address comments

Author: phbnf

internal/scti/handlers_test.go

@@ -321,38 +321,36 @@ func TestNewPathHandlers(t *testing.T) {
 
 func TestGetRoots(t *testing.T) {
 	log := setupTestLog(t)
-	server := setupTestServer(t, log, path.Join(prefix, "ct/v1/get-roots"))
+	server := setupTestServer(t, log, path.Join(prefix, types.GetRootsPath))
 	defer server.Close()
 
-	t.Run("get-roots", func(t *testing.T) {
-		resp, err := http.Get(server.URL + path.Join(prefix, "ct/v1/get-roots"))
-		if err != nil {
-			t.Fatalf("Failed to get roots: %v", err)
-		}
+	resp, err := http.Get(server.URL + path.Join(prefix, types.GetRootsPath))
+	if err != nil {
+		t.Fatalf("Failed to get roots: %v", err)
+	}
 
-		if resp.StatusCode != http.StatusOK {
-			t.Errorf("Unexpected status code: %v", resp.StatusCode)
-		}
+	if resp.StatusCode != http.StatusOK {
+		t.Errorf("Unexpected status code: %v", resp.StatusCode)
+	}
 
-		var roots types.GetRootsResponse
-		err = json.NewDecoder(resp.Body).Decode(&roots)
-		if err != nil {
-			t.Errorf("Failed to decode response: %v", err)
-		}
+	var roots types.GetRootsResponse
+	err = json.NewDecoder(resp.Body).Decode(&roots)
+	if err != nil {
+		t.Errorf("Failed to decode response: %v", err)
+	}
 
-		if got, want := len(roots.Certificates), 1; got != want {
-			t.Errorf("Unexpected number of certificates: got %d, want %d", got, want)
-		}
+	if got, want := len(roots.Certificates), 1; got != want {
+		t.Errorf("Unexpected number of certificates: got %d, want %d", got, want)
+	}
 
-		got, err := base64.StdEncoding.DecodeString(roots.Certificates[0])
-		if err != nil {
-			t.Errorf("Failed to decode certificate: %v", err)
-		}
-		want, _ := pem.Decode([]byte(testdata.CACertPEM))
-		if !bytes.Equal(got, want.Bytes) {
-			t.Errorf("Unexpected root: got %s, want %s", roots.Certificates[0], base64.StdEncoding.EncodeToString(want.Bytes))
-		}
-	})
+	got, err := base64.StdEncoding.DecodeString(roots.Certificates[0])
+	if err != nil {
+		t.Errorf("Failed to decode certificate: %v", err)
+	}
+	want, _ := pem.Decode([]byte(testdata.CACertPEM))
+	if !bytes.Equal(got, want.Bytes) {
+		t.Errorf("Unexpected root: got %s, want %s", roots.Certificates[0], base64.StdEncoding.EncodeToString(want.Bytes))
+	}
 }
 
 // TODO(phboneff): this could just be a parseBodyJSONChain test
@@ -413,12 +411,12 @@ func TestAddChainWhitespace(t *testing.T) {
 	}
 
 	log := setupTestLog(t)
-	server := setupTestServer(t, log, path.Join(prefix, "ct/v1/add-chain"))
+	server := setupTestServer(t, log, path.Join(prefix, types.AddChainPath))
 	defer server.Close()
 
 	for _, test := range tests {
 		t.Run(test.descr, func(t *testing.T) {
-			resp, err := http.Post(server.URL+"/ct/v1/add-chain", "application/json", strings.NewReader(test.body))
+			resp, err := http.Post(server.URL+types.AddChainPath, "application/json", strings.NewReader(test.body))
 			if err != nil {
 				t.Fatalf("http.Post(%s)=(_,%q); want (_,nil)", types.AddChainPath, err)
 			}
@@ -459,15 +457,15 @@ func TestAddChain(t *testing.T) {
 	}
 
 	log := setupTestLog(t)
-	server := setupTestServer(t, log, path.Join(prefix, "ct/v1/add-chain"))
+	server := setupTestServer(t, log, path.Join(prefix, types.AddChainPath))
 	defer server.Close()
 
 	for _, test := range tests {
 		t.Run(test.descr, func(t *testing.T) {
 			pool := loadCertsIntoPoolOrDie(t, test.chain)
 			chain := createJSONChain(t, *pool)
 
-			resp, err := http.Post(server.URL+"/ct/v1/add-chain", "application/json", chain)
+			resp, err := http.Post(server.URL+types.AddChainPath, "application/json", chain)
 			if err != nil {
 				t.Fatalf("http.Post(%s)=(_,%q); want (_,nil)", types.AddChainPath, err)
 			}
@@ -535,15 +533,15 @@ func TestAddPreChain(t *testing.T) {
 	}
 
 	log := setupTestLog(t)
-	server := setupTestServer(t, log, path.Join(prefix, "ct/v1/add-pre-chain"))
+	server := setupTestServer(t, log, path.Join(prefix, types.AddPreChainPath))
 	defer server.Close()
 
 	for _, test := range tests {
 		t.Run(test.descr, func(t *testing.T) {
 			pool := loadCertsIntoPoolOrDie(t, test.chain)
 			chain := createJSONChain(t, *pool)
 
-			resp, err := http.Post(server.URL+"/ct/v1/add-pre-chain", "application/json", chain)
+			resp, err := http.Post(server.URL+types.AddPreChainPath, "application/json", chain)
 			if err != nil {
 				t.Fatalf("http.Post(%s)=(_,%q); want (_,nil)", types.AddPreChainPath, err)
 			}

internal/testonly/storage/posix/issuers.go

@@ -12,6 +12,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+// package posix implements a test issuer storage system on a local filesystem.
+// It is not fit for production use.
 package posix
 
 import (
@@ -36,15 +38,16 @@ type IssuersStorage string
 func NewIssuerStorage(path string) (IssuersStorage, error) {
 	// Does nothing if the dictory already exists.
 	if err := os.MkdirAll(path, 0755); err != nil {
-		return "", fmt.Errorf("failed to create path %q: %w", path, err)
+		return "", fmt.Errorf("failed to create path %q: %v", path, err)
 	}
 	return IssuersStorage(path), nil
 }
 
 // keyToObjName converts bytes to filesystem path.
 //
 // empty keys, and keys including a '/' character are not allowed to avoid
-// confusion with directory names.
+// confusion with directory names. This list of exclusions is not exhaustive,
+// and does not guarantee that it will fit all filesystems.
 func (s IssuersStorage) keyToObjName(key []byte) (string, error) {
 	if string(key) == "" {
 		return "", fmt.Errorf("key cannot be empty")
@@ -66,15 +69,14 @@ func (s IssuersStorage) AddIssuersIfNotExist(_ context.Context, kv []storage.KV)
 		if f, err := os.ReadFile(objName); err != nil {
 			if errors.Is(err, os.ErrNotExist) {
 				if err := os.WriteFile(objName, kv.V, 0644); err != nil {
-					return fmt.Errorf("failed to write object %q: %w", objName, err)
+					return fmt.Errorf("failed to write object %q: %v", objName, err)
 				}
 				klog.V(2).Infof("AddIssuersIfNotExist: added %q", objName)
 				continue
-			} else {
-				return fmt.Errorf("failed to read object %q: %w", objName, err)
 			}
+			return fmt.Errorf("failed to read object %q: %v", objName, err)
 		} else if bytes.Equal(f, kv.V) {
-			klog.V(2).Infof("AddIssuersIfNotExist: object %q already exists, continuing", objName)
+			klog.V(2).Infof("AddIssuersIfNotExist: object %q already exists with identical contents, continuing", objName)
 			continue
 		}
 		return fmt.Errorf("object %q already exists with different content", objName)