From 5572148477ad069989bc3301e662cd6ee44832d2 Mon Sep 17 00:00:00 2001
From: Sevki Hasirci <s@sevki.org>
Date: Tue, 28 Jul 2015 21:18:04 +0300
Subject: [PATCH] golint: trust

contributes to #14756

Signed-off-by: Sevki Hasirci <s@sevki.org>
---
 daemon/config_unix.go |  6 +++---
 graph/tags.go         |  4 ++--
 opts/ip_test.go       |  8 ++++----
 trust/service.go      |  9 +++++++--
 trust/trusts.go       | 15 +++++++++------
 5 files changed, 25 insertions(+), 17 deletions(-)

diff --git a/daemon/config_unix.go b/daemon/config_unix.go
index b5d160d17c..d4f127c29c 100644
--- a/daemon/config_unix.go
+++ b/daemon/config_unix.go
@@ -70,10 +70,10 @@ func (config *Config) InstallFlags(cmd *flag.FlagSet, usageFn func(string) strin
 	cmd.StringVar(&config.Bridge.Iface, []string{"b", "-bridge"}, "", usageFn("Attach containers to a network bridge"))
 	cmd.StringVar(&config.Bridge.FixedCIDR, []string{"-fixed-cidr"}, "", usageFn("IPv4 subnet for fixed IPs"))
 	cmd.StringVar(&config.Bridge.FixedCIDRv6, []string{"-fixed-cidr-v6"}, "", usageFn("IPv6 subnet for fixed IPs"))
-	cmd.Var(opts.NewIpOpt(&config.Bridge.DefaultGatewayIPv4, ""), []string{"-default-gateway"}, usageFn("Container default gateway IPv4 address"))
-	cmd.Var(opts.NewIpOpt(&config.Bridge.DefaultGatewayIPv6, ""), []string{"-default-gateway-v6"}, usageFn("Container default gateway IPv6 address"))
+	cmd.Var(opts.NewIPOpt(&config.Bridge.DefaultGatewayIPv4, ""), []string{"-default-gateway"}, usageFn("Container default gateway IPv4 address"))
+	cmd.Var(opts.NewIPOpt(&config.Bridge.DefaultGatewayIPv6, ""), []string{"-default-gateway-v6"}, usageFn("Container default gateway IPv6 address"))
 	cmd.BoolVar(&config.Bridge.InterContainerCommunication, []string{"#icc", "-icc"}, true, usageFn("Enable inter-container communication"))
-	cmd.Var(opts.NewIpOpt(&config.Bridge.DefaultIP, "0.0.0.0"), []string{"#ip", "-ip"}, usageFn("Default IP when binding container ports"))
+	cmd.Var(opts.NewIPOpt(&config.Bridge.DefaultIP, "0.0.0.0"), []string{"#ip", "-ip"}, usageFn("Default IP when binding container ports"))
 	cmd.BoolVar(&config.Bridge.EnableUserlandProxy, []string{"-userland-proxy"}, true, usageFn("Use userland proxy for loopback traffic"))
 	cmd.BoolVar(&config.EnableCors, []string{"#api-enable-cors", "#-api-enable-cors"}, false, usageFn("Enable CORS headers in the remote API, this is deprecated by --api-cors-header"))
 	cmd.StringVar(&config.CorsHeaders, []string{"-api-cors-header"}, "", usageFn("Set CORS headers in the remote API"))
diff --git a/graph/tags.go b/graph/tags.go
index 9deb463735..f477cd2d8b 100644
--- a/graph/tags.go
+++ b/graph/tags.go
@@ -40,7 +40,7 @@ type TagStore struct {
 	pushingPool     map[string]chan struct{}
 	registryService *registry.Service
 	eventsService   *events.Events
-	trustService    *trust.TrustStore
+	trustService    *trust.Store
 }
 
 // Repository maps tags to image IDs.
@@ -77,7 +77,7 @@ type TagStoreConfig struct {
 	// Events is the events service to use for logging.
 	Events *events.Events
 	// Trust is the trust service to use for push and pull operations.
-	Trust *trust.TrustStore
+	Trust *trust.Store
 }
 
 // NewTagStore creates a new TagStore at specified path, using the parameters
diff --git a/opts/ip_test.go b/opts/ip_test.go
index 0bbee76169..1027d84a05 100644
--- a/opts/ip_test.go
+++ b/opts/ip_test.go
@@ -10,7 +10,7 @@ func TestIpOptString(t *testing.T) {
 	var ip net.IP
 
 	for _, address := range addresses {
-		stringAddress := NewIpOpt(&ip, address).String()
+		stringAddress := NewIPOpt(&ip, address).String()
 		if stringAddress != address {
 			t.Fatalf("IpOpt string should be `%s`, not `%s`", address, stringAddress)
 		}
@@ -21,7 +21,7 @@ func TestNewIpOptInvalidDefaultVal(t *testing.T) {
 	ip := net.IPv4(127, 0, 0, 1)
 	defaultVal := "Not an ip"
 
-	ipOpt := NewIpOpt(&ip, defaultVal)
+	ipOpt := NewIPOpt(&ip, defaultVal)
 
 	expected := "127.0.0.1"
 	if ipOpt.String() != expected {
@@ -33,7 +33,7 @@ func TestNewIpOptValidDefaultVal(t *testing.T) {
 	ip := net.IPv4(127, 0, 0, 1)
 	defaultVal := "192.168.1.1"
 
-	ipOpt := NewIpOpt(&ip, defaultVal)
+	ipOpt := NewIPOpt(&ip, defaultVal)
 
 	expected := "192.168.1.1"
 	if ipOpt.String() != expected {
@@ -43,7 +43,7 @@ func TestNewIpOptValidDefaultVal(t *testing.T) {
 
 func TestIpOptSetInvalidVal(t *testing.T) {
 	ip := net.IPv4(127, 0, 0, 1)
-	ipOpt := &IpOpt{IP: &ip}
+	ipOpt := &IPOpt{IP: &ip}
 
 	invalidIP := "invalid ip"
 	expectedError := "invalid ip is not an ip address"
diff --git a/trust/service.go b/trust/service.go
index 6a804faf52..b02eca6b45 100644
--- a/trust/service.go
+++ b/trust/service.go
@@ -8,13 +8,16 @@ import (
 	"github.com/docker/libtrust"
 )
 
+// NotVerifiedError implements the error interface
 type NotVerifiedError string
 
 func (e NotVerifiedError) Error() string {
 	return string(e)
 }
 
-func (t *TrustStore) CheckKey(ns string, key []byte, perm uint16) (bool, error) {
+// CheckKey verifies that the given public key is allowed to perform
+// the given action on the given node according to the trust graph.
+func (t *Store) CheckKey(ns string, key []byte, perm uint16) (bool, error) {
 	if len(key) == 0 {
 		return false, fmt.Errorf("Missing PublicKey")
 	}
@@ -48,6 +51,8 @@ func (t *TrustStore) CheckKey(ns string, key []byte, perm uint16) (bool, error)
 	return true, nil
 }
 
-func (t *TrustStore) UpdateBase() {
+// UpdateBase retrieves updated base graphs.  This function cannot error, it
+// should only log errors
+func (t *Store) UpdateBase() {
 	t.fetch()
 }
diff --git a/trust/trusts.go b/trust/trusts.go
index dd30869daf..1205c2d408 100644
--- a/trust/trusts.go
+++ b/trust/trusts.go
@@ -17,7 +17,8 @@ import (
 	"github.com/docker/libtrust/trustgraph"
 )
 
-type TrustStore struct {
+// Store defines a TrustStore
+type Store struct {
 	path          string
 	caPool        *x509.CertPool
 	graph         trustgraph.TrustGraph
@@ -38,7 +39,9 @@ const defaultFetchtime = 45 * time.Second
 
 var baseEndpoints = map[string]string{"official": "https://dvjy3tqbc323p.cloudfront.net/trust/official.json"}
 
-func NewTrustStore(path string) (*TrustStore, error) {
+// NewTrustStore creates from a given path, if the path is not
+// relative, it will be joined with the working directory.
+func NewTrustStore(path string) (*Store, error) {
 	abspath, err := filepath.Abs(path)
 	if err != nil {
 		return nil, err
@@ -55,7 +58,7 @@ func NewTrustStore(path string) (*TrustStore, error) {
 	}
 
 	// Load grant files
-	t := &TrustStore{
+	t := &Store{
 		path:          abspath,
 		caPool:        nil,
 		httpClient:    &http.Client{},
@@ -70,7 +73,7 @@ func NewTrustStore(path string) (*TrustStore, error) {
 	return t, nil
 }
 
-func (t *TrustStore) reload() error {
+func (t *Store) reload() error {
 	t.Lock()
 	defer t.Unlock()
 
@@ -121,7 +124,7 @@ func (t *TrustStore) reload() error {
 	return nil
 }
 
-func (t *TrustStore) fetchBaseGraph(u *url.URL) (*trustgraph.Statement, error) {
+func (t *Store) fetchBaseGraph(u *url.URL) (*trustgraph.Statement, error) {
 	req := &http.Request{
 		Method:     "GET",
 		URL:        u,
@@ -148,7 +151,7 @@ func (t *TrustStore) fetchBaseGraph(u *url.URL) (*trustgraph.Statement, error) {
 
 // fetch retrieves updated base graphs.  This function cannot error, it
 // should only log errors
-func (t *TrustStore) fetch() {
+func (t *Store) fetch() {
 	t.Lock()
 	defer t.Unlock()