libnetwork: fix lint errors

Signed-off-by: Paul Holzinger <pholzing@redhat.com>

common/.golangci.yml

@@ -116,3 +116,11 @@ linters-settings:
       - unnecessaryBlock
   gocyclo:
     min-complexity: 35
+
+issues:
+    # Excluding configuration per-path, per-linter, per-text and per-source
+  exclude-rules:
+    # Exclude some linters from running on tests files.
+    - path: _test\.go
+      linters:
+        - dupl

common/libnetwork/cni/cni_conversion.go

@@ -76,7 +76,7 @@ func createNetworkFromCNIConfigList(conf *libcni.NetworkConfigList, confPath str
 			network.Options["vlan"] = strconv.Itoa(bridge.Vlan)
 		}
 
-		err = convertIPAMConfToNetwork(&network, bridge.IPAM, confPath)
+		err = convertIPAMConfToNetwork(&network, &bridge.IPAM, confPath)
 		if err != nil {
 			return nil, err
 		}
@@ -98,7 +98,7 @@ func createNetworkFromCNIConfigList(conf *libcni.NetworkConfigList, confPath str
 			network.Options["mode"] = vlan.Mode
 		}
 
-		err = convertIPAMConfToNetwork(&network, vlan.IPAM, confPath)
+		err = convertIPAMConfToNetwork(&network, &vlan.IPAM, confPath)
 		if err != nil {
 			return nil, err
 		}
@@ -126,7 +126,7 @@ func findPluginByName(plugins []*libcni.NetworkConfig, name string) bool {
 
 // convertIPAMConfToNetwork converts A cni IPAMConfig to libpod network subnets.
 // It returns an array of subnets and an extra bool if dhcp is configured.
-func convertIPAMConfToNetwork(network *types.Network, ipam ipamConfig, confPath string) error {
+func convertIPAMConfToNetwork(network *types.Network, ipam *ipamConfig, confPath string) error {
 	if ipam.PluginType == types.DHCPIPAMDriver {
 		network.IPAMOptions["driver"] = types.DHCPIPAMDriver
 		return nil
@@ -288,7 +288,7 @@ func (n *cniNetwork) createCNIConfigListFromNetwork(network *types.Network, writ
 
 	switch network.Driver {
 	case types.BridgeNetworkDriver:
-		bridge := newHostLocalBridge(network.NetworkInterface, isGateway, ipMasq, mtu, vlan, ipamConf)
+		bridge := newHostLocalBridge(network.NetworkInterface, isGateway, ipMasq, mtu, vlan, &ipamConf)
 		plugins = append(plugins, bridge, newPortMapPlugin(), newFirewallPlugin(), newTuningPlugin())
 		// if we find the dnsname plugin we add configuration for it
 		if hasDNSNamePlugin(n.cniPluginDirs) && network.DNSEnabled {
@@ -297,10 +297,10 @@ func (n *cniNetwork) createCNIConfigListFromNetwork(network *types.Network, writ
 		}
 
 	case types.MacVLANNetworkDriver:
-		plugins = append(plugins, newVLANPlugin(types.MacVLANNetworkDriver, network.NetworkInterface, vlanPluginMode, mtu, ipamConf))
+		plugins = append(plugins, newVLANPlugin(types.MacVLANNetworkDriver, network.NetworkInterface, vlanPluginMode, mtu, &ipamConf))
 
 	case types.IPVLANNetworkDriver:
-		plugins = append(plugins, newVLANPlugin(types.IPVLANNetworkDriver, network.NetworkInterface, vlanPluginMode, mtu, ipamConf))
+		plugins = append(plugins, newVLANPlugin(types.IPVLANNetworkDriver, network.NetworkInterface, vlanPluginMode, mtu, &ipamConf))
 
 	default:
 		return nil, "", errors.Errorf("driver %q is not supported by cni", network.Driver)

common/libnetwork/cni/cni_exec.go

@@ -87,7 +87,7 @@ func (e *cniExec) ExecPlugin(ctx context.Context, pluginPath string, stdinData [
 }
 
 // annotatePluginError parses the common cni plugin error json.
-func annotatePluginError(err error, plugin string, stdout []byte, stderr []byte) error {
+func annotatePluginError(err error, plugin string, stdout, stderr []byte) error {
 	pluginName := filepath.Base(plugin)
 	emsg := cniPluginError{
 		plugin: pluginName,

common/libnetwork/cni/cni_suite_test.go

@@ -25,11 +25,10 @@ func TestCni(t *testing.T) {
 	RunSpecs(t, "CNI Suite")
 }
 
-func getNetworkInterface(cniConfDir string, machine bool) (types.ContainerNetwork, error) {
-	return cni.NewCNINetworkInterface(cni.InitConfig{
+func getNetworkInterface(cniConfDir string) (types.ContainerNetwork, error) {
+	return cni.NewCNINetworkInterface(&cni.InitConfig{
 		CNIConfigDir:  cniConfDir,
 		CNIPluginDirs: cniPluginDirs,
-		IsMachine:     machine,
 		LockFile:      filepath.Join(cniConfDir, "cni.lock"),
 	})
 }

common/libnetwork/cni/cni_types.go

@@ -133,7 +133,7 @@ func newNcList(name, version string, labels, options map[string]string) ncList {
 }
 
 // newHostLocalBridge creates a new LocalBridge for host-local
-func newHostLocalBridge(name string, isGateWay, ipMasq bool, mtu int, vlan int, ipamConf ipamConfig) *hostLocalBridge {
+func newHostLocalBridge(name string, isGateWay, ipMasq bool, mtu, vlan int, ipamConf *ipamConfig) *hostLocalBridge {
 	caps := make(map[string]bool)
 	caps["ips"] = true
 	bridge := hostLocalBridge{
@@ -144,7 +144,7 @@ func newHostLocalBridge(name string, isGateWay, ipMasq bool, mtu int, vlan int,
 		MTU:         mtu,
 		HairpinMode: true,
 		Vlan:        vlan,
-		IPAM:        ipamConf,
+		IPAM:        *ipamConf,
 	}
 	// if we use host-local set the ips cap to ensure we can set static ips via runtime config
 	if ipamConf.PluginType == types.HostLocalIPAMDriver {
@@ -255,10 +255,10 @@ func hasDNSNamePlugin(paths []string) bool {
 }
 
 // newVLANPlugin creates a macvlanconfig with a given device name
-func newVLANPlugin(pluginType, device, mode string, mtu int, ipam ipamConfig) VLANConfig {
+func newVLANPlugin(pluginType, device, mode string, mtu int, ipam *ipamConfig) VLANConfig {
 	m := VLANConfig{
 		PluginType: pluginType,
-		IPAM:       ipam,
+		IPAM:       *ipam,
 	}
 	if mtu > 0 {
 		m.MTU = mtu

common/libnetwork/cni/config.go

@@ -16,6 +16,7 @@ import (
 
 // NetworkCreate will take a partial filled Network and fill the
 // missing fields. It creates the Network and returns the full Network.
+// nolint:gocritic
 func (n *cniNetwork) NetworkCreate(net types.Network) (types.Network, error) {
 	n.lock.Lock()
 	defer n.lock.Unlock()
@@ -23,7 +24,7 @@ func (n *cniNetwork) NetworkCreate(net types.Network) (types.Network, error) {
 	if err != nil {
 		return types.Network{}, err
 	}
-	network, err := n.networkCreate(net, false)
+	network, err := n.networkCreate(&net, false)
 	if err != nil {
 		return types.Network{}, err
 	}
@@ -34,7 +35,7 @@ func (n *cniNetwork) NetworkCreate(net types.Network) (types.Network, error) {
 
 // networkCreate will fill out the given network struct and return the new network entry.
 // If defaultNet is true it will not validate against used subnets and it will not write the cni config to disk.
-func (n *cniNetwork) networkCreate(newNetwork types.Network, defaultNet bool) (*network, error) {
+func (n *cniNetwork) networkCreate(newNetwork *types.Network, defaultNet bool) (*network, error) {
 	// if no driver is set use the default one
 	if newNetwork.Driver == "" {
 		newNetwork.Driver = types.DefaultNetworkDriver
@@ -46,7 +47,7 @@ func (n *cniNetwork) networkCreate(newNetwork types.Network, defaultNet bool) (*
 		return nil, errors.Wrap(types.ErrInvalidArg, "ID can not be set for network create")
 	}
 
-	err := internalutil.CommonNetworkCreate(n, &newNetwork)
+	err := internalutil.CommonNetworkCreate(n, newNetwork)
 	if err != nil {
 		return nil, err
 	}
@@ -68,12 +69,12 @@ func (n *cniNetwork) networkCreate(newNetwork types.Network, defaultNet bool) (*
 
 	switch newNetwork.Driver {
 	case types.BridgeNetworkDriver:
-		err = internalutil.CreateBridge(n, &newNetwork, usedNetworks)
+		err = internalutil.CreateBridge(n, newNetwork, usedNetworks)
 		if err != nil {
 			return nil, err
 		}
 	case types.MacVLANNetworkDriver, types.IPVLANNetworkDriver:
-		err = createIPMACVLAN(&newNetwork)
+		err = createIPMACVLAN(newNetwork)
 		if err != nil {
 			return nil, err
 		}
@@ -81,7 +82,7 @@ func (n *cniNetwork) networkCreate(newNetwork types.Network, defaultNet bool) (*
 		return nil, errors.Wrapf(types.ErrInvalidArg, "unsupported driver %s", newNetwork.Driver)
 	}
 
-	err = internalutil.ValidateSubnets(&newNetwork, usedNetworks)
+	err = internalutil.ValidateSubnets(newNetwork, usedNetworks)
 	if err != nil {
 		return nil, err
 	}
@@ -95,11 +96,11 @@ func (n *cniNetwork) networkCreate(newNetwork types.Network, defaultNet bool) (*
 		newNetwork.DNSEnabled = false
 	}
 
-	cniConf, path, err := n.createCNIConfigListFromNetwork(&newNetwork, !defaultNet)
+	cniConf, path, err := n.createCNIConfigListFromNetwork(newNetwork, !defaultNet)
 	if err != nil {
 		return nil, err
 	}
-	return &network{cniNet: cniConf, libpodNet: &newNetwork, filename: path}, nil
+	return &network{cniNet: cniConf, libpodNet: newNetwork, filename: path}, nil
 }
 
 // NetworkRemove will remove the Network with the given name or ID.

common/libnetwork/cni/config_test.go

@@ -10,13 +10,12 @@ import (
 	"path/filepath"
 	"time"
 
+	"github.com/containers/common/libnetwork/types"
+	"github.com/containers/common/libnetwork/util"
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 	gomegaTypes "github.com/onsi/gomega/types"
 	"github.com/sirupsen/logrus"
-
-	"github.com/containers/common/libnetwork/types"
-	"github.com/containers/common/libnetwork/util"
 )
 
 var _ = Describe("Config", func() {
@@ -39,7 +38,7 @@ var _ = Describe("Config", func() {
 
 	JustBeforeEach(func() {
 		var err error
-		libpodNet, err = getNetworkInterface(cniConfDir, false)
+		libpodNet, err = getNetworkInterface(cniConfDir)
 		if err != nil {
 			Fail("Failed to create NewCNINetworkInterface")
 		}
@@ -111,7 +110,7 @@ var _ = Describe("Config", func() {
 			Expect(network2).To(Equal(network1))
 
 			// create a new interface to force a config load from disk
-			libpodNet, err = getNetworkInterface(cniConfDir, false)
+			libpodNet, err = getNetworkInterface(cniConfDir)
 			Expect(err).To(BeNil())
 
 			network2, err = libpodNet.NetworkInspect(network1.Name)
@@ -351,7 +350,7 @@ var _ = Describe("Config", func() {
 				grepInFile(path, `"mode": "`+mode+`"`)
 
 				// reload configs from disk
-				libpodNet, err = getNetworkInterface(cniConfDir, false)
+				libpodNet, err = getNetworkInterface(cniConfDir)
 				Expect(err).To(BeNil())
 
 				network2, err := libpodNet.NetworkInspect(network1.Name)
@@ -417,7 +416,7 @@ var _ = Describe("Config", func() {
 			Expect(network1.Subnets[0].LeaseRange).To(BeNil())
 
 			// reload configs from disk
-			libpodNet, err = getNetworkInterface(cniConfDir, false)
+			libpodNet, err = getNetworkInterface(cniConfDir)
 			Expect(err).To(BeNil())
 			// check the the networks are identical
 			network2, err := libpodNet.NetworkInspect(network1.Name)
@@ -667,7 +666,7 @@ var _ = Describe("Config", func() {
 			Expect(network1.Subnets[0].LeaseRange.EndIP.String()).To(Equal(endIP))
 
 			// create a new interface to force a config load from disk
-			libpodNet, err = getNetworkInterface(cniConfDir, false)
+			libpodNet, err = getNetworkInterface(cniConfDir)
 			Expect(err).To(BeNil())
 
 			network1, err = libpodNet.NetworkInspect(network1.Name)
@@ -1364,7 +1363,7 @@ var _ = Describe("Config", func() {
 
 })
 
-func grepInFile(path string, match string) {
+func grepInFile(path, match string) {
 	data, err := ioutil.ReadFile(path)
 	ExpectWithOffset(1, err).To(BeNil())
 	ExpectWithOffset(1, string(data)).To(ContainSubstring(match))

common/libnetwork/cni/network.go

@@ -70,7 +70,7 @@ type InitConfig struct {
 
 // NewCNINetworkInterface creates the ContainerNetwork interface for the CNI backend.
 // Note: The networks are not loaded from disk until a method is called.
-func NewCNINetworkInterface(conf InitConfig) (types.ContainerNetwork, error) {
+func NewCNINetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) {
 	// TODO: consider using a shared memory lock
 	lock, err := lockfile.GetLockfile(conf.LockFile)
 	if err != nil {
@@ -203,7 +203,7 @@ func (n *cniNetwork) createDefaultNetwork() (*network, error) {
 			{Subnet: n.defaultSubnet},
 		},
 	}
-	return n.networkCreate(net, true)
+	return n.networkCreate(&net, true)
 }
 
 // getNetwork will lookup a network by name or ID. It returns an

common/libnetwork/cni/run.go

@@ -69,8 +69,9 @@ func (n *cniNetwork) Setup(namespacePath string, options types.SetupOptions) (ma
 
 	results := make(map[string]types.StatusBlock, len(options.Networks))
 	for name, netOpts := range options.Networks {
+		netOpts := netOpts
 		network := n.networks[name]
-		rt := getRuntimeConfig(namespacePath, options.ContainerName, options.ContainerID, name, ports, netOpts)
+		rt := getRuntimeConfig(namespacePath, options.ContainerName, options.ContainerID, name, ports, &netOpts)
 
 		// If we have more than one static ip we need parse the ips via runtime config,
 		// make sure to add the ips capability to the first plugin otherwise it doesn't get the ips
@@ -157,7 +158,7 @@ func CNIResultToStatus(res cnitypes.Result) (types.StatusBlock, error) {
 	return result, nil
 }
 
-func getRuntimeConfig(netns, conName, conID, networkName string, ports []cniPortMapEntry, opts types.PerNetworkOptions) *libcni.RuntimeConf {
+func getRuntimeConfig(netns, conName, conID, networkName string, ports []cniPortMapEntry, opts *types.PerNetworkOptions) *libcni.RuntimeConf {
 	rt := &libcni.RuntimeConf{
 		ContainerID: conID,
 		NetNS:       netns,
@@ -230,7 +231,8 @@ func (n *cniNetwork) teardown(namespacePath string, options types.TeardownOption
 
 	var multiErr *multierror.Error
 	for name, netOpts := range options.Networks {
-		rt := getRuntimeConfig(namespacePath, options.ContainerName, options.ContainerID, name, ports, netOpts)
+		netOpts := netOpts
+		rt := getRuntimeConfig(namespacePath, options.ContainerName, options.ContainerID, name, ports, &netOpts)
 
 		cniConfList, newRt, err := getCachedNetworkConfig(n.cniConf, name, rt)
 		if err == nil {

common/libnetwork/cni/run_test.go

@@ -24,16 +24,15 @@ import (
 	"time"
 
 	"github.com/containernetworking/plugins/pkg/ns"
+	"github.com/containers/common/libnetwork/types"
+	"github.com/containers/common/pkg/netns"
+	"github.com/containers/storage/pkg/stringid"
+	"github.com/containers/storage/pkg/unshare"
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 	"github.com/sirupsen/logrus"
 	"github.com/vishvananda/netlink"
 	"golang.org/x/sys/unix"
-
-	"github.com/containers/common/libnetwork/types"
-	"github.com/containers/common/pkg/netns"
-	"github.com/containers/storage/pkg/stringid"
-	"github.com/containers/storage/pkg/unshare"
 )
 
 var _ = Describe("run CNI", func() {
@@ -98,7 +97,7 @@ var _ = Describe("run CNI", func() {
 
 	JustBeforeEach(func() {
 		var err error
-		libpodNet, err = getNetworkInterface(cniConfDir, false)
+		libpodNet, err = getNetworkInterface(cniConfDir)
 		if err != nil {
 			Fail("Failed to create NewCNINetworkInterface")
 		}
@@ -141,7 +140,7 @@ var _ = Describe("run CNI", func() {
 				Expect(res[defNet].DNSSearchDomains).To(BeEmpty())
 
 				// reload the interface so the networks are reload from disk
-				libpodNet, err := getNetworkInterface(cniConfDir, false)
+				libpodNet, err := getNetworkInterface(cniConfDir)
 				Expect(err).To(BeNil())
 
 				err = libpodNet.Teardown(netNSContainer.Path(), types.TeardownOptions(setupOpts))
@@ -398,7 +397,7 @@ var _ = Describe("run CNI", func() {
 					i, err := net.InterfaceByName(intName1)
 					Expect(err).To(BeNil())
 					Expect(i.Name).To(Equal(intName1))
-					Expect(i.HardwareAddr).To(Equal((net.HardwareAddr)(macInt1)))
+					Expect(i.HardwareAddr).To(Equal(net.HardwareAddr(macInt1)))
 					addrs, err := i.Addrs()
 					Expect(err).To(BeNil())
 					subnet := &net.IPNet{

common/libnetwork/internal/util/ip.go

@@ -60,7 +60,7 @@ func getRandomIPv6Subnet() (net.IPNet, error) {
 	// read 8 random bytes
 	_, err := rand.Read(ip)
 	if err != nil {
-		return net.IPNet{}, nil
+		return net.IPNet{}, err
 	}
 	// first byte must be FD as per RFC3879
 	ip[0] = 0xfd

common/libnetwork/internal/util/validate.go

@@ -23,24 +23,24 @@ func ValidateSubnet(s *types.Subnet, addGateway bool, usedNetworks []*net.IPNet)
 	// Reparse to ensure subnet is valid.
 	// Do not use types.ParseCIDR() because we want the ip to be
 	// the network address and not a random ip in the subnet.
-	_, net, err := net.ParseCIDR(s.Subnet.String())
+	_, n, err := net.ParseCIDR(s.Subnet.String())
 	if err != nil {
 		return errors.Wrap(err, "subnet invalid")
 	}
 
 	// check that the new subnet does not conflict with existing ones
-	if NetworkIntersectsWithNetworks(net, usedNetworks) {
-		return errors.Errorf("subnet %s is already used on the host or by another config", net.String())
+	if NetworkIntersectsWithNetworks(n, usedNetworks) {
+		return errors.Errorf("subnet %s is already used on the host or by another config", n.String())
 	}
 
-	s.Subnet = types.IPNet{IPNet: *net}
+	s.Subnet = types.IPNet{IPNet: *n}
 	if s.Gateway != nil {
 		if !s.Subnet.Contains(s.Gateway) {
 			return errors.Errorf("gateway %s not in subnet %s", s.Gateway, &s.Subnet)
 		}
 		util.NormalizeIP(&s.Gateway)
 	} else if addGateway {
-		ip, err := util.FirstIPInSubnet(net)
+		ip, err := util.FirstIPInSubnet(n)
 		if err != nil {
 			return err
 		}
@@ -91,11 +91,12 @@ func ValidateSetupOptions(n NetUtil, namespacePath string, options types.SetupOp
 		return errors.New("must specify at least one network")
 	}
 	for name, netOpts := range options.Networks {
+		netOpts := netOpts
 		network, err := n.Network(name)
 		if err != nil {
 			return err
 		}
-		err = validatePerNetworkOpts(network, netOpts)
+		err = validatePerNetworkOpts(network, &netOpts)
 		if err != nil {
 			return err
 		}
@@ -104,7 +105,7 @@ func ValidateSetupOptions(n NetUtil, namespacePath string, options types.SetupOp
 }
 
 // validatePerNetworkOpts checks that all given static ips are in a subnet on this network
-func validatePerNetworkOpts(network *types.Network, netOpts types.PerNetworkOptions) error {
+func validatePerNetworkOpts(network *types.Network, netOpts *types.PerNetworkOptions) error {
 	if netOpts.InterfaceName == "" {
 		return errors.Errorf("interface name on network %s is empty", network.Name)
 	}

common/libnetwork/netavark/config.go

@@ -18,6 +18,7 @@ import (
 
 // NetworkCreate will take a partial filled Network and fill the
 // missing fields. It creates the Network and returns the full Network.
+// nolint:gocritic
 func (n *netavarkNetwork) NetworkCreate(net types.Network) (types.Network, error) {
 	n.lock.Lock()
 	defer n.lock.Unlock()
@@ -25,7 +26,7 @@ func (n *netavarkNetwork) NetworkCreate(net types.Network) (types.Network, error
 	if err != nil {
 		return types.Network{}, err
 	}
-	network, err := n.networkCreate(net, false)
+	network, err := n.networkCreate(&net, false)
 	if err != nil {
 		return types.Network{}, err
 	}
@@ -34,7 +35,7 @@ func (n *netavarkNetwork) NetworkCreate(net types.Network) (types.Network, error
 	return *network, nil
 }
 
-func (n *netavarkNetwork) networkCreate(newNetwork types.Network, defaultNet bool) (*types.Network, error) {
+func (n *netavarkNetwork) networkCreate(newNetwork *types.Network, defaultNet bool) (*types.Network, error) {
 	// if no driver is set use the default one
 	if newNetwork.Driver == "" {
 		newNetwork.Driver = types.DefaultNetworkDriver
@@ -60,7 +61,7 @@ func (n *netavarkNetwork) networkCreate(newNetwork types.Network, defaultNet boo
 		}
 	}
 
-	err := internalutil.CommonNetworkCreate(n, &newNetwork)
+	err := internalutil.CommonNetworkCreate(n, newNetwork)
 	if err != nil {
 		return nil, err
 	}
@@ -82,7 +83,7 @@ func (n *netavarkNetwork) networkCreate(newNetwork types.Network, defaultNet boo
 
 	switch newNetwork.Driver {
 	case types.BridgeNetworkDriver:
-		err = internalutil.CreateBridge(n, &newNetwork, usedNetworks)
+		err = internalutil.CreateBridge(n, newNetwork, usedNetworks)
 		if err != nil {
 			return nil, err
 		}
@@ -139,7 +140,7 @@ func (n *netavarkNetwork) networkCreate(newNetwork types.Network, defaultNet boo
 		return nil, errors.Wrapf(types.ErrInvalidArg, "unsupported driver %s", newNetwork.Driver)
 	}
 
-	err = internalutil.ValidateSubnets(&newNetwork, usedNetworks)
+	err = internalutil.ValidateSubnets(newNetwork, usedNetworks)
 	if err != nil {
 		return nil, err
 	}
@@ -165,7 +166,7 @@ func (n *netavarkNetwork) networkCreate(newNetwork types.Network, defaultNet boo
 		}
 	}
 
-	return &newNetwork, nil
+	return newNetwork, nil
 }
 
 // NetworkRemove will remove the Network with the given name or ID.

common/libnetwork/netavark/config_test.go

@@ -10,13 +10,12 @@ import (
 	"path/filepath"
 	"time"
 
+	"github.com/containers/common/libnetwork/types"
+	"github.com/containers/common/libnetwork/util"
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 	gomegaTypes "github.com/onsi/gomega/types"
 	"github.com/sirupsen/logrus"
-
-	"github.com/containers/common/libnetwork/types"
-	"github.com/containers/common/libnetwork/util"
 )
 
 var _ = Describe("Config", func() {
@@ -39,7 +38,7 @@ var _ = Describe("Config", func() {
 
 	JustBeforeEach(func() {
 		var err error
-		libpodNet, err = getNetworkInterface(networkConfDir, false)
+		libpodNet, err = getNetworkInterface(networkConfDir)
 		if err != nil {
 			Fail("Failed to create NewCNINetworkInterface")
 		}
@@ -112,7 +111,7 @@ var _ = Describe("Config", func() {
 			EqualNetwork(network2, network1)
 
 			// create a new interface to force a config load from disk
-			libpodNet, err = getNetworkInterface(networkConfDir, false)
+			libpodNet, err = getNetworkInterface(networkConfDir)
 			Expect(err).To(BeNil())
 
 			network2, err = libpodNet.NetworkInspect(network1.Name)
@@ -228,7 +227,7 @@ var _ = Describe("Config", func() {
 			Expect(network1.Subnets[0].LeaseRange).To(BeNil())
 
 			// reload configs from disk
-			libpodNet, err = getNetworkInterface(networkConfDir, false)
+			libpodNet, err = getNetworkInterface(networkConfDir)
 			Expect(err).To(BeNil())
 			// check the the networks are identical
 			network2, err := libpodNet.NetworkInspect(network1.Name)
@@ -1225,7 +1224,7 @@ var _ = Describe("Config", func() {
 
 })
 
-func grepInFile(path string, match string) {
+func grepInFile(path, match string) {
 	data, err := ioutil.ReadFile(path)
 	ExpectWithOffset(1, err).To(BeNil())
 	ExpectWithOffset(1, string(data)).To(ContainSubstring(match))
@@ -1239,6 +1238,7 @@ func HaveNetworkName(name string) gomegaTypes.GomegaMatcher {
 }
 
 // EqualNetwork must be used because comparing the time with deep equal does not work
+// nolint:gocritic
 func EqualNetwork(net1, net2 types.Network) {
 	ExpectWithOffset(1, net1.Created.Equal(net2.Created)).To(BeTrue(), "net1 created: %v is not equal net2 created: %v", net1.Created, net2.Created)
 	net1.Created = time.Time{}

common/libnetwork/netavark/ipam.go

@@ -56,6 +56,8 @@ func newIPAMError(cause error, msg string, args ...interface{}) *ipamError {
 // openDB will open the ipam database
 // Note that the caller has to Close it.
 func (n *netavarkNetwork) openDB() (*bbolt.DB, error) {
+	// linter complains about the octal value
+	// nolint:gocritic
 	db, err := bbolt.Open(n.ipamDBPath, 0600, nil)
 	if err != nil {
 		return nil, newIPAMError(err, "failed to open database %s", n.ipamDBPath)
@@ -94,8 +96,8 @@ func (n *netavarkNetwork) allocIPs(opts *types.NetworkOptions) error {
 			// requestIPs is the list of ips which should be used for this container
 			requestIPs := make([]net.IP, 0, len(network.Subnets))
 
-			for _, subnet := range network.Subnets {
-				subnetBkt, err := netBkt.CreateBucketIfNotExists([]byte(subnet.Subnet.String()))
+			for i := range network.Subnets {
+				subnetBkt, err := netBkt.CreateBucketIfNotExists([]byte(network.Subnets[i].Subnet.String()))
 				if err != nil {
 					return newIPAMError(err, "failed to create/get subnet bucket for network %s", netName)
 				}
@@ -104,7 +106,7 @@ func (n *netavarkNetwork) allocIPs(opts *types.NetworkOptions) error {
 				// in this case the user wants this one and we should not assign a free one
 				var ip net.IP
 				for _, staticIP := range netOpts.StaticIPs {
-					if subnet.Subnet.Contains(staticIP) {
+					if network.Subnets[i].Subnet.Contains(staticIP) {
 						ip = staticIP
 						break
 					}
@@ -119,7 +121,7 @@ func (n *netavarkNetwork) allocIPs(opts *types.NetworkOptions) error {
 						return newIPAMError(nil, "requested ip address %s is already allocated to container ID %s", ip.String(), string(id))
 					}
 				} else {
-					ip, err = getFreeIPFromBucket(subnetBkt, subnet)
+					ip, err = getFreeIPFromBucket(subnetBkt, &network.Subnets[i])
 					if err != nil {
 						return err
 					}
@@ -160,7 +162,7 @@ func (n *netavarkNetwork) allocIPs(opts *types.NetworkOptions) error {
 	return err
 }
 
-func getFreeIPFromBucket(bucket *bbolt.Bucket, subnet types.Subnet) (net.IP, error) {
+func getFreeIPFromBucket(bucket *bbolt.Bucket, subnet *types.Subnet) (net.IP, error) {
 	var rangeStart net.IP
 	var rangeEnd net.IP
 	if subnet.LeaseRange != nil {

common/libnetwork/netavark/ipam_test.go

@@ -33,7 +33,7 @@ var _ = Describe("IPAM", func() {
 	})
 
 	JustBeforeEach(func() {
-		libpodNet, err := NewNetworkInterface(InitConfig{
+		libpodNet, err := NewNetworkInterface(&InitConfig{
 			NetworkConfigDir: networkConfDir,
 			IPAMDBPath:       filepath.Join(networkConfDir, "ipam.db"),
 			LockFile:         filepath.Join(networkConfDir, "netavark.lock"),

common/libnetwork/netavark/netavark_suite_test.go

@@ -32,10 +32,9 @@ func init() {
 	}
 }
 
-func getNetworkInterface(confDir string, machine bool) (types.ContainerNetwork, error) {
-	return netavark.NewNetworkInterface(netavark.InitConfig{
+func getNetworkInterface(confDir string) (types.ContainerNetwork, error) {
+	return netavark.NewNetworkInterface(&netavark.InitConfig{
 		NetworkConfigDir: confDir,
-		IsMachine:        machine,
 		NetavarkBinary:   netavarkBinary,
 		IPAMDBPath:       filepath.Join(confDir, "ipam.db"),
 		LockFile:         filepath.Join(confDir, "netavark.lock"),

common/libnetwork/netavark/network.go

@@ -79,7 +79,7 @@ type InitConfig struct {
 
 // NewNetworkInterface creates the ContainerNetwork interface for the netavark backend.
 // Note: The networks are not loaded from disk until a method is called.
-func NewNetworkInterface(conf InitConfig) (types.ContainerNetwork, error) {
+func NewNetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) {
 	// TODO: consider using a shared memory lock
 	lock, err := lockfile.GetLockfile(conf.LockFile)
 	if err != nil {
@@ -251,7 +251,7 @@ func (n *netavarkNetwork) createDefaultNetwork() (*types.Network, error) {
 			{Subnet: n.defaultSubnet},
 		},
 	}
-	return n.networkCreate(net, true)
+	return n.networkCreate(&net, true)
 }
 
 // getNetwork will lookup a network by name or ID. It returns an

common/libnetwork/netavark/run_test.go

@@ -22,16 +22,15 @@ import (
 	"time"
 
 	"github.com/containernetworking/plugins/pkg/ns"
-	. "github.com/onsi/ginkgo"
-	. "github.com/onsi/gomega"
-	"github.com/sirupsen/logrus"
-	"github.com/vishvananda/netlink"
-
 	"github.com/containers/common/libnetwork/types"
 	"github.com/containers/common/libnetwork/util"
 	"github.com/containers/common/pkg/netns"
 	"github.com/containers/storage/pkg/stringid"
 	"github.com/containers/storage/pkg/unshare"
+	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/gomega"
+	"github.com/sirupsen/logrus"
+	"github.com/vishvananda/netlink"
 )
 
 var _ = Describe("run netavark", func() {
@@ -97,7 +96,7 @@ var _ = Describe("run netavark", func() {
 
 	JustBeforeEach(func() {
 		var err error
-		libpodNet, err = getNetworkInterface(confDir, false)
+		libpodNet, err = getNetworkInterface(confDir)
 		if err != nil {
 			Fail("Failed to create NewCNINetworkInterface")
 		}

common/libnetwork/types/network.go

@@ -69,7 +69,7 @@ type IPNet struct {
 
 // ParseCIDR parse a string to IPNet
 func ParseCIDR(cidr string) (IPNet, error) {
-	ip, net, err := net.ParseCIDR(cidr)
+	ip, subnet, err := net.ParseCIDR(cidr)
 	if err != nil {
 		return IPNet{}, err
 	}
@@ -78,8 +78,8 @@ func ParseCIDR(cidr string) (IPNet, error) {
 	if ipv4 != nil {
 		ip = ipv4
 	}
-	net.IP = ip
-	return IPNet{*net}, err
+	subnet.IP = ip
+	return IPNet{*subnet}, err
 }
 
 func (n *IPNet) MarshalText() ([]byte, error) {
@@ -87,11 +87,11 @@ func (n *IPNet) MarshalText() ([]byte, error) {
 }
 
 func (n *IPNet) UnmarshalText(text []byte) error {
-	net, err := ParseCIDR(string(text))
+	subnet, err := ParseCIDR(string(text))
 	if err != nil {
 		return err
 	}
-	*n = net
+	*n = subnet
 	return nil
 }
 
@@ -253,7 +253,7 @@ type PortMapping struct {
 }
 
 // OCICNIPortMapping maps to the standard CNI portmapping Capability.
-// Deprecated, do not use this struct for new fields. This only exists
+// Deprecated: Do not use this struct for new fields. This only exists
 // for backwards compatibility.
 type OCICNIPortMapping struct {
 	// HostPort is the port number on the host.

common/libnetwork/util/filters.go

@@ -9,9 +9,9 @@ import (
 	"github.com/pkg/errors"
 )
 
-func GenerateNetworkFilters(filters map[string][]string) ([]types.FilterFunc, error) {
-	filterFuncs := make([]types.FilterFunc, 0, len(filters))
-	for key, filterValues := range filters {
+func GenerateNetworkFilters(f map[string][]string) ([]types.FilterFunc, error) {
+	filterFuncs := make([]types.FilterFunc, 0, len(f))
+	for key, filterValues := range f {
 		filterFunc, err := createFilterFuncs(key, filterValues)
 		if err != nil {
 			return nil, err
@@ -46,9 +46,9 @@ func createFilterFuncs(key string, filterValues []string) (types.FilterFunc, err
 	return createPruneFilterFuncs(key, filterValues)
 }
 
-func GenerateNetworkPruneFilters(filters map[string][]string) ([]types.FilterFunc, error) {
-	filterFuncs := make([]types.FilterFunc, 0, len(filters))
-	for key, filterValues := range filters {
+func GenerateNetworkPruneFilters(f map[string][]string) ([]types.FilterFunc, error) {
+	filterFuncs := make([]types.FilterFunc, 0, len(f))
+	for key, filterValues := range f {
 		filterFunc, err := createPruneFilterFuncs(key, filterValues)
 		if err != nil {
 			return nil, err

common/libnetwork/util/ip.go

@@ -27,7 +27,7 @@ func LastIPInSubnet(addr *net.IPNet) (net.IP, error) { //nolint:interfacer
 		return cidr.IP, nil
 	}
 	for i := range cidr.IP {
-		cidr.IP[i] = cidr.IP[i] | ^cidr.Mask[i]
+		cidr.IP[i] |= ^cidr.Mask[i]
 	}
 	return cidr.IP, nil
 }

common/pkg/netns/netns_linux.go

@@ -180,13 +180,13 @@ func NewNSWithName(name string) (ns.NetNS, error) {
 }
 
 // UnmountNS unmounts the NS held by the netns object
-func UnmountNS(ns ns.NetNS) error {
+func UnmountNS(netns ns.NetNS) error {
 	nsRunDir, err := GetNSRunDir()
 	if err != nil {
 		return err
 	}
 
-	nsPath := ns.Path()
+	nsPath := netns.Path()
 	// Only unmount if it's been bind-mounted (don't touch namespaces in /proc...)
 	if strings.HasPrefix(nsPath, nsRunDir) {
 		if err := unix.Unmount(nsPath, unix.MNT_DETACH); err != nil {