vet: add check for trailing spaces (#7576)

* vet: trailing spaces check
2024-09-12 11:40:38 +05:30 · 2024-09-12 11:40:38 +05:30 · b6fde8cdd1
parent 7fb7ac747b
commit b6fde8cdd1
29 changed files with 145 additions and 141 deletions
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -25,8 +25,8 @@ How to get your contributions merged smoothly and quickly.
  is a great place to start. These issues are well-documented and usually can be
  resolved with a single pull request.
- If you are adding a new file, make sure it has the copyright message template 
+- If you are adding a new file, make sure it has the copyright message template
-  at the top as a comment. You can copy over the message from an existing file 
+  at the top as a comment. You can copy over the message from an existing file
  and update the year.
 - The grpc package should only depend on standard Go packages and a small number
@ -41,10 +41,10 @@ How to get your contributions merged smoothly and quickly.
 - Provide a good **PR description** as a record of **what** change is being made
  and **why** it was made. Link to a github issue if it exists.
- If you want to fix formatting or style, consider whether your changes are an 
+- If you want to fix formatting or style, consider whether your changes are an
-  obvious improvement or might be considered a personal preference. If a style 
+  obvious improvement or might be considered a personal preference. If a style
-  change is based on preference, it likely will not be accepted. If it corrects 
+  change is based on preference, it likely will not be accepted. If it corrects
-  widely agreed-upon anti-patterns, then please do create a PR and explain the 
+  widely agreed-upon anti-patterns, then please do create a PR and explain the
  benefits of the change.
 - Unless your PR is trivial, you should expect there will be reviewer comments
--- a/Documentation/server-reflection-tutorial.md
+++ b/Documentation/server-reflection-tutorial.md
@ -103,7 +103,7 @@ The `list` command lists services exposed at a given port:
 - Describe all services
  The `describe` command inspects a service given its full name (in the format
-  of \<package\>.\<service\>). 
+  of \<package\>.\<service\>).
  ```sh
  $ grpcurl -plaintext localhost:50051 describe helloworld.Greeter
--- a/authz/grpc_authz_end2end_test.go
+++ b/authz/grpc_authz_end2end_test.go
@ -78,7 +78,7 @@ var authzTests = map[string]struct {
 	"DeniesRPCMatchInDenyNoMatchInAllow": {
 		authzPolicy: `{
 				"name": "authz",
-				"allow_rules": 
+				"allow_rules":
 				[
 					{
 						"name": "allow_StreamingOutputCall",
@ -166,11 +166,11 @@ var authzTests = map[string]struct {
 								"/grpc.testing.TestService/UnaryCall",
 								"/grpc.testing.TestService/StreamingInputCall"
 							],
-							"headers": 
+							"headers":
 							[
 								{
 									"key": "key-abc",
-									"values": 
+									"values":
 									[
 										"val-abc",
 										"val-def"
@ -250,7 +250,7 @@ var authzTests = map[string]struct {
 				[
 					{
 						"name": "allow_StreamingOutputCall",
-						"request": 
+						"request":
 						{
 							"paths":
 							[
--- a/authz/grpc_authz_server_interceptors_test.go
+++ b/authz/grpc_authz_server_interceptors_test.go
@ -57,9 +57,9 @@ func (s) TestNewStatic(t *testing.T) {
 			wantErr:     fmt.Errorf(`"name" is not present`),
 		},
 		"ValidPolicyCreatesInterceptor": {
-			authzPolicy: `{		
+			authzPolicy: `{
 				"name": "authz",
-				"allow_rules": 
+				"allow_rules":
 				[
 					{
 						"name": "allow_all"
--- a/cmd/protoc-gen-go-grpc/protoc-gen-go-grpc_test.sh
+++ b/cmd/protoc-gen-go-grpc/protoc-gen-go-grpc_test.sh
@ -15,7 +15,7 @@
 # limitations under the License.
 # Uncomment to enable debugging.
-# set -x 
+# set -x
 WORKDIR="$(dirname $0)"
 TEMPDIR=$(mktemp -d)
@ -24,7 +24,7 @@ trap "rm -rf ${TEMPDIR}" EXIT
 # Build protoc-gen-go-grpc binary and add to $PATH.
 pushd "${WORKDIR}"
-go build -o "${TEMPDIR}" . 
+go build -o "${TEMPDIR}" .
 PATH="${TEMPDIR}:${PATH}"
 popd
@ -38,7 +38,7 @@ GENFILE="${TEMPDIR}/examples/route_guide/routeguide/route_guide_grpc.pb.go"
 # diff is piped to [[ $? == 1 ]] to avoid exiting on diff but exit on error
 # (like if the file was not found). See man diff for more info.
-DIFF=$(diff "${GOLDENFILE}" "${GENFILE}" || [[ $? == 1 ]]) 
+DIFF=$(diff "${GOLDENFILE}" "${GENFILE}" || [[ $? == 1 ]])
 if [[ -n "${DIFF}" ]]; then
    echo -e "ERROR: Generated file differs from golden file:\n${DIFF}"
    echo -e "If you have made recent changes to protoc-gen-go-grpc," \
--- a/examples/features/advancedtls/README.md
+++ b/examples/features/advancedtls/README.md
@ -16,7 +16,7 @@ The clients are designed to call these servers with varying configurations of cr
 ```
 # Run the server
 $ go run server/main.go -credentials_directory $(pwd)/creds
-# Run the clients from the `grpc-go/examples/features/advancedtls` directory 
+# Run the clients from the `grpc-go/examples/features/advancedtls` directory
 $ go run client/main.go -credentials_directory $(pwd)/creds
 ```
--- a/examples/features/advancedtls/creds/client_cert.pem
+++ b/examples/features/advancedtls/creds/client_cert.pem
@ -49,15 +49,15 @@ Certificate:
                    6e:bb:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
+            X509v3 Subject Key Identifier:
                DE:03:BD:A3:0E:63:F4:97:C2:52:70:63:E8:BE:A9:DF:F1:9A:7B:56
-            X509v3 Authority Key Identifier: 
+            X509v3 Authority Key Identifier:
                50:76:C3:5C:6B:12:E1:92:0F:28:F8:F2:43:A6:80:C2:9C:E8:56:D6
-            X509v3 Basic Constraints: 
+            X509v3 Basic Constraints:
                CA:FALSE
-            X509v3 Key Usage: 
+            X509v3 Key Usage:
                Digital Signature, Key Encipherment
-            X509v3 Subject Alternative Name: 
+            X509v3 Subject Alternative Name:
                DNS:localhost, IP Address:0.0.0.0
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
--- a/examples/features/advancedtls/creds/client_cert_revoked.pem
+++ b/examples/features/advancedtls/creds/client_cert_revoked.pem
@ -49,15 +49,15 @@ Certificate:
                    6e:bb:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
+            X509v3 Subject Key Identifier:
                DE:03:BD:A3:0E:63:F4:97:C2:52:70:63:E8:BE:A9:DF:F1:9A:7B:56
-            X509v3 Authority Key Identifier: 
+            X509v3 Authority Key Identifier:
                50:76:C3:5C:6B:12:E1:92:0F:28:F8:F2:43:A6:80:C2:9C:E8:56:D6
-            X509v3 Basic Constraints: 
+            X509v3 Basic Constraints:
                CA:FALSE
-            X509v3 Key Usage: 
+            X509v3 Key Usage:
                Digital Signature, Key Encipherment
-            X509v3 Subject Alternative Name: 
+            X509v3 Subject Alternative Name:
                DNS:localhost, IP Address:0.0.0.0
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
--- a/examples/features/advancedtls/creds/server_cert.pem
+++ b/examples/features/advancedtls/creds/server_cert.pem
@ -49,15 +49,15 @@ Certificate:
                    03:71:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
+            X509v3 Subject Key Identifier:
                4C:57:E2:72:97:CF:DC:C4:B8:4E:DB:D4:C1:C6:3D:AE:EF:D7:0A:19
-            X509v3 Authority Key Identifier: 
+            X509v3 Authority Key Identifier:
                50:76:C3:5C:6B:12:E1:92:0F:28:F8:F2:43:A6:80:C2:9C:E8:56:D6
-            X509v3 Basic Constraints: 
+            X509v3 Basic Constraints:
                CA:FALSE
-            X509v3 Key Usage: 
+            X509v3 Key Usage:
                Digital Signature, Key Encipherment
-            X509v3 Subject Alternative Name: 
+            X509v3 Subject Alternative Name:
                DNS:localhost, IP Address:0.0.0.0
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
--- a/examples/features/advancedtls/creds/server_cert_revoked.pem
+++ b/examples/features/advancedtls/creds/server_cert_revoked.pem
@ -49,15 +49,15 @@ Certificate:
                    03:71:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
+            X509v3 Subject Key Identifier:
                4C:57:E2:72:97:CF:DC:C4:B8:4E:DB:D4:C1:C6:3D:AE:EF:D7:0A:19
-            X509v3 Authority Key Identifier: 
+            X509v3 Authority Key Identifier:
                50:76:C3:5C:6B:12:E1:92:0F:28:F8:F2:43:A6:80:C2:9C:E8:56:D6
-            X509v3 Basic Constraints: 
+            X509v3 Basic Constraints:
                CA:FALSE
-            X509v3 Key Usage: 
+            X509v3 Key Usage:
                Digital Signature, Key Encipherment
-            X509v3 Subject Alternative Name: 
+            X509v3 Subject Alternative Name:
                DNS:localhost, IP Address:0.0.0.0
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
--- a/examples/features/debugging/README.md
+++ b/examples/features/debugging/README.md
@ -3,12 +3,12 @@
 Currently, grpc provides two major tools to help user debug issues, which are logging and channelz.
 ## Logs
-gRPC has put substantial logging instruments on critical paths of gRPC to help users debug issues. 
+gRPC has put substantial logging instruments on critical paths of gRPC to help users debug issues.
 The [Log Levels](https://github.com/grpc/grpc-go/blob/master/Documentation/log_levels.md) doc describes
 what each log level means in the gRPC context.
-To turn on the logs for debugging, run the code with the following environment variable: 
+To turn on the logs for debugging, run the code with the following environment variable:
-`GRPC_GO_LOG_VERBOSITY_LEVEL=99 GRPC_GO_LOG_SEVERITY_LEVEL=info`. 
+`GRPC_GO_LOG_VERBOSITY_LEVEL=99 GRPC_GO_LOG_SEVERITY_LEVEL=info`.
 ## Channelz
 We also provide a runtime debugging tool, Channelz, to help users with live debugging.
@ -17,7 +17,7 @@ See the channelz blog post here ([link](https://grpc.io/blog/a-short-introductio
 details about how to use channelz service to debug live program.
 ## Try it
-The example is able to showcase how logging and channelz can help with debugging. See the channelz 
+The example is able to showcase how logging and channelz can help with debugging. See the channelz
 blog post linked above for full explanation.
 ```
--- a/examples/features/encryption/README.md
+++ b/examples/features/encryption/README.md
@ -29,9 +29,9 @@ create grpc
 base on TLS. Refer to the
 [godoc](https://godoc.org/google.golang.org/grpc/credentials) for details.
-In our example, we use the public/private keys created ahead: 
+In our example, we use the public/private keys created ahead:
-* "server_cert.pem" contains the server certificate (public key). 
+* "server_cert.pem" contains the server certificate (public key).
-* "server_key.pem" contains the server private key. 
+* "server_key.pem" contains the server private key.
 * "ca_cert.pem" contains the certificate (certificate authority)
 that can verify the server's certificate.
@ -56,7 +56,7 @@ And finally we make an RPC call over the created `grpc.ClientConn` to test the s
 connection based upon TLS is successfully up.
 ### ALTS
-NOTE: ALTS currently needs special early access permission on GCP. You can ask 
+NOTE: ALTS currently needs special early access permission on GCP. You can ask
 about the detailed process in https://groups.google.com/forum/#!forum/grpc-io.
 ALTS is the Google's Application Layer Transport Security, which supports mutual
@ -93,12 +93,12 @@ allows users to configure mutual TLS at the connection level.
 In this example, we use the following public/private keys created ahead of time:
-* "server_cert.pem" contains the server's certificate (public key). 
+* "server_cert.pem" contains the server's certificate (public key).
-* "server_key.pem" contains the server's private key. 
+* "server_key.pem" contains the server's private key.
 * "ca_cert.pem" contains the certificate of the certificate authority that can
  verify the server's certificate.
-* "client_cert.pem" contains the client's certificate (public key). 
+* "client_cert.pem" contains the client's certificate (public key).
-* "client_key.pem" contains the client's private key. 
+* "client_key.pem" contains the client's private key.
 * "client_ca_cert.pem" contains the certificate of the certificate authority
  that can verify the client's certificate.
--- a/examples/features/health/README.md
+++ b/examples/features/health/README.md
@ -3,7 +3,7 @@
 gRPC provides a health library to communicate a system's health to their clients.
 It works by providing a service definition via the [health/v1](https://github.com/grpc/grpc-proto/blob/master/grpc/health/v1/health.proto) api.
-By using the health library, clients can gracefully avoid using servers as they encounter issues. 
+By using the health library, clients can gracefully avoid using servers as they encounter issues.
 Most languages provide an implementation out of box, making it interoperable between systems.
 ## Try it
@ -30,7 +30,7 @@ This configuration indicates which backend `serviceName` should be inspected whe
 An empty string (`""`) typically indicates the overall health of a server should be reported.
 ```go
-// import grpc/health to enable transparent client side checking 
+// import grpc/health to enable transparent client side checking
 import _ "google.golang.org/grpc/health"
 // set up appropriate service config
@ -59,6 +59,6 @@ This state is often seen at the start up of a server instance.
 Conversely, `NOT_SERVING` indicates the system is unable to service requests at the time.
 `SERVICE_UNKNOWN` communicates the `serviceName` requested by the client is not known by the server.
-This status is only reported by the `Watch()` call. 
+This status is only reported by the `Watch()` call.
 A server may toggle its health using `healthServer.SetServingStatus("serviceName", servingStatus)`.
--- a/examples/features/metadata_interceptor/README.md
+++ b/examples/features/metadata_interceptor/README.md
@ -57,7 +57,7 @@ func (s *wrappedStream) Context() context.Context {
 }
 func SomeStreamInterceptor(srv interface{}, ss grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error {
-    // Get the incoming metadata from the RPC context, and add a new 
+    // Get the incoming metadata from the RPC context, and add a new
    // key-value pair to it.
    md, ok := metadata.FromIncomingContext(ctx)
    md.Append("key1", "value1")
--- a/examples/features/stats_monitoring/README.md
+++ b/examples/features/stats_monitoring/README.md
@ -1,8 +1,8 @@
 # Stats Monitoring Handler
-This example demonstrates the use of the [`stats`](https://pkg.go.dev/google.golang.org/grpc/stats) package for reporting various  
+This example demonstrates the use of the [`stats`](https://pkg.go.dev/google.golang.org/grpc/stats) package for reporting various
-network and RPC stats.  
+network and RPC stats.
-_Note that all fields are READ-ONLY and the APIs of the `stats` package are  
+_Note that all fields are READ-ONLY and the APIs of the `stats` package are
 experimental_.
 ## Try it
@ -17,42 +17,42 @@ go run client/main.go
 ## Explanation
-gRPC provides a mechanism to hook on to various events (phases) of the  
+gRPC provides a mechanism to hook on to various events (phases) of the
-request-response network cycle through the [`stats.Handler`](https://pkg.go.dev/google.golang.org/grpc/stats#Handler) interface. To access  
+request-response network cycle through the [`stats.Handler`](https://pkg.go.dev/google.golang.org/grpc/stats#Handler) interface. To access
-these events, a concrete type that implements `stats.Handler` should be passed to  
+these events, a concrete type that implements `stats.Handler` should be passed to
-`grpc.WithStatsHandler()` on the client side and `grpc.StatsHandler()` on the  
+`grpc.WithStatsHandler()` on the client side and `grpc.StatsHandler()` on the
 server side.
-The `HandleRPC(context.Context, RPCStats)` method on `stats.Handler` is called  
+The `HandleRPC(context.Context, RPCStats)` method on `stats.Handler` is called
-multiple times during a request-response cycle, and various event stats are  
+multiple times during a request-response cycle, and various event stats are
-passed to its `RPCStats` parameter (an interface). The concrete types that  
+passed to its `RPCStats` parameter (an interface). The concrete types that
-implement this interface are: `*stats.Begin`, `*stats.InHeader`, `*stats.InPayload`,  
+implement this interface are: `*stats.Begin`, `*stats.InHeader`, `*stats.InPayload`,
-`*stats.InTrailer`, `*stats.OutHeader`, `*stats.OutPayload`, `*stats.OutTrailer`, and  
+`*stats.InTrailer`, `*stats.OutHeader`, `*stats.OutPayload`, `*stats.OutTrailer`, and
 `*stats.End`. The order of these events differs on client and server.
-Similarly, the `HandleConn(context.Context, ConnStats)` method on `stats.Handler`  
+Similarly, the `HandleConn(context.Context, ConnStats)` method on `stats.Handler`
-is called twice, once at the beginning of the connection with `*stats.ConnBegin`  
+is called twice, once at the beginning of the connection with `*stats.ConnBegin`
 and once at the end with `*stats.ConnEnd`.
-The [`stats.Handler`](https://pkg.go.dev/google.golang.org/grpc/stats#Handler) interface also provides  
+The [`stats.Handler`](https://pkg.go.dev/google.golang.org/grpc/stats#Handler) interface also provides
-`TagRPC(context.Context, *RPCTagInfo) context.Context` and  
+`TagRPC(context.Context, *RPCTagInfo) context.Context` and
-`TagConn(context.Context, *ConnTagInfo) context.Context` methods. These methods  
+`TagConn(context.Context, *ConnTagInfo) context.Context` methods. These methods
 are mainly used to attach network related information to the given context.
-The `TagRPC(context.Context, *RPCTagInfo) context.Context` method returns a  
+The `TagRPC(context.Context, *RPCTagInfo) context.Context` method returns a
-context from which the context used for the rest lifetime of the RPC will be  
+context from which the context used for the rest lifetime of the RPC will be
 derived. This behavior is consistent between the gRPC client and server.
-The context returned from  
+The context returned from
 `TagConn(context.Context, *ConnTagInfo) context.Context` has varied lifespan:
- In the gRPC client:  
+- In the gRPC client:
-  The context used for the rest lifetime of the RPC will NOT be derived from  
+  The context used for the rest lifetime of the RPC will NOT be derived from
-  this context. Hence the information attached to this context can only be  
+  this context. Hence the information attached to this context can only be
  consumed by `HandleConn(context.Context, ConnStats)` method.
- In the gRPC server:  
+- In the gRPC server:
-  The context used for the rest lifetime of the RPC will be derived from  
+  The context used for the rest lifetime of the RPC will be derived from
  this context.
-NOTE: The [stats](https://pkg.go.dev/google.golang.org/grpc/stats) package should only be used for network monitoring purposes,  
+NOTE: The [stats](https://pkg.go.dev/google.golang.org/grpc/stats) package should only be used for network monitoring purposes,
 and not as an alternative to [interceptors](https://github.com/grpc/grpc-go/blob/master/examples/features/interceptor).
--- a/scripts/vet.sh
+++ b/scripts/vet.sh
@ -67,6 +67,9 @@ not git grep "\"github.com/golang/protobuf/*" -- "*.go" ':(exclude)reflection/te
 # - Ensure all usages of grpc_testing package are renamed when importing.
 not git grep "\(import \|^\s*\)\"google.golang.org/grpc/interop/grpc_testing" -- "*.go"
 # - Ensure that no trailing spaces are found.
 not git grep '[[:blank:]]$'
 # - Ensure all xds proto imports are renamed to *pb or *grpc.
 git grep '"github.com/envoyproxy/go-control-plane/envoy' -- '*.go' ':(exclude)*.pb.go' | not grep -v 'pb "\|grpc "'
--- a/security/advancedtls/examples/credential_reloading_from_files/README.md
+++ b/security/advancedtls/examples/credential_reloading_from_files/README.md
@ -1,15 +1,17 @@
 # Credential Reloading From Files
-Credential reloading is a feature supported in the advancedtls library. 
+Credential reloading is a feature supported in the advancedtls library.
 A very common way to achieve this is to reload from files.
-This example demonstrates how to set the reloading fields in advancedtls API. 
+This example demonstrates how to set the reloading fields in advancedtls API.
 Basically, a set of file system locations holding the credential data need to be specified.
 Once the credential data needs to be updated, users just change the credential data in the file system, and gRPC will pick up the changes automatically.
 A couple of things to note:
 1. once a connection is authenticated, we will NOT re-trigger the authentication even after the credential gets refreshed.
- 2. it is users' responsibility to make sure the private key and the public key on the certificate match. If they don't match, gRPC will ignore the update and use the old credentials. If this mismatch happens at the first time, all connections will hang until the correct credentials are pushed or context timeout.  
+ 2. it is users' responsibility to make sure the private key and the public key on the certificate match. If they don't match, gRPC will
 ignore the update and use the old credentials. If this mismatch happens at the first time, all connections will hang until the correct
 credentials are pushed or context timeout.
 ## Try it
 In directory `security/advancedtls/examples`:
--- a/security/advancedtls/testdata/README.md
+++ b/security/advancedtls/testdata/README.md
@ -6,7 +6,7 @@ How to Generate Test Certificates Using OpenSSL
 -------------
 Supposing we are going to create a `subject_cert.pem` that is trusted by `ca_cert.pem`, here are the
-commands we run: 
+commands we run:
 1. Generate the private key, `ca_key.pem`, and the cert `ca_cert.pem`, for the CA:
@ -14,12 +14,12 @@ commands we run:
   $ openssl req -x509 -newkey rsa:4096 -keyout ca_key.pem -out ca_cert.pem -nodes -days $DURATION_DAYS
   ```
-2. Generate a private key `subject_key.pem` for the subject: 
+2. Generate a private key `subject_key.pem` for the subject:
-      
+
      ```
      $ openssl genrsa -out subject_key.pem 4096
      ```
-   
+
 3. Generate a CSR `csr.pem` using `subject_key.pem`:
   ```
@ -32,7 +32,7 @@ commands we run:
   ```
 4. Use `ca_key.pem` and `ca_cert.pem` to sign `csr.pem`, and get a certificate, `subject_cert.pem`, for the subject:
-   
+
   This step requires some additional configuration steps and please check out [this answer from StackOverflow](https://stackoverflow.com/a/21340898) for more.
   ```
@ -40,7 +40,7 @@ commands we run:
   ```
   Please see an example configuration template at `openssl-ca.cnf`.
 5. Verify the `subject_cert.pem` is trusted by `ca_cert.pem`:
-   
+
   ```
   $ openssl verify -verbose -CAfile ca_cert.pem  subject_cert.pem
--- a/security/advancedtls/testdata/another_client_cert_1.pem
+++ b/security/advancedtls/testdata/another_client_cert_1.pem
@ -49,14 +49,14 @@ Certificate:
                    55:60:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
+            X509v3 Subject Key Identifier:
                D5:43:51:8B:A8:4C:84:D0:C8:DE:29:14:1B:15:7A:62:01:ED:FF:EC
-            X509v3 Authority Key Identifier: 
+            X509v3 Authority Key Identifier:
                keyid:B4:19:08:1C:FC:10:23:C5:30:86:22:BC:CB:B1:5F:AD:EA:7A:5D:F1
-            X509v3 Basic Constraints: 
+            X509v3 Basic Constraints:
                CA:FALSE
-            X509v3 Key Usage: 
+            X509v3 Key Usage:
                Digital Signature, Key Encipherment
    Signature Algorithm: sha256WithRSAEncryption
         61:a0:89:19:3e:e8:3d:35:bf:6e:5d:0c:d0:ec:36:85:d4:27:
--- a/security/advancedtls/testdata/client_cert_1.pem
+++ b/security/advancedtls/testdata/client_cert_1.pem
@ -49,14 +49,14 @@ Certificate:
                    10:5f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
+            X509v3 Subject Key Identifier:
                7F:9D:9C:C6:86:DF:9E:07:93:94:EF:18:2D:0A:0A:50:AA:1F:A2:B7
-            X509v3 Authority Key Identifier: 
+            X509v3 Authority Key Identifier:
                keyid:B4:19:08:1C:FC:10:23:C5:30:86:22:BC:CB:B1:5F:AD:EA:7A:5D:F1
-            X509v3 Basic Constraints: 
+            X509v3 Basic Constraints:
                CA:FALSE
-            X509v3 Key Usage: 
+            X509v3 Key Usage:
                Digital Signature, Key Encipherment
    Signature Algorithm: sha256WithRSAEncryption
         31:b0:6d:25:5e:8e:9b:73:01:ac:08:b9:a6:70:8e:de:18:fd:
--- a/security/advancedtls/testdata/client_cert_2.pem
+++ b/security/advancedtls/testdata/client_cert_2.pem
@ -49,14 +49,14 @@ Certificate:
                    f4:2a:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
+            X509v3 Subject Key Identifier:
                E0:27:7D:90:FC:81:7F:F3:EE:97:CE:65:A2:AD:D2:1E:CC:D5:2B:0F
-            X509v3 Authority Key Identifier: 
+            X509v3 Authority Key Identifier:
                keyid:63:88:EA:4D:D0:3E:EF:5E:F8:43:91:75:40:E4:16:AB:15:B3:32:B9
-            X509v3 Basic Constraints: 
+            X509v3 Basic Constraints:
                CA:FALSE
-            X509v3 Key Usage: 
+            X509v3 Key Usage:
                Digital Signature, Key Encipherment
    Signature Algorithm: sha256WithRSAEncryption
         8c:81:8f:65:38:2c:db:69:34:26:47:62:b7:5d:4e:67:41:c2:
--- a/security/advancedtls/testdata/crl/README.md
+++ b/security/advancedtls/testdata/crl/README.md
@ -49,7 +49,7 @@ Certificate chain where the leaf is revoked
 ## Test Data for testing CRL providers functionality
-To generate test data please run provider_create.sh script. All the files have 
+To generate test data please run provider_create.sh script. All the files have
 `provider_` prefix.
 We need to generate the following artifacts for testing CRL provider:
@ -59,34 +59,34 @@ We need to generate the following artifacts for testing CRL provider:
 * client cert signed by server CA
 * empty crl file
 * crl file containing information about revoked server cert
-* crl file by 'malicious' CA which contains the same issuer with original CA 
+* crl file by 'malicious' CA which contains the same issuer with original CA
-All the commands are provided in provider_create.sh script. Please find the 
+All the commands are provided in provider_create.sh script. Please find the
 description below.
 1. The first two commands generate self signed CAs for client and server:
-   - provider_server_trust_key.pem 
+   - provider_server_trust_key.pem
-   - provider_server_trust_cert.pem 
+   - provider_server_trust_cert.pem
-   - provider_client_trust_key.pem 
+   - provider_client_trust_key.pem
-   - provider_client_trust_cert.pem 
+   - provider_client_trust_cert.pem
 2. Generate client and server certs signed by the CAs above:
-   - provider_server_cert.pem 
+   - provider_server_cert.pem
   - provider_client_cert.pem
 3. The next 2 commands create 2 files needed for CRL issuing:
   - provider_crlnumber.txt
   - provider_index.txt
-4. The next 3 commands generate an empty CRL file and a CRL file containing 
+4. The next 3 commands generate an empty CRL file and a CRL file containing
 revoked server cert:
-   - provider_crl_empty.pem 
+   - provider_crl_empty.pem
-   - provider_crl_server_revoked.pem 
+   - provider_crl_server_revoked.pem
-5. The final section contains commands to generate CRL file by 'malicious' CA. 
+5. The final section contains commands to generate CRL file by 'malicious' CA.
-Note that we use Subject Key Identifier from previously created 
+Note that we use Subject Key Identifier from previously created
 provider_client_trust_cert.pem to generate malicious certs / CRL.
   - provider_malicious_client_trust_key.pem
-   - provider_malicious_client_trust_cert.pem 
+   - provider_malicious_client_trust_cert.pem
   - provider_malicious_crl_empty.pem
--- a/security/advancedtls/testdata/server_cert_1.pem
+++ b/security/advancedtls/testdata/server_cert_1.pem
@ -49,14 +49,14 @@ Certificate:
                    17:b4:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
+            X509v3 Subject Key Identifier:
                C0:82:DA:FA:69:46:30:AE:FF:6F:CD:BB:93:49:94:A6:D0:E2:17:EB
-            X509v3 Authority Key Identifier: 
+            X509v3 Authority Key Identifier:
                keyid:5A:A5:DA:B1:99:D4:E5:0E:E6:1E:94:EA:FF:FC:62:E2:ED:09:F1:06
-            X509v3 Basic Constraints: 
+            X509v3 Basic Constraints:
                CA:FALSE
-            X509v3 Key Usage: 
+            X509v3 Key Usage:
                Digital Signature, Key Encipherment
    Signature Algorithm: sha256WithRSAEncryption
         36:fd:cf:ec:f5:20:4b:52:dc:2e:38:f3:92:b1:e4:b6:a1:06:
--- a/security/advancedtls/testdata/server_cert_1.txt
+++ b/security/advancedtls/testdata/server_cert_1.txt
@ -49,14 +49,14 @@ Certificate:
                    17:b4:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
+            X509v3 Subject Key Identifier:
                C0:82:DA:FA:69:46:30:AE:FF:6F:CD:BB:93:49:94:A6:D0:E2:17:EB
-            X509v3 Authority Key Identifier: 
+            X509v3 Authority Key Identifier:
                keyid:5A:A5:DA:B1:99:D4:E5:0E:E6:1E:94:EA:FF:FC:62:E2:ED:09:F1:06
-            X509v3 Basic Constraints: 
+            X509v3 Basic Constraints:
                CA:FALSE
-            X509v3 Key Usage: 
+            X509v3 Key Usage:
                Digital Signature, Key Encipherment
    Signature Algorithm: sha256WithRSAEncryption
         36:fd:cf:ec:f5:20:4b:52:dc:2e:38:f3:92:b1:e4:b6:a1:06:
--- a/security/advancedtls/testdata/server_cert_2.pem
+++ b/security/advancedtls/testdata/server_cert_2.pem
@ -49,14 +49,14 @@ Certificate:
                    52:25:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
+            X509v3 Subject Key Identifier:
                74:BD:18:0B:32:AF:D0:51:8E:4C:4C:8D:B2:F6:4E:B8:6D:AB:BD:BA
-            X509v3 Authority Key Identifier: 
+            X509v3 Authority Key Identifier:
                keyid:01:74:A9:44:61:3D:7A:BB:C2:32:CD:D0:ED:20:DA:3A:C4:C6:02:E8
-            X509v3 Basic Constraints: 
+            X509v3 Basic Constraints:
                CA:FALSE
-            X509v3 Key Usage: 
+            X509v3 Key Usage:
                Digital Signature, Key Encipherment
    Signature Algorithm: sha256WithRSAEncryption
         b5:63:0c:d8:ed:af:74:2d:4c:94:36:41:05:2a:f2:ef:45:e5:
--- a/security/advancedtls/testdata/server_cert_2.txt
+++ b/security/advancedtls/testdata/server_cert_2.txt
@ -49,14 +49,14 @@ Certificate:
                    52:25:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
+            X509v3 Subject Key Identifier:
                74:BD:18:0B:32:AF:D0:51:8E:4C:4C:8D:B2:F6:4E:B8:6D:AB:BD:BA
-            X509v3 Authority Key Identifier: 
+            X509v3 Authority Key Identifier:
                keyid:01:74:A9:44:61:3D:7A:BB:C2:32:CD:D0:ED:20:DA:3A:C4:C6:02:E8
-            X509v3 Basic Constraints: 
+            X509v3 Basic Constraints:
                CA:FALSE
-            X509v3 Key Usage: 
+            X509v3 Key Usage:
                Digital Signature, Key Encipherment
    Signature Algorithm: sha256WithRSAEncryption
         b5:63:0c:d8:ed:af:74:2d:4c:94:36:41:05:2a:f2:ef:45:e5:
@ -88,4 +88,3 @@ Certificate:
         1d:b5:cc:6f:14:21:c4:89:07:9b:81:1d:9a:79:ff:bf:fd:ce:
         e4:77:11:0f:47:21:dc:d9:79:f3:40:26:56:5c:b4:86:32:8e:
         28:b9:14:e7:b3:fe:86:47
--- a/security/advancedtls/testdata/server_cert_3.txt
+++ b/security/advancedtls/testdata/server_cert_3.txt
@ -33,14 +33,14 @@ Certificate:
                    ac:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
-            X509v3 Authority Key Identifier: 
+            X509v3 Authority Key Identifier:
                keyid:6E:1B:8B:C9:34:74:E7:7B:8D:2A:4F:41:0E:98:50:30:14:01:16:B1
-            X509v3 Basic Constraints: 
+            X509v3 Basic Constraints:
                CA:FALSE
-            X509v3 Key Usage: 
+            X509v3 Key Usage:
                Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment
-            X509v3 Subject Alternative Name: 
+            X509v3 Subject Alternative Name:
                DNS:google.com, DNS:apple.com, DNS:amazon.com
    Signature Algorithm: sha256WithRSAEncryption
         9f:96:96:1c:41:cd:4c:39:9c:80:2d:b9:a0:4b:42:8f:e2:24:
--- a/security/advancedtls/testdata/server_cert_localhost_1.pem
+++ b/security/advancedtls/testdata/server_cert_localhost_1.pem
@ -49,16 +49,16 @@ Certificate:
                    41:ba:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
+            X509v3 Subject Key Identifier:
                F3:DC:6A:5B:B7:CE:E9:E1:4D:3E:C4:AE:B7:8E:39:E3:6D:CA:AF:C7
-            X509v3 Authority Key Identifier: 
+            X509v3 Authority Key Identifier:
                keyid:5A:A5:DA:B1:99:D4:E5:0E:E6:1E:94:EA:FF:FC:62:E2:ED:09:F1:06
-            X509v3 Basic Constraints: 
+            X509v3 Basic Constraints:
                CA:FALSE
-            X509v3 Key Usage: 
+            X509v3 Key Usage:
                Digital Signature, Key Encipherment
-            X509v3 Subject Alternative Name: 
+            X509v3 Subject Alternative Name:
                DNS:localhost
    Signature Algorithm: sha256WithRSAEncryption
         54:13:3d:55:d3:4b:d8:85:f0:54:a8:33:5c:a1:9f:87:79:31:
--- a/xds/internal/test/e2e/run.sh
+++ b/xds/internal/test/e2e/run.sh
@ -3,4 +3,4 @@
 mkdir binaries
 go build -o ./binaries/client ../../../../interop/xds/client/
 go build -o ./binaries/server ../../../../interop/xds/server/
-go test . 
+go test .