Linter fixes numero 2 (#4408)

2 years ago · 49803e653c
parent 25bce9e8ff
commit 49803e653c
23 changed files with 172 additions and 109 deletions
--- a/.golangci.yml
+++ b/.golangci.yml
@ -21,3 +21,48 @@ issues:
    - linters:
        - staticcheck
      text: "SA1019: out.GrantScopeId is deprecated:"
+    - linters:
+        - staticcheck
+      text: "SA1019: authorized.GetWorkerKeyIdentifiers is deprecated:"
+    - linters:
+        - staticcheck
+      text: "SA1019: result.GetAuthorizedWorkers is deprecated:"
+    - linters:
+        - staticcheck
+      text: "SA1019: item.GetWorkerFilter is deprecated:"
+    - linters:
+        - staticcheck
+      text: "SA1019: out.GetWorkerFilter is deprecated:"
+    - linters:
+        - staticcheck
+      text: "SA1019: out.WorkerFilter is deprecated:"
+    - linters:
+        - staticcheck
+      text: "SA1019: req.GetTokenType is deprecated:"
+    - linters:
+        - staticcheck
+      text: "SA1019: s.resp.GetPkcs8HostKeys is deprecated:"
+    - linters:
+        - staticcheck
+      text: "SA1019: s.resp.GetCredentials is deprecated:"
+    - linters:
+        - staticcheck
+      text: 'SA1019: got.GetAuthorizedWorkers is deprecated:'
+    - linters:
+        - staticcheck
+      text: 'SA1019: gotAuthorizedWorkers.GetWorkerKeyIdentifiers is deprecated:'
+    - linters:
+        - staticcheck
+      text: 'SA1019: tc.want.GetAuthorizedWorkers is deprecated:'
+    - linters:
+        - staticcheck
+      text: 'SA1019: wantAuthorizedWorkers.GetWorkerKeyIdentifiers is deprecated:'
+    - linters:
+        - staticcheck
+      text: "SA1019: authorizedWorkerList.WorkerKeyIdentifiers is deprecated:"
+    - linters:
+        - staticcheck
+      text: "SA1019: req.GetConnectedWorkerKeyIdentifiers is deprecated:"
+    - linters:
+        - staticcheck
+      text: "SA1019: j.GetId is deprecated:"
--- a/internal/auth/ldap/service_authenticate_test.go
+++ b/internal/auth/ldap/service_authenticate_test.go
@ -7,7 +7,6 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
 	"os"
 	"sync"
 	"testing"
@ -329,7 +328,7 @@ func TestAuthenticate(t *testing.T) {
 			assert.NotEmpty(got)
 			sinkFileName := c.ObservationEvents.Name()
 			defer func() { _ = os.WriteFile(sinkFileName, nil, 0o666) }()
-			b, err := ioutil.ReadFile(sinkFileName)
+			b, err := os.ReadFile(sinkFileName)
 			require.NoError(err)
 			gotRes := &cloudevents.Event{}
 			err = json.Unmarshal(b, gotRes)
--- a/internal/auth/oidc/service_callback.go
+++ b/internal/auth/oidc/service_callback.go
@ -9,7 +9,6 @@ import (
 	"strings"
 	"time"

-	"github.com/golang/protobuf/proto"
 	"github.com/hashicorp/boundary/internal/auth/oidc/request"
 	"github.com/hashicorp/boundary/internal/authtoken"
 	"github.com/hashicorp/boundary/internal/errors"
@ -17,6 +16,7 @@ import (
 	"github.com/hashicorp/cap/oidc"
 	"github.com/hashicorp/go-bexpr"
 	"github.com/mitchellh/pointerstructure"
+	"google.golang.org/protobuf/proto"
 )

 // Callback is an oidc domain service function for processing a successful OIDC
--- a/internal/auth/oidc/testing.go
+++ b/internal/auth/oidc/testing.go
@ -12,7 +12,7 @@ import (
 	"crypto/x509/pkix"
 	"encoding/pem"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"log"
 	"math/big"
 	"net"
@ -431,7 +431,7 @@ func startTestControllerSrv(t testing.TB, oidcRepoFn OidcRepoFactory, iamRepoFn
 		atRepoFn:   atRepoFn,
 	}
 	s.httpServer = httptest.NewServer(s)
-	s.httpServer.Config.ErrorLog = log.New(ioutil.Discard, "", 0)
+	s.httpServer.Config.ErrorLog = log.New(io.Discard, "", 0)
 	s.t.Cleanup(s.Stop)
 	return s
 }
--- a/internal/authtoken/repository.go
+++ b/internal/authtoken/repository.go
@ -9,7 +9,6 @@ import (
 	"fmt"
 	"time"

-	"github.com/golang/protobuf/ptypes"
 	"github.com/hashicorp/boundary/internal/db"
 	"github.com/hashicorp/boundary/internal/db/timestamp"
 	"github.com/hashicorp/boundary/internal/errors"
@ -213,14 +212,8 @@ func (r *Repository) ValidateToken(ctx context.Context, id, token string, opt ..
 	}

 	// If the token is too old or stale invalidate it and return nothing.
-	exp, err := ptypes.Timestamp(retAT.GetExpirationTime().GetTimestamp())
-	if err != nil {
-		return nil, errors.Wrap(ctx, err, op, errors.WithMsg("expiration time"), errors.WithCode(errors.InvalidTimeStamp))
-	}
-	lastAccessed, err := ptypes.Timestamp(retAT.GetApproximateLastAccessTime().GetTimestamp())
-	if err != nil {
-		return nil, errors.Wrap(ctx, err, op, errors.WithMsg("last accessed time"), errors.WithCode(errors.InvalidTimeStamp))
-	}
+	exp := retAT.GetExpirationTime().AsTime()
+	lastAccessed := retAT.GetApproximateLastAccessTime().AsTime()

 	now := time.Now()
 	sinceLastAccessed := now.Sub(lastAccessed) + timeSkew
--- a/internal/authtoken/repository_test.go
+++ b/internal/authtoken/repository_test.go
@ -9,7 +9,6 @@ import (
 	"testing"
 	"time"

-	"github.com/golang/protobuf/ptypes"
 	"github.com/google/go-cmp/cmp"
 	"github.com/hashicorp/boundary/globals"
 	"github.com/hashicorp/boundary/internal/auth/password"
@ -19,6 +18,7 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"google.golang.org/protobuf/testing/protocmp"
+	"google.golang.org/protobuf/types/known/timestamppb"

 	"github.com/hashicorp/boundary/internal/authtoken/store"
 	"github.com/hashicorp/boundary/internal/db"
@ -462,10 +462,8 @@ func TestRepository_ValidateToken(t *testing.T) {
 			require.NotNil(tt.want, "Got %v but wanted nil", got)

 			// NOTE: See comment in LookupAuthToken about this logic
-			wantGoTimeExpr, err := ptypes.Timestamp(tt.want.AuthToken.GetExpirationTime().Timestamp)
-			require.NoError(err)
-			gotGoTimeExpr, err := ptypes.Timestamp(got.AuthToken.GetExpirationTime().Timestamp)
-			require.NoError(err)
+			wantGoTimeExpr := tt.want.AuthToken.GetExpirationTime().AsTime()
+			gotGoTimeExpr := got.AuthToken.GetExpirationTime().AsTime()
 			assert.WithinDuration(wantGoTimeExpr, gotGoTimeExpr, time.Millisecond)
 			tt.want.AuthToken.ExpirationTime = got.AuthToken.ExpirationTime
 			assert.Empty(cmp.Diff(tt.want.AuthToken, got.AuthToken, protocmp.Transform()))
@ -906,8 +904,7 @@ func Test_CloseExpiredPendingTokens(t *testing.T) {
 			id, err := NewAuthTokenId(ctx)
 			require.NoError(t, err)
 			at.PublicId = id
-			exp, err := ptypes.TimestampProto(time.Now().Add(expIn).Truncate(time.Second))
-			require.NoError(t, err)
+			exp := timestamppb.New(time.Now().Add(expIn).Truncate(time.Second))
 			at.ExpirationTime = &timestamp.Timestamp{Timestamp: exp}
 			at.Status = string(status)
 			at.AuthAccountId = accts[i].PublicId
--- a/internal/cmd/base/base.go
+++ b/internal/cmd/base/base.go
@ -10,7 +10,6 @@ import (
 	"flag"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 	"os/signal"
 	"regexp"
@ -517,7 +516,7 @@ func NewFlagSets(ui cli.Ui) *FlagSets {

 	// Errors and usage are controlled by the CLI.
 	mainSet.Usage = func() {}
-	mainSet.SetOutput(ioutil.Discard)
+	mainSet.SetOutput(io.Discard)

 	return &FlagSets{
 		flagSets:    make([]*FlagSet, 0, 6),
--- a/internal/cmd/base/dev_test.go
+++ b/internal/cmd/base/dev_test.go
@ -6,7 +6,6 @@ package base
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
 	"os"
 	"sync"
 	"testing"
@ -52,7 +51,7 @@ func Test_oidcLogger_Errorf(t *testing.T) {
 			l.Errorf(tt.fmt, tt.args...)
 			sinkFileName := c.AllEvents.Name()
 			defer func() { _ = os.WriteFile(sinkFileName, nil, 0o666) }()
-			b, err := ioutil.ReadFile(sinkFileName)
+			b, err := os.ReadFile(sinkFileName)
 			require.NoError(err)
 			gotEvent := &cloudevents.Event{}
 			err = json.Unmarshal(b, gotEvent)
@ -98,7 +97,7 @@ func Test_oidcLogger_Infof(t *testing.T) {
 			l.Infof(tt.fmt, tt.args...)
 			sinkFileName := c.AllEvents.Name()
 			defer func() { _ = os.WriteFile(sinkFileName, nil, 0o666) }()
-			b, err := ioutil.ReadFile(sinkFileName)
+			b, err := os.ReadFile(sinkFileName)
 			require.NoError(err)
 			gotEvent := &cloudevents.Event{}
 			err = json.Unmarshal(b, gotEvent)
--- a/internal/cmd/base/logging.go
+++ b/internal/cmd/base/logging.go
@ -79,20 +79,60 @@ func (g *GRPCLogFaker) Fatalln(args ...any) {
 	os.Exit(1)
 }

-func (g *GRPCLogFaker) Print(args ...any) {
+func (g *GRPCLogFaker) Info(args ...any) {
 	if g.Log && g.Logger.IsDebug() {
 		g.Logger.Debug(fmt.Sprint(args...))
 	}
 }

-func (g *GRPCLogFaker) Printf(format string, args ...any) {
+func (g *GRPCLogFaker) Infof(format string, args ...any) {
 	if g.Log && g.Logger.IsDebug() {
 		g.Logger.Debug(fmt.Sprintf(format, args...))
 	}
 }

-func (g *GRPCLogFaker) Println(args ...any) {
+func (g *GRPCLogFaker) Infoln(args ...any) {
 	if g.Log && g.Logger.IsDebug() {
 		g.Logger.Debug(fmt.Sprintln(args...))
 	}
 }
+
+func (g *GRPCLogFaker) Warning(args ...any) {
+	if g.Log && g.Logger.IsDebug() {
+		g.Logger.Debug(fmt.Sprint(args...))
+	}
+}
+
+func (g *GRPCLogFaker) Warningf(format string, args ...any) {
+	if g.Log && g.Logger.IsDebug() {
+		g.Logger.Debug(fmt.Sprintf(format, args...))
+	}
+}
+
+func (g *GRPCLogFaker) Warningln(args ...any) {
+	if g.Log && g.Logger.IsDebug() {
+		g.Logger.Debug(fmt.Sprintln(args...))
+	}
+}
+
+func (g *GRPCLogFaker) Error(args ...any) {
+	if g.Log && g.Logger.IsDebug() {
+		g.Logger.Debug(fmt.Sprint(args...))
+	}
+}
+
+func (g *GRPCLogFaker) Errorf(format string, args ...any) {
+	if g.Log && g.Logger.IsDebug() {
+		g.Logger.Debug(fmt.Sprintf(format, args...))
+	}
+}
+
+func (g *GRPCLogFaker) Errorln(args ...any) {
+	if g.Log && g.Logger.IsDebug() {
+		g.Logger.Debug(fmt.Sprintln(args...))
+	}
+}
+
+func (g *GRPCLogFaker) V(l int) bool {
+	return true
+}
--- a/internal/cmd/base/servers.go
+++ b/internal/cmd/base/servers.go
@ -285,7 +285,7 @@ func (b *Server) SetupLogging(flagLogLevel, flagLogFormat, configLogLevel, confi

 	// create GRPC logger
 	namedGRPCLogFaker := b.Logger.Named("grpclogfaker")
-	grpclog.SetLogger(&GRPCLogFaker{
+	grpclog.SetLoggerV2(&GRPCLogFaker{
 		Logger: namedGRPCLogFaker,
 		Log:    os.Getenv("BOUNDARY_GRPC_LOGGING") != "",
 	})
--- a/internal/cmd/commands/config/encryptdecrypt.go
+++ b/internal/cmd/commands/config/encryptdecrypt.go
@ -7,7 +7,6 @@ import (
 	"context"
 	"errors"
 	"fmt"
-	"io/ioutil"
 	"net/textproto"
 	"os"
 	"strings"
@ -195,7 +194,7 @@ func (c *EncryptDecryptCommand) Run(args []string) (ret int) {
 		}()
 	}

-	d, err := ioutil.ReadFile(c.flagConfig)
+	d, err := os.ReadFile(c.flagConfig)
 	if err != nil {
 		c.UI.Error(fmt.Errorf("Error reading config file: %w", err).Error())
 		return base.CommandUserError
--- a/internal/cmd/commands/config/encryptdecrypt_test.go
+++ b/internal/cmd/commands/config/encryptdecrypt_test.go
@ -7,7 +7,6 @@ import (
 	"bufio"
 	"bytes"
 	"fmt"
-	"io/ioutil"
 	"os"
 	"strings"
 	"testing"
@ -96,7 +95,7 @@ func TestEncryptDecrypt(t *testing.T) {
 			// there are many tests on the underlying codebase for that. If it's not
 			// encrypting, compare it to the cleartext to verify because we can.
 			if c.f == "decrypt" {
-				expected, err := ioutil.ReadFile(c.exp)
+				expected, err := os.ReadFile(c.exp)
 				assert.NoError(t, err)

 				assert.Equal(t, strings.TrimSpace(string(expected)), strings.TrimSpace(string(got)))
--- a/internal/cmd/ops/server_test.go
+++ b/internal/cmd/ops/server_test.go
@ -12,7 +12,6 @@ import (
 	"encoding/pem"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"math/big"
 	"net"
 	"net/http"
@ -21,7 +20,6 @@ import (
 	"testing"
 	"time"

-	"github.com/golang/protobuf/jsonpb"
 	"github.com/google/go-cmp/cmp"
 	"github.com/hashicorp/boundary/internal/cmd/base"
 	"github.com/hashicorp/boundary/internal/daemon/controller"
@ -38,6 +36,7 @@ import (
 	"github.com/mitchellh/cli"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+	"google.golang.org/protobuf/encoding/protojson"
 	"google.golang.org/protobuf/testing/protocmp"
 	"google.golang.org/protobuf/types/known/wrapperspb"
 )
@ -721,7 +720,9 @@ func TestCreateOpsHandler(t *testing.T) {
 				require.NoError(t, err)                         // We can do the GET request
 				require.Equal(t, http.StatusOK, rsp.StatusCode) // And the endpoint exists
 				pbResp := &pbs.GetHealthResponse{}
-				require.NoError(t, jsonpb.Unmarshal(rsp.Body, pbResp))
+				body, err = io.ReadAll(rsp.Body)
+				require.NoError(t, err)
+				require.NoError(t, protojson.Unmarshal(body, pbResp))
 				want := &pbs.GetHealthResponse{WorkerProcessInfo: &pbhealth.HealthInfo{
 					State:              server.ActiveOperationalState.String(),
 					ActiveSessionCount: wrapperspb.UInt32(0),
@ -752,7 +753,9 @@ func TestCreateOpsHandler(t *testing.T) {
 				require.NoError(t, err)                         // We can do the GET request
 				require.Equal(t, http.StatusOK, rsp.StatusCode) // And the endpoint exists
 				pbResp := &pbs.GetHealthResponse{}
-				require.NoError(t, jsonpb.Unmarshal(rsp.Body, pbResp))
+				body, err = io.ReadAll(rsp.Body)
+				require.NoError(t, err)
+				require.NoError(t, protojson.Unmarshal(body, pbResp))
 				want := &pbs.GetHealthResponse{WorkerProcessInfo: &pbhealth.HealthInfo{
 					State:              server.ActiveOperationalState.String(),
 					ActiveSessionCount: wrapperspb.UInt32(0),
@ -932,7 +935,7 @@ func testTlsHttpClient(t *testing.T, certPath string) *http.Client {
 	f, err := os.Open(certPath)
 	require.NoError(t, err)

-	certBytes, err := ioutil.ReadAll(f)
+	certBytes, err := io.ReadAll(f)
 	require.NoError(t, err)
 	require.NoError(t, f.Close())

--- a/internal/credential/static/repository_credential_test.go
+++ b/internal/credential/static/repository_credential_test.go
@ -190,6 +190,7 @@ func TestRepository_CreateUsernamePasswordCredential(t *testing.T) {

 		// Creating credential in different project should not conflict
 		in3, err := NewUsernamePasswordCredential(prj2Cs.GetPublicId(), "user", "pass", WithName("my-name"), WithDescription("different"))
+		require.NoError(err)
 		got3, err := repo.CreateUsernamePasswordCredential(ctx, prj2.GetPublicId(), in3)
 		require.NoError(err)
 		assert.Equal(in3.Name, got3.Name)
--- a/internal/credential/vault/vault.go
+++ b/internal/credential/vault/vault.go
@ -244,25 +244,12 @@ func (c *client) capabilities(ctx context.Context, paths []string) (pathCapabili
 	if len(paths) == 0 {
 		return nil, errors.New(ctx, errors.InvalidParameter, op, "empty paths")
 	}
-	body := map[string]string{
+	body := map[string]any{
 		"paths": strings.Join(paths, ","),
 	}
-	reqPath := "/v1/sys/capabilities-self"
+	reqPath := "sys/capabilities-self"

-	r := c.cl.NewRequest("POST", reqPath)
-	if err := r.SetJSONBody(body); err != nil {
-		return nil, err
-	}
-
-	ctx, cancelFunc := context.WithCancel(context.Background())
-	defer cancelFunc()
-	resp, err := c.cl.RawRequestWithContext(ctx, r)
-	if err != nil {
-		return nil, err
-	}
-	defer resp.Body.Close()
-
-	secret, err := vault.ParseSecret(resp.Body)
+	secret, err := c.cl.Logical().WriteWithContext(ctx, reqPath, body)
 	if err != nil {
 		return nil, err
 	}
--- a/internal/daemon/cluster/handlers/worker_service_status_test.go
+++ b/internal/daemon/cluster/handlers/worker_service_status_test.go
@ -1206,8 +1206,10 @@ func TestStatusAuthorizedWorkers(t *testing.T) {
 				assert.Equal(tc.wantErrMsg, err.Error())
 				return
 			}
-			sort.Strings(got.GetAuthorizedWorkers().GetWorkerKeyIdentifiers())
-			sort.Strings(tc.want.GetAuthorizedWorkers().GetWorkerKeyIdentifiers())
+			gotAuthorizedWorkers := got.GetAuthorizedWorkers()
+			sort.Strings(gotAuthorizedWorkers.GetWorkerKeyIdentifiers())
+			wantAuthorizedWorkers := tc.want.GetAuthorizedWorkers()
+			sort.Strings(wantAuthorizedWorkers.GetWorkerKeyIdentifiers())
 			sort.Strings(got.GetAuthorizedDownstreamWorkers().GetWorkerPublicIds())
 			sort.Strings(tc.want.GetAuthorizedDownstreamWorkers().GetWorkerPublicIds())
 			sort.Strings(got.GetAuthorizedDownstreamWorkers().GetUnmappedWorkerKeyIdentifiers())
--- a/internal/daemon/controller/handler.go
+++ b/internal/daemon/controller/handler.go
@ -9,7 +9,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"net/textproto"
 	"os"
@ -702,7 +702,7 @@ func wrapHandlerWithCallbackInterceptor(h http.Handler, c *Controller) http.Hand
 				}
 			}
 			bytesReader := bytes.NewReader(attrBytes)
-			req.Body = ioutil.NopCloser(bytesReader)
+			req.Body = io.NopCloser(bytesReader)
 			req.ContentLength = int64(bytesReader.Len())
 			req.Header.Set(textproto.CanonicalMIMEHeaderKey("content-type"), "application/json")
 			req.Method = http.MethodPost
--- a/internal/daemon/controller/handler_test.go
+++ b/internal/daemon/controller/handler_test.go
@ -10,7 +10,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net"
 	"net/http"
 	"net/url"
@ -50,7 +49,7 @@ func TestAuthenticationHandler(t *testing.T) {
 	require.NoError(t, err)
 	assert.Equal(t, http.StatusOK, resp.StatusCode, "Got response: %v", resp)

-	b, err = ioutil.ReadAll(resp.Body)
+	b, err = io.ReadAll(resp.Body)
 	require.NoError(t, err)
 	body := make(map[string]any)
 	require.NoError(t, json.Unmarshal(b, &body))
@ -71,7 +70,7 @@ func TestAuthenticationHandler(t *testing.T) {
 	require.NoError(t, err)
 	assert.Equal(t, http.StatusOK, resp.StatusCode, "Got response: %v", resp)

-	b, err = ioutil.ReadAll(resp.Body)
+	b, err = io.ReadAll(resp.Body)
 	require.NoError(t, err)
 	body = make(map[string]any)
 	require.NoError(t, json.Unmarshal(b, &body))
--- a/internal/daemon/controller/handlers/authmethods/ldap_test.go
+++ b/internal/daemon/controller/handlers/authmethods/ldap_test.go
@ -7,7 +7,6 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
 	"os"
 	"strings"
 	"sync"
@ -1126,7 +1125,7 @@ func TestAuthenticate_Ldap(t *testing.T) {
 			assert.Equal(tc.wantType, resp.GetType())
 			sinkFileName := c.ObservationEvents.Name()
 			defer func() { _ = os.WriteFile(sinkFileName, nil, 0o666) }()
-			b, err := ioutil.ReadFile(sinkFileName)
+			b, err := os.ReadFile(sinkFileName)
 			require.NoError(err)
 			gotRes := &cloudevents.Event{}
 			err = json.Unmarshal(b, gotRes)
--- a/internal/daemon/controller/handlers/targets/target_service.go
+++ b/internal/daemon/controller/handlers/targets/target_service.go
@ -1716,16 +1716,17 @@ func validateGetRequest(req *pbs.GetTargetRequest) error {
 }

 func validateCreateRequest(req *pbs.CreateTargetRequest) error {
-	return handlers.ValidateCreateRequest(req.GetItem(), func() map[string]string {
+	item := req.GetItem()
+	return handlers.ValidateCreateRequest(item, func() map[string]string {
 		badFields := map[string]string{}
-		if !handlers.ValidId(handlers.Id(req.GetItem().GetScopeId()), scope.Project.Prefix()) {
+		if !handlers.ValidId(handlers.Id(item.GetScopeId()), scope.Project.Prefix()) {
 			badFields[globals.ScopeIdField] = "This field is required to have a properly formatted project scope id."
 		}
-		if req.GetItem().GetName() == nil || req.GetItem().GetName().GetValue() == "" {
+		if item.GetName() == nil || item.GetName().GetValue() == "" {
 			badFields[globals.NameField] = "This field is required."
 		}
-		if req.GetItem().GetSessionConnectionLimit() != nil {
-			val := req.GetItem().GetSessionConnectionLimit().GetValue()
+		if item.GetSessionConnectionLimit() != nil {
+			val := item.GetSessionConnectionLimit().GetValue()
 			switch {
 			case val == -1:
 			case val > 0:
@ -1733,29 +1734,29 @@ func validateCreateRequest(req *pbs.CreateTargetRequest) error {
 				badFields[globals.SessionConnectionLimitField] = "This must be -1 (unlimited) or greater than zero."
 			}
 		}
-		if req.GetItem().GetSessionMaxSeconds() != nil && req.GetItem().GetSessionMaxSeconds().GetValue() == 0 {
+		if item.GetSessionMaxSeconds() != nil && item.GetSessionMaxSeconds().GetValue() == 0 {
 			badFields[globals.SessionMaxSecondsField] = "This must be greater than zero."
 		}
-		if req.GetItem().GetType() == "" {
+		if item.GetType() == "" {
 			badFields[globals.TypeField] = "This is a required field."
-		} else if target.SubtypeFromType(req.GetItem().GetType()) == "" {
+		} else if target.SubtypeFromType(item.GetType()) == "" {
 			badFields[globals.TypeField] = "Unknown type provided."
 		}
-		if workerFilter := req.GetItem().GetWorkerFilter(); workerFilter != nil {
+		if workerFilter := item.GetWorkerFilter(); workerFilter != nil {
 			badFields[globals.WorkerFilterField] = WorkerFilterDeprecationMessage
 		}
-		if egressFilter := req.GetItem().GetEgressWorkerFilter(); egressFilter != nil {
+		if egressFilter := item.GetEgressWorkerFilter(); egressFilter != nil {
 			if _, err := bexpr.CreateEvaluator(egressFilter.GetValue()); err != nil {
 				badFields[globals.EgressWorkerFilterField] = "Unable to successfully parse egress filter expression."
 			}
 		}
-		if ingressFilter := req.GetItem().GetIngressWorkerFilter(); ingressFilter != nil {
+		if ingressFilter := item.GetIngressWorkerFilter(); ingressFilter != nil {
 			err := ValidateIngressWorkerFilterFn(ingressFilter.GetValue())
 			if err != nil {
 				badFields[globals.IngressWorkerFilterField] = err.Error()
 			}
 		}
-		if address := req.GetItem().GetAddress(); address != nil {
+		if address := item.GetAddress(); address != nil {
 			if len(address.GetValue()) < static.MinHostAddressLength ||
 				len(address.GetValue()) > static.MaxHostAddressLength {
 				badFields[globals.AddressField] = fmt.Sprintf("Address length must be between %d and %d characters.", static.MinHostAddressLength, static.MaxHostAddressLength)
@ -1769,12 +1770,12 @@ func validateCreateRequest(req *pbs.CreateTargetRequest) error {
 				badFields[globals.AddressField] = fmt.Sprintf("Error parsing address: %v.", err)
 			}
 		}
-		subtype := target.SubtypeFromType(req.GetItem().GetType())
+		subtype := target.SubtypeFromType(item.GetType())
 		_, err := subtypeRegistry.get(subtype)
 		if err != nil {
 			badFields[globals.TypeField] = "Unknown type provided."
 		} else {
-			a, err := subtypeRegistry.newAttribute(subtype, req.GetItem().GetAttrs())
+			a, err := subtypeRegistry.newAttribute(subtype, item.GetAttrs())
 			if err != nil {
 				badFields[globals.AttributesField] = "Attribute fields do not match the expected format."
 			} else {
@ -1788,14 +1789,15 @@ func validateCreateRequest(req *pbs.CreateTargetRequest) error {
 }

 func validateUpdateRequest(req *pbs.UpdateTargetRequest) error {
+	item := req.GetItem()
 	return handlers.ValidateUpdateRequest(req, req.GetItem(), func() map[string]string {
 		badFields := map[string]string{}
 		paths := req.GetUpdateMask().GetPaths()
-		if handlers.MaskContains(paths, globals.NameField) && req.GetItem().GetName().GetValue() == "" {
+		if handlers.MaskContains(paths, globals.NameField) && item.GetName().GetValue() == "" {
 			badFields[globals.NameField] = "This field cannot be set to empty."
 		}
-		if req.GetItem().GetSessionConnectionLimit() != nil {
-			val := req.GetItem().GetSessionConnectionLimit().GetValue()
+		if item.GetSessionConnectionLimit() != nil {
+			val := item.GetSessionConnectionLimit().GetValue()
 			switch {
 			case val == -1:
 			case val > 0:
@ -1803,18 +1805,18 @@ func validateUpdateRequest(req *pbs.UpdateTargetRequest) error {
 				badFields[globals.SessionConnectionLimitField] = "This must be -1 (unlimited) or greater than zero."
 			}
 		}
-		if req.GetItem().GetSessionMaxSeconds() != nil && req.GetItem().GetSessionMaxSeconds().GetValue() == 0 {
+		if item.GetSessionMaxSeconds() != nil && item.GetSessionMaxSeconds().GetValue() == 0 {
 			badFields[globals.SessionMaxSecondsField] = "This must be greater than zero."
 		}
 		// worker_filter is mutually exclusive from ingress and egress filter
 		workerFilterFound := false
-		if workerFilter := req.GetItem().GetWorkerFilter(); workerFilter != nil {
+		if workerFilter := item.GetWorkerFilter(); workerFilter != nil {
 			if _, err := bexpr.CreateEvaluator(workerFilter.GetValue()); err != nil {
 				badFields[globals.WorkerFilterField] = "Unable to successfully parse filter expression."
 			}
 			workerFilterFound = true
 		}
-		if egressFilter := req.GetItem().GetEgressWorkerFilter(); egressFilter != nil {
+		if egressFilter := item.GetEgressWorkerFilter(); egressFilter != nil {
 			if workerFilterFound {
 				badFields[globals.EgressWorkerFilterField] = fmt.Sprintf("Cannot set %s and %s; they are mutually exclusive fields.", globals.WorkerFilterField, globals.EgressWorkerFilterField)
 			}
@ -1822,7 +1824,7 @@ func validateUpdateRequest(req *pbs.UpdateTargetRequest) error {
 				badFields[globals.EgressWorkerFilterField] = "Unable to successfully parse egress filter expression."
 			}
 		}
-		if ingressFilter := req.GetItem().GetIngressWorkerFilter(); ingressFilter != nil {
+		if ingressFilter := item.GetIngressWorkerFilter(); ingressFilter != nil {
 			if workerFilterFound {
 				badFields[globals.IngressWorkerFilterField] = fmt.Sprintf("Cannot set %s and %s; they are mutually exclusive fields.", globals.WorkerFilterField, globals.IngressWorkerFilterField)
 			}
@ -1831,7 +1833,7 @@ func validateUpdateRequest(req *pbs.UpdateTargetRequest) error {
 				badFields[globals.IngressWorkerFilterField] = err.Error()
 			}
 		}
-		if address := req.GetItem().GetAddress(); address != nil {
+		if address := item.GetAddress(); address != nil {
 			if len(address.GetValue()) < static.MinHostAddressLength ||
 				len(address.GetValue()) > static.MaxHostAddressLength {
 				badFields[globals.AddressField] = fmt.Sprintf("Address length must be between %d and %d characters.", static.MinHostAddressLength, static.MaxHostAddressLength)
@ -1850,11 +1852,11 @@ func validateUpdateRequest(req *pbs.UpdateTargetRequest) error {
 		if err != nil {
 			badFields[globals.TypeField] = "Unknown type provided."
 		} else {
-			if req.GetItem().GetType() != "" && target.SubtypeFromType(req.GetItem().GetType()) != subtype {
+			if item.GetType() != "" && target.SubtypeFromType(item.GetType()) != subtype {
 				badFields[globals.TypeField] = "Cannot modify the resource type."
 			}

-			a, err := subtypeRegistry.newAttribute(subtype, req.GetItem().GetAttrs())
+			a, err := subtypeRegistry.newAttribute(subtype, item.GetAttrs())
 			if err != nil {
 				badFields[globals.AttributesField] = "Attribute fields do not match the expected format."
 			} else {
--- a/internal/host/host_dns_address.go
+++ b/internal/host/host_dns_address.go
@ -54,22 +54,22 @@ func allocDnsName() DnsName {
 }

 // Clone an DnsName
-func (c *DnsName) Clone() *DnsName {
-	cp := proto.Clone(c.DnsName)
+func (dn *DnsName) Clone() *DnsName {
+	cp := proto.Clone(dn.DnsName)
 	return &DnsName{
 		DnsName: cp.(*store.DnsName),
 	}
 }

 // TableName returns the table name.
-func (c *DnsName) TableName() string {
-	if c.tableName != "" {
-		return c.tableName
+func (dn *DnsName) TableName() string {
+	if dn.tableName != "" {
+		return dn.tableName
 	}
 	return defaultDnsNameTableName
 }

 // SetTableName sets the table name.
-func (c *DnsName) SetTableName(n string) {
-	c.tableName = n
+func (dn *DnsName) SetTableName(n string) {
+	dn.tableName = n
 }
--- a/internal/host/host_ip_address.go
+++ b/internal/host/host_ip_address.go
@ -59,22 +59,22 @@ func allocIpAddress() IpAddress {
 }

 // Clone an IpAddress
-func (c *IpAddress) Clone() *IpAddress {
-	cp := proto.Clone(c.IpAddress)
+func (ia *IpAddress) Clone() *IpAddress {
+	cp := proto.Clone(ia.IpAddress)
 	return &IpAddress{
 		IpAddress: cp.(*store.IpAddress),
 	}
 }

 // TableName returns the table name.
-func (c *IpAddress) TableName() string {
-	if c.tableName != "" {
-		return c.tableName
+func (ia *IpAddress) TableName() string {
+	if ia.tableName != "" {
+		return ia.tableName
 	}
 	return defaultIpAddressTableName
 }

 // SetTableName sets the table name.
-func (c *IpAddress) SetTableName(n string) {
-	c.tableName = n
+func (ia *IpAddress) SetTableName(n string) {
+	ia.tableName = n
 }
--- a/internal/host/preferred_endpoint.go
+++ b/internal/host/preferred_endpoint.go
@ -69,22 +69,22 @@ func AllocPreferredEndpoint() *PreferredEndpoint {
 }

 // Clone a PreferredEndpoint
-func (c *PreferredEndpoint) Clone() *PreferredEndpoint {
-	cp := proto.Clone(c.PreferredEndpoint)
+func (pe *PreferredEndpoint) Clone() *PreferredEndpoint {
+	cp := proto.Clone(pe.PreferredEndpoint)
 	return &PreferredEndpoint{
 		PreferredEndpoint: cp.(*store.PreferredEndpoint),
 	}
 }

 // TableName returns the table name.
-func (c *PreferredEndpoint) TableName() string {
-	if c.tableName != "" {
-		return c.tableName
+func (pe *PreferredEndpoint) TableName() string {
+	if pe.tableName != "" {
+		return pe.tableName
 	}
 	return defaultPreferredEndpointTableName
 }

 // SetTableName sets the table name.
-func (c *PreferredEndpoint) SetTableName(n string) {
-	c.tableName = n
+func (pe *PreferredEndpoint) SetTableName(n string) {
+	pe.tableName = n
 }