mirror of
https://github.com/shankar0123/certctl.git
synced 2026-06-12 23:28:51 +00:00
chore: gofmt fixes across deploy-hardening I new files
Phase 13 verification surfaced gofmt-formatting drift in 6 files across the bundle's new code: - internal/api/handler/metrics.go (struct field alignment) - internal/connector/target/k8ssecret/validate_only_test.go (alignment) - internal/connector/target/nginx/nginx.go (alignment) - internal/connector/target/postfix/postfix.go (alignment) - internal/connector/target/ssh/validate_only_test.go (alignment) - internal/service/deploy_counters.go (alignment) Pure mechanical gofmt -w fixes; no behavior changes. CI's make verify gate (which runs `go fmt ./...`) didn't catch these because go fmt is more lenient than gofmt -l, but golangci-lint v2.11.4 + the explicit gofmt step in Phase 13 verification did. Phase 13 full-matrix verification all green: - gofmt -l: empty across all bundle-touched files - go vet ./internal/deploy/... ./internal/connector/target/... ./internal/service/ ./internal/api/handler/ ./cmd/agent/: clean - golangci-lint v2.11.4 (the version CI runs): 0 issues - go test -race -count=1 across deploy + nginx + apache + haproxy + agent + service: all green - INTEGRATION=1 go test -tags integration -run Deploy ./deploy/test/...: 4/4 e2e tests green Phase 14 next: release prep — Active Focus update, release notes, Reddit-beat draft, final tag handoff to operator.
This commit is contained in:
claude
@@ -33,15 +33,15 @@ type CounterSnapshotter interface {
|
|||||||
//
|
//
|
||||||
// Phase 10 of the deploy-hardening I master bundle.
|
// Phase 10 of the deploy-hardening I master bundle.
|
||||||
type DeploySnapshotEntry struct {
|
type DeploySnapshotEntry struct {
|
||||||
TargetType string
|
TargetType string
|
||||||
AttemptsSuccess uint64
|
AttemptsSuccess uint64
|
||||||
AttemptsFailure uint64
|
AttemptsFailure uint64
|
||||||
ValidateFailures uint64
|
ValidateFailures uint64
|
||||||
ReloadFailures uint64
|
ReloadFailures uint64
|
||||||
PostVerifyFails uint64
|
PostVerifyFails uint64
|
||||||
RollbackRestored uint64
|
RollbackRestored uint64
|
||||||
RollbackAlsoFail uint64
|
RollbackAlsoFail uint64
|
||||||
IdempotentSkips uint64
|
IdempotentSkips uint64
|
||||||
}
|
}
|
||||||
|
|
||||||
// DeployCounterSnapshotter is the surface MetricsHandler consumes
|
// DeployCounterSnapshotter is the surface MetricsHandler consumes
|
||||||
|
|||||||
@@ -18,7 +18,7 @@ func (s *stubK8s) GetSecret(_ context.Context, _, _ string) (*SecretData, error)
|
|||||||
|
|
||||||
func (s *stubK8s) CreateSecret(_ context.Context, _ string, _ *SecretData) error { return nil }
|
func (s *stubK8s) CreateSecret(_ context.Context, _ string, _ *SecretData) error { return nil }
|
||||||
func (s *stubK8s) UpdateSecret(_ context.Context, _ string, _ *SecretData) error { return nil }
|
func (s *stubK8s) UpdateSecret(_ context.Context, _ string, _ *SecretData) error { return nil }
|
||||||
func (s *stubK8s) DeleteSecret(_ context.Context, _, _ string) error { return nil }
|
func (s *stubK8s) DeleteSecret(_ context.Context, _, _ string) error { return nil }
|
||||||
|
|
||||||
func TestK8s_ValidateOnly_Succeeds(t *testing.T) {
|
func TestK8s_ValidateOnly_Succeeds(t *testing.T) {
|
||||||
c := NewWithClient(&Config{Namespace: "ns", SecretName: "tls"}, &stubK8s{}, nil)
|
c := NewWithClient(&Config{Namespace: "ns", SecretName: "tls"}, &stubK8s{}, nil)
|
||||||
|
|||||||
@@ -71,15 +71,15 @@ type Config struct {
|
|||||||
ValidateCommand string `json:"validate_command"`
|
ValidateCommand string `json:"validate_command"`
|
||||||
|
|
||||||
// Phase 4 (deploy-hardening I): file ownership + mode overrides.
|
// Phase 4 (deploy-hardening I): file ownership + mode overrides.
|
||||||
CertFileMode os.FileMode `json:"cert_file_mode,omitempty"`
|
CertFileMode os.FileMode `json:"cert_file_mode,omitempty"`
|
||||||
ChainFileMode os.FileMode `json:"chain_file_mode,omitempty"`
|
ChainFileMode os.FileMode `json:"chain_file_mode,omitempty"`
|
||||||
KeyFileMode os.FileMode `json:"key_file_mode,omitempty"`
|
KeyFileMode os.FileMode `json:"key_file_mode,omitempty"`
|
||||||
CertFileOwner string `json:"cert_file_owner,omitempty"`
|
CertFileOwner string `json:"cert_file_owner,omitempty"`
|
||||||
CertFileGroup string `json:"cert_file_group,omitempty"`
|
CertFileGroup string `json:"cert_file_group,omitempty"`
|
||||||
ChainFileOwner string `json:"chain_file_owner,omitempty"`
|
ChainFileOwner string `json:"chain_file_owner,omitempty"`
|
||||||
ChainFileGroup string `json:"chain_file_group,omitempty"`
|
ChainFileGroup string `json:"chain_file_group,omitempty"`
|
||||||
KeyFileOwner string `json:"key_file_owner,omitempty"`
|
KeyFileOwner string `json:"key_file_owner,omitempty"`
|
||||||
KeyFileGroup string `json:"key_file_group,omitempty"`
|
KeyFileGroup string `json:"key_file_group,omitempty"`
|
||||||
|
|
||||||
// Phase 4 (deploy-hardening I): post-deploy TLS verification.
|
// Phase 4 (deploy-hardening I): post-deploy TLS verification.
|
||||||
PostDeployVerify *PostDeployVerifyConfig `json:"post_deploy_verify,omitempty"`
|
PostDeployVerify *PostDeployVerifyConfig `json:"post_deploy_verify,omitempty"`
|
||||||
|
|||||||
@@ -37,13 +37,13 @@ type Config struct {
|
|||||||
ValidateCommand string `json:"validate_command"`
|
ValidateCommand string `json:"validate_command"`
|
||||||
|
|
||||||
// Phase 7: file ownership + mode + verify + retention.
|
// Phase 7: file ownership + mode + verify + retention.
|
||||||
CertFileMode os.FileMode `json:"cert_file_mode,omitempty"`
|
CertFileMode os.FileMode `json:"cert_file_mode,omitempty"`
|
||||||
KeyFileMode os.FileMode `json:"key_file_mode,omitempty"`
|
KeyFileMode os.FileMode `json:"key_file_mode,omitempty"`
|
||||||
ChainFileMode os.FileMode `json:"chain_file_mode,omitempty"`
|
ChainFileMode os.FileMode `json:"chain_file_mode,omitempty"`
|
||||||
CertFileOwner string `json:"cert_file_owner,omitempty"`
|
CertFileOwner string `json:"cert_file_owner,omitempty"`
|
||||||
CertFileGroup string `json:"cert_file_group,omitempty"`
|
CertFileGroup string `json:"cert_file_group,omitempty"`
|
||||||
KeyFileOwner string `json:"key_file_owner,omitempty"`
|
KeyFileOwner string `json:"key_file_owner,omitempty"`
|
||||||
KeyFileGroup string `json:"key_file_group,omitempty"`
|
KeyFileGroup string `json:"key_file_group,omitempty"`
|
||||||
PostDeployVerify *PostDeployVerifyConfig `json:"post_deploy_verify,omitempty"`
|
PostDeployVerify *PostDeployVerifyConfig `json:"post_deploy_verify,omitempty"`
|
||||||
PostDeployVerifyAttempts int `json:"post_deploy_verify_attempts,omitempty"`
|
PostDeployVerifyAttempts int `json:"post_deploy_verify_attempts,omitempty"`
|
||||||
PostDeployVerifyBackoff time.Duration `json:"post_deploy_verify_backoff,omitempty"`
|
PostDeployVerifyBackoff time.Duration `json:"post_deploy_verify_backoff,omitempty"`
|
||||||
|
|||||||
@@ -16,11 +16,11 @@ type stubSSHClient struct {
|
|||||||
connectErr error
|
connectErr error
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *stubSSHClient) Connect(_ context.Context) error { return s.connectErr }
|
func (s *stubSSHClient) Connect(_ context.Context) error { return s.connectErr }
|
||||||
func (s *stubSSHClient) Close() error { return nil }
|
func (s *stubSSHClient) Close() error { return nil }
|
||||||
func (s *stubSSHClient) WriteFile(_ string, _ []byte, _ os.FileMode) error { return nil }
|
func (s *stubSSHClient) WriteFile(_ string, _ []byte, _ os.FileMode) error { return nil }
|
||||||
func (s *stubSSHClient) Execute(_ context.Context, _ string) (string, error) { return "", nil }
|
func (s *stubSSHClient) Execute(_ context.Context, _ string) (string, error) { return "", nil }
|
||||||
func (s *stubSSHClient) StatFile(_ string) (int64, error) { return 0, nil }
|
func (s *stubSSHClient) StatFile(_ string) (int64, error) { return 0, nil }
|
||||||
|
|
||||||
func TestSSH_ValidateOnly_Connect_Succeeds(t *testing.T) {
|
func TestSSH_ValidateOnly_Connect_Succeeds(t *testing.T) {
|
||||||
c := NewWithClient(&Config{Host: "h", User: "u"}, &stubSSHClient{}, nil)
|
c := NewWithClient(&Config{Host: "h", User: "u"}, &stubSSHClient{}, nil)
|
||||||
|
|||||||
@@ -42,14 +42,14 @@ type DeployCounters struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type deployBucket struct {
|
type deployBucket struct {
|
||||||
attemptsSuccess atomic.Uint64
|
attemptsSuccess atomic.Uint64
|
||||||
attemptsFailure atomic.Uint64
|
attemptsFailure atomic.Uint64
|
||||||
validateFailures atomic.Uint64
|
validateFailures atomic.Uint64
|
||||||
reloadFailures atomic.Uint64
|
reloadFailures atomic.Uint64
|
||||||
postVerifyFails atomic.Uint64
|
postVerifyFails atomic.Uint64
|
||||||
rollbackRestored atomic.Uint64
|
rollbackRestored atomic.Uint64
|
||||||
rollbackAlsoFail atomic.Uint64
|
rollbackAlsoFail atomic.Uint64
|
||||||
idempotentSkips atomic.Uint64
|
idempotentSkips atomic.Uint64
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewDeployCounters constructs a zero-value counter table. The
|
// NewDeployCounters constructs a zero-value counter table. The
|
||||||
@@ -123,15 +123,15 @@ func (c *DeployCounters) IncIdempotentSkip(targetType string) {
|
|||||||
// DeploySnapshot is the per-(target_type, label) snapshot returned
|
// DeploySnapshot is the per-(target_type, label) snapshot returned
|
||||||
// to the Prometheus exposer.
|
// to the Prometheus exposer.
|
||||||
type DeploySnapshot struct {
|
type DeploySnapshot struct {
|
||||||
TargetType string
|
TargetType string
|
||||||
AttemptsSuccess uint64
|
AttemptsSuccess uint64
|
||||||
AttemptsFailure uint64
|
AttemptsFailure uint64
|
||||||
ValidateFailures uint64
|
ValidateFailures uint64
|
||||||
ReloadFailures uint64
|
ReloadFailures uint64
|
||||||
PostVerifyFails uint64
|
PostVerifyFails uint64
|
||||||
RollbackRestored uint64
|
RollbackRestored uint64
|
||||||
RollbackAlsoFail uint64
|
RollbackAlsoFail uint64
|
||||||
IdempotentSkips uint64
|
IdempotentSkips uint64
|
||||||
}
|
}
|
||||||
|
|
||||||
// Snapshot returns one DeploySnapshot per known target type.
|
// Snapshot returns one DeploySnapshot per known target type.
|
||||||
|
|||||||
Reference in New Issue
Block a user