cleanup ignored static analysis (#16767)

2025-11-08 21:24:55 -05:00 · 2023-03-06 17:56:10 +01:00
parent 3423028713
commit 714283fae2
48 changed files with 182 additions and 261 deletions
--- a/internal/config/crypto.go
+++ b/internal/config/crypto.go
@@ -38,8 +38,8 @@ import (
 //
 // The same context must be provided when decrypting the
 // ciphertext.
-func EncryptBytes(KMS kms.KMS, plaintext []byte, context kms.Context) ([]byte, error) {
-	ciphertext, err := Encrypt(KMS, bytes.NewReader(plaintext), context)
+func EncryptBytes(k kms.KMS, plaintext []byte, context kms.Context) ([]byte, error) {
+	ciphertext, err := Encrypt(k, bytes.NewReader(plaintext), context)
 	if err != nil {
 		return nil, err
 	}
@@ -49,8 +49,8 @@ func EncryptBytes(KMS kms.KMS, plaintext []byte, context kms.Context) ([]byte, e
 // DecryptBytes decrypts the ciphertext using a key managed by the KMS.
 // The same context that have been used during encryption must be
 // provided.
-func DecryptBytes(KMS kms.KMS, ciphertext []byte, context kms.Context) ([]byte, error) {
-	plaintext, err := Decrypt(KMS, bytes.NewReader(ciphertext), context)
+func DecryptBytes(k kms.KMS, ciphertext []byte, context kms.Context) ([]byte, error) {
+	plaintext, err := Decrypt(k, bytes.NewReader(ciphertext), context)
 	if err != nil {
 		return nil, err
 	}
@@ -62,13 +62,13 @@ func DecryptBytes(KMS kms.KMS, ciphertext []byte, context kms.Context) ([]byte,
 //
 // The same context must be provided when decrypting the
 // ciphertext.
-func Encrypt(KMS kms.KMS, plaintext io.Reader, ctx kms.Context) (io.Reader, error) {
+func Encrypt(k kms.KMS, plaintext io.Reader, ctx kms.Context) (io.Reader, error) {
 	algorithm := sio.AES_256_GCM
 	if !fips.Enabled && !sioutil.NativeAES() {
 		algorithm = sio.ChaCha20Poly1305
 	}

-	key, err := KMS.GenerateKey(context.Background(), "", ctx)
+	key, err := k.GenerateKey(context.Background(), "", ctx)
 	if err != nil {
 		return nil, err
 	}
@@ -116,7 +116,7 @@ func Encrypt(KMS kms.KMS, plaintext io.Reader, ctx kms.Context) (io.Reader, erro
 // Decrypt decrypts the ciphertext using a key managed by the KMS.
 // The same context that have been used during encryption must be
 // provided.
-func Decrypt(KMS kms.KMS, ciphertext io.Reader, context kms.Context) (io.Reader, error) {
+func Decrypt(k kms.KMS, ciphertext io.Reader, context kms.Context) (io.Reader, error) {
 	const (
 		MaxMetadataSize = 1 << 20 // max. size of the metadata
 		Version         = 1
@@ -149,7 +149,7 @@ func Decrypt(KMS kms.KMS, ciphertext io.Reader, context kms.Context) (io.Reader,
 		return nil, fmt.Errorf("config: unsupported encryption algorithm: %q is not supported in FIPS mode", metadata.Algorithm)
 	}

-	key, err := KMS.DecryptKey(metadata.KeyID, metadata.KMSKey, context)
+	key, err := k.DecryptKey(metadata.KeyID, metadata.KMSKey, context)
 	if err != nil {
 		return nil, err
 	}
--- a/internal/config/dns/operator_dns.go
+++ b/internal/config/dns/operator_dns.go
@@ -104,8 +104,7 @@ func (c *OperatorDNS) Put(bucket string) error {
 		var errorStringBuilder strings.Builder
 		io.Copy(&errorStringBuilder, io.LimitReader(resp.Body, resp.ContentLength))
 		errorString := errorStringBuilder.String()
-		switch resp.StatusCode {
-		case http.StatusConflict:
+		if resp.StatusCode == http.StatusConflict {
 			return ErrBucketConflict(Error{bucket, errors.New(errorString)})
 		}
 		return newError(bucket, fmt.Errorf("service create for bucket %s, failed with status %s, error %s", bucket, resp.Status, errorString))
--- a/internal/config/errors-utils.go
+++ b/internal/config/errors-utils.go
@@ -107,9 +107,8 @@ func ErrorToErr(err error) Err {
 	if errors.Is(err, syscall.EADDRINUSE) {
 		return ErrPortAlreadyInUse(err).Msg("Specified port is already in use")
 	} else if errors.Is(err, syscall.EACCES) || errors.Is(err, syscall.EPERM) {
-		switch err.(type) {
-		case *net.OpError:
-			return ErrPortAccess(err).Msg("Insufficient permissions to use specified port")
+		if netErr, ok := err.(*net.OpError); ok {
+			return ErrPortAccess(netErr).Msg("Insufficient permissions to use specified port")
 		}
 	}

--- a/internal/config/identity/ldap/ldap.go
+++ b/internal/config/identity/ldap/ldap.go
@@ -172,9 +172,8 @@ func (l *Config) DoesGroupDNExist(groupDN string) (bool, error) {
 		// some base DNs are subtrees of other base DNs - we should validate
 		// and error out in such cases.
 		return false, fmt.Errorf("found multiple DNs for the given group DN")
-	} else {
-		return false, nil
 	}
+	return false, nil
 }

 // Bind - binds to ldap, searches LDAP and returns the distinguished name of the
--- a/internal/config/identity/plugin/config.go
+++ b/internal/config/identity/plugin/config.go
@@ -204,11 +204,12 @@ func (h *metrics) accumRequestRTT(reqStartTime time.Time, rttMs float64, isSucce
 		h.updateLastFullMinute(reqTimeMinute)
 	}
 	var entry *serviceRTTMinuteStats
-	if reqTimeMinute.Equal(h.currentMinute.statsTime) {
+	switch {
+	case reqTimeMinute.Equal(h.currentMinute.statsTime):
 		entry = &h.currentMinute
-	} else if reqTimeMinute.Equal(h.lastFullMinute.statsTime) {
+	case reqTimeMinute.Equal(h.lastFullMinute.statsTime):
 		entry = &h.lastFullMinute
-	} else {
+	default:
 		// This request is too old, it should never happen, ignore it as we
 		// cannot return an error.
 		return