||
/*
|
||||
// simulate watch.NewFileWatcher to call the load function
|
||||
watcher.load()
|
||||
t.Run("when the certificate is reloaded", func(t *testing.T) {
|
||||
if err := dialTestServer(port, cert); err != nil {
|
||||
t.Errorf("TLS dial should succeed, got error: %v", err)
|
||||
}
|
||||
})
|
||||
/*TODO: fix
|
||||
// simulate watch.NewFileWatcher to call the load function
|
||||
watcher.load()
|
||||
t.Run("when the certificate is reloaded", func(t *testing.T) {
|
||||
if err := dialTestServer(port, cert); err != nil {
|
||||
t.Errorf("TLS dial should succeed, got error: %v", err)
|
||||
}
|
||||
})
|
||||
*/
|
||||
})
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue