fix: run gofmt on modified files

rkoster · rkoster · commit 5cc417082177 · 2026-04-20T08:16:41.000Z
diff --git a/src/code.cloudfoundry.org/gorouter/integration/common_integration_test.go b/src/code.cloudfoundry.org/gorouter/integration/common_integration_test.go
@@ -198,55 +198,55 @@ func (s *testState) newGetRequest(url string) *http.Request {
 func (s *testState) newMtlsGetRequest(url string) (*http.Request, *http.Client) {
 	req, err := http.NewRequest("GET", url, nil)
 	Expect(err).NotTo(HaveOccurred())
-	
+
 	// Parse the original hostname for SNI
 	originalHost := req.URL.Hostname()
 	port := s.cfg.SSLPort
-	
+
 	// Get the base transport to access current TLS config (including any client certs set by tests)
 	baseTransport := s.client.Transport.(*http.Transport)
-	
+
 	// Create custom transport with dialer that connects to 127.0.0.1 but uses original hostname for SNI
 	transport := &http.Transport{
 		DialTLSContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
 			// Read certificates at dial time (not at closure creation time) so we get
 			// any certificates that tests set after calling newMtlsGetRequest()
 			currentCerts := baseTransport.TLSClientConfig.Certificates
-			
+
 			// Create TLS config for this connection
 			tlsConfig := &tls.Config{
 				ServerName:         originalHost, // SNI uses original hostname
 				RootCAs:            baseTransport.TLSClientConfig.RootCAs,
 				Certificates:       currentCerts, // Use current certificates from baseTransport
 				InsecureSkipVerify: true,         // Skip cert verification since we connect to 127.0.0.1
 			}
-			
+
 			// Create a plain dialer for the TCP connection
 			netDialer := &net.Dialer{}
 			rawConn, err := netDialer.DialContext(ctx, network, fmt.Sprintf("127.0.0.1:%d", port))
 			if err != nil {
 				return nil, err
 			}
-			
+
 			// Wrap with TLS
 			tlsConn := tls.Client(rawConn, tlsConfig)
-			
+
 			// Perform handshake
 			if err := tlsConn.HandshakeContext(ctx); err != nil {
 				rawConn.Close()
 				return nil, err
 			}
-			
+
 			return tlsConn, nil
 		},
 	}
-	
+
 	// Create a new client with the custom transport
 	client := &http.Client{
 		Transport: transport,
 		Timeout:   s.client.Timeout,
 	}
-	
+
 	return req, client
 }
 
diff --git a/src/code.cloudfoundry.org/gorouter/integration/identity_aware_routing_test.go b/src/code.cloudfoundry.org/gorouter/integration/identity_aware_routing_test.go
@@ -77,27 +77,27 @@ var _ = Describe("Identity-Aware Routing", func() {
 				testState.StartGorouterOrFail()
 			})
 
-		It("requires a client certificate", func() {
-			// Register route on mTLS domain
-			testState.register(backendApp, mtlsDomain)
-
-			// Attempt request without client certificate
-			req, client := testState.newMtlsGetRequest(fmt.Sprintf("https://%s", mtlsDomain))
-			_, err := client.Do(req)
-			Expect(err).To(HaveOccurred())
-			Expect(err.Error()).To(ContainSubstring("tls"))
-		})
+			It("requires a client certificate", func() {
+				// Register route on mTLS domain
+				testState.register(backendApp, mtlsDomain)
+
+				// Attempt request without client certificate
+				req, client := testState.newMtlsGetRequest(fmt.Sprintf("https://%s", mtlsDomain))
+				_, err := client.Do(req)
+				Expect(err).To(HaveOccurred())
+				Expect(err.Error()).To(ContainSubstring("tls"))
+			})
 
 			It("accepts valid client certificate from the configured CA", func() {
 				// Create instance identity certificate (need to use the same CA!)
 				appInstanceCert = &test_util.CertChain{}
 				// Recreate with SAME CA as configured in GoRouter
-			*appInstanceCert = test_util.CreateInstanceIdentityCertWithCA(test_util.InstanceIdentityCertNames{
-				CommonName: "app-instance",
-				AppGUID:    "app-guid-123",
-				SpaceGUID:  "space-guid-456",
-				OrgGUID:    "org-guid-789",
-			}, mtlsDomainCA)
+				*appInstanceCert = test_util.CreateInstanceIdentityCertWithCA(test_util.InstanceIdentityCertNames{
+					CommonName: "app-instance",
+					AppGUID:    "app-guid-123",
+					SpaceGUID:  "space-guid-456",
+					OrgGUID:    "org-guid-789",
+				}, mtlsDomainCA)
 
 				// Register route on mTLS domain with allowed sources
 				testState.registerWithAccessRules(
@@ -115,13 +115,13 @@ var _ = Describe("Identity-Aware Routing", func() {
 						appInstanceCert.TLSCert(),
 					},
 				}
-			testState.client.Transport.(*http.Transport).TLSClientConfig = clientTLSConfig
+				testState.client.Transport.(*http.Transport).TLSClientConfig = clientTLSConfig
 
-			// Make request
-			req, client := testState.newMtlsGetRequest(fmt.Sprintf("https://%s", mtlsDomain))
-			resp, err := client.Do(req)
-			Expect(err).NotTo(HaveOccurred())
-			Expect(resp.StatusCode).To(Equal(http.StatusOK))
+				// Make request
+				req, client := testState.newMtlsGetRequest(fmt.Sprintf("https://%s", mtlsDomain))
+				resp, err := client.Do(req)
+				Expect(err).NotTo(HaveOccurred())
+				Expect(resp.StatusCode).To(Equal(http.StatusOK))
 
 				body, _ := io.ReadAll(resp.Body)
 				resp.Body.Close()
@@ -132,11 +132,11 @@ var _ = Describe("Identity-Aware Routing", func() {
 			})
 
 			It("rejects client certificate from unknown CA", func() {
-			// Create certificate from different CA (not the configured mtlsDomainCA)
-			unknownCert := test_util.CreateInstanceIdentityCert(test_util.InstanceIdentityCertNames{
-				CommonName: "app-instance",
-				AppGUID:    "app-guid-123",
-			})
+				// Create certificate from different CA (not the configured mtlsDomainCA)
+				unknownCert := test_util.CreateInstanceIdentityCert(test_util.InstanceIdentityCertNames{
+					CommonName: "app-instance",
+					AppGUID:    "app-guid-123",
+				})
 
 				// Register route
 				testState.register(backendApp, mtlsDomain)
@@ -249,13 +249,13 @@ var _ = Describe("Identity-Aware Routing", func() {
 					},
 				)
 
-			// Create caller certificate
-			callerCert := test_util.CreateInstanceIdentityCertWithCA(test_util.InstanceIdentityCertNames{
-				CommonName: "caller-app-instance",
-				AppGUID:    callerAppGUID,
-				SpaceGUID:  "caller-space-guid",
-				OrgGUID:    "caller-org-guid",
-			}, mtlsDomainCA)
+				// Create caller certificate
+				callerCert := test_util.CreateInstanceIdentityCertWithCA(test_util.InstanceIdentityCertNames{
+					CommonName: "caller-app-instance",
+					AppGUID:    callerAppGUID,
+					SpaceGUID:  "caller-space-guid",
+					OrgGUID:    "caller-org-guid",
+				}, mtlsDomainCA)
 
 				// Configure client
 				testState.client.Transport.(*http.Transport).TLSClientConfig.Certificates = []tls.Certificate{
diff --git a/src/code.cloudfoundry.org/gorouter/proxy/proxy.go b/src/code.cloudfoundry.org/gorouter/proxy/proxy.go
@@ -152,7 +152,7 @@ func NewProxy(
 				rw.Write([]byte(authErr.Error()))
 				return
 			}
-			
+
 			// For all other errors, use default behavior (502 Bad Gateway)
 			rw.WriteHeader(http.StatusBadGateway)
 			rw.Write([]byte(err.Error()))

Original file line number	Diff line number	Diff line change
`@@ -152,7 +152,7 @@ func NewProxy(`
`152`	`152`	`rw.Write([]byte(authErr.Error()))`
`153`	`153`	`return`
`154`	`154`	`}`
`155`		`-`
	`155`	`+`
`156`	`156`	`// For all other errors, use default behavior (502 Bad Gateway)`
`157`	`157`	`rw.WriteHeader(http.StatusBadGateway)`
`158`	`158`	`rw.Write([]byte(err.Error()))`