Fix some linting errors (#12860)

builtin/audit/socket/backend.go

@@ -218,7 +218,7 @@ func (b *Backend) write(ctx context.Context, buf []byte) error {
 		return err
 	}
 
-	return err
+	return nil
 }
 
 func (b *Backend) reconnect(ctx context.Context) error {

builtin/credential/approle/path_role_test.go

@@ -595,7 +595,7 @@ func TestAppRole_CIDRSubset(t *testing.T) {
 	}
 
 	resp, err = b.HandleRequest(context.Background(), secretIDReq)
-	if resp != nil || resp.IsError() {
+	if resp != nil {
 		t.Fatalf("resp:%#v", resp)
 	}
 	if err == nil {

builtin/logical/ssh/backend_test.go

@@ -201,7 +201,7 @@ func testSSH(user, host string, auth ssh.AuthMethod, command string) error {
 	if err != nil {
 		return fmt.Errorf("command %v failed, error: %v, stderr: %v", command, err, stderr.String())
 	}
-	return err
+	return nil
 }
 
 func TestBackend_allowed_users(t *testing.T) {
@@ -1348,7 +1348,7 @@ func TestBackend_DefExtTemplatingEnabled(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	sshKeyID := "vault-userpass-"+testUserName+"-9bd0f01b7dfc50a13aa5e5cd11aea19276968755c8f1f9c98965d04147f30ed0"
+	sshKeyID := "vault-userpass-" + testUserName + "-9bd0f01b7dfc50a13aa5e5cd11aea19276968755c8f1f9c98965d04147f30ed0"
 
 	// Issue SSH certificate with default extensions templating enabled, and no user-provided extensions
 	client.SetToken(userpassToken)
@@ -1489,7 +1489,7 @@ func TestBackend_DefExtTemplatingDisabled(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	sshKeyID := "vault-userpass-"+testUserName+"-9bd0f01b7dfc50a13aa5e5cd11aea19276968755c8f1f9c98965d04147f30ed0"
+	sshKeyID := "vault-userpass-" + testUserName + "-9bd0f01b7dfc50a13aa5e5cd11aea19276968755c8f1f9c98965d04147f30ed0"
 
 	// Issue SSH certificate with default extensions templating disabled, and no user-provided extensions
 	client.SetToken(userpassToken)

builtin/logical/transit/path_restore_test.go

@@ -231,7 +231,7 @@ func TestTransit_Restore(t *testing.T) {
 				Storage:   s,
 			}
 
-			resp, err = b.HandleRequest(context.Background(), readReq)
+			resp, _ = b.HandleRequest(context.Background(), readReq)
 			if resp != nil && resp.IsError() {
 				t.Fatalf("resp: %#v\nerr: %v", resp, err)
 			}

command/base_flags.go

@@ -887,28 +887,28 @@ func parseTimeAlternatives(input string, allowedFormats TimeFormat) (time.Time,
 	if allowedFormats&TimeVar_RFC3339Nano != 0 {
 		t, err := time.Parse(time.RFC3339Nano, input)
 		if err == nil {
-			return t, err
+			return t, nil
 		}
 	}
 
 	if allowedFormats&TimeVar_RFC3339Second != 0 {
 		t, err := time.Parse(time.RFC3339, input)
 		if err == nil {
-			return t, err
+			return t, nil
 		}
 	}
 
 	if allowedFormats&TimeVar_Day != 0 {
 		t, err := time.Parse("2006-01-02", input)
 		if err == nil {
-			return t, err
+			return t, nil
 		}
 	}
 
 	if allowedFormats&TimeVar_Month != 0 {
 		t, err := time.Parse("2006-01", input)
 		if err == nil {
-			return t, err
+			return t, nil
 		}
 	}
 

physical/dynamodb/dynamodb.go

@@ -800,44 +800,47 @@ func ensureTableExists(client *dynamodb.DynamoDB, table string, readCapacity, wr
 	_, err := client.DescribeTable(&dynamodb.DescribeTableInput{
 		TableName: aws.String(table),
 	})
-	if awsError, ok := err.(awserr.Error); ok {
-		if awsError.Code() == "ResourceNotFoundException" {
-			_, err = client.CreateTable(&dynamodb.CreateTableInput{
-				TableName: aws.String(table),
-				ProvisionedThroughput: &dynamodb.ProvisionedThroughput{
-					ReadCapacityUnits:  aws.Int64(int64(readCapacity)),
-					WriteCapacityUnits: aws.Int64(int64(writeCapacity)),
-				},
-				KeySchema: []*dynamodb.KeySchemaElement{{
-					AttributeName: aws.String("Path"),
-					KeyType:       aws.String("HASH"),
-				}, {
-					AttributeName: aws.String("Key"),
-					KeyType:       aws.String("RANGE"),
-				}},
-				AttributeDefinitions: []*dynamodb.AttributeDefinition{{
-					AttributeName: aws.String("Path"),
-					AttributeType: aws.String("S"),
-				}, {
-					AttributeName: aws.String("Key"),
-					AttributeType: aws.String("S"),
-				}},
-			})
-			if err != nil {
-				return err
-			}
+	if err != nil {
+		if awsError, ok := err.(awserr.Error); ok {
+			if awsError.Code() == "ResourceNotFoundException" {
+				_, err := client.CreateTable(&dynamodb.CreateTableInput{
+					TableName: aws.String(table),
+					ProvisionedThroughput: &dynamodb.ProvisionedThroughput{
+						ReadCapacityUnits:  aws.Int64(int64(readCapacity)),
+						WriteCapacityUnits: aws.Int64(int64(writeCapacity)),
+					},
+					KeySchema: []*dynamodb.KeySchemaElement{{
+						AttributeName: aws.String("Path"),
+						KeyType:       aws.String("HASH"),
+					}, {
+						AttributeName: aws.String("Key"),
+						KeyType:       aws.String("RANGE"),
+					}},
+					AttributeDefinitions: []*dynamodb.AttributeDefinition{{
+						AttributeName: aws.String("Path"),
+						AttributeType: aws.String("S"),
+					}, {
+						AttributeName: aws.String("Key"),
+						AttributeType: aws.String("S"),
+					}},
+				})
+				if err != nil {
+					return err
+				}
 
-			err = client.WaitUntilTableExists(&dynamodb.DescribeTableInput{
-				TableName: aws.String(table),
-			})
-			if err != nil {
-				return err
+				err = client.WaitUntilTableExists(&dynamodb.DescribeTableInput{
+					TableName: aws.String(table),
+				})
+				if err != nil {
+					return err
+				}
+				// table created successfully
+				return nil
 			}
 		}
-	}
-	if err != nil {
 		return err
 	}
+
 	return nil
 }
 

plugins/database/cassandra/cassandra_test.go

@@ -287,7 +287,7 @@ func assertNoCreds(t testing.TB, address string, port int, username, password st
 		if err != nil {
 			return nil
 		}
-		return err
+		return nil
 	}
 	bo := backoff.NewExponentialBackOff()
 	bo.MaxElapsedTime = timeout

vault/custom_response_headers_test.go

@@ -153,6 +153,9 @@ func TestCustomResponseHeadersConfigInteractUiConfig(t *testing.T) {
 		t.Fatal("request did not fail on setting a header that is present in custom response headers")
 	}
 	h, err := b.(*SystemBackend).Core.uiConfig.Headers(context.Background())
+	if err != nil {
+		t.Fatal(err)
+	}
 	if h.Get("Someheader-400") == "400" {
 		t.Fatalf("should not be able to set a header that is in custom response headers")
 	}

vault/identity_store_oidc.go

@@ -1578,6 +1578,9 @@ func loadOIDCPublicKey(ctx context.Context, s logical.Storage, keyID string) (*j
 	if err != nil {
 		return nil, err
 	}
+	if entry == nil {
+		return nil, fmt.Errorf("could not find key with ID %s", keyID)
+	}
 
 	var key jose.JSONWebKey
 	if err := entry.DecodeJSON(&key); err != nil {
@@ -1689,6 +1692,11 @@ func (i *IdentityStore) expireOIDCPublicKeys(ctx context.Context, s logical.Stor
 			return now, err
 		}
 
+		if entry == nil {
+			i.Logger().Warn("could not find key to update", "key", k)
+			continue
+		}
+
 		var key namedKey
 		if err := entry.DecodeJSON(&key); err != nil {
 			return now, err

vault/identity_store_oidc_provider.go

@@ -1414,6 +1414,10 @@ func (i *IdentityStore) keyIDsReferencedByTargetClientIDs(ctx context.Context, s
 			return nil, err
 		}
 
+		if entry == nil {
+			continue
+		}
+
 		var key namedKey
 		if err := entry.DecodeJSON(&key); err != nil {
 			return nil, err

vault/logical_system.go

@@ -2818,6 +2818,10 @@ func (b *SystemBackend) handleWrappingUnwrap(ctx context.Context, req *logical.R
 	if err != nil {
 		return nil, err
 	}
+	if unwrapNS == nil {
+		return nil, errors.New("token is not from a valid namespace")
+	}
+
 	unwrapCtx := namespace.ContextWithNamespace(ctx, unwrapNS)
 
 	var response string

vault/token_store.go

@@ -1655,6 +1655,9 @@ func (ts *TokenStore) revokeTreeInternal(ctx context.Context, id string) error {
 			if err != nil {
 				return fmt.Errorf("failed to find namespace for token revocation: %w", err)
 			}
+			if saltedNS == nil {
+				return errors.New("failed to find namespace for token revocation")
+			}
 
 			saltedCtx = namespace.ContextWithNamespace(ctx, saltedNS)
 		}