gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-07 13:41:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: gofmt fixes across deploy-hardening I new files

Browse Source 
Phase 13 verification surfaced gofmt-formatting drift in 6 files
across the bundle's new code:

- internal/api/handler/metrics.go (struct field alignment)
- internal/connector/target/k8ssecret/validate_only_test.go (alignment)
- internal/connector/target/nginx/nginx.go (alignment)
- internal/connector/target/postfix/postfix.go (alignment)
- internal/connector/target/ssh/validate_only_test.go (alignment)
- internal/service/deploy_counters.go (alignment)

Pure mechanical gofmt -w fixes; no behavior changes. CI's
make verify gate (which runs `go fmt ./...`) didn't catch these
because go fmt is more lenient than gofmt -l, but golangci-lint
v2.11.4 + the explicit gofmt step in Phase 13 verification did.

Phase 13 full-matrix verification all green:
- gofmt -l: empty across all bundle-touched files
- go vet ./internal/deploy/... ./internal/connector/target/... ./internal/service/ ./internal/api/handler/ ./cmd/agent/: clean
- golangci-lint v2.11.4 (the version CI runs): 0 issues
- go test -race -count=1 across deploy + nginx + apache + haproxy + agent + service: all green
- INTEGRATION=1 go test -tags integration -run Deploy ./deploy/test/...: 4/4 e2e tests green

Phase 14 next: release prep — Active Focus update, release notes,
Reddit-beat draft, final tag handoff to operator.
This commit is contained in:
shankar0123
2026-04-30 15:33:33 +00:00
parent b95a548f65
commit 8637131f80
6 changed files with 48 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/api/handler/metrics.go
+9 -9
View File
@@ -33,15 +33,15 @@ type CounterSnapshotter interface {
//
// Phase 10 of the deploy-hardening I master bundle.
type DeploySnapshotEntry struct {
TargetType string
AttemptsSuccess uint64
AttemptsFailure uint64
ValidateFailures uint64
ReloadFailures uint64
PostVerifyFails uint64
RollbackRestored uint64
RollbackAlsoFail uint64
IdempotentSkips uint64
TargetType string
AttemptsSuccess uint64
AttemptsFailure uint64
ValidateFailures uint64
ReloadFailures uint64
PostVerifyFails uint64
RollbackRestored uint64
RollbackAlsoFail uint64
IdempotentSkips uint64
}
// DeployCounterSnapshotter is the surface MetricsHandler consumes
internal/connector/target/k8ssecret/validate_only_test.go
+1 -1
View File
@@ -18,7 +18,7 @@ func (s *stubK8s) GetSecret(_ context.Context, _, _ string) (*SecretData, error)
func (s *stubK8s) CreateSecret(_ context.Context, _ string, _ *SecretData) error { return nil }
func (s *stubK8s) UpdateSecret(_ context.Context, _ string, _ *SecretData) error { return nil }
func (s *stubK8s) DeleteSecret(_ context.Context, _, _ string) error { return nil }
func (s *stubK8s) DeleteSecret(_ context.Context, _, _ string) error { return nil }
func TestK8s_ValidateOnly_Succeeds(t *testing.T) {
c := NewWithClient(&Config{Namespace: "ns", SecretName: "tls"}, &stubK8s{}, nil)
internal/connector/target/nginx/nginx.go
+9 -9
View File
@@ -71,15 +71,15 @@ type Config struct {
ValidateCommand string `json:"validate_command"`
// Phase 4 (deploy-hardening I): file ownership + mode overrides.
CertFileMode os.FileMode `json:"cert_file_mode,omitempty"`
ChainFileMode os.FileMode `json:"chain_file_mode,omitempty"`
KeyFileMode os.FileMode `json:"key_file_mode,omitempty"`
CertFileOwner string `json:"cert_file_owner,omitempty"`
CertFileGroup string `json:"cert_file_group,omitempty"`
ChainFileOwner string `json:"chain_file_owner,omitempty"`
ChainFileGroup string `json:"chain_file_group,omitempty"`
KeyFileOwner string `json:"key_file_owner,omitempty"`
KeyFileGroup string `json:"key_file_group,omitempty"`
CertFileMode os.FileMode `json:"cert_file_mode,omitempty"`
ChainFileMode os.FileMode `json:"chain_file_mode,omitempty"`
KeyFileMode os.FileMode `json:"key_file_mode,omitempty"`
CertFileOwner string `json:"cert_file_owner,omitempty"`
CertFileGroup string `json:"cert_file_group,omitempty"`
ChainFileOwner string `json:"chain_file_owner,omitempty"`
ChainFileGroup string `json:"chain_file_group,omitempty"`
KeyFileOwner string `json:"key_file_owner,omitempty"`
KeyFileGroup string `json:"key_file_group,omitempty"`
// Phase 4 (deploy-hardening I): post-deploy TLS verification.
PostDeployVerify *PostDeployVerifyConfig `json:"post_deploy_verify,omitempty"`
internal/connector/target/postfix/postfix.go
+7 -7
View File
@@ -37,13 +37,13 @@ type Config struct {
ValidateCommand string `json:"validate_command"`
// Phase 7: file ownership + mode + verify + retention.
CertFileMode os.FileMode `json:"cert_file_mode,omitempty"`
KeyFileMode os.FileMode `json:"key_file_mode,omitempty"`
ChainFileMode os.FileMode `json:"chain_file_mode,omitempty"`
CertFileOwner string `json:"cert_file_owner,omitempty"`
CertFileGroup string `json:"cert_file_group,omitempty"`
KeyFileOwner string `json:"key_file_owner,omitempty"`
KeyFileGroup string `json:"key_file_group,omitempty"`
CertFileMode os.FileMode `json:"cert_file_mode,omitempty"`
KeyFileMode os.FileMode `json:"key_file_mode,omitempty"`
ChainFileMode os.FileMode `json:"chain_file_mode,omitempty"`
CertFileOwner string `json:"cert_file_owner,omitempty"`
CertFileGroup string `json:"cert_file_group,omitempty"`
KeyFileOwner string `json:"key_file_owner,omitempty"`
KeyFileGroup string `json:"key_file_group,omitempty"`
PostDeployVerify *PostDeployVerifyConfig `json:"post_deploy_verify,omitempty"`
PostDeployVerifyAttempts int `json:"post_deploy_verify_attempts,omitempty"`
PostDeployVerifyBackoff time.Duration `json:"post_deploy_verify_backoff,omitempty"`
internal/connector/target/ssh/validate_only_test.go
+5 -5
View File
@@ -16,11 +16,11 @@ type stubSSHClient struct {
connectErr error
}
func (s *stubSSHClient) Connect(_ context.Context) error { return s.connectErr }
func (s *stubSSHClient) Close() error { return nil }
func (s *stubSSHClient) WriteFile(_ string, _ []byte, _ os.FileMode) error { return nil }
func (s *stubSSHClient) Execute(_ context.Context, _ string) (string, error) { return "", nil }
func (s *stubSSHClient) StatFile(_ string) (int64, error) { return 0, nil }
func (s *stubSSHClient) Connect(_ context.Context) error { return s.connectErr }
func (s *stubSSHClient) Close() error { return nil }
func (s *stubSSHClient) WriteFile(_ string, _ []byte, _ os.FileMode) error { return nil }
func (s *stubSSHClient) Execute(_ context.Context, _ string) (string, error) { return "", nil }
func (s *stubSSHClient) StatFile(_ string) (int64, error) { return 0, nil }
func TestSSH_ValidateOnly_Connect_Succeeds(t *testing.T) {
c := NewWithClient(&Config{Host: "h", User: "u"}, &stubSSHClient{}, nil)
internal/service/deploy_counters.go
+17 -17
View File
@@ -42,14 +42,14 @@ type DeployCounters struct {
}
type deployBucket struct {
attemptsSuccess atomic.Uint64
attemptsFailure atomic.Uint64
validateFailures atomic.Uint64
reloadFailures atomic.Uint64
postVerifyFails atomic.Uint64
rollbackRestored atomic.Uint64
rollbackAlsoFail atomic.Uint64
idempotentSkips atomic.Uint64
attemptsSuccess atomic.Uint64
attemptsFailure atomic.Uint64
validateFailures atomic.Uint64
reloadFailures atomic.Uint64
postVerifyFails atomic.Uint64
rollbackRestored atomic.Uint64
rollbackAlsoFail atomic.Uint64
idempotentSkips atomic.Uint64
}
// NewDeployCounters constructs a zero-value counter table. The
@@ -123,15 +123,15 @@ func (c *DeployCounters) IncIdempotentSkip(targetType string) {
// DeploySnapshot is the per-(target_type, label) snapshot returned
// to the Prometheus exposer.
type DeploySnapshot struct {
TargetType string
AttemptsSuccess uint64
AttemptsFailure uint64
ValidateFailures uint64
ReloadFailures uint64
PostVerifyFails uint64
RollbackRestored uint64
RollbackAlsoFail uint64
IdempotentSkips uint64
TargetType string
AttemptsSuccess uint64
AttemptsFailure uint64
ValidateFailures uint64
ReloadFailures uint64
PostVerifyFails uint64
RollbackRestored uint64
RollbackAlsoFail uint64
IdempotentSkips uint64
}
// Snapshot returns one DeploySnapshot per known target type.