From ca73cc9084ec0142b08404cfb9d960cba965aae5 Mon Sep 17 00:00:00 2001
From: Chrono <chrono_cpp@me.com>
Date: Tue, 17 Jan 2023 18:15:14 +0800
Subject: [PATCH] style(core/runloop):  style clean for certificate.lua
 (#10119)

* localize vars
* fix fetch_ca_certificates
* CA_KEY
---
 kong/runloop/certificate.lua | 30 ++++++++++++++++++++----------
 1 file changed, 20 insertions(+), 10 deletions(-)

diff --git a/kong/runloop/certificate.lua b/kong/runloop/certificate.lua
index b4c0f6102c2..e7865bfeea5 100644
--- a/kong/runloop/certificate.lua
+++ b/kong/runloop/certificate.lua
@@ -19,15 +19,26 @@ local set_cert = ngx_ssl.set_cert
 local set_priv_key = ngx_ssl.set_priv_key
 local tb_concat   = table.concat
 local tb_sort   = table.sort
+local kong = kong
+local type = type
+local error = error
+local assert = assert
 local tostring = tostring
 local ipairs = ipairs
 local ngx_md5 = ngx.md5
+local ngx_exit = ngx.exit
+local ngx_ERROR = ngx.ERROR
 
 
 local default_cert_and_key
 
 local DEFAULT_SNI = "*"
 
+local CA_KEY = {
+  id = "",
+}
+
+
 local function log(lvl, ...)
   ngx_log(lvl, "[ssl] ", ...)
 end
@@ -244,13 +255,13 @@ local function execute()
   local sn, err = server_name()
   if err then
     log(ERR, "could not retrieve SNI: ", err)
-    return ngx.exit(ngx.ERROR)
+    return ngx_exit(ngx_ERROR)
   end
 
   local cert_and_key, err = find_certificate(sn)
   if err then
     log(ERR, err)
-    return ngx.exit(ngx.ERROR)
+    return ngx_exit(ngx_ERROR)
   end
 
   if cert_and_key == default_cert_and_key then
@@ -263,32 +274,32 @@ local function execute()
   local ok, err = clear_certs()
   if not ok then
     log(ERR, "could not clear existing (default) certificates: ", err)
-    return ngx.exit(ngx.ERROR)
+    return ngx_exit(ngx_ERROR)
   end
 
   ok, err = set_cert(cert_and_key.cert)
   if not ok then
     log(ERR, "could not set configured certificate: ", err)
-    return ngx.exit(ngx.ERROR)
+    return ngx_exit(ngx_ERROR)
   end
 
   ok, err = set_priv_key(cert_and_key.key)
   if not ok then
     log(ERR, "could not set configured private key: ", err)
-    return ngx.exit(ngx.ERROR)
+    return ngx_exit(ngx_ERROR)
   end
 
   if cert_and_key.cert_alt and cert_and_key.key_alt then
     ok, err = set_cert(cert_and_key.cert_alt)
     if not ok then
       log(ERR, "could not set alternate configured certificate: ", err)
-      return ngx.exit(ngx.ERROR)
+      return ngx_exit(ngx_ERROR)
     end
 
     ok, err = set_priv_key(cert_and_key.key_alt)
     if not ok then
       log(ERR, "could not set alternate configured private key: ", err)
-      return ngx.exit(ngx.ERROR)
+      return ngx_exit(ngx_ERROR)
     end
   end
 end
@@ -302,12 +313,11 @@ end
 
 local function fetch_ca_certificates(ca_ids)
   local cas = new_tab(#ca_ids, 0)
-  local key = new_tab(1, 0)
 
   for i, ca_id in ipairs(ca_ids) do
-    key.id = ca_id
+    CA_KEY.id = ca_id
 
-    local obj, err = kong.db.ca_certificates:select(key)
+    local obj, err = kong.db.ca_certificates:select(CA_KEY)
     if not obj then
       if err then
         return nil, err