Fix dot linter

.golangci.yml

@@ -42,5 +42,4 @@ linters:
     # TODO: Revisit after the refactor
     - gocognit
     - testpackage
-    - godot
     - nestif

pkg/apperrors/apperrors.go

@@ -83,7 +83,7 @@ var (
 	ErrStartRedirectHTTP = errors.New("failed to start http redirect service")
 	ErrStartAdminHTTP    = errors.New("failed to start admin service")
 
-	// config errors
+	// config errors.
 
 	ErrNoRedirectsWithEnableRefreshTokensInvalid = errors.New("no-redirects true cannot be enabled with refresh tokens")
 	ErrInvalidPostLoginRedirectPath              = errors.New("post login redirect path invalid, should be only path not absolute url (no hostname, scheme)")

pkg/authorization/resource.go

@@ -25,7 +25,7 @@ import (
 	"github.com/gogatekeeper/gatekeeper/pkg/utils"
 )
 
-// Resource represents a url resource to protect
+// Resource represents a url resource to protect.
 type Resource struct {
 	// URL the url for the resource
 	URL string `json:"uri" yaml:"uri"`
@@ -171,22 +171,22 @@ func (r *Resource) Valid() error {
 	return nil
 }
 
-// GetRoles returns a list of roles for this resource
+// GetRoles returns a list of roles for this resource.
 func (r Resource) GetRoles() string {
 	return strings.Join(r.Roles, ",")
 }
 
-// GetAcr returns a list of authentication levels for this resource
+// GetAcr returns a list of authentication levels for this resource.
 func (r Resource) GetAcr() string {
 	return strings.Join(r.Acr, ",")
 }
 
-// GetHeaders returns a list of headers for this resource
+// GetHeaders returns a list of headers for this resource.
 func (r Resource) GetHeaders() string {
 	return strings.Join(r.Headers, ",")
 }
 
-// String returns a string representation of the resource
+// String returns a string representation of the resource.
 func (r Resource) String() string {
 	if r.WhiteListed {
 		return fmt.Sprintf("uri: %s, white-listed", r.URL)

pkg/constant/constant.go

@@ -42,7 +42,7 @@ const (
 	IDTokenCookie      = "id_token"
 	UMACookie          = "uma_token"
 	// case is like this because go net package canonicalizes it
-	// to this form, see net package
+	// to this form, see net package.
 	UMAHeader      = "X-Uma-Token"
 	UnsecureScheme = "http"
 	SecureScheme   = "https"
@@ -62,7 +62,7 @@ const (
 
 	DurationType = "time.Duration"
 
-	// SameSite cookie config options
+	// SameSite cookie config options.
 	SameSiteStrict = "Strict"
 	SameSiteLax    = "Lax"
 	SameSiteNone   = "None"

pkg/encryption/rotation.go

@@ -40,7 +40,7 @@ type CertificationRotation struct {
 	rotationMetric *prometheus.Counter
 }
 
-// newCertificateRotator creates a new certificate
+// newCertificateRotator creates a new certificate.
 func NewCertificateRotator(cert, key string, log *zap.Logger, metric *prometheus.Counter) (*CertificationRotation, error) {
 	// step: attempt to load the certificate
 	certificate, err := tls.LoadX509KeyPair(cert, key)
@@ -59,7 +59,7 @@ func NewCertificateRotator(cert, key string, log *zap.Logger, metric *prometheus
 	}, nil
 }
 
-// watch is responsible for adding a file notification and watch on the files for changes
+// watch is responsible for adding a file notification and watch on the files for changes.
 func (c *CertificationRotation) Watch() error {
 	c.log.Info(
 		"adding a file watch on the certificates, certificate",
@@ -115,7 +115,7 @@ func (c *CertificationRotation) Watch() error {
 	return nil
 }
 
-// storeCertificate provides entrypoint to update the certificate
+// storeCertificate provides entrypoint to update the certificate.
 func (c *CertificationRotation) storeCertificate(certifacte tls.Certificate) error {
 	c.Lock()
 	defer c.Unlock()
@@ -124,7 +124,7 @@ func (c *CertificationRotation) storeCertificate(certifacte tls.Certificate) err
 	return nil
 }
 
-// GetCertificate is responsible for retrieving
+// GetCertificate is responsible for retrieving.
 func (c *CertificationRotation) GetCertificate(_ *tls.ClientHelloInfo) (*tls.Certificate, error) {
 	c.RLock()
 	defer c.RUnlock()

pkg/encryption/self_signed.go

@@ -51,7 +51,7 @@ type SelfSignedCertificate struct {
 	cancel context.CancelFunc
 }
 
-// newSelfSignedCertificate creates and returns a self signed certificate manager
+// newSelfSignedCertificate creates and returns a self signed certificate manager.
 func NewSelfSignedCertificate(hostnames []string, expiry time.Duration, log *zap.Logger) (*SelfSignedCertificate, error) {
 	if len(hostnames) == 0 {
 		return nil, apperrors.ErrCertSelfNoHostname
@@ -99,7 +99,7 @@ func NewSelfSignedCertificate(hostnames []string, expiry time.Duration, log *zap
 	return svc, nil
 }
 
-// rotate is responsible for rotation the certificate
+// rotate is responsible for rotation the certificate.
 func (c *SelfSignedCertificate) rotate(ctx context.Context) error {
 	go func() {
 		c.log.Info("starting the self-signed certificate rotation",
@@ -136,28 +136,28 @@ func (c *SelfSignedCertificate) rotate(ctx context.Context) error {
 }
 
 // Deprecated:unused
-// close is used to shutdown resources
+// close is used to shutdown resources.
 func (c *SelfSignedCertificate) close() {
 	c.cancel()
 }
 
-// updateCertificate is responsible for update the certificate
+// updateCertificate is responsible for update the certificate.
 func (c *SelfSignedCertificate) updateCertificate(cert tls.Certificate) {
 	c.Lock()
 	defer c.Unlock()
 
 	c.certificate = cert
 }
 
-// GetCertificate is responsible for retrieving
+// GetCertificate is responsible for retrieving.
 func (c *SelfSignedCertificate) GetCertificate(_ *tls.ClientHelloInfo) (*tls.Certificate, error) {
 	c.RLock()
 	defer c.RUnlock()
 
 	return &c.certificate, nil
 }
 
-// createCertificate is responsible for creating a certificate
+// createCertificate is responsible for creating a certificate.
 func CreateCertificate(key *ed25519.PrivateKey, hostnames []string, expire time.Duration) (tls.Certificate, error) {
 	// @step: create a serial for the certificate
 	serial, err := rand.Int(rand.Reader, new(big.Int).Lsh(big.NewInt(1), constant.SelfSignedMaxSerialBits))
@@ -208,7 +208,7 @@ func CreateCertificate(key *ed25519.PrivateKey, hostnames []string, expire time.
 	return tls.X509KeyPair(certPEM, keyPEM)
 }
 
-// loadCA loads the certificate authority
+// loadCA loads the certificate authority.
 func LoadCA(cert, key string) (*tls.Certificate, error) {
 	caCert, err := os.ReadFile(cert)
 

pkg/encryption/text_encryption.go

@@ -11,7 +11,7 @@ import (
 	"github.com/gogatekeeper/gatekeeper/pkg/apperrors"
 )
 
-// encryptDataBlock encrypts the plaintext string with the key
+// encryptDataBlock encrypts the plaintext string with the key.
 func EncryptDataBlock(plaintext, key []byte) ([]byte, error) {
 	block, err := aes.NewCipher(key)
 
@@ -34,7 +34,7 @@ func EncryptDataBlock(plaintext, key []byte) ([]byte, error) {
 	return gcm.Seal(nonce, nonce, plaintext, nil), nil
 }
 
-// decryptDataBlock decrypts some cipher text
+// decryptDataBlock decrypts some cipher text.
 func DecryptDataBlock(cipherText, key []byte) ([]byte, error) {
 	block, err := aes.NewCipher(key)
 
@@ -59,7 +59,7 @@ func DecryptDataBlock(cipherText, key []byte) ([]byte, error) {
 	return gcm.Open(nil, nonce, input, nil)
 }
 
-// encodeText encodes the session state information into a value for a cookie to consume
+// encodeText encodes the session state information into a value for a cookie to consume.
 func EncodeText(plaintext string, key string) (string, error) {
 	cipherText, err := EncryptDataBlock([]byte(plaintext), []byte(key))
 
@@ -70,7 +70,7 @@ func EncodeText(plaintext string, key string) (string, error) {
 	return base64.RawStdEncoding.EncodeToString(cipherText), nil
 }
 
-// decodeText decodes the session state cookie value
+// decodeText decodes the session state cookie value.
 func DecodeText(state, key string) (string, error) {
 	cipherText, err := base64.RawStdEncoding.DecodeString(state)
 

pkg/google/config/config.go

@@ -173,7 +173,6 @@ type Config struct {
 	IsDiscoverURILegacy             bool
 }
 
-// NewDefaultConfig returns a initialized config
 func NewDefaultConfig() *Config {
 	var hostnames []string
 	if name, err := os.Hostname(); err == nil {
@@ -265,7 +264,7 @@ func (r *Config) GetDefaultAllowedQueryParams() map[string]string {
 	return r.DefaultAllowedQueryParams
 }
 
-// readConfigFile reads and parses the configuration file
+// readConfigFile reads and parses the configuration file.
 func (r *Config) ReadConfigFile(filename string) error {
 	content, err := os.ReadFile(filename)
 
@@ -299,7 +298,7 @@ func (r *Config) Update() error {
 	return nil
 }
 
-// IsValid validates if the config is valid
+// IsValid validates if the config is valid.
 func (r *Config) IsValid() error {
 	if r.ListenAdmin == r.Listen {
 		r.ListenAdmin = ""
@@ -332,17 +331,14 @@ func (r *Config) IsValid() error {
 	return nil
 }
 
-// HasCustomSignInPage checks if there is a custom sign in  page
 func (r *Config) HasCustomSignInPage() bool {
 	return r.SignInPage != ""
 }
 
-// HasForbiddenPage checks if there is a custom forbidden page
 func (r *Config) HasCustomForbiddenPage() bool {
 	return r.ForbiddenPage != ""
 }
 
-// HasCustomErrorPage checks if there is a custom error page
 func (r *Config) HasCustomErrorPage() bool {
 	return r.ErrorPage != ""
 }

pkg/keycloak/config/config.go

@@ -183,7 +183,6 @@ type Config struct {
 	IsDiscoverURILegacy             bool
 }
 
-// NewDefaultConfig returns a initialized config
 func NewDefaultConfig() *Config {
 	var hostnames []string
 	if name, err := os.Hostname(); err == nil {
@@ -278,7 +277,7 @@ func (r *Config) GetDefaultAllowedQueryParams() map[string]string {
 	return r.DefaultAllowedQueryParams
 }
 
-// readConfigFile reads and parses the configuration file
+// readConfigFile reads and parses the configuration file.
 func (r *Config) ReadConfigFile(filename string) error {
 	content, err := os.ReadFile(filename)
 
@@ -312,7 +311,7 @@ func (r *Config) Update() error {
 	return nil
 }
 
-// IsValid validates if the config is valid
+// IsValid validates if the config is valid.
 func (r *Config) IsValid() error {
 	if r.ListenAdmin == r.Listen {
 		r.ListenAdmin = ""
@@ -347,17 +346,14 @@ func (r *Config) IsValid() error {
 	return nil
 }
 
-// HasCustomSignInPage checks if there is a custom sign in  page
 func (r *Config) HasCustomSignInPage() bool {
 	return r.SignInPage != ""
 }
 
-// HasForbiddenPage checks if there is a custom forbidden page
 func (r *Config) HasCustomForbiddenPage() bool {
 	return r.ForbiddenPage != ""
 }
 
-// HasCustomErrorPage checks if there is a custom error page
 func (r *Config) HasCustomErrorPage() bool {
 	return r.ErrorPage != ""
 }

pkg/keycloak/proxy/forwarding.go

@@ -23,7 +23,7 @@ import (
 	"go.uber.org/zap"
 )
 
-// forwardProxyHandler is responsible for signing outbound requests
+// forwardProxyHandler is responsible for signing outbound requests.
 func forwardProxyHandler(
 	logger *zap.Logger,
 	pat *PAT,

pkg/keycloak/proxy/misc.go

@@ -230,7 +230,7 @@ func WithUMAIdentity(
 	return authzFunc(targetPath, umaUser.Permissions)
 }
 
-// getRPT retrieves relaying party token
+// getRPT retrieves relaying party token.
 func getRPT(
 	ctx context.Context,
 	pat *PAT,

pkg/keycloak/proxy/server.go

@@ -171,7 +171,7 @@ func NewProxy(config *config.Config, log *zap.Logger, upstream core.ReverseProxy
 	return svc, nil
 }
 
-// createLogger is responsible for creating the service logger
+// createLogger is responsible for creating the service logger.
 func createLogger(config *config.Config) (*zap.Logger, error) {
 	httplog.SetOutput(io.Discard) // disable the http logger
 
@@ -202,7 +202,7 @@ func createLogger(config *config.Config) (*zap.Logger, error) {
 	return cfg.Build()
 }
 
-// useDefaultStack sets the default middleware stack for router
+// useDefaultStack sets the default middleware stack for router.
 func (r *OauthProxy) useDefaultStack(engine chi.Router, accessForbidden func(wrt http.ResponseWriter, req *http.Request) context.Context) {
 	engine.NotFound(handlers.EmptyHandler)
 
@@ -1065,7 +1065,7 @@ func (r *OauthProxy) Run() (context.Context, error) {
 	return ctx, nil
 }
 
-// Shutdown finishes the proxy service with gracefully period
+// Shutdown finishes the proxy service with gracefully period.
 func (r *OauthProxy) Shutdown() error {
 	ctx, cancel := context.WithTimeout(
 		context.Background(),
@@ -1100,7 +1100,7 @@ func (r *OauthProxy) Shutdown() error {
 	return err
 }
 
-// listenerConfig encapsulate listener options
+// listenerConfig encapsulate listener options.
 type listenerConfig struct {
 	hostnames           []string // list of hostnames the service will respond to
 	ca                  string   // the path to a certificate authority
@@ -1117,7 +1117,7 @@ type listenerConfig struct {
 	useSelfSignedTLS    bool     // indicates we are using the self-signed tls
 }
 
-// makeListenerConfig extracts a listener configuration from a proxy Config
+// makeListenerConfig extracts a listener configuration from a proxy Config.
 func makeListenerConfig(config *config.Config) listenerConfig {
 	var minTLSVersion uint16
 	switch strings.ToLower(config.TLSMinVersion) {
@@ -1148,10 +1148,10 @@ func makeListenerConfig(config *config.Config) listenerConfig {
 	}
 }
 
-// ErrHostNotConfigured indicates the hostname was not configured
+// ErrHostNotConfigured indicates the hostname was not configured.
 var ErrHostNotConfigured = errors.New("acme/autocert: host not configured")
 
-// createHTTPListener is responsible for creating a listening socket
+// createHTTPListener is responsible for creating a listening socket.
 //
 //nolint:cyclop
 func (r *OauthProxy) createHTTPListener(config listenerConfig) (net.Listener, error) {
@@ -1304,7 +1304,7 @@ func (r *OauthProxy) createHTTPListener(config listenerConfig) (net.Listener, er
 	return listener, nil
 }
 
-// createUpstreamProxy create a reverse http proxy from the upstream
+// createUpstreamProxy create a reverse http proxy from the upstream.
 func (r *OauthProxy) createUpstreamProxy(upstream *url.URL) error {
 	dialer := (&net.Dialer{
 		KeepAlive: r.Config.UpstreamKeepaliveTimeout,
@@ -1417,7 +1417,7 @@ func (r *OauthProxy) createUpstreamProxy(upstream *url.URL) error {
 	return nil
 }
 
-// createTemplates loads the custom template
+// createTemplates loads the custom template.
 func createTemplates(
 	logger *zap.Logger,
 	signInPage string,
@@ -1489,7 +1489,7 @@ func (r OpenIDRoundTripper) RoundTrip(req *http.Request) (*http.Response, error)
 }
 
 // newOpenIDProvider initializes the openID configuration, note: the redirection url is deliberately left blank
-// in order to retrieve it from the host header on request
+// in order to retrieve it from the host header on request.
 func (r *OauthProxy) NewOpenIDProvider() (*oidc3.Provider, *gocloak.GoCloak, error) {
 	host := fmt.Sprintf(
 		"%s://%s",