lint

* reduce staticcheck warnings

cmd/nebula-cert/ca.go

@@ -81,7 +81,7 @@ func parseArgonParameters(memory uint, parallelism uint, iterations uint) (*cert
 	return cert.NewArgon2Parameters(uint32(memory), uint8(parallelism), uint32(iterations)), nil
 }
 
-func ca(args []string, out io.Writer, errOut io.Writer, pr PasswordReader) error {
+func ca(args []string, out io.Writer, _ io.Writer, pr PasswordReader) error {
 	cf := newCaFlags()
 	err := cf.set.Parse(args)
 	if err != nil {

cmd/nebula-cert/keygen.go

@@ -29,7 +29,7 @@ func newKeygenFlags() *keygenFlags {
 	return &cf
 }
 
-func keygen(args []string, out io.Writer, errOut io.Writer) error {
+func keygen(args []string, _ io.Writer, _ io.Writer) error {
 	cf := newKeygenFlags()
 	err := cf.set.Parse(args)
 	if err != nil {

cmd/nebula-cert/main_test.go

@@ -3,7 +3,6 @@ package main
 import (
 	"bytes"
 	"errors"
-	"fmt"
 	"io"
 	"os"
 	"testing"
@@ -77,7 +76,7 @@ func assertHelpError(t *testing.T, err error, msg string) {
 	case *helpError:
 		// good
 	default:
-		t.Fatal(fmt.Sprintf("err was not a helpError: %q, expected %q", err, msg))
+		t.Fatalf("err was not a helpError: %q, expected %q", err, msg)
 	}
 
 	require.EqualError(t, err, msg)

cmd/nebula-cert/p11_stub.go

@@ -10,7 +10,7 @@ func p11Supported() bool {
 	return false
 }
 
-func p11Flag(set *flag.FlagSet) *string {
+func p11Flag(_ *flag.FlagSet) *string {
 	var ret = ""
 	return &ret
 }

cmd/nebula-cert/print.go

@@ -1,12 +1,12 @@
 package main
 
 import (
+	"bytes"
 	"encoding/json"
 	"flag"
 	"fmt"
 	"io"
 	"os"
-	"strings"
 
 	"github.com/skip2/go-qrcode"
 	"github.com/slackhq/nebula/cert"
@@ -29,7 +29,7 @@ func newPrintFlags() *printFlags {
 	return &pf
 }
 
-func printCert(args []string, out io.Writer, errOut io.Writer) error {
+func printCert(args []string, out io.Writer, _ io.Writer) error {
 	pf := newPrintFlags()
 	err := pf.set.Parse(args)
 	if err != nil {
@@ -72,7 +72,7 @@ func printCert(args []string, out io.Writer, errOut io.Writer) error {
 			qrBytes = append(qrBytes, b...)
 		}
 
-		if rawCert == nil || len(rawCert) == 0 || strings.TrimSpace(string(rawCert)) == "" {
+		if len(rawCert) == 0 || len(bytes.TrimSpace(rawCert)) == 0 {
 			break
 		}
 

cmd/nebula-cert/verify.go

@@ -1,12 +1,12 @@
 package main
 
 import (
+	"bytes"
 	"errors"
 	"flag"
 	"fmt"
 	"io"
 	"os"
-	"strings"
 	"time"
 
 	"github.com/slackhq/nebula/cert"
@@ -52,7 +52,7 @@ func verify(args []string, out io.Writer, errOut io.Writer) error {
 			return fmt.Errorf("error while adding ca cert to pool: %w", err)
 		}
 
-		if rawCACert == nil || len(rawCACert) == 0 || strings.TrimSpace(string(rawCACert)) == "" {
+		if len(rawCACert) == 0 || len(bytes.TrimSpace(rawCACert)) == 0 {
 			break
 		}
 	}

cmd/nebula-cert/verify_test.go

@@ -97,7 +97,7 @@ func Test_verify(t *testing.T) {
 	crt, _ := NewTestCert(ca, caPriv, "test-cert", time.Now().Add(time.Hour*-1), time.Now().Add(time.Hour), nil, nil, nil)
 	// Slightly evil hack to modify the certificate after it was sealed to generate an invalid signature
 	pub := crt.PublicKey()
-	for i, _ := range pub {
+	for i := range pub {
 		pub[i] = 0
 	}
 	b, _ = crt.MarshalPEM()

cmd/nebula-service/service.go

@@ -51,10 +51,7 @@ func (p *program) Stop(s service.Service) error {
 
 func fileExists(filename string) bool {
 	_, err := os.Stat(filename)
-	if os.IsNotExist(err) {
-		return false
-	}
-	return true
+	return !os.IsNotExist(err)
 }
 
 func doService(configPath *string, configTest *bool, build string, serviceFlag *string) {