Add golangci linters

- Remove unnecessary type conversion. - Fix gocritic checks.
2025-04-24 13:56:57 +00:00 · 2022-11-15 09:04:56 +01:00 · 2022-11-15 09:04:56 +01:00 · 827c582147
commit 827c582147
parent df5199c9a3
7 changed files with 40 additions and 21 deletions
--- a/.golangci.yml
+++ b/.golangci.yml
@ -0,0 +1,20 @@
+linters-settings:
+  gocritic:
+    enabled-tags:
+      - diagnostic
+      - experimental
+      - opinionated
+      - performance
+      - style
+    disabled-checks:
+      - importShadow
+      - ifElseChain
+      - hugeParam
+
+linters:
+  enable:
+    - unconvert
+    - gocritic
+
+run:
+  timeout: 5m
--- a/cmd/main.go
+++ b/cmd/main.go
@ -65,7 +65,7 @@ func Serve(ctx *cli.Context) error {
 	}

 	allowedCorsDomains := AllowedCorsDomains
-	if len(rawDomain) != 0 {
+	if rawDomain != "" {
 		allowedCorsDomains = append(allowedCorsDomains, rawDomain)
 	}

--- a/server/certificates/certificates.go
+++ b/server/certificates/certificates.go
@ -53,17 +53,19 @@ func TLSConfig(mainDomainSuffix string,

 			if info.SupportedProtos != nil {
 				for _, proto := range info.SupportedProtos {
-					if proto == tlsalpn01.ACMETLS1Protocol {
-						challenge, ok := challengeCache.Get(sni)
-						if !ok {
-							return nil, errors.New("no challenge for this domain")
-						}
-						cert, err := tlsalpn01.ChallengeCert(sni, challenge.(string))
-						if err != nil {
-							return nil, err
-						}
-						return cert, nil
+					if proto != tlsalpn01.ACMETLS1Protocol {
+						continue
 					}
+
+					challenge, ok := challengeCache.Get(sni)
+					if !ok {
+						return nil, errors.New("no challenge for this domain")
+					}
+					cert, err := tlsalpn01.ChallengeCert(sni, challenge.(string))
+					if err != nil {
+						return nil, err
+					}
+					return cert, nil
 				}
 			}

@ -216,7 +218,7 @@ func retrieveCertFromDB(sni, mainDomainSuffix, dnsProvider string, acmeUseRateLi
 		}

 		// renew certificates 7 days before they expire
-		if !tlsCertificate.Leaf.NotAfter.After(time.Now().Add(7 * 24 * time.Hour)) {
+		if tlsCertificate.Leaf.NotAfter.Before(time.Now().Add(7 * 24 * time.Hour)) {
 			// TODO: add ValidUntil to custom res struct
 			if res.CSR != nil && len(res.CSR) > 0 {
 				// CSR stores the time when the renewal shall be tried again
@ -479,7 +481,7 @@ func MaintainCertDB(ctx context.Context, interval time.Duration, mainDomainSuffi
 				}

 				tlsCertificates, err := certcrypto.ParsePEMBundle(res.Certificate)
-				if err != nil || !tlsCertificates[0].NotAfter.After(now) {
+				if err != nil || tlsCertificates[0].NotAfter.Before(now) {
 					err := certDB.Delete(string(key))
 					if err != nil {
 						log.Error().Err(err).Msgf("Deleting expired certificate for %q failed", string(key))
@ -510,7 +512,7 @@ func MaintainCertDB(ctx context.Context, interval time.Duration, mainDomainSuffi
 			tlsCertificates, err := certcrypto.ParsePEMBundle(res.Certificate)

 			// renew main certificate 30 days before it expires
-			if !tlsCertificates[0].NotAfter.After(time.Now().Add(30 * 24 * time.Hour)) {
+			if tlsCertificates[0].NotAfter.Before(time.Now().Add(30 * 24 * time.Hour)) {
 				go (func() {
 					_, err = obtainCert(mainDomainAcmeClient, []string{"*" + mainDomainSuffix, mainDomainSuffix[1:]}, res, "", dnsProvider, mainDomainSuffix, acmeUseRateLimits, certDB)
 					if err != nil {
--- a/server/database/setup.go
+++ b/server/database/setup.go
@ -44,7 +44,7 @@ func (p aDB) Get(name string) (*certificate.Resource, error) {
 	if resBytes == nil {
 		return nil, nil
 	}
-	if err = gob.NewDecoder(bytes.NewBuffer(resBytes)).Decode(cert); err != nil {
+	if err := gob.NewDecoder(bytes.NewBuffer(resBytes)).Decode(cert); err != nil {
 		return nil, err
 	}
 	return cert, nil
--- a/server/gitea/cache.go
+++ b/server/gitea/cache.go
@ -42,10 +42,7 @@ func (f FileResponse) IsEmpty() bool {
 	return len(f.Body) != 0
 }

-func (f FileResponse) createHttpResponse(cacheKey string) (http.Header, int) {
-	header := make(http.Header)
-	var statusCode int
-
+func (f FileResponse) createHttpResponse(cacheKey string) (header http.Header, statusCode int) {
 	if f.Exists {
 		statusCode = http.StatusOK
 	} else {
--- a/server/upstream/helper.go
+++ b/server/upstream/helper.go
@ -13,7 +13,7 @@ import (
 func (o *Options) GetBranchTimestamp(giteaClient *gitea.Client) (bool, error) {
 	log := log.With().Strs("BranchInfo", []string{o.TargetOwner, o.TargetRepo, o.TargetBranch}).Logger()

-	if len(o.TargetBranch) == 0 {
+	if o.TargetBranch == "" {
 		// Get default branch
 		defaultBranch, err := giteaClient.GiteaGetRepoDefaultBranch(o.TargetOwner, o.TargetRepo)
 		if err != nil {
--- a/server/upstream/upstream.go
+++ b/server/upstream/upstream.go
@ -83,7 +83,7 @@ func (o *Options) Upstream(ctx *context.Context, giteaClient *gitea.Client) (fin
 	// Check if the browser has a cached version
 	if ctx.Response() != nil {
 		if ifModifiedSince, err := time.Parse(time.RFC1123, ctx.Response().Header.Get(headerIfModifiedSince)); err == nil {
-			if !ifModifiedSince.Before(o.BranchTimestamp) {
+			if ifModifiedSince.After(o.BranchTimestamp) {
 				ctx.RespWriter.WriteHeader(http.StatusNotModified)
 				log.Trace().Msg("check response against last modified: valid")
 				return true