1
0
Fork 0

Update linter

This commit is contained in:
Ludovic Fernandez 2020-05-11 12:06:07 +02:00 committed by GitHub
parent f12c27aa7c
commit 328611c619
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
157 changed files with 489 additions and 508 deletions

View file

@ -14,7 +14,7 @@ import (
)
var (
// MinVersion Map of allowed TLS minimum versions
// MinVersion Map of allowed TLS minimum versions.
MinVersion = map[string]uint16{
`VersionTLS10`: tls.VersionTLS10,
`VersionTLS11`: tls.VersionTLS11,
@ -22,7 +22,7 @@ var (
`VersionTLS13`: tls.VersionTLS13,
}
// MaxVersion Map of allowed TLS maximum versions
// MaxVersion Map of allowed TLS maximum versions.
MaxVersion = map[string]uint16{
`VersionTLS10`: tls.VersionTLS10,
`VersionTLS11`: tls.VersionTLS11,
@ -46,24 +46,24 @@ var (
)
// Certificate holds a SSL cert/key pair
// Certs and Key could be either a file path, or the file content itself
// Certs and Key could be either a file path, or the file content itself.
type Certificate struct {
CertFile FileOrContent `json:"certFile,omitempty" toml:"certFile,omitempty" yaml:"certFile,omitempty"`
KeyFile FileOrContent `json:"keyFile,omitempty" toml:"keyFile,omitempty" yaml:"keyFile,omitempty"`
}
// Certificates defines traefik certificates type
// Certs and Keys could be either a file path, or the file content itself
// Certs and Keys could be either a file path, or the file content itself.
type Certificates []Certificate
// FileOrContent hold a file path or content
// FileOrContent hold a file path or content.
type FileOrContent string
func (f FileOrContent) String() string {
return string(f)
}
// IsPath returns true if the FileOrContent is a file path, otherwise returns false
// IsPath returns true if the FileOrContent is a file path, otherwise returns false.
func (f FileOrContent) IsPath() bool {
_, err := os.Stat(f.String())
return err == nil
@ -83,7 +83,7 @@ func (f FileOrContent) Read() ([]byte, error) {
return content, nil
}
// CreateTLSConfig creates a TLS config from Certificate structures
// CreateTLSConfig creates a TLS config from Certificate structures.
func (c *Certificates) CreateTLSConfig(entryPointName string) (*tls.Config, error) {
config := &tls.Config{}
domainsCertificates := make(map[string]map[string]*tls.Certificate)
@ -115,7 +115,7 @@ func (c *Certificates) CreateTLSConfig(entryPointName string) (*tls.Config, erro
return config, nil
}
// isEmpty checks if the certificates list is empty
// isEmpty checks if the certificates list is empty.
func (c *Certificates) isEmpty() bool {
if len(*c) == 0 {
return true
@ -134,16 +134,16 @@ func (c *Certificates) isEmpty() bool {
func (c *Certificate) AppendCertificate(certs map[string]map[string]*tls.Certificate, ep string) error {
certContent, err := c.CertFile.Read()
if err != nil {
return fmt.Errorf("unable to read CertFile : %v", err)
return fmt.Errorf("unable to read CertFile : %w", err)
}
keyContent, err := c.KeyFile.Read()
if err != nil {
return fmt.Errorf("unable to read KeyFile : %v", err)
return fmt.Errorf("unable to read KeyFile : %w", err)
}
tlsCert, err := tls.X509KeyPair(certContent, keyContent)
if err != nil {
return fmt.Errorf("unable to generate TLS certificate : %v", err)
return fmt.Errorf("unable to generate TLS certificate : %w", err)
}
parsedCert, _ := x509.ParseCertificate(tlsCert.Certificate[0])
@ -190,7 +190,7 @@ func (c *Certificate) AppendCertificate(certs map[string]map[string]*tls.Certifi
return err
}
// GetTruncatedCertificateName truncates the certificate name
// GetTruncatedCertificateName truncates the certificate name.
func (c *Certificate) GetTruncatedCertificateName() string {
certName := c.CertFile.String()
@ -233,7 +233,7 @@ func (c *Certificates) Set(value string) error {
return nil
}
// Type is type of the struct
// Type is type of the struct.
func (c *Certificates) Type() string {
return "certificates"
}

View file

@ -13,14 +13,14 @@ import (
"github.com/patrickmn/go-cache"
)
// CertificateStore store for dynamic and static certificates
// CertificateStore store for dynamic and static certificates.
type CertificateStore struct {
DynamicCerts *safe.Safe
DefaultCertificate *tls.Certificate
CertCache *cache.Cache
}
// NewCertificateStore create a store for dynamic and static certificates
// NewCertificateStore create a store for dynamic and static certificates.
func NewCertificateStore() *CertificateStore {
return &CertificateStore{
DynamicCerts: &safe.Safe{},
@ -54,7 +54,7 @@ func (c CertificateStore) getDefaultCertificateDomains() []string {
return allCerts
}
// GetAllDomains return a slice with all the certificate domain
// GetAllDomains return a slice with all the certificate domain.
func (c CertificateStore) GetAllDomains() []string {
allCerts := c.getDefaultCertificateDomains()
@ -67,7 +67,7 @@ func (c CertificateStore) GetAllDomains() []string {
return allCerts
}
// GetBestCertificate returns the best match certificate, and caches the response
// GetBestCertificate returns the best match certificate, and caches the response.
func (c CertificateStore) GetBestCertificate(clientHello *tls.ClientHelloInfo) *tls.Certificate {
domainToCheck := strings.ToLower(strings.TrimSpace(clientHello.ServerName))
if len(domainToCheck) == 0 {
@ -110,14 +110,14 @@ func (c CertificateStore) GetBestCertificate(clientHello *tls.ClientHelloInfo) *
return nil
}
// ResetCache clears the cache in the store
// ResetCache clears the cache in the store.
func (c CertificateStore) ResetCache() {
if c.CertCache != nil {
c.CertCache.Flush()
}
}
// MatchDomain return true if a domain match the cert domain
// MatchDomain return true if a domain match the cert domain.
func MatchDomain(domain string, certDomain string) bool {
if domain == certDomain {
return true

View file

@ -14,10 +14,10 @@ import (
"time"
)
// DefaultDomain Traefik domain for the default certificate
// DefaultDomain Traefik domain for the default certificate.
const DefaultDomain = "TRAEFIK DEFAULT CERT"
// DefaultCertificate generates random TLS certificates
// DefaultCertificate generates random TLS certificates.
func DefaultCertificate() (*tls.Certificate, error) {
randomBytes := make([]byte, 100)
_, err := rand.Read(randomBytes)
@ -41,7 +41,7 @@ func DefaultCertificate() (*tls.Certificate, error) {
return &certificate, nil
}
// KeyPair generates cert and key files
// KeyPair generates cert and key files.
func KeyPair(domain string, expiration time.Time) ([]byte, []byte, error) {
rsaPrivKey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
@ -56,7 +56,7 @@ func KeyPair(domain string, expiration time.Time) ([]byte, []byte, error) {
return certPEM, keyPEM, nil
}
// PemCert generates PEM cert file
// PemCert generates PEM cert file.
func PemCert(privKey *rsa.PrivateKey, domain string, expiration time.Time) ([]byte, error) {
derBytes, err := derCert(privKey, expiration, domain)
if err != nil {

View file

@ -14,7 +14,7 @@ type ClientAuth struct {
// +k8s:deepcopy-gen=true
// Options configures TLS for an entry point
// Options configures TLS for an entry point.
type Options struct {
MinVersion string `json:"minVersion,omitempty" toml:"minVersion,omitempty" yaml:"minVersion,omitempty" export:"true"`
MaxVersion string `json:"maxVersion,omitempty" toml:"maxVersion,omitempty" yaml:"maxVersion,omitempty" export:"true"`
@ -27,7 +27,7 @@ type Options struct {
// +k8s:deepcopy-gen=true
// Store holds the options for a given Store
// Store holds the options for a given Store.
type Store struct {
DefaultCertificate *Certificate `json:"defaultCertificate,omitempty" toml:"defaultCertificate,omitempty" yaml:"defaultCertificate,omitempty"`
}

View file

@ -18,7 +18,7 @@ import (
// DefaultTLSOptions the default TLS options.
var DefaultTLSOptions = Options{}
// Manager is the TLS option/store/configuration factory
// Manager is the TLS option/store/configuration factory.
type Manager struct {
storesConfig map[string]Store
stores map[string]*CertificateStore
@ -28,7 +28,7 @@ type Manager struct {
lock sync.RWMutex
}
// NewManager creates a new Manager
// NewManager creates a new Manager.
func NewManager() *Manager {
return &Manager{
stores: map[string]*CertificateStore{},
@ -38,7 +38,7 @@ func NewManager() *Manager {
}
}
// UpdateConfigs updates the TLS* configuration options
// UpdateConfigs updates the TLS* configuration options.
func (m *Manager) UpdateConfigs(ctx context.Context, stores map[string]Store, configs map[string]Options, certs []*CertAndStores) {
m.lock.Lock()
defer m.lock.Unlock()
@ -80,7 +80,7 @@ func (m *Manager) UpdateConfigs(ctx context.Context, stores map[string]Store, co
}
}
// Get gets the TLS configuration to use for a given store / configuration
// Get gets the TLS configuration to use for a given store / configuration.
func (m *Manager) Get(storeName string, configName string) (*tls.Config, error) {
m.lock.RLock()
defer m.lock.RUnlock()
@ -141,7 +141,7 @@ func (m *Manager) getStore(storeName string) *CertificateStore {
return m.stores[storeName]
}
// GetStore gets the certificate store of a given name
// GetStore gets the certificate store of a given name.
func (m *Manager) GetStore(storeName string) *CertificateStore {
m.lock.RLock()
defer m.lock.RUnlock()
@ -170,7 +170,7 @@ func buildCertificateStore(ctx context.Context, tlsStore Store) (*CertificateSto
return certificateStore, nil
}
// creates a TLS config that allows terminating HTTPS for multiple domains using SNI
// creates a TLS config that allows terminating HTTPS for multiple domains using SNI.
func buildTLSConfig(tlsOption Options) (*tls.Config, error) {
conf := &tls.Config{}
@ -268,17 +268,17 @@ func buildTLSConfig(tlsOption Options) (*tls.Config, error) {
func buildDefaultCertificate(defaultCertificate *Certificate) (*tls.Certificate, error) {
certFile, err := defaultCertificate.CertFile.Read()
if err != nil {
return nil, fmt.Errorf("failed to get cert file content: %v", err)
return nil, fmt.Errorf("failed to get cert file content: %w", err)
}
keyFile, err := defaultCertificate.KeyFile.Read()
if err != nil {
return nil, fmt.Errorf("failed to get key file content: %v", err)
return nil, fmt.Errorf("failed to get key file content: %w", err)
}
cert, err := tls.X509KeyPair(certFile, keyFile)
if err != nil {
return nil, fmt.Errorf("failed to load X509 key pair: %v", err)
return nil, fmt.Errorf("failed to load X509 key pair: %w", err)
}
return &cert, nil
}