fixing lint issues

gravitational · Dec 6, 2024 · e48a578 · e48a578
1 parent 6ac9944
commit e48a578
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 11 deletions.
diff --git a/lib/auth/grpcserver.go b/lib/auth/grpcserver.go
@@ -2066,6 +2066,7 @@ func (g *GRPCServer) CreateRole(ctx context.Context, req *authpb.CreateRoleReque
 	// creation and updates from defining both port_forwarding and ssh_port_forwarding for the same role. However, when making effective
 	// roles available to nodes it should be possible for both fields to be assigned in order to maintain backwards compatibility with older
 	// agents (similar to a role downgrade).
+	//nolint:staticcheck // this field is preserved for backwards compatibility, but shouldn't be used going forward
 	if req.Role.GetOptions().SSHPortForwarding != nil && req.Role.GetOptions().PortForwarding != nil {
 		return nil, trace.BadParameter("options define both 'port_forwarding' and 'ssh_port_forwarding', only one can be set")
 	}
@@ -2101,6 +2102,7 @@ func (g *GRPCServer) UpdateRole(ctx context.Context, req *authpb.UpdateRoleReque
 	// creation and updates from defining both port_forwarding and ssh_port_forwarding for the same role. However, when making effective
 	// roles available to nodes it should be possible for both fields to be assigned in order to maintain backwards compatibility with older
 	// agents (similar to a role downgrade).
+	//nolint:staticcheck // this field is preserved for backwards compatibility, but shouldn't be used going forward
 	if req.Role.GetOptions().SSHPortForwarding != nil && req.Role.GetOptions().PortForwarding != nil {
 		return nil, trace.BadParameter("options define both 'port_forwarding' and 'ssh_port_forwarding', only one can be set")
 	}
@@ -2136,6 +2138,7 @@ func (g *GRPCServer) UpsertRoleV2(ctx context.Context, req *authpb.UpsertRoleReq
 	// creation and updates from defining both port_forwarding and ssh_port_forwarding for the same role. However, when making effective
 	// roles available to nodes it should be possible for both fields to be assigned in order to maintain backwards compatibility with older
 	// agents (similar to a role downgrade).
+	//nolint:staticcheck // this field is preserved for backwards compatibility, but shouldn't be used going forward
 	if req.Role.GetOptions().SSHPortForwarding != nil && req.Role.GetOptions().PortForwarding != nil {
 		return nil, trace.BadParameter("options define both 'port_forwarding' and 'ssh_port_forwarding', only one can be set")
 	}

diff --git a/lib/srv/forward/sshserver.go b/lib/srv/forward/sshserver.go
@@ -1018,7 +1018,7 @@ func (s *Server) checkTCPIPForwardRequest(ctx context.Context, r *ssh.Request) e
 
 	// RBAC checks are only necessary when connecting to an agentless node
 	if s.targetServer != nil && s.targetServer.IsOpenSSHNode() {
-		_, scx, err := srv.NewServerContext(s.Context(), s.connectionContext, s, s.identityContext)
+		scx, err := srv.NewServerContext(s.Context(), s.connectionContext, s, s.identityContext)
 		if err != nil {
 			return err
 		}

diff --git a/lib/srv/forward/sshserver_test.go b/lib/srv/forward/sshserver_test.go
@@ -274,14 +274,5 @@ func TestCheckTCPIPForward(t *testing.T) {
 	}
 }
 
-type fakePortForwardChecker struct {
-	services.AccessChecker
-	mode services.SSHPortForwardMode
-}
-
-func (f *fakePortForwardChecker) SSHPortForwardMode() services.SSHPortForwardMode {
-	return f.mode
-}
-
 // TODO(atburke): Add test for handleForwardedTCPIPRequest once we have
 // infrastructure for higher-level tests here.
diff --git a/lib/srv/regular/sshserver.go b/lib/srv/regular/sshserver.go
@@ -1466,7 +1466,7 @@ func (s *Server) handleDirectTCPIPRequest(ctx context.Context, ccx *sshutils.Con
 	// Bail out now if TCP port forwarding is not allowed for this node/user/role
 	// combo
 	if err = s.canPortForward(scx, services.SSHPortForwardModeLocal); err != nil {
-		writeStderr(channel, err.Error())
+		s.writeStderr(ctx, channel, err.Error())
 		return
 	}
 

diff --git a/lib/srv/regular/sshserver_test.go b/lib/srv/regular/sshserver_test.go
@@ -848,6 +848,7 @@ func TestDirectTCPIP(t *testing.T) {
 
 		setPortForwarding(t, ctx, f, nil, nil, types.NewBoolOption(false))
 		// Perform a HTTP GET to the test HTTP server through a "direct-tcpip" request.
+		//nolint:bodyclose // We expect an error here, no need to close.
 		_, err := httpClient.Get(ts.URL)
 		require.Error(t, err)
 	})
@@ -863,6 +864,7 @@ func TestDirectTCPIP(t *testing.T) {
 
 		setPortForwarding(t, ctx, f, types.NewBoolOption(false), nil, nil)
 		// Perform a HTTP GET to the test HTTP server through a "direct-tcpip" request.
+		//nolint:bodyclose // We expect an error here, no need to close.
 		_, err := httpClient.Get(ts.URL)
 		require.Error(t, err)
 	})
@@ -957,6 +959,7 @@ func TestTCPIPForward(t *testing.T) {
 			req, err := http.NewRequestWithContext(ctx, http.MethodGet, ts.URL, nil)
 			require.NoError(t, err)
 			resp, err := ts.Client().Do(req)
+			require.NoError(t, err)
 
 			t.Cleanup(func() {
 				require.NoError(t, resp.Body.Close())