diff --git a/cmd/dbg/main.go b/cmd/dbg/main.go index 308a6bdf8..aacc2b54d 100644 --- a/cmd/dbg/main.go +++ b/cmd/dbg/main.go @@ -133,7 +133,7 @@ func backendsAll() { return } - fmt.Println(string(prettyBuffer.Bytes())) + fmt.Println(prettyBuffer.String()) } func backendsList() { @@ -228,7 +228,7 @@ func general() { return } - fmt.Println(string(prettyBuffer.Bytes())) + fmt.Println(prettyBuffer.String()) } func readNginxConf() { diff --git a/cmd/nginx/flags.go b/cmd/nginx/flags.go index a8f26dafd..f1b6198ed 100644 --- a/cmd/nginx/flags.go +++ b/cmd/nginx/flags.go @@ -202,19 +202,19 @@ Takes the form ":port". If not provided, no admission controller is starte // check port collisions if !ing_net.IsPortAvailable(*httpPort) { - return false, nil, fmt.Errorf("Port %v is already in use. Please check the flag --http-port", *httpPort) + return false, nil, fmt.Errorf("port %v is already in use. Please check the flag --http-port", *httpPort) } if !ing_net.IsPortAvailable(*httpsPort) { - return false, nil, fmt.Errorf("Port %v is already in use. Please check the flag --https-port", *httpsPort) + return false, nil, fmt.Errorf("port %v is already in use. Please check the flag --https-port", *httpsPort) } if !ing_net.IsPortAvailable(*defServerPort) { - return false, nil, fmt.Errorf("Port %v is already in use. Please check the flag --default-server-port", *defServerPort) + return false, nil, fmt.Errorf("port %v is already in use. Please check the flag --default-server-port", *defServerPort) } if *enableSSLPassthrough && !ing_net.IsPortAvailable(*sslProxyPort) { - return false, nil, fmt.Errorf("Port %v is already in use. Please check the flag --ssl-passthrough-proxy-port", *sslProxyPort) + return false, nil, fmt.Errorf("port %v is already in use. Please check the flag --ssl-passthrough-proxy-port", *sslProxyPort) } if !*enableSSLChainCompletion { @@ -222,7 +222,7 @@ Takes the form ":port". If not provided, no admission controller is starte } if *publishSvc != "" && *publishStatusAddress != "" { - return false, nil, fmt.Errorf("Flags --publish-service and --publish-status-address are mutually exclusive") + return false, nil, fmt.Errorf("flags --publish-service and --publish-status-address are mutually exclusive") } nginx.HealthPath = *defHealthzURL diff --git a/cmd/nginx/main_test.go b/cmd/nginx/main_test.go index 65a98da7d..e1eb988ac 100644 --- a/cmd/nginx/main_test.go +++ b/cmd/nginx/main_test.go @@ -88,8 +88,6 @@ func TestHandleSigterm(t *testing.T) { if code != 1 { t.Errorf("Expected exit code 1 but %d received", code) } - - return }) time.Sleep(1 * time.Second) diff --git a/cmd/plugin/commands/backends/backends.go b/cmd/plugin/commands/backends/backends.go index 39973e3ab..778249a13 100644 --- a/cmd/plugin/commands/backends/backends.go +++ b/cmd/plugin/commands/backends/backends.go @@ -80,6 +80,6 @@ func backends(flags *genericclioptions.ConfigFlags, podName string, deployment s return err } - fmt.Printf(out) + fmt.Print(out) return nil } diff --git a/cmd/plugin/lints/ingress.go b/cmd/plugin/lints/ingress.go index 157fd88f4..7d7b36f9c 100644 --- a/cmd/plugin/lints/ingress.go +++ b/cmd/plugin/lints/ingress.go @@ -148,11 +148,7 @@ func removedAnnotation(annotationName string, issueNumber int, version string) I func satisfyDirective(ing networking.Ingress) bool { for name, val := range ing.Annotations { if strings.HasSuffix(name, "/configuration-snippet") { - if strings.Index(val, "satisfy") != -1 { - return true - } - - return false + return strings.Contains(val, "satisfy") } } diff --git a/cmd/plugin/request/request.go b/cmd/plugin/request/request.go index 8e836b987..7a893a65d 100644 --- a/cmd/plugin/request/request.go +++ b/cmd/plugin/request/request.go @@ -53,7 +53,7 @@ func GetNamedPod(flags *genericclioptions.ConfigFlags, name string) (apiv1.Pod, } } - return apiv1.Pod{}, fmt.Errorf("Pod %v not found in namespace %v", name, util.GetNamespace(flags)) + return apiv1.Pod{}, fmt.Errorf("pod %v not found in namespace %v", name, util.GetNamespace(flags)) } // GetDeploymentPod finds a pod from a given deployment @@ -64,7 +64,7 @@ func GetDeploymentPod(flags *genericclioptions.ConfigFlags, deployment string) ( } if len(ings) == 0 { - return apiv1.Pod{}, fmt.Errorf("No pods for deployment %v found in namespace %v", deployment, util.GetNamespace(flags)) + return apiv1.Pod{}, fmt.Errorf("no pods for deployment %v found in namespace %v", deployment, util.GetNamespace(flags)) } return ings[0], nil @@ -222,7 +222,7 @@ func GetServiceByName(flags *genericclioptions.ConfigFlags, name string, service } } - return apiv1.Service{}, fmt.Errorf("Could not find service %v in namespace %v", name, util.GetNamespace(flags)) + return apiv1.Service{}, fmt.Errorf("could not find service %v in namespace %v", name, util.GetNamespace(flags)) } func getPods(flags *genericclioptions.ConfigFlags) ([]apiv1.Pod, error) { diff --git a/cmd/plugin/util/util.go b/cmd/plugin/util/util.go index 9f2134564..dca97a1d4 100644 --- a/cmd/plugin/util/util.go +++ b/cmd/plugin/util/util.go @@ -45,27 +45,12 @@ func PrintError(e error) { } } -func printWithError(s string, e error) { - if e != nil { - fmt.Println(e) - } - fmt.Print(s) -} - -func printOrError(s string, e error) error { - if e != nil { - return e - } - fmt.Print(s) - return nil -} - // ParseVersionString returns the major, minor, and patch numbers of a version string func ParseVersionString(v string) (int, int, int, error) { parts := versionRegex.FindStringSubmatch(v) if len(parts) != 4 { - return 0, 0, 0, fmt.Errorf("Could not parse %v as a version string (like 0.20.3)", v) + return 0, 0, 0, fmt.Errorf("could not parse %v as a version string (like 0.20.3)", v) } major, _ := strconv.Atoi(parts[1]) diff --git a/internal/ingress/annotations/ipwhitelist/main.go b/internal/ingress/annotations/ipwhitelist/main.go index dc743a8d6..42d424873 100644 --- a/internal/ingress/annotations/ipwhitelist/main.go +++ b/internal/ingress/annotations/ipwhitelist/main.go @@ -45,12 +45,7 @@ func (sr1 *SourceRange) Equal(sr2 *SourceRange) bool { return false } - match := sets.StringElementsMatch(sr1.CIDR, sr2.CIDR) - if !match { - return false - } - - return true + return sets.StringElementsMatch(sr1.CIDR, sr2.CIDR) } type ipwhitelist struct { diff --git a/internal/ingress/annotations/ratelimit/main.go b/internal/ingress/annotations/ratelimit/main.go index b3a12abaf..77d25ab6e 100644 --- a/internal/ingress/annotations/ratelimit/main.go +++ b/internal/ingress/annotations/ratelimit/main.go @@ -95,12 +95,7 @@ func (rt1 *Config) Equal(rt2 *Config) bool { return false } - match := sets.StringElementsMatch(rt1.Whitelist, rt2.Whitelist) - if !match { - return false - } - - return true + return sets.StringElementsMatch(rt1.Whitelist, rt2.Whitelist) } // Zone returns information about the NGINX rate limit (limit_req_zone) diff --git a/internal/ingress/controller/controller_test.go b/internal/ingress/controller/controller_test.go index e42e97704..4de17ac23 100644 --- a/internal/ingress/controller/controller_test.go +++ b/internal/ingress/controller/controller_test.go @@ -51,8 +51,6 @@ import ( "k8s.io/ingress-nginx/internal/net/ssl" ) -const fakeCertificateName = "default-fake-certificate" - type fakeIngressStore struct { ingresses []*ingress.Ingress } diff --git a/internal/ingress/controller/nginx.go b/internal/ingress/controller/nginx.go index 149c9264e..f9b189944 100644 --- a/internal/ingress/controller/nginx.go +++ b/internal/ingress/controller/nginx.go @@ -22,7 +22,6 @@ import ( "errors" "fmt" "io/ioutil" - "math" "net" "net/http" "os" @@ -547,7 +546,7 @@ func (n NGINXController) generateTemplate(cfg ngx_config.Configuration, ingressC } if cfg.MaxWorkerConnections == 0 { - maxWorkerConnections := int(math.Ceil(float64(cfg.MaxWorkerOpenFiles * 3.0 / 4))) + maxWorkerConnections := int(float64(cfg.MaxWorkerOpenFiles * 3.0 / 4)) klog.V(3).Infof("Adjusting MaxWorkerConnections variable to %d", maxWorkerConnections) cfg.MaxWorkerConnections = maxWorkerConnections } @@ -1090,7 +1089,7 @@ func createOpentracingCfg(cfg ngx_config.Configuration) error { } // Expand possible environment variables before writing the configuration to file. - expanded := os.ExpandEnv(string(tmplBuf.Bytes())) + expanded := os.ExpandEnv(tmplBuf.String()) return ioutil.WriteFile("/etc/nginx/opentracing.json", []byte(expanded), file.ReadWriteByUser) } diff --git a/internal/ingress/controller/store/backend_ssl.go b/internal/ingress/controller/store/backend_ssl.go index eeed9bb34..b657cacfe 100644 --- a/internal/ingress/controller/store/backend_ssl.go +++ b/internal/ingress/controller/store/backend_ssl.go @@ -121,7 +121,7 @@ func (s *k8sStore) getPemCertificate(secretName string) (*ingress.SSLCert, error } klog.V(3).Info(msg) - } else if ca != nil && len(ca) > 0 { + } else if len(ca) > 0 { sslCert, err = ssl.CreateCACert(ca) if err != nil { return nil, fmt.Errorf("unexpected error creating SSL Cert: %v", err) diff --git a/internal/ingress/controller/store/backend_ssl_test.go b/internal/ingress/controller/store/backend_ssl_test.go deleted file mode 100644 index 5fb44c06a..000000000 --- a/internal/ingress/controller/store/backend_ssl_test.go +++ /dev/null @@ -1,223 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package store - -import ( - "encoding/base64" - - apiv1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - testclient "k8s.io/client-go/kubernetes/fake" - cache_client "k8s.io/client-go/tools/cache" -) - -const ( - // openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=nginxsvc/O=nginxsvc" - tlsCrt = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURIekNDQWdlZ0F3SUJBZ0lKQU1KZld6Mm81cWVnTUEwR0NTcUdTSWIzRFFFQkN3VUFNQ1l4RVRBUEJnTlYKQkFNTUNHNW5hVzU0YzNaak1SRXdEd1lEVlFRS0RBaHVaMmx1ZUhOMll6QWVGdzB4TnpBME1URXdNakF3TlRCYQpGdzB5TnpBME1Ea3dNakF3TlRCYU1DWXhFVEFQQmdOVkJBTU1DRzVuYVc1NGMzWmpNUkV3RHdZRFZRUUtEQWh1CloybHVlSE4yWXpDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTUgzVTYvY3ArODAKU3hJRjltSnlUcGI5RzBodnhsM0JMaGdQWDBTWjZ3d1lISGJXeTh2dmlCZjVwWTdvVHd0b2FPaTN1VFNsL2RtVwpvUi9XNm9GVWM5a2l6NlNXc3p6YWRXL2l2Q21LMmxOZUFVc2gvaXY0aTAvNXlreDJRNXZUT2tVL1dra2JPOW1OCjdSVTF0QW1KT3M0T1BVc3hZZkw2cnJJUzZPYktHS2UvYUVkek9QS2NPMDJ5NUxDeHM0TFhhWDIzU1l6TG1XYVAKYVZBallrN1NRZm1xUm5mYlF4RWlpaDFQWTFRRXgxWWs0RzA0VmtHUitrSVVMaWF0L291ZjQxY0dXRTZHMTF4NQpkV1BHeS9XcGtqRGlaM0UwekdNZnJBVUZibnErN1dhRTJCRzVoUVV3ZG9SQUtWTnMzaVhLRlRkT3hoRll5bnBwCjA3cDJVNS96ZHRrQ0F3RUFBYU5RTUU0d0hRWURWUjBPQkJZRUZCL2U5UnVna0Mwc0VNTTZ6enRCSjI1U1JxalMKTUI4R0ExVWRJd1FZTUJhQUZCL2U5UnVna0Mwc0VNTTZ6enRCSjI1U1JxalNNQXdHQTFVZEV3UUZNQU1CQWY4dwpEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBRys4MXdaSXRuMmFWSlFnejNkNmJvZW1nUXhSSHpaZDhNc1IrdFRvCnpJLy9ac1Nwc2FDR3F0TkdTaHVGKzB3TVZ4NjlpQ3lJTnJJb2J4K29NTHBsQzFQSk9uektSUUdvZEhYNFZaSUwKVlhxSFd2VStjK3ZtT0QxUEt3UjcwRi9rTXk2Yk4xMVI2amhIZ3RPZGdLKzdRczhRMVlUSC9RS2dMd3RJTFRHRwpTZlYxWFlmbnF1TXlZKzFzck00U3ZRSmRzdmFUQmJkZHE2RllpdjhXZFpIaG51ZGlSODdZcFgzOUlTSlFkOXF2CnR6OGthZTVqQVFEUWFiZnFsVWZNT1hmUnhyei96S2NvN3dMeWFMWTh1eVhEWUVIZmlHRWdablV0RjgxVlhDZUIKeU80UERBR0FuVmlXTndFM0NZcGI4RkNGelMyaVVVMDJaQWJRajlvUnYyUWNON1E9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" - tlsKey = "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2Z0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktnd2dnU2tBZ0VBQW9JQkFRREI5MU92M0tmdk5Fc1MKQmZaaWNrNlcvUnRJYjhaZHdTNFlEMTlFbWVzTUdCeDIxc3ZMNzRnWCthV082RThMYUdqb3Q3azBwZjNabHFFZgoxdXFCVkhQWklzK2tsck04Mm5WdjRyd3BpdHBUWGdGTElmNHIrSXRQK2NwTWRrT2IwenBGUDFwSkd6dlpqZTBWCk5iUUppVHJPRGoxTE1XSHkrcTZ5RXVqbXloaW52MmhIY3pqeW5EdE5zdVN3c2JPQzEybDl0MG1NeTVsbWoybFEKSTJKTzBrSDVxa1ozMjBNUklvb2RUMk5VQk1kV0pPQnRPRlpCa2ZwQ0ZDNG1yZjZMbitOWEJsaE9odGRjZVhWagp4c3YxcVpJdzRtZHhOTXhqSDZ3RkJXNTZ2dTFtaE5nUnVZVUZNSGFFUUNsVGJONGx5aFUzVHNZUldNcDZhZE82CmRsT2Y4M2JaQWdNQkFBRUNnZ0VBRGU1WW1XSHN3ZFpzcWQrNXdYcGFRS2Z2SkxXNmRwTmdYeVFEZ0tiWlplWDUKYldPaUFZU3pycDBra2U0SGQxZEphYVdBYk5LYk45eUV1QWUwa2hOaHVxK3dZQzdlc3JreUJCWXgwMzRBamtwTApKMzFLaHhmejBZdXNSdStialg2UFNkZnlBUnd1b1VKN1M3R3V1NXlhbDZBWU1PVmNGcHFBbjVPU0hMbFpLZnNLClN3NXZyM3NKUjNyOENNWVZoUmQ0citGam9lMXlaczJhUHl2bno5c0U3T0ZCSVRGSVBKcE4veG53VUNpWW5vSEMKV2F2TzB5RCtPeTUyN2hBQ1FwaFVMVjRaZXV2bEZwd2ZlWkZveUhnc2YrM1FxeGhpdGtJb3NGakx2Y0xlL2xjZwpSVHNRUnU5OGJNUTdSakJpYU5kaURadjBaWEMvUUMvS054SEw0bXgxTFFLQmdRRHVDY0pUM2JBZmJRY2YvSGh3CjNxRzliNE9QTXpwOTl2ajUzWU1hZHo5Vlk1dm9RR3RGeFlwbTBRVm9MR1lkQ3BHK0lXaDdVVHBMV0JUeGtMSkYKd3EwcEFmRVhmdHB0anhmcyt0OExWVUFtSXJiM2hwUjZDUjJmYjFJWVZRWUJ4dUdzN0hWMmY3NnRZMVAzSEFnNwpGTDJNTnF3ZDd5VmlsVXdSTVptcmJKV3Qwd0tCZ1FEUW1qZlgzc1NWSWZtN1FQaVQvclhSOGJMM1B3V0lNa3NOCldJTVRYeDJmaG0vd0hOL0pNdCtEK2VWbGxjSXhLMmxSYlNTQ1NwU2hzRUVsMHNxWHZUa1FFQnJxN3RFZndRWU0KbGxNbDJQb0ovV2E5c2VYSTAzWWRNeC94Vm5sbzNaUG9MUGg4UmtKekJTWkhnMlB6cCs0VmlnUklBcGdYMXo3TwpMbHg0SEVtaEl3S0JnUURES1RVdVZYL2xCQnJuV3JQVXRuT2RRU1IzNytSeENtQXZYREgxTFBlOEpxTFkxSmdlCjZFc0U2VEtwcWwwK1NrQWJ4b0JIT3QyMGtFNzdqMHJhYnpaUmZNb1NIV3N3a0RWcGtuWDBjTHpiaDNMRGxvOTkKVHFQKzUrSkRHTktIK210a3Y2bStzaFcvU3NTNHdUN3VVWjdtcXB5TEhsdGtiRXVsZlNra3B5NUJDUUtCZ0RmUwpyVk1GZUZINGI1NGV1dWJQNk5Rdi9CYVNOT2JIbnJJSmw3b2RZQTRLcWZYMXBDVnhpY01Gb3MvV2pjc2V0T1puCmNMZTFRYVVyUjZQWmp3R2dUNTd1MEdWQ1Y1QkoxVmFVKzlkTEEwNmRFMXQ4T2VQT1F2TjVkUGplalVyMDBObjIKL3VBeTVTRm1wV0hKMVh1azJ0L0V1WFNUelNQRUpEaUV5NVlRNjl0RkFvR0JBT2tDcW1jVGZGYlpPTjJRK2JqdgpvVmQvSFpLR3YrbEhqcm5maVlhODVxcUszdWJmb0FSNGppR3V3TThqc3hZZW8vb0hQdHJDTkxINndsYlZNTUFGCmlRZG80ZUF3S0xxRHo1MUx4U2hMckwzUUtNQ1FuZVhkT0VjaEdqSW9zRG5Zekd5RTBpSzJGbWNvWHVSQU1QOHgKWDFreUlkazdENDFxSjQ5WlM1OEdBbXlLCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K" - tlscaName = "ca.crt" -) - -type MockQueue struct { - cache_client.Store - Synced bool -} - -func (f *MockQueue) HasSynced() bool { - return f.Synced -} - -func (f *MockQueue) AddIfNotPresent(obj interface{}) error { - return nil -} - -func (f *MockQueue) Pop(process cache_client.PopProcessFunc) (interface{}, error) { - return nil, nil -} - -func (f *MockQueue) Close() { - // just mock -} - -func buildSimpleClientSetForBackendSSL() *testclient.Clientset { - return testclient.NewSimpleClientset() -} - -func buildIngListenerForBackendSSL() IngressLister { - ingLister := IngressLister{} - ingLister.Store = cache_client.NewStore(cache_client.DeletionHandlingMetaNamespaceKeyFunc) - return ingLister -} - -func buildSecretForBackendSSL() *apiv1.Secret { - return &apiv1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "foo_secret", - Namespace: metav1.NamespaceDefault, - }, - } -} - -func buildSecrListerForBackendSSL() SecretLister { - secrLister := SecretLister{} - secrLister.Store = cache_client.NewStore(cache_client.DeletionHandlingMetaNamespaceKeyFunc) - - return secrLister -} - -/* -func buildListers() *ingress.StoreLister { - sl := &ingress.StoreLister{} - sl.Ingress.Store = buildIngListenerForBackendSSL() - sl.Secret.Store = buildSecrListerForBackendSSL() - return sl -} -*/ -func buildControllerForBackendSSL() cache_client.Controller { - cfg := &cache_client.Config{ - Queue: &MockQueue{Synced: true}, - } - - return cache_client.New(cfg) -} - -/* -func buildGenericControllerForBackendSSL() *NGINXController { - gc := &NGINXController{ - syncRateLimiter: flowcontrol.NewTokenBucketRateLimiter(0.3, 1), - cfg: &Configuration{ - Client: buildSimpleClientSetForBackendSSL(), - }, - listers: buildListers(), - sslCertTracker: NewSSLCertTracker(), - } - - gc.syncQueue = task.NewTaskQueue(gc.syncIngress) - return gc -} -*/ - -func buildCrtKeyAndCA() ([]byte, []byte, []byte, error) { - dCrt, err := base64.StdEncoding.DecodeString(tlsCrt) - if err != nil { - return nil, nil, nil, err - } - - dKey, err := base64.StdEncoding.DecodeString(tlsKey) - if err != nil { - return nil, nil, nil, err - } - - dCa := dCrt - - return dCrt, dKey, dCa, nil -} - -/* -func TestSyncSecret(t *testing.T) { - // prepare for test - dCrt, dKey, dCa, err := buildCrtKeyAndCA() - if err != nil { - t.Fatalf("Unexpected error: %v", err) - } - - foos := []struct { - tn string - secretName string - Data map[string][]byte - expectSuccess bool - }{ - {"getPemCertificate_error", "default/foo_secret", map[string][]byte{api.TLSPrivateKeyKey: dKey}, false}, - {"normal_test", "default/foo_secret", map[string][]byte{api.TLSCertKey: dCrt, api.TLSPrivateKeyKey: dKey, tlscaName: dCa}, true}, - } - - for _, foo := range foos { - t.Run(foo.tn, func(t *testing.T) { - ic := buildGenericControllerForBackendSSL() - - // init secret for getPemCertificate - secret := buildSecretForBackendSSL() - secret.SetNamespace("default") - secret.SetName("foo_secret") - secret.Data = foo.Data - ic.listers.Secret.Add(secret) - - key := "default/foo_secret" - // for add - ic.syncSecret(key) - if foo.expectSuccess { - // validate - _, exist := ic.sslCertTracker.Get(key) - if !exist { - t.Errorf("Failed to sync secret: %s", foo.secretName) - } else { - // for update - ic.syncSecret(key) - } - } - }) - } -} - -func TestGetPemCertificate(t *testing.T) { - // prepare - dCrt, dKey, dCa, err := buildCrtKeyAndCA() - if err != nil { - t.Fatalf("Unexpected error: %v", err) - } - - foos := []struct { - tn string - secretName string - Data map[string][]byte - eErr bool - }{ - {"secret_not_exist", "default/foo_secret_not_exist", nil, true}, - {"data_not_complete_all_not_exist", "default/foo_secret", map[string][]byte{}, true}, - {"data_not_complete_TLSCertKey_not_exist", "default/foo_secret", map[string][]byte{api.TLSPrivateKeyKey: dKey, tlscaName: dCa}, false}, - {"data_not_complete_TLSCertKeyAndCA_not_exist", "default/foo_secret", map[string][]byte{api.TLSPrivateKeyKey: dKey}, true}, - {"data_not_complete_TLSPrivateKeyKey_not_exist", "default/foo_secret", map[string][]byte{api.TLSCertKey: dCrt, tlscaName: dCa}, false}, - {"data_not_complete_TLSPrivateKeyKeyAndCA_not_exist", "default/foo_secret", map[string][]byte{api.TLSCertKey: dCrt}, true}, - {"data_not_complete_CA_not_exist", "default/foo_secret", map[string][]byte{api.TLSCertKey: dCrt, api.TLSPrivateKeyKey: dKey}, false}, - {"normal_test", "default/foo_secret", map[string][]byte{api.TLSCertKey: dCrt, api.TLSPrivateKeyKey: dKey, tlscaName: dCa}, false}, - } - - for _, foo := range foos { - t.Run(foo.tn, func(t *testing.T) { - ic := buildGenericControllerForBackendSSL() - secret := buildSecretForBackendSSL() - secret.Data = foo.Data - ic.listers.Secret.Add(secret) - sslCert, err := ic.getPemCertificate(foo.secretName) - - if foo.eErr { - if err == nil { - t.Fatal("Expected error") - } - } else { - if err != nil { - t.Fatalf("Unexpected error: %v", err) - } - - if sslCert == nil { - t.Error("Expected an ingress.SSLCert") - } - } - }) - } -} -*/ diff --git a/internal/ingress/controller/store/store.go b/internal/ingress/controller/store/store.go index a403bfdfa..114bfe18e 100644 --- a/internal/ingress/controller/store/store.go +++ b/internal/ingress/controller/store/store.go @@ -166,7 +166,7 @@ func (i *Informer) Run(stopCh chan struct{}) { i.Secret.HasSynced, i.ConfigMap.HasSynced, ) { - runtime.HandleError(fmt.Errorf("Timed out waiting for caches to sync")) + runtime.HandleError(fmt.Errorf("timed out waiting for caches to sync")) } // in big clusters, deltas can keep arriving even after HasSynced @@ -180,7 +180,7 @@ func (i *Informer) Run(stopCh chan struct{}) { if !cache.WaitForCacheSync(stopCh, i.Ingress.HasSynced, ) { - runtime.HandleError(fmt.Errorf("Timed out waiting for caches to sync")) + runtime.HandleError(fmt.Errorf("timed out waiting for caches to sync")) } } diff --git a/internal/ingress/controller/store/store_test.go b/internal/ingress/controller/store/store_test.go index 99bc23bbd..ead1c3069 100644 --- a/internal/ingress/controller/store/store_test.go +++ b/internal/ingress/controller/store/store_test.go @@ -1172,7 +1172,7 @@ func TestIngressConversion(t *testing.T) { t.Fatalf("unexpected error marshalling Ingress: %v", err) } - if bytes.Compare(m1, m2) != 0 { + if !bytes.Equal(m1, m2) { t.Fatalf("Expected marshalling of types should be equal") } } diff --git a/internal/ingress/types_equals.go b/internal/ingress/types_equals.go index 63dd2b827..b2813efed 100644 --- a/internal/ingress/types_equals.go +++ b/internal/ingress/types_equals.go @@ -138,12 +138,7 @@ func (b1 *Backend) Equal(b2 *Backend) bool { return false } - match = sets.StringElementsMatch(b1.AlternativeBackends, b2.AlternativeBackends) - if !match { - return false - } - - return true + return sets.StringElementsMatch(b1.AlternativeBackends, b2.AlternativeBackends) } // Equal tests for equality between two SessionAffinityConfig types @@ -474,12 +469,7 @@ func (e1 *L4Service) Equal(e2 *L4Service) bool { return false } - match := compareEndpoints(e1.Endpoints, e2.Endpoints) - if !match { - return false - } - - return true + return compareEndpoints(e1.Endpoints, e2.Endpoints) } // Equal tests for equality between two L4Backend types @@ -527,12 +517,7 @@ func (s1 *SSLCert) Equal(s2 *SSLCert) bool { return false } - match := sets.StringElementsMatch(s1.CN, s2.CN) - if !match { - return false - } - - return true + return sets.StringElementsMatch(s1.CN, s2.CN) } var compareEndpointsFunc = func(e1, e2 interface{}) bool { diff --git a/internal/net/ssl/ssl.go b/internal/net/ssl/ssl.go index aeb8fb953..1ae406bd2 100644 --- a/internal/net/ssl/ssl.go +++ b/internal/net/ssl/ssl.go @@ -184,10 +184,6 @@ func StoreSSLCertOnDisk(fs file.Filesystem, name string, sslCert *ingress.SSLCer return nil } -func isSSLCertStoredOnDisk(sslCert *ingress.SSLCert) bool { - return len(sslCert.PemFileName) > 0 -} - // ConfigureCACertWithCertAndKey appends ca into existing PEM file consisting of cert and key // and sets relevant fields in sslCert object func ConfigureCACertWithCertAndKey(fs file.Filesystem, name string, ca []byte, sslCert *ingress.SSLCert) error { diff --git a/internal/net/ssl/ssl_test.go b/internal/net/ssl/ssl_test.go index e2ca14785..452fae129 100644 --- a/internal/net/ssl/ssl_test.go +++ b/internal/net/ssl/ssl_test.go @@ -342,19 +342,6 @@ func newSignedCert(cfg certutil.Config, key crypto.Signer, caCert *x509.Certific return x509.ParseCertificate(certDERBytes) } -// encodePublicKeyPEM returns PEM-encoded public data -func encodePublicKeyPEM(key *rsa.PublicKey) ([]byte, error) { - der, err := x509.MarshalPKIXPublicKey(key) - if err != nil { - return []byte{}, err - } - block := pem.Block{ - Type: "PUBLIC KEY", - Bytes: der, - } - return pem.EncodeToMemory(&block), nil -} - // encodePrivateKeyPEM returns PEM-encoded private key data func encodePrivateKeyPEM(key *rsa.PrivateKey) []byte { block := pem.Block{ diff --git a/internal/nginx/main.go b/internal/nginx/main.go index 904367034..967b9f156 100644 --- a/internal/nginx/main.go +++ b/internal/nginx/main.go @@ -98,13 +98,13 @@ func GetServerBlock(conf string, host string) (string, error) { blockStart := strings.Index(conf, startMsg) if blockStart < 0 { - return "", fmt.Errorf("Host %v was not found in the controller's nginx.conf", host) + return "", fmt.Errorf("host %v was not found in the controller's nginx.conf", host) } blockStart = blockStart + len(startMsg) blockEnd := strings.Index(conf, endMsg) if blockEnd < 0 { - return "", fmt.Errorf("The end of the host server block could not be found, but the beginning was") + return "", fmt.Errorf("the end of the host server block could not be found, but the beginning was") } return conf[blockStart:blockEnd], nil