Merge pull request #4289 from aledbf/static-check

Apply fixes suggested by staticcheck

cmd/dbg/main.go

@@ -133,7 +133,7 @@ func backendsAll() {
 		return
 	}
 
-	fmt.Println(string(prettyBuffer.Bytes()))
+	fmt.Println(prettyBuffer.String())
 }
 
 func backendsList() {
@@ -228,7 +228,7 @@ func general() {
 		return
 	}
 
-	fmt.Println(string(prettyBuffer.Bytes()))
+	fmt.Println(prettyBuffer.String())
 }
 
 func readNginxConf() {

cmd/nginx/flags.go

@@ -202,19 +202,19 @@ Takes the form "<host>:port". If not provided, no admission controller is starte
 
 	// check port collisions
 	if !ing_net.IsPortAvailable(*httpPort) {
-		return false, nil, fmt.Errorf("Port %v is already in use. Please check the flag --http-port", *httpPort)
+		return false, nil, fmt.Errorf("port %v is already in use. Please check the flag --http-port", *httpPort)
 	}
 
 	if !ing_net.IsPortAvailable(*httpsPort) {
-		return false, nil, fmt.Errorf("Port %v is already in use. Please check the flag --https-port", *httpsPort)
+		return false, nil, fmt.Errorf("port %v is already in use. Please check the flag --https-port", *httpsPort)
 	}
 
 	if !ing_net.IsPortAvailable(*defServerPort) {
-		return false, nil, fmt.Errorf("Port %v is already in use. Please check the flag --default-server-port", *defServerPort)
+		return false, nil, fmt.Errorf("port %v is already in use. Please check the flag --default-server-port", *defServerPort)
 	}
 
 	if *enableSSLPassthrough && !ing_net.IsPortAvailable(*sslProxyPort) {
-		return false, nil, fmt.Errorf("Port %v is already in use. Please check the flag --ssl-passthrough-proxy-port", *sslProxyPort)
+		return false, nil, fmt.Errorf("port %v is already in use. Please check the flag --ssl-passthrough-proxy-port", *sslProxyPort)
 	}
 
 	if !*enableSSLChainCompletion {
@@ -222,7 +222,7 @@ Takes the form "<host>:port". If not provided, no admission controller is starte
 	}
 
 	if *publishSvc != "" && *publishStatusAddress != "" {
-		return false, nil, fmt.Errorf("Flags --publish-service and --publish-status-address are mutually exclusive")
+		return false, nil, fmt.Errorf("flags --publish-service and --publish-status-address are mutually exclusive")
 	}
 
 	nginx.HealthPath = *defHealthzURL

cmd/nginx/main_test.go

@@ -88,8 +88,6 @@ func TestHandleSigterm(t *testing.T) {
 		if code != 1 {
 			t.Errorf("Expected exit code 1 but %d received", code)
 		}
-
-		return
 	})
 
 	time.Sleep(1 * time.Second)

cmd/plugin/commands/backends/backends.go

@@ -80,6 +80,6 @@ func backends(flags *genericclioptions.ConfigFlags, podName string, deployment s
 		return err
 	}
 
-	fmt.Printf(out)
+	fmt.Print(out)
 	return nil
 }

cmd/plugin/lints/ingress.go

@@ -148,11 +148,7 @@ func removedAnnotation(annotationName string, issueNumber int, version string) I
 func satisfyDirective(ing networking.Ingress) bool {
 	for name, val := range ing.Annotations {
 		if strings.HasSuffix(name, "/configuration-snippet") {
-			if strings.Index(val, "satisfy") != -1 {
+			return strings.Contains(val, "satisfy")
-				return true
-			}
-
-			return false
 		}
 	}
 

cmd/plugin/request/request.go

@@ -53,7 +53,7 @@ func GetNamedPod(flags *genericclioptions.ConfigFlags, name string) (apiv1.Pod,
 		}
 	}
 
-	return apiv1.Pod{}, fmt.Errorf("Pod %v not found in namespace %v", name, util.GetNamespace(flags))
+	return apiv1.Pod{}, fmt.Errorf("pod %v not found in namespace %v", name, util.GetNamespace(flags))
 }
 
 // GetDeploymentPod finds a pod from a given deployment
@@ -64,7 +64,7 @@ func GetDeploymentPod(flags *genericclioptions.ConfigFlags, deployment string) (
 	}
 
 	if len(ings) == 0 {
-		return apiv1.Pod{}, fmt.Errorf("No pods for deployment %v found in namespace %v", deployment, util.GetNamespace(flags))
+		return apiv1.Pod{}, fmt.Errorf("no pods for deployment %v found in namespace %v", deployment, util.GetNamespace(flags))
 	}
 
 	return ings[0], nil
@@ -222,7 +222,7 @@ func GetServiceByName(flags *genericclioptions.ConfigFlags, name string, service
 		}
 	}
 
-	return apiv1.Service{}, fmt.Errorf("Could not find service %v in namespace %v", name, util.GetNamespace(flags))
+	return apiv1.Service{}, fmt.Errorf("could not find service %v in namespace %v", name, util.GetNamespace(flags))
 }
 
 func getPods(flags *genericclioptions.ConfigFlags) ([]apiv1.Pod, error) {

cmd/plugin/util/util.go

@@ -45,27 +45,12 @@ func PrintError(e error) {
 	}
 }
 
-func printWithError(s string, e error) {
-	if e != nil {
-		fmt.Println(e)
-	}
-	fmt.Print(s)
-}
-
-func printOrError(s string, e error) error {
-	if e != nil {
-		return e
-	}
-	fmt.Print(s)
-	return nil
-}
-
 // ParseVersionString returns the major, minor, and patch numbers of a version string
 func ParseVersionString(v string) (int, int, int, error) {
 	parts := versionRegex.FindStringSubmatch(v)
 
 	if len(parts) != 4 {
-		return 0, 0, 0, fmt.Errorf("Could not parse %v as a version string (like 0.20.3)", v)
+		return 0, 0, 0, fmt.Errorf("could not parse %v as a version string (like 0.20.3)", v)
 	}
 
 	major, _ := strconv.Atoi(parts[1])

internal/ingress/annotations/ipwhitelist/main.go

@@ -45,12 +45,7 @@ func (sr1 *SourceRange) Equal(sr2 *SourceRange) bool {
 		return false
 	}
 
-	match := sets.StringElementsMatch(sr1.CIDR, sr2.CIDR)
+	return sets.StringElementsMatch(sr1.CIDR, sr2.CIDR)
-	if !match {
-		return false
-	}
-
-	return true
 }
 
 type ipwhitelist struct {

internal/ingress/annotations/ratelimit/main.go

@@ -95,12 +95,7 @@ func (rt1 *Config) Equal(rt2 *Config) bool {
 		return false
 	}
 
-	match := sets.StringElementsMatch(rt1.Whitelist, rt2.Whitelist)
+	return sets.StringElementsMatch(rt1.Whitelist, rt2.Whitelist)
-	if !match {
-		return false
-	}
-
-	return true
 }
 
 // Zone returns information about the NGINX rate limit (limit_req_zone)

internal/ingress/controller/controller_test.go

@@ -51,8 +51,6 @@ import (
 	"k8s.io/ingress-nginx/internal/net/ssl"
 )
 
-const fakeCertificateName = "default-fake-certificate"
-
 type fakeIngressStore struct {
 	ingresses []*ingress.Ingress
 }

internal/ingress/controller/nginx.go

@@ -22,7 +22,6 @@ import (
 	"errors"
 	"fmt"
 	"io/ioutil"
-	"math"
 	"net"
 	"net/http"
 	"os"
@@ -547,7 +546,7 @@ func (n NGINXController) generateTemplate(cfg ngx_config.Configuration, ingressC
 	}
 
 	if cfg.MaxWorkerConnections == 0 {
-		maxWorkerConnections := int(math.Ceil(float64(cfg.MaxWorkerOpenFiles * 3.0 / 4)))
+		maxWorkerConnections := int(float64(cfg.MaxWorkerOpenFiles * 3.0 / 4))
 		klog.V(3).Infof("Adjusting MaxWorkerConnections variable to %d", maxWorkerConnections)
 		cfg.MaxWorkerConnections = maxWorkerConnections
 	}
@@ -1090,7 +1089,7 @@ func createOpentracingCfg(cfg ngx_config.Configuration) error {
 	}
 
 	// Expand possible environment variables before writing the configuration to file.
-	expanded := os.ExpandEnv(string(tmplBuf.Bytes()))
+	expanded := os.ExpandEnv(tmplBuf.String())
 
 	return ioutil.WriteFile("/etc/nginx/opentracing.json", []byte(expanded), file.ReadWriteByUser)
 }

internal/ingress/controller/store/backend_ssl.go

@@ -121,7 +121,7 @@ func (s *k8sStore) getPemCertificate(secretName string) (*ingress.SSLCert, error
 		}
 		klog.V(3).Info(msg)
 
-	} else if ca != nil && len(ca) > 0 {
+	} else if len(ca) > 0 {
 		sslCert, err = ssl.CreateCACert(ca)
 		if err != nil {
 			return nil, fmt.Errorf("unexpected error creating SSL Cert: %v", err)

internal/ingress/controller/store/backend_ssl_test.go

@@ -1,223 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package store
-
-import (
-	"encoding/base64"
-
-	apiv1 "k8s.io/api/core/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	testclient "k8s.io/client-go/kubernetes/fake"
-	cache_client "k8s.io/client-go/tools/cache"
-)
-
-const (
-	// openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=nginxsvc/O=nginxsvc"
-	tlsCrt    = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURIekNDQWdlZ0F3SUJBZ0lKQU1KZld6Mm81cWVnTUEwR0NTcUdTSWIzRFFFQkN3VUFNQ1l4RVRBUEJnTlYKQkFNTUNHNW5hVzU0YzNaak1SRXdEd1lEVlFRS0RBaHVaMmx1ZUhOMll6QWVGdzB4TnpBME1URXdNakF3TlRCYQpGdzB5TnpBME1Ea3dNakF3TlRCYU1DWXhFVEFQQmdOVkJBTU1DRzVuYVc1NGMzWmpNUkV3RHdZRFZRUUtEQWh1CloybHVlSE4yWXpDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTUgzVTYvY3ArODAKU3hJRjltSnlUcGI5RzBodnhsM0JMaGdQWDBTWjZ3d1lISGJXeTh2dmlCZjVwWTdvVHd0b2FPaTN1VFNsL2RtVwpvUi9XNm9GVWM5a2l6NlNXc3p6YWRXL2l2Q21LMmxOZUFVc2gvaXY0aTAvNXlreDJRNXZUT2tVL1dra2JPOW1OCjdSVTF0QW1KT3M0T1BVc3hZZkw2cnJJUzZPYktHS2UvYUVkek9QS2NPMDJ5NUxDeHM0TFhhWDIzU1l6TG1XYVAKYVZBallrN1NRZm1xUm5mYlF4RWlpaDFQWTFRRXgxWWs0RzA0VmtHUitrSVVMaWF0L291ZjQxY0dXRTZHMTF4NQpkV1BHeS9XcGtqRGlaM0UwekdNZnJBVUZibnErN1dhRTJCRzVoUVV3ZG9SQUtWTnMzaVhLRlRkT3hoRll5bnBwCjA3cDJVNS96ZHRrQ0F3RUFBYU5RTUU0d0hRWURWUjBPQkJZRUZCL2U5UnVna0Mwc0VNTTZ6enRCSjI1U1JxalMKTUI4R0ExVWRJd1FZTUJhQUZCL2U5UnVna0Mwc0VNTTZ6enRCSjI1U1JxalNNQXdHQTFVZEV3UUZNQU1CQWY4dwpEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBRys4MXdaSXRuMmFWSlFnejNkNmJvZW1nUXhSSHpaZDhNc1IrdFRvCnpJLy9ac1Nwc2FDR3F0TkdTaHVGKzB3TVZ4NjlpQ3lJTnJJb2J4K29NTHBsQzFQSk9uektSUUdvZEhYNFZaSUwKVlhxSFd2VStjK3ZtT0QxUEt3UjcwRi9rTXk2Yk4xMVI2amhIZ3RPZGdLKzdRczhRMVlUSC9RS2dMd3RJTFRHRwpTZlYxWFlmbnF1TXlZKzFzck00U3ZRSmRzdmFUQmJkZHE2RllpdjhXZFpIaG51ZGlSODdZcFgzOUlTSlFkOXF2CnR6OGthZTVqQVFEUWFiZnFsVWZNT1hmUnhyei96S2NvN3dMeWFMWTh1eVhEWUVIZmlHRWdablV0RjgxVlhDZUIKeU80UERBR0FuVmlXTndFM0NZcGI4RkNGelMyaVVVMDJaQWJRajlvUnYyUWNON1E9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
-	tlsKey    = "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2Z0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktnd2dnU2tBZ0VBQW9JQkFRREI5MU92M0tmdk5Fc1MKQmZaaWNrNlcvUnRJYjhaZHdTNFlEMTlFbWVzTUdCeDIxc3ZMNzRnWCthV082RThMYUdqb3Q3azBwZjNabHFFZgoxdXFCVkhQWklzK2tsck04Mm5WdjRyd3BpdHBUWGdGTElmNHIrSXRQK2NwTWRrT2IwenBGUDFwSkd6dlpqZTBWCk5iUUppVHJPRGoxTE1XSHkrcTZ5RXVqbXloaW52MmhIY3pqeW5EdE5zdVN3c2JPQzEybDl0MG1NeTVsbWoybFEKSTJKTzBrSDVxa1ozMjBNUklvb2RUMk5VQk1kV0pPQnRPRlpCa2ZwQ0ZDNG1yZjZMbitOWEJsaE9odGRjZVhWagp4c3YxcVpJdzRtZHhOTXhqSDZ3RkJXNTZ2dTFtaE5nUnVZVUZNSGFFUUNsVGJONGx5aFUzVHNZUldNcDZhZE82CmRsT2Y4M2JaQWdNQkFBRUNnZ0VBRGU1WW1XSHN3ZFpzcWQrNXdYcGFRS2Z2SkxXNmRwTmdYeVFEZ0tiWlplWDUKYldPaUFZU3pycDBra2U0SGQxZEphYVdBYk5LYk45eUV1QWUwa2hOaHVxK3dZQzdlc3JreUJCWXgwMzRBamtwTApKMzFLaHhmejBZdXNSdStialg2UFNkZnlBUnd1b1VKN1M3R3V1NXlhbDZBWU1PVmNGcHFBbjVPU0hMbFpLZnNLClN3NXZyM3NKUjNyOENNWVZoUmQ0citGam9lMXlaczJhUHl2bno5c0U3T0ZCSVRGSVBKcE4veG53VUNpWW5vSEMKV2F2TzB5RCtPeTUyN2hBQ1FwaFVMVjRaZXV2bEZwd2ZlWkZveUhnc2YrM1FxeGhpdGtJb3NGakx2Y0xlL2xjZwpSVHNRUnU5OGJNUTdSakJpYU5kaURadjBaWEMvUUMvS054SEw0bXgxTFFLQmdRRHVDY0pUM2JBZmJRY2YvSGh3CjNxRzliNE9QTXpwOTl2ajUzWU1hZHo5Vlk1dm9RR3RGeFlwbTBRVm9MR1lkQ3BHK0lXaDdVVHBMV0JUeGtMSkYKd3EwcEFmRVhmdHB0anhmcyt0OExWVUFtSXJiM2hwUjZDUjJmYjFJWVZRWUJ4dUdzN0hWMmY3NnRZMVAzSEFnNwpGTDJNTnF3ZDd5VmlsVXdSTVptcmJKV3Qwd0tCZ1FEUW1qZlgzc1NWSWZtN1FQaVQvclhSOGJMM1B3V0lNa3NOCldJTVRYeDJmaG0vd0hOL0pNdCtEK2VWbGxjSXhLMmxSYlNTQ1NwU2hzRUVsMHNxWHZUa1FFQnJxN3RFZndRWU0KbGxNbDJQb0ovV2E5c2VYSTAzWWRNeC94Vm5sbzNaUG9MUGg4UmtKekJTWkhnMlB6cCs0VmlnUklBcGdYMXo3TwpMbHg0SEVtaEl3S0JnUURES1RVdVZYL2xCQnJuV3JQVXRuT2RRU1IzNytSeENtQXZYREgxTFBlOEpxTFkxSmdlCjZFc0U2VEtwcWwwK1NrQWJ4b0JIT3QyMGtFNzdqMHJhYnpaUmZNb1NIV3N3a0RWcGtuWDBjTHpiaDNMRGxvOTkKVHFQKzUrSkRHTktIK210a3Y2bStzaFcvU3NTNHdUN3VVWjdtcXB5TEhsdGtiRXVsZlNra3B5NUJDUUtCZ0RmUwpyVk1GZUZINGI1NGV1dWJQNk5Rdi9CYVNOT2JIbnJJSmw3b2RZQTRLcWZYMXBDVnhpY01Gb3MvV2pjc2V0T1puCmNMZTFRYVVyUjZQWmp3R2dUNTd1MEdWQ1Y1QkoxVmFVKzlkTEEwNmRFMXQ4T2VQT1F2TjVkUGplalVyMDBObjIKL3VBeTVTRm1wV0hKMVh1azJ0L0V1WFNUelNQRUpEaUV5NVlRNjl0RkFvR0JBT2tDcW1jVGZGYlpPTjJRK2JqdgpvVmQvSFpLR3YrbEhqcm5maVlhODVxcUszdWJmb0FSNGppR3V3TThqc3hZZW8vb0hQdHJDTkxINndsYlZNTUFGCmlRZG80ZUF3S0xxRHo1MUx4U2hMckwzUUtNQ1FuZVhkT0VjaEdqSW9zRG5Zekd5RTBpSzJGbWNvWHVSQU1QOHgKWDFreUlkazdENDFxSjQ5WlM1OEdBbXlLCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K"
-	tlscaName = "ca.crt"
-)
-
-type MockQueue struct {
-	cache_client.Store
-	Synced bool
-}
-
-func (f *MockQueue) HasSynced() bool {
-	return f.Synced
-}
-
-func (f *MockQueue) AddIfNotPresent(obj interface{}) error {
-	return nil
-}
-
-func (f *MockQueue) Pop(process cache_client.PopProcessFunc) (interface{}, error) {
-	return nil, nil
-}
-
-func (f *MockQueue) Close() {
-	// just mock
-}
-
-func buildSimpleClientSetForBackendSSL() *testclient.Clientset {
-	return testclient.NewSimpleClientset()
-}
-
-func buildIngListenerForBackendSSL() IngressLister {
-	ingLister := IngressLister{}
-	ingLister.Store = cache_client.NewStore(cache_client.DeletionHandlingMetaNamespaceKeyFunc)
-	return ingLister
-}
-
-func buildSecretForBackendSSL() *apiv1.Secret {
-	return &apiv1.Secret{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      "foo_secret",
-			Namespace: metav1.NamespaceDefault,
-		},
-	}
-}
-
-func buildSecrListerForBackendSSL() SecretLister {
-	secrLister := SecretLister{}
-	secrLister.Store = cache_client.NewStore(cache_client.DeletionHandlingMetaNamespaceKeyFunc)
-
-	return secrLister
-}
-
-/*
-func buildListers() *ingress.StoreLister {
-	sl := &ingress.StoreLister{}
-	sl.Ingress.Store = buildIngListenerForBackendSSL()
-	sl.Secret.Store = buildSecrListerForBackendSSL()
-	return sl
-}
-*/
-func buildControllerForBackendSSL() cache_client.Controller {
-	cfg := &cache_client.Config{
-		Queue: &MockQueue{Synced: true},
-	}
-
-	return cache_client.New(cfg)
-}
-
-/*
-func buildGenericControllerForBackendSSL() *NGINXController {
-	gc := &NGINXController{
-		syncRateLimiter: flowcontrol.NewTokenBucketRateLimiter(0.3, 1),
-		cfg: &Configuration{
-			Client: buildSimpleClientSetForBackendSSL(),
-		},
-		listers:        buildListers(),
-		sslCertTracker: NewSSLCertTracker(),
-	}
-
-	gc.syncQueue = task.NewTaskQueue(gc.syncIngress)
-	return gc
-}
-*/
-
-func buildCrtKeyAndCA() ([]byte, []byte, []byte, error) {
-	dCrt, err := base64.StdEncoding.DecodeString(tlsCrt)
-	if err != nil {
-		return nil, nil, nil, err
-	}
-
-	dKey, err := base64.StdEncoding.DecodeString(tlsKey)
-	if err != nil {
-		return nil, nil, nil, err
-	}
-
-	dCa := dCrt
-
-	return dCrt, dKey, dCa, nil
-}
-
-/*
-func TestSyncSecret(t *testing.T) {
-	// prepare for test
-	dCrt, dKey, dCa, err := buildCrtKeyAndCA()
-	if err != nil {
-		t.Fatalf("Unexpected error: %v", err)
-	}
-
-	foos := []struct {
-		tn            string
-		secretName    string
-		Data          map[string][]byte
-		expectSuccess bool
-	}{
-		{"getPemCertificate_error", "default/foo_secret", map[string][]byte{api.TLSPrivateKeyKey: dKey}, false},
-		{"normal_test", "default/foo_secret", map[string][]byte{api.TLSCertKey: dCrt, api.TLSPrivateKeyKey: dKey, tlscaName: dCa}, true},
-	}
-
-	for _, foo := range foos {
-		t.Run(foo.tn, func(t *testing.T) {
-			ic := buildGenericControllerForBackendSSL()
-
-			// init secret for getPemCertificate
-			secret := buildSecretForBackendSSL()
-			secret.SetNamespace("default")
-			secret.SetName("foo_secret")
-			secret.Data = foo.Data
-			ic.listers.Secret.Add(secret)
-
-			key := "default/foo_secret"
-			// for add
-			ic.syncSecret(key)
-			if foo.expectSuccess {
-				// validate
-				_, exist := ic.sslCertTracker.Get(key)
-				if !exist {
-					t.Errorf("Failed to sync secret: %s", foo.secretName)
-				} else {
-					// for update
-					ic.syncSecret(key)
-				}
-			}
-		})
-	}
-}
-
-func TestGetPemCertificate(t *testing.T) {
-	// prepare
-	dCrt, dKey, dCa, err := buildCrtKeyAndCA()
-	if err != nil {
-		t.Fatalf("Unexpected error: %v", err)
-	}
-
-	foos := []struct {
-		tn         string
-		secretName string
-		Data       map[string][]byte
-		eErr       bool
-	}{
-		{"secret_not_exist", "default/foo_secret_not_exist", nil, true},
-		{"data_not_complete_all_not_exist", "default/foo_secret", map[string][]byte{}, true},
-		{"data_not_complete_TLSCertKey_not_exist", "default/foo_secret", map[string][]byte{api.TLSPrivateKeyKey: dKey, tlscaName: dCa}, false},
-		{"data_not_complete_TLSCertKeyAndCA_not_exist", "default/foo_secret", map[string][]byte{api.TLSPrivateKeyKey: dKey}, true},
-		{"data_not_complete_TLSPrivateKeyKey_not_exist", "default/foo_secret", map[string][]byte{api.TLSCertKey: dCrt, tlscaName: dCa}, false},
-		{"data_not_complete_TLSPrivateKeyKeyAndCA_not_exist", "default/foo_secret", map[string][]byte{api.TLSCertKey: dCrt}, true},
-		{"data_not_complete_CA_not_exist", "default/foo_secret", map[string][]byte{api.TLSCertKey: dCrt, api.TLSPrivateKeyKey: dKey}, false},
-		{"normal_test", "default/foo_secret", map[string][]byte{api.TLSCertKey: dCrt, api.TLSPrivateKeyKey: dKey, tlscaName: dCa}, false},
-	}
-
-	for _, foo := range foos {
-		t.Run(foo.tn, func(t *testing.T) {
-			ic := buildGenericControllerForBackendSSL()
-			secret := buildSecretForBackendSSL()
-			secret.Data = foo.Data
-			ic.listers.Secret.Add(secret)
-			sslCert, err := ic.getPemCertificate(foo.secretName)
-
-			if foo.eErr {
-				if err == nil {
-					t.Fatal("Expected error")
-				}
-			} else {
-				if err != nil {
-					t.Fatalf("Unexpected error: %v", err)
-				}
-
-				if sslCert == nil {
-					t.Error("Expected an ingress.SSLCert")
-				}
-			}
-		})
-	}
-}
-*/

internal/ingress/controller/store/store.go

@@ -166,7 +166,7 @@ func (i *Informer) Run(stopCh chan struct{}) {
 		i.Secret.HasSynced,
 		i.ConfigMap.HasSynced,
 	) {
-		runtime.HandleError(fmt.Errorf("Timed out waiting for caches to sync"))
+		runtime.HandleError(fmt.Errorf("timed out waiting for caches to sync"))
 	}
 
 	// in big clusters, deltas can keep arriving even after HasSynced
@@ -180,7 +180,7 @@ func (i *Informer) Run(stopCh chan struct{}) {
 	if !cache.WaitForCacheSync(stopCh,
 		i.Ingress.HasSynced,
 	) {
-		runtime.HandleError(fmt.Errorf("Timed out waiting for caches to sync"))
+		runtime.HandleError(fmt.Errorf("timed out waiting for caches to sync"))
 	}
 }
 

internal/ingress/controller/store/store_test.go

@@ -1172,7 +1172,7 @@ func TestIngressConversion(t *testing.T) {
 		t.Fatalf("unexpected error marshalling Ingress: %v", err)
 	}
 
-	if bytes.Compare(m1, m2) != 0 {
+	if !bytes.Equal(m1, m2) {
 		t.Fatalf("Expected marshalling of types should be equal")
 	}
 }

internal/ingress/types_equals.go

@@ -138,12 +138,7 @@ func (b1 *Backend) Equal(b2 *Backend) bool {
 		return false
 	}
 
-	match = sets.StringElementsMatch(b1.AlternativeBackends, b2.AlternativeBackends)
+	return sets.StringElementsMatch(b1.AlternativeBackends, b2.AlternativeBackends)
-	if !match {
-		return false
-	}
-
-	return true
 }
 
 // Equal tests for equality between two SessionAffinityConfig types
@@ -474,12 +469,7 @@ func (e1 *L4Service) Equal(e2 *L4Service) bool {
 		return false
 	}
 
-	match := compareEndpoints(e1.Endpoints, e2.Endpoints)
+	return compareEndpoints(e1.Endpoints, e2.Endpoints)
-	if !match {
-		return false
-	}
-
-	return true
 }
 
 // Equal tests for equality between two L4Backend types
@@ -527,12 +517,7 @@ func (s1 *SSLCert) Equal(s2 *SSLCert) bool {
 		return false
 	}
 
-	match := sets.StringElementsMatch(s1.CN, s2.CN)
+	return sets.StringElementsMatch(s1.CN, s2.CN)
-	if !match {
-		return false
-	}
-
-	return true
 }
 
 var compareEndpointsFunc = func(e1, e2 interface{}) bool {

internal/net/ssl/ssl.go

@@ -184,10 +184,6 @@ func StoreSSLCertOnDisk(fs file.Filesystem, name string, sslCert *ingress.SSLCer
 	return nil
 }
 
-func isSSLCertStoredOnDisk(sslCert *ingress.SSLCert) bool {
-	return len(sslCert.PemFileName) > 0
-}
-
 // ConfigureCACertWithCertAndKey appends ca into existing PEM file consisting of cert and key
 // and sets relevant fields in sslCert object
 func ConfigureCACertWithCertAndKey(fs file.Filesystem, name string, ca []byte, sslCert *ingress.SSLCert) error {

internal/net/ssl/ssl_test.go

@@ -342,19 +342,6 @@ func newSignedCert(cfg certutil.Config, key crypto.Signer, caCert *x509.Certific
 	return x509.ParseCertificate(certDERBytes)
 }
 
-// encodePublicKeyPEM returns PEM-encoded public data
-func encodePublicKeyPEM(key *rsa.PublicKey) ([]byte, error) {
-	der, err := x509.MarshalPKIXPublicKey(key)
-	if err != nil {
-		return []byte{}, err
-	}
-	block := pem.Block{
-		Type:  "PUBLIC KEY",
-		Bytes: der,
-	}
-	return pem.EncodeToMemory(&block), nil
-}
-
 // encodePrivateKeyPEM returns PEM-encoded private key data
 func encodePrivateKeyPEM(key *rsa.PrivateKey) []byte {
 	block := pem.Block{

internal/nginx/main.go

@@ -98,13 +98,13 @@ func GetServerBlock(conf string, host string) (string, error) {
 
 	blockStart := strings.Index(conf, startMsg)
 	if blockStart < 0 {
-		return "", fmt.Errorf("Host %v was not found in the controller's nginx.conf", host)
+		return "", fmt.Errorf("host %v was not found in the controller's nginx.conf", host)
 	}
 	blockStart = blockStart + len(startMsg)
 
 	blockEnd := strings.Index(conf, endMsg)
 	if blockEnd < 0 {
-		return "", fmt.Errorf("The end of the host server block could not be found, but the beginning was")
+		return "", fmt.Errorf("the end of the host server block could not be found, but the beginning was")
 	}
 
 	return conf[blockStart:blockEnd], nil