Linter

hashicorp · Jul 29, 2023 · 8a3740f · 8a3740f
1 parent 746cbc4
commit 8a3740f
Show file tree

Hide file tree

Showing 7 changed files with 32 additions and 40 deletions.
diff --git a/auth/workload/aws.go b/auth/workload/aws.go
@@ -24,16 +24,16 @@ const (
 	// Environment Variable Reference:
 	// https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html
 
-	// awsEnvRegion is the region to send requests to. It takes precendence of
+	// awsEnvRegion is the region to send requests to. It takes precedence of
 	// default region.
 	awsEnvRegion = "AWS_REGION"
 
 	// awsEnvDefaultRegion is where requests will be sent to by default, if not
-	// overriden.
+	// overridden.
 	awsEnvDefaultRegion = "AWS_DEFAULT_REGION"
 
-	// awsEnvAccessKeyId stores the AWS access key.
-	awsEnvAccessKeyId = "AWS_ACCESS_KEY_ID"
+	// awsEnvAccessKeyID stores the AWS access key.
+	awsEnvAccessKeyID = "AWS_ACCESS_KEY_ID"
 
 	// awsEnvSecretAccessKeyId stores the secret key associated with the access key.
 	awsEnvSecretAccessKey = "AWS_SECRET_ACCESS_KEY"
@@ -56,11 +56,11 @@ const (
 	// https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-metadata-v2-how-it-works.html
 	awsSessionTokenURL = "http://169.254.169.254/latest/api/token"
 
-	// awsIMDSv2SessionTtlHeader is used to configure the session token TTL.
-	awsIMDSv2SessionTtlHeader = "X-aws-ec2-metadata-token-ttl-seconds"
+	// awsIMDSv2SessionTTLHeader is used to configure the session token TTL.
+	awsIMDSv2SessionTTLHeader = "X-aws-ec2-metadata-token-ttl-seconds"
 
-	// awsIMDSv2SessionTtl is the session ttl we request.
-	awsIMDSv2SessionTtl = "300"
+	// awsIMDSv2SessionTTL is the session ttl we request.
+	awsIMDSv2SessionTTL = "300"
 
 	// awsIMDSv2SessionTokenHeader is used to pass the short lived session
 	// token to an IMDSv2 endpoint.
@@ -272,7 +272,7 @@ func (s *awsRequestSigner) sourceEnvVars() {
 	}
 
 	// Try to get the AWS credentials
-	accessKey, accessKeyOk := os.LookupEnv(awsEnvAccessKeyId)
+	accessKey, accessKeyOk := os.LookupEnv(awsEnvAccessKeyID)
 	secretKey, secretKeyOk := os.LookupEnv(awsEnvSecretAccessKey)
 	sessionToken := os.Getenv(awsEnvSessionToken)
 	if accessKeyOk && secretKeyOk {
@@ -290,7 +290,7 @@ func (s *awsRequestSigner) getSessionToken(ctx context.Context) error {
 	}
 
 	// Configure the requested token TTL
-	req.Header.Add(awsIMDSv2SessionTtlHeader, awsIMDSv2SessionTtl)
+	req.Header.Add(awsIMDSv2SessionTTLHeader, awsIMDSv2SessionTTL)
 
 	resp, err := s.client.Do(req)
 	if err != nil {

diff --git a/auth/workload/aws_test.go b/auth/workload/aws_test.go
@@ -214,7 +214,7 @@ func TestAWSCredentialSource_getCallerID(t *testing.T) {
 				t.Setenv(awsEnvRegion, tt.region)
 			}
 			if tt.env.accessKeyID {
-				t.Setenv(awsEnvAccessKeyId, tt.accessKeyID)
+				t.Setenv(awsEnvAccessKeyID, tt.accessKeyID)
 			}
 			if tt.env.secretAccessKey {
 				t.Setenv(awsEnvSecretAccessKey, tt.secretAccessKey)
@@ -287,17 +287,18 @@ func (aws *testAwsServer) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 
 	validateSessionTTL := func(r *http.Request) {
 		if aws.imdsv2SessionToken != "" {
-			headerValue := r.Header.Get(awsIMDSv2SessionTtlHeader)
-			if headerValue != awsIMDSv2SessionTtl {
-				aws.t.Errorf("%q = \n%q\n want \n%q", awsIMDSv2SessionTtlHeader, headerValue, awsIMDSv2SessionTtl)
+			headerValue := r.Header.Get(awsIMDSv2SessionTTLHeader)
+			if headerValue != awsIMDSv2SessionTTL {
+				aws.t.Errorf("%q = \n%q\n want \n%q", awsIMDSv2SessionTTLHeader, headerValue, awsIMDSv2SessionTTL)
 			}
 		}
 	}
 
+	var err error
 	switch p := r.URL.Path; p {
 	case "/latest/meta-data/iam/security-credentials":
 		validateSessionToken(r)
-		w.Write([]byte(aws.rolename))
+		_, err = w.Write([]byte(aws.rolename))
 	case fmt.Sprintf("/latest/meta-data/iam/security-credentials/%s", aws.rolename):
 		validateSessionToken(r)
 
@@ -314,12 +315,16 @@ func (aws *testAwsServer) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		}
 
 		jsonCredentials, _ := json.Marshal(creds)
-		w.Write(jsonCredentials)
+		_, err = w.Write(jsonCredentials)
 	case "/latest/meta-data/placement/region":
 		validateSessionToken(r)
-		w.Write([]byte(aws.region))
+		_, err = w.Write([]byte(aws.region))
 	case "/latest/api/token":
 		validateSessionTTL(r)
-		w.Write([]byte(aws.imdsv2SessionToken))
+		_, err = w.Write([]byte(aws.imdsv2SessionToken))
+	}
+
+	if err != nil {
+		aws.t.Fatalf("unexpected error: %v", err)
 	}
 }
diff --git a/auth/workload/env.go b/auth/workload/env.go
@@ -26,14 +26,14 @@ func (ec *EnvironmentVariableCredentialSource) Validate() error {
 }
 
 // token retrieves the token from the environment variable
-func (e *EnvironmentVariableCredentialSource) token() (string, error) {
-	value, ok := os.LookupEnv(e.Var)
+func (ec *EnvironmentVariableCredentialSource) token() (string, error) {
+	value, ok := os.LookupEnv(ec.Var)
 	if !ok {
 		return "", fmt.Errorf("environment variable not found")
 	}
 	if value == "" {
 		return "", fmt.Errorf("environment variable value is empty")
 	}
 
-	return e.CredentialFormat.get([]byte(value))
+	return ec.CredentialFormat.get([]byte(value))
 }
diff --git a/auth/workload/env_test.go b/auth/workload/env_test.go
@@ -49,10 +49,6 @@ func TestEnvironmentVariableCredentialSource_Validate(t *testing.T) {
 }
 
 func TestEnvironmentVariableCredentialSource_token(t *testing.T) {
-	type fields struct {
-		Var              string
-		CredentialFormat CredentialFormat
-	}
 	tests := []struct {
 		name        string
 		ec          *EnvironmentVariableCredentialSource

diff --git a/auth/workload/file.go b/auth/workload/file.go
@@ -29,10 +29,10 @@ func (fc *FileCredentialSource) Validate() error {
 }
 
 // token retrieves the token from the specified file
-func (f *FileCredentialSource) token() (string, error) {
-	credFile, err := os.Open(f.Path)
+func (fc *FileCredentialSource) token() (string, error) {
+	credFile, err := os.Open(fc.Path)
 	if err != nil {
-		return "", fmt.Errorf("failed to open credential file %q", f.Path)
+		return "", fmt.Errorf("failed to open credential file %q", fc.Path)
 	}
 	defer credFile.Close()
 
@@ -47,5 +47,5 @@ func (f *FileCredentialSource) token() (string, error) {
 	}
 
 	value := bytes.TrimSpace(credBytes)
-	return f.CredentialFormat.get(value)
+	return fc.CredentialFormat.get(value)
 }
diff --git a/auth/workload/provider_test.go b/auth/workload/provider_test.go
@@ -13,11 +13,6 @@ import (
 )
 
 func TestProvider_New(t *testing.T) {
-	type fields struct {
-		URL              string
-		Headers          map[string]string
-		CredentialFormat CredentialFormat
-	}
 	tests := []struct {
 		name   string
 		ipc    *IdentityProviderConfig

diff --git a/auth/workload/url_test.go b/auth/workload/url_test.go
@@ -59,11 +59,6 @@ func TestURLCredentialSource_Validate(t *testing.T) {
 }
 
 func TestURLCredentialSource_token(t *testing.T) {
-	type fields struct {
-		URL              string
-		Headers          map[string]string
-		CredentialFormat CredentialFormat
-	}
 	tests := []struct {
 		name     string
 		uc       *URLCredentialSource
@@ -137,7 +132,8 @@ func TestURLCredentialSource_token(t *testing.T) {
 
 			// Create an HTTP test server
 			ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-				w.Write([]byte(tt.respBody))
+				_, err := w.Write([]byte(tt.respBody))
+				require.NoError(err)
 			}))
 			defer ts.Close()