*: reflow comments to 80 characters
This reformats the entire Metropolis codebase to have comments no longer
than 80 characters, implementing CR/66.
This has been done half manually, as we don't have a good integration
between commentwrap/Bazel, but that can be implemented if we decide to
go for this tool/limit.
Change-Id: If1fff0b093ef806f5dc00551c11506e8290379d0
diff --git a/metropolis/pkg/pki/ca.go b/metropolis/pkg/pki/ca.go
index bbed085..5ab1089 100644
--- a/metropolis/pkg/pki/ca.go
+++ b/metropolis/pkg/pki/ca.go
@@ -33,16 +33,19 @@
// certificates, and any other Certificate that has been created with CA(),
// which makes this Certificate act as a CA and issue (sign) ceritficates.
type Issuer interface {
- // CACertificate returns the DER-encoded x509 certificate of the CA that will sign certificates when Issue is
- // called, or nil if this is self-signing issuer.
+ // CACertificate returns the DER-encoded x509 certificate of the CA that
+ // will sign certificates when Issue is called, or nil if this is
+ // self-signing issuer.
CACertificate(ctx context.Context, kv clientv3.KV) ([]byte, error)
- // Issue will generate a key and certificate signed by the Issuer. The returned certificate is x509 DER-encoded,
- // while the key is a bare ed25519 key.
+ // Issue will generate a key and certificate signed by the Issuer. The
+ // returned certificate is x509 DER-encoded, while the key is a bare
+ // ed25519 key.
Issue(ctx context.Context, req *Certificate, kv clientv3.KV) (cert, key []byte, err error)
}
-// issueCertificate is a generic low level certificate-and-key issuance function. If ca or cakey is null, the
-// certificate will be self-signed. The returned certificate is DER-encoded, while the returned key is internal.
+// issueCertificate is a generic low level certificate-and-key issuance
+// function. If ca or cakey is null, the certificate will be self-signed. The
+// returned certificate is DER-encoded, while the returned key is internal.
func issueCertificate(req *Certificate, ca *x509.Certificate, caKey interface{}) (cert, key []byte, err error) {
var privKey ed25519.PrivateKey
var pubKey ed25519.PublicKey
@@ -75,7 +78,8 @@
req.template.BasicConstraintsValid = true
req.template.SubjectKeyId = skid
- // Set the AuthorityKeyID to the SKID of the signing certificate (or self, if self-signing).
+ // Set the AuthorityKeyID to the SKID of the signing certificate (or self,
+ // if self-signing).
if ca != nil && caKey != nil {
req.template.AuthorityKeyId = ca.AuthorityKeyId
} else {
diff --git a/metropolis/pkg/pki/certificate.go b/metropolis/pkg/pki/certificate.go
index ff60f73..c0a1f53 100644
--- a/metropolis/pkg/pki/certificate.go
+++ b/metropolis/pkg/pki/certificate.go
@@ -37,7 +37,8 @@
prefix string
}
-// Namespaced creates a namespace for storing certificate data in etcd at a given 'path' prefix.
+// Namespaced creates a namespace for storing certificate data in etcd at a
+// given 'path' prefix.
func Namespaced(prefix string) Namespace {
return Namespace{
prefix: prefix,
@@ -91,7 +92,7 @@
// Client makes a Kubernetes PKI-compatible client certificate template.
// Directly derived from Kubernetes PKI requirements documented at
-// https://kubernetes.io/docs/setup/best-practices/certificates/#configure-certificates-manually
+// https://kubernetes.io/docs/setup/best-practices/certificates/#configure-certificates-manually
func Client(identity string, groups []string) x509.Certificate {
return x509.Certificate{
Subject: pkix.Name{
diff --git a/metropolis/pkg/pki/x509.go b/metropolis/pkg/pki/x509.go
index d2affe8..e198902 100644
--- a/metropolis/pkg/pki/x509.go
+++ b/metropolis/pkg/pki/x509.go
@@ -30,12 +30,12 @@
unknownNotAfter = time.Unix(253402300799, 0)
)
-// Workaround for https://github.com/golang/go/issues/26676 in Go's crypto/x509. Specifically Go
-// violates Section 4.2.1.2 of RFC 5280 without this.
-// Fixed for 1.15 in https://go-review.googlesource.com/c/go/+/227098/.
+// Workaround for https://github.com/golang/go/issues/26676 in Go's
+// crypto/x509. Specifically Go violates Section 4.2.1.2 of RFC 5280 without
+// this. Fixed for 1.15 in https://go-review.googlesource.com/c/go/+/227098/.
//
-// Taken from https://github.com/FiloSottile/mkcert/blob/master/cert.go#L295 written by one of Go's
-// crypto engineers
+// Taken from https://github.com/FiloSottile/mkcert/blob/master/cert.go#L295
+// Written by one of Go's crypto engineers
//
// TODO(lorenz): remove this once we migrate to Go 1.15.
func calculateSKID(pubKey crypto.PublicKey) ([]byte, error) {