staging/src/*: run gofmt

pkg/apis/example/fuzzer/fuzzer.go

@@ -22,8 +22,8 @@ import (
 	apitesting "k8s.io/apimachinery/pkg/api/testing"
 	"k8s.io/apimachinery/pkg/runtime"
 	runtimeserializer "k8s.io/apimachinery/pkg/runtime/serializer"
-	examplev1 "k8s.io/apiserver/pkg/apis/example/v1"
 	"k8s.io/apiserver/pkg/apis/example"
+	examplev1 "k8s.io/apiserver/pkg/apis/example/v1"
 )
 
 // overrideGenericFuncs override some generic fuzzer funcs from k8s.io/apiserver in order to have more realistic

pkg/apis/example/types.go

@@ -21,10 +21,10 @@ import (
 )
 
 type (
-	ConditionStatus string
+	ConditionStatus  string
 	PodConditionType string
-	PodPhase string
+	PodPhase         string
-	RestartPolicy string
+	RestartPolicy    string
 )
 
 // Pod is a collection of containers, used as either input (create, update) or as output (list, get).

pkg/apis/example/v1/defaults.go

@@ -23,4 +23,3 @@ import (
 func addDefaultingFuncs(scheme *runtime.Scheme) error {
 	return nil
 }
-

pkg/apis/example/v1/types.go

@@ -21,10 +21,10 @@ import (
 )
 
 type (
-	ConditionStatus string
+	ConditionStatus  string
 	PodConditionType string
-	PodPhase string
+	PodPhase         string
-	RestartPolicy string
+	RestartPolicy    string
 )
 
 // Pod is a collection of containers, used as either input (create, update) or as output (list, get).

pkg/authentication/request/x509/x509_test.go

@@ -17,24 +17,24 @@ limitations under the License.
 package x509
 
 import (
-    "crypto/tls"
+	"crypto/tls"
-    "crypto/x509"
+	"crypto/x509"
-    "encoding/pem"
+	"encoding/pem"
-    "errors"
+	"errors"
-    "io/ioutil"
+	"io/ioutil"
-    "net/http"
+	"net/http"
-    "reflect"
+	"reflect"
-    "sort"
+	"sort"
-    "testing"
+	"testing"
-    "time"
+	"time"
 
-    "k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apimachinery/pkg/util/sets"
-    "k8s.io/apiserver/pkg/authentication/authenticator"
+	"k8s.io/apiserver/pkg/authentication/authenticator"
-    "k8s.io/apiserver/pkg/authentication/user"
+	"k8s.io/apiserver/pkg/authentication/user"
 )
 
 const (
-    rootCACert = `-----BEGIN CERTIFICATE-----
+	rootCACert = `-----BEGIN CERTIFICATE-----
 MIIDOTCCAqKgAwIBAgIJAOoObf5kuGgZMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNV
 BAYTAlVTMREwDwYDVQQIEwhNeSBTdGF0ZTEQMA4GA1UEBxMHTXkgQ2l0eTEPMA0G
 A1UEChMGTXkgT3JnMRAwDgYDVQQLEwdNeSBVbml0MRAwDgYDVQQDEwdST09UIENB
@@ -56,7 +56,7 @@ H9oc7u5zhTGXeV8WPg==
 -----END CERTIFICATE-----
 `
 
-    selfSignedCert = `-----BEGIN CERTIFICATE-----
+	selfSignedCert = `-----BEGIN CERTIFICATE-----
 MIIDEzCCAnygAwIBAgIJAMaPaFbGgJN+MA0GCSqGSIb3DQEBBQUAMGUxCzAJBgNV
 BAYTAlVTMREwDwYDVQQIEwhNeSBTdGF0ZTEQMA4GA1UEBxMHTXkgQ2l0eTEPMA0G
 A1UEChMGTXkgT3JnMRAwDgYDVQQLEwdNeSBVbml0MQ4wDAYDVQQDEwVzZWxmMTAe
@@ -77,7 +77,7 @@ ze3kOoP+iWSmTySHMSKVMppp0Xnls6t38mrsXtPuY8fGD2GS6VllaizMqc3wShNK
 -----END CERTIFICATE-----
 `
 
-    clientCNCert = `Certificate:
+	clientCNCert = `Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number: 1 (0x1)
@@ -151,7 +151,7 @@ AjARBglghkgBhvhCAQEEBAMCB4AwDQYJKoZIhvcNAQELBQADgYEACLy0gKU7vpp4
 i5fmaPPBNzzBFCaQoN3TAjrpwp5Z0kQ=
 -----END CERTIFICATE-----`
 
-    clientDNSCert = `Certificate:
+	clientDNSCert = `Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number: 4 (0x4)
@@ -224,7 +224,7 @@ gGolrD3igQXkiStVY5otSto7xJdeGulvg7gFSty9q7CgddAetcWN8/aS8VLSgWf8
 b3TuSTdzCLz1JoZn9YIE/9tan/lr3y/1dWHypZELBVZb6NE211Z67X3lXyoIh8JI
 -----END CERTIFICATE-----`
 
-    clientEmailCert = `Certificate:
+	clientEmailCert = `Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number: 2 (0x2)
@@ -299,7 +299,7 @@ BIaMiQ==
 -----END CERTIFICATE-----
 `
 
-    serverCert = `Certificate:
+	serverCert = `Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number: 7 (0x7)
@@ -374,17 +374,17 @@ mFlG6tStAWz3TmydciZNdiEbeqHw5uaIYWj1zC5AdvFXBFue0ojIrJ5JtbTWccH9
 -----END CERTIFICATE-----
 `
 
-    /*
+	/*
-       openssl genrsa -out ca.key 4096
+	   openssl genrsa -out ca.key 4096
-       openssl req -new -x509 -days 36500 \
+	   openssl req -new -x509 -days 36500 \
-           -sha256 -key ca.key -extensions v3_ca \
+	       -sha256 -key ca.key -extensions v3_ca \
-           -out ca.crt \
+	       -out ca.crt \
-           -subj "/C=US/ST=My State/L=My City/O=My Org/O=My Org 1/O=My Org 2/CN=ROOT CA WITH GROUPS"
+	       -subj "/C=US/ST=My State/L=My City/O=My Org/O=My Org 1/O=My Org 2/CN=ROOT CA WITH GROUPS"
-       openssl x509 -in ca.crt -text
+	   openssl x509 -in ca.crt -text
-    */
+	*/
 
-    // A certificate with multiple organizations.
+	// A certificate with multiple organizations.
-    caWithGroups = `Certificate:
+	caWithGroups = `Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
@@ -510,424 +510,424 @@ PKJQCs0CM0zkesktuLi/gFpuB0nEwyOgLg==
 )
 
 func TestX509(t *testing.T) {
-    multilevelOpts := DefaultVerifyOptions()
+	multilevelOpts := DefaultVerifyOptions()
-    multilevelOpts.Roots = x509.NewCertPool()
+	multilevelOpts.Roots = x509.NewCertPool()
-    multilevelOpts.Roots.AddCert(getCertsFromFile(t, "root")[0])
+	multilevelOpts.Roots.AddCert(getCertsFromFile(t, "root")[0])
 
-    testCases := map[string]struct {
+	testCases := map[string]struct {
-        Insecure bool
+		Insecure bool
-        Certs    []*x509.Certificate
+		Certs    []*x509.Certificate
 
-        Opts x509.VerifyOptions
+		Opts x509.VerifyOptions
-        User UserConversion
+		User UserConversion
 
-        ExpectUserName string
+		ExpectUserName string
-        ExpectGroups   []string
+		ExpectGroups   []string
-        ExpectOK       bool
+		ExpectOK       bool
-        ExpectErr      bool
+		ExpectErr      bool
-    }{
+	}{
-        "non-tls": {
+		"non-tls": {
-            Insecure: true,
+			Insecure: true,
 
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: false,
+			ExpectErr: false,
-        },
+		},
 
-        "tls, no certs": {
+		"tls, no certs": {
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: false,
+			ExpectErr: false,
-        },
+		},
 
-        "self signed": {
+		"self signed": {
-            Opts:  getDefaultVerifyOptions(t),
+			Opts:  getDefaultVerifyOptions(t),
-            Certs: getCerts(t, selfSignedCert),
+			Certs: getCerts(t, selfSignedCert),
-            User:  CommonNameUserConversion,
+			User:  CommonNameUserConversion,
 
-            ExpectErr: true,
+			ExpectErr: true,
-        },
+		},
 
-        "server cert": {
+		"server cert": {
-            Opts:  getDefaultVerifyOptions(t),
+			Opts:  getDefaultVerifyOptions(t),
-            Certs: getCerts(t, serverCert),
+			Certs: getCerts(t, serverCert),
-            User:  CommonNameUserConversion,
+			User:  CommonNameUserConversion,
 
-            ExpectErr: true,
+			ExpectErr: true,
-        },
+		},
-        "server cert allowing non-client cert usages": {
+		"server cert allowing non-client cert usages": {
-            Opts:  x509.VerifyOptions{Roots: getRootCertPool(t)},
+			Opts:  x509.VerifyOptions{Roots: getRootCertPool(t)},
-            Certs: getCerts(t, serverCert),
+			Certs: getCerts(t, serverCert),
-            User:  CommonNameUserConversion,
+			User:  CommonNameUserConversion,
 
-            ExpectUserName: "127.0.0.1",
+			ExpectUserName: "127.0.0.1",
-            ExpectGroups:   []string{"My Org"},
+			ExpectGroups:   []string{"My Org"},
-            ExpectOK:       true,
+			ExpectOK:       true,
-            ExpectErr:      false,
+			ExpectErr:      false,
-        },
+		},
 
-        "common name": {
+		"common name": {
-            Opts:  getDefaultVerifyOptions(t),
+			Opts:  getDefaultVerifyOptions(t),
-            Certs: getCerts(t, clientCNCert),
+			Certs: getCerts(t, clientCNCert),
-            User:  CommonNameUserConversion,
+			User:  CommonNameUserConversion,
 
-            ExpectUserName: "client_cn",
+			ExpectUserName: "client_cn",
-            ExpectGroups:   []string{"My Org"},
+			ExpectGroups:   []string{"My Org"},
-            ExpectOK:       true,
+			ExpectOK:       true,
-            ExpectErr:      false,
+			ExpectErr:      false,
-        },
+		},
-        "ca with multiple organizations": {
+		"ca with multiple organizations": {
-            Opts: x509.VerifyOptions{
+			Opts: x509.VerifyOptions{
-                Roots: getRootCertPoolFor(t, caWithGroups),
+				Roots: getRootCertPoolFor(t, caWithGroups),
-            },
+			},
-            Certs: getCerts(t, caWithGroups),
+			Certs: getCerts(t, caWithGroups),
-            User:  CommonNameUserConversion,
+			User:  CommonNameUserConversion,
 
-            ExpectUserName: "ROOT CA WITH GROUPS",
+			ExpectUserName: "ROOT CA WITH GROUPS",
-            ExpectGroups:   []string{"My Org", "My Org 1", "My Org 2"},
+			ExpectGroups:   []string{"My Org", "My Org 1", "My Org 2"},
-            ExpectOK:       true,
+			ExpectOK:       true,
-            ExpectErr:      false,
+			ExpectErr:      false,
-        },
+		},
-        "empty dns": {
+		"empty dns": {
-            Opts:  getDefaultVerifyOptions(t),
+			Opts:  getDefaultVerifyOptions(t),
-            Certs: getCerts(t, clientCNCert),
+			Certs: getCerts(t, clientCNCert),
-            User:  DNSNameUserConversion,
+			User:  DNSNameUserConversion,
 
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: false,
+			ExpectErr: false,
-        },
+		},
-        "dns": {
+		"dns": {
-            Opts:  getDefaultVerifyOptions(t),
+			Opts:  getDefaultVerifyOptions(t),
-            Certs: getCerts(t, clientDNSCert),
+			Certs: getCerts(t, clientDNSCert),
-            User:  DNSNameUserConversion,
+			User:  DNSNameUserConversion,
 
-            ExpectUserName: "client_dns.example.com",
+			ExpectUserName: "client_dns.example.com",
-            ExpectOK:       true,
+			ExpectOK:       true,
-            ExpectErr:      false,
+			ExpectErr:      false,
-        },
+		},
 
-        "empty email": {
+		"empty email": {
-            Opts:  getDefaultVerifyOptions(t),
+			Opts:  getDefaultVerifyOptions(t),
-            Certs: getCerts(t, clientCNCert),
+			Certs: getCerts(t, clientCNCert),
-            User:  EmailAddressUserConversion,
+			User:  EmailAddressUserConversion,
 
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: false,
+			ExpectErr: false,
-        },
+		},
-        "email": {
+		"email": {
-            Opts:  getDefaultVerifyOptions(t),
+			Opts:  getDefaultVerifyOptions(t),
-            Certs: getCerts(t, clientEmailCert),
+			Certs: getCerts(t, clientEmailCert),
-            User:  EmailAddressUserConversion,
+			User:  EmailAddressUserConversion,
 
-            ExpectUserName: "client_email@example.com",
+			ExpectUserName: "client_email@example.com",
-            ExpectOK:       true,
+			ExpectOK:       true,
-            ExpectErr:      false,
+			ExpectErr:      false,
-        },
+		},
 
-        "custom conversion error": {
+		"custom conversion error": {
-            Opts:  getDefaultVerifyOptions(t),
+			Opts:  getDefaultVerifyOptions(t),
-            Certs: getCerts(t, clientCNCert),
+			Certs: getCerts(t, clientCNCert),
-            User: UserConversionFunc(func(chain []*x509.Certificate) (user.Info, bool, error) {
+			User: UserConversionFunc(func(chain []*x509.Certificate) (user.Info, bool, error) {
-                return nil, false, errors.New("custom error")
+				return nil, false, errors.New("custom error")
-            }),
+			}),
 
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: true,
+			ExpectErr: true,
-        },
+		},
-        "custom conversion success": {
+		"custom conversion success": {
-            Opts:  getDefaultVerifyOptions(t),
+			Opts:  getDefaultVerifyOptions(t),
-            Certs: getCerts(t, clientCNCert),
+			Certs: getCerts(t, clientCNCert),
-            User: UserConversionFunc(func(chain []*x509.Certificate) (user.Info, bool, error) {
+			User: UserConversionFunc(func(chain []*x509.Certificate) (user.Info, bool, error) {
-                return &user.DefaultInfo{Name: "custom"}, true, nil
+				return &user.DefaultInfo{Name: "custom"}, true, nil
-            }),
+			}),
 
-            ExpectUserName: "custom",
+			ExpectUserName: "custom",
-            ExpectOK:       true,
+			ExpectOK:       true,
-            ExpectErr:      false,
+			ExpectErr:      false,
-        },
+		},
 
-        "future cert": {
+		"future cert": {
-            Opts: x509.VerifyOptions{
+			Opts: x509.VerifyOptions{
-                CurrentTime: time.Now().Add(time.Duration(-100 * time.Hour * 24 * 365)),
+				CurrentTime: time.Now().Add(time.Duration(-100 * time.Hour * 24 * 365)),
-                Roots:       getRootCertPool(t),
+				Roots:       getRootCertPool(t),
-            },
+			},
-            Certs: getCerts(t, clientCNCert),
+			Certs: getCerts(t, clientCNCert),
-            User:  CommonNameUserConversion,
+			User:  CommonNameUserConversion,
 
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: true,
+			ExpectErr: true,
-        },
+		},
-        "expired cert": {
+		"expired cert": {
-            Opts: x509.VerifyOptions{
+			Opts: x509.VerifyOptions{
-                CurrentTime: time.Now().Add(time.Duration(100 * time.Hour * 24 * 365)),
+				CurrentTime: time.Now().Add(time.Duration(100 * time.Hour * 24 * 365)),
-                Roots:       getRootCertPool(t),
+				Roots:       getRootCertPool(t),
-            },
+			},
-            Certs: getCerts(t, clientCNCert),
+			Certs: getCerts(t, clientCNCert),
-            User:  CommonNameUserConversion,
+			User:  CommonNameUserConversion,
 
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: true,
+			ExpectErr: true,
-        },
+		},
 
-        "multi-level, valid": {
+		"multi-level, valid": {
-            Opts:  multilevelOpts,
+			Opts:  multilevelOpts,
-            Certs: getCertsFromFile(t, "client-valid", "intermediate"),
+			Certs: getCertsFromFile(t, "client-valid", "intermediate"),
-            User:  CommonNameUserConversion,
+			User:  CommonNameUserConversion,
 
-            ExpectUserName: "My Client",
+			ExpectUserName: "My Client",
-            ExpectOK:       true,
+			ExpectOK:       true,
-            ExpectErr:      false,
+			ExpectErr:      false,
-        },
+		},
-        "multi-level, expired": {
+		"multi-level, expired": {
-            Opts:  multilevelOpts,
+			Opts:  multilevelOpts,
-            Certs: getCertsFromFile(t, "client-expired", "intermediate"),
+			Certs: getCertsFromFile(t, "client-expired", "intermediate"),
-            User:  CommonNameUserConversion,
+			User:  CommonNameUserConversion,
 
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: true,
+			ExpectErr: true,
-        },
+		},
-    }
+	}
 
-    for k, testCase := range testCases {
+	for k, testCase := range testCases {
-        req, _ := http.NewRequest("GET", "/", nil)
+		req, _ := http.NewRequest("GET", "/", nil)
-        if !testCase.Insecure {
+		if !testCase.Insecure {
-            req.TLS = &tls.ConnectionState{PeerCertificates: testCase.Certs}
+			req.TLS = &tls.ConnectionState{PeerCertificates: testCase.Certs}
-        }
+		}
 
-        a := New(testCase.Opts, testCase.User)
+		a := New(testCase.Opts, testCase.User)
 
-        user, ok, err := a.AuthenticateRequest(req)
+		user, ok, err := a.AuthenticateRequest(req)
 
-        if testCase.ExpectErr && err == nil {
+		if testCase.ExpectErr && err == nil {
-            t.Errorf("%s: Expected error, got none", k)
+			t.Errorf("%s: Expected error, got none", k)
-            continue
+			continue
-        }
+		}
-        if !testCase.ExpectErr && err != nil {
+		if !testCase.ExpectErr && err != nil {
-            t.Errorf("%s: Got unexpected error: %v", k, err)
+			t.Errorf("%s: Got unexpected error: %v", k, err)
-            continue
+			continue
-        }
+		}
 
-        if testCase.ExpectOK != ok {
+		if testCase.ExpectOK != ok {
-            t.Errorf("%s: Expected ok=%v, got %v", k, testCase.ExpectOK, ok)
+			t.Errorf("%s: Expected ok=%v, got %v", k, testCase.ExpectOK, ok)
-            continue
+			continue
-        }
+		}
 
-        if testCase.ExpectOK {
+		if testCase.ExpectOK {
-            if testCase.ExpectUserName != user.GetName() {
+			if testCase.ExpectUserName != user.GetName() {
-                t.Errorf("%s: Expected user.name=%v, got %v", k, testCase.ExpectUserName, user.GetName())
+				t.Errorf("%s: Expected user.name=%v, got %v", k, testCase.ExpectUserName, user.GetName())
-            }
+			}
 
-            groups := user.GetGroups()
+			groups := user.GetGroups()
-            sort.Strings(testCase.ExpectGroups)
+			sort.Strings(testCase.ExpectGroups)
-            sort.Strings(groups)
+			sort.Strings(groups)
-            if !reflect.DeepEqual(testCase.ExpectGroups, groups) {
+			if !reflect.DeepEqual(testCase.ExpectGroups, groups) {
-                t.Errorf("%s: Expected user.groups=%v, got %v", k, testCase.ExpectGroups, groups)
+				t.Errorf("%s: Expected user.groups=%v, got %v", k, testCase.ExpectGroups, groups)
-            }
+			}
-        }
+		}
-    }
+	}
 }
 
 func TestX509Verifier(t *testing.T) {
-    multilevelOpts := DefaultVerifyOptions()
+	multilevelOpts := DefaultVerifyOptions()
-    multilevelOpts.Roots = x509.NewCertPool()
+	multilevelOpts.Roots = x509.NewCertPool()
-    multilevelOpts.Roots.AddCert(getCertsFromFile(t, "root")[0])
+	multilevelOpts.Roots.AddCert(getCertsFromFile(t, "root")[0])
 
-    testCases := map[string]struct {
+	testCases := map[string]struct {
-        Insecure bool
+		Insecure bool
-        Certs    []*x509.Certificate
+		Certs    []*x509.Certificate
 
-        Opts x509.VerifyOptions
+		Opts x509.VerifyOptions
 
-        AllowedCNs sets.String
+		AllowedCNs sets.String
 
-        ExpectOK  bool
+		ExpectOK  bool
-        ExpectErr bool
+		ExpectErr bool
-    }{
+	}{
-        "non-tls": {
+		"non-tls": {
-            Insecure: true,
+			Insecure: true,
 
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: false,
+			ExpectErr: false,
-        },
+		},
 
-        "tls, no certs": {
+		"tls, no certs": {
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: false,
+			ExpectErr: false,
-        },
+		},
 
-        "self signed": {
+		"self signed": {
-            Opts:  getDefaultVerifyOptions(t),
+			Opts:  getDefaultVerifyOptions(t),
-            Certs: getCerts(t, selfSignedCert),
+			Certs: getCerts(t, selfSignedCert),
 
-            ExpectErr: true,
+			ExpectErr: true,
-        },
+		},
 
-        "server cert disallowed": {
+		"server cert disallowed": {
-            Opts:  getDefaultVerifyOptions(t),
+			Opts:  getDefaultVerifyOptions(t),
-            Certs: getCerts(t, serverCert),
+			Certs: getCerts(t, serverCert),
 
-            ExpectErr: true,
+			ExpectErr: true,
-        },
+		},
-        "server cert allowing non-client cert usages": {
+		"server cert allowing non-client cert usages": {
-            Opts:  x509.VerifyOptions{Roots: getRootCertPool(t)},
+			Opts:  x509.VerifyOptions{Roots: getRootCertPool(t)},
-            Certs: getCerts(t, serverCert),
+			Certs: getCerts(t, serverCert),
 
-            ExpectOK:  true,
+			ExpectOK:  true,
-            ExpectErr: false,
+			ExpectErr: false,
-        },
+		},
 
-        "valid client cert": {
+		"valid client cert": {
-            Opts:  getDefaultVerifyOptions(t),
+			Opts:  getDefaultVerifyOptions(t),
-            Certs: getCerts(t, clientCNCert),
+			Certs: getCerts(t, clientCNCert),
 
-            ExpectOK:  true,
+			ExpectOK:  true,
-            ExpectErr: false,
+			ExpectErr: false,
-        },
+		},
-        "valid client cert with wrong CN": {
+		"valid client cert with wrong CN": {
-            Opts:       getDefaultVerifyOptions(t),
+			Opts:       getDefaultVerifyOptions(t),
-            AllowedCNs: sets.NewString("foo", "bar"),
+			AllowedCNs: sets.NewString("foo", "bar"),
-            Certs:      getCerts(t, clientCNCert),
+			Certs:      getCerts(t, clientCNCert),
 
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: true,
+			ExpectErr: true,
-        },
+		},
-        "valid client cert with right CN": {
+		"valid client cert with right CN": {
-            Opts:       getDefaultVerifyOptions(t),
+			Opts:       getDefaultVerifyOptions(t),
-            AllowedCNs: sets.NewString("client_cn"),
+			AllowedCNs: sets.NewString("client_cn"),
-            Certs:      getCerts(t, clientCNCert),
+			Certs:      getCerts(t, clientCNCert),
 
-            ExpectOK:  true,
+			ExpectOK:  true,
-            ExpectErr: false,
+			ExpectErr: false,
-        },
+		},
 
-        "future cert": {
+		"future cert": {
-            Opts: x509.VerifyOptions{
+			Opts: x509.VerifyOptions{
-                CurrentTime: time.Now().Add(-100 * time.Hour * 24 * 365),
+				CurrentTime: time.Now().Add(-100 * time.Hour * 24 * 365),
-                Roots:       getRootCertPool(t),
+				Roots:       getRootCertPool(t),
-            },
+			},
-            Certs: getCerts(t, clientCNCert),
+			Certs: getCerts(t, clientCNCert),
 
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: true,
+			ExpectErr: true,
-        },
+		},
-        "expired cert": {
+		"expired cert": {
-            Opts: x509.VerifyOptions{
+			Opts: x509.VerifyOptions{
-                CurrentTime: time.Now().Add(100 * time.Hour * 24 * 365),
+				CurrentTime: time.Now().Add(100 * time.Hour * 24 * 365),
-                Roots:       getRootCertPool(t),
+				Roots:       getRootCertPool(t),
-            },
+			},
-            Certs: getCerts(t, clientCNCert),
+			Certs: getCerts(t, clientCNCert),
 
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: true,
+			ExpectErr: true,
-        },
+		},
 
-        "multi-level, valid": {
+		"multi-level, valid": {
-            Opts:  multilevelOpts,
+			Opts:  multilevelOpts,
-            Certs: getCertsFromFile(t, "client-valid", "intermediate"),
+			Certs: getCertsFromFile(t, "client-valid", "intermediate"),
 
-            ExpectOK:  true,
+			ExpectOK:  true,
-            ExpectErr: false,
+			ExpectErr: false,
-        },
+		},
-        "multi-level, expired": {
+		"multi-level, expired": {
-            Opts:  multilevelOpts,
+			Opts:  multilevelOpts,
-            Certs: getCertsFromFile(t, "client-expired", "intermediate"),
+			Certs: getCertsFromFile(t, "client-expired", "intermediate"),
 
-            ExpectOK:  false,
+			ExpectOK:  false,
-            ExpectErr: true,
+			ExpectErr: true,
-        },
+		},
-    }
+	}
 
-    for k, testCase := range testCases {
+	for k, testCase := range testCases {
-        req, _ := http.NewRequest("GET", "/", nil)
+		req, _ := http.NewRequest("GET", "/", nil)
-        if !testCase.Insecure {
+		if !testCase.Insecure {
-            req.TLS = &tls.ConnectionState{PeerCertificates: testCase.Certs}
+			req.TLS = &tls.ConnectionState{PeerCertificates: testCase.Certs}
-        }
+		}
 
-        authCall := false
+		authCall := false
-        auth := authenticator.RequestFunc(func(req *http.Request) (user.Info, bool, error) {
+		auth := authenticator.RequestFunc(func(req *http.Request) (user.Info, bool, error) {
-            authCall = true
+			authCall = true
-            return &user.DefaultInfo{Name: "innerauth"}, true, nil
+			return &user.DefaultInfo{Name: "innerauth"}, true, nil
-        })
+		})
 
-        a := NewVerifier(testCase.Opts, auth, testCase.AllowedCNs)
+		a := NewVerifier(testCase.Opts, auth, testCase.AllowedCNs)
 
-        user, ok, err := a.AuthenticateRequest(req)
+		user, ok, err := a.AuthenticateRequest(req)
 
-        if testCase.ExpectErr && err == nil {
+		if testCase.ExpectErr && err == nil {
-            t.Errorf("%s: Expected error, got none", k)
+			t.Errorf("%s: Expected error, got none", k)
-            continue
+			continue
-        }
+		}
-        if !testCase.ExpectErr && err != nil {
+		if !testCase.ExpectErr && err != nil {
-            t.Errorf("%s: Got unexpected error: %v", k, err)
+			t.Errorf("%s: Got unexpected error: %v", k, err)
-            continue
+			continue
-        }
+		}
 
-        if testCase.ExpectOK != ok {
+		if testCase.ExpectOK != ok {
-            t.Errorf("%s: Expected ok=%v, got %v", k, testCase.ExpectOK, ok)
+			t.Errorf("%s: Expected ok=%v, got %v", k, testCase.ExpectOK, ok)
-            continue
+			continue
-        }
+		}
 
-        if testCase.ExpectOK {
+		if testCase.ExpectOK {
-            if !authCall {
+			if !authCall {
-                t.Errorf("%s: Expected inner auth called, wasn't", k)
+				t.Errorf("%s: Expected inner auth called, wasn't", k)
-                continue
+				continue
-            }
+			}
-            if "innerauth" != user.GetName() {
+			if "innerauth" != user.GetName() {
-                t.Errorf("%s: Expected user.name=%v, got %v", k, "innerauth", user.GetName())
+				t.Errorf("%s: Expected user.name=%v, got %v", k, "innerauth", user.GetName())
-                continue
+				continue
-            }
+			}
-        } else {
+		} else {
-            if authCall {
+			if authCall {
-                t.Errorf("%s: Expected inner auth not to be called, was", k)
+				t.Errorf("%s: Expected inner auth not to be called, was", k)
-                continue
+				continue
-            }
+			}
-        }
+		}
-    }
+	}
 }
 
 func getDefaultVerifyOptions(t *testing.T) x509.VerifyOptions {
-    options := DefaultVerifyOptions()
+	options := DefaultVerifyOptions()
-    options.Roots = getRootCertPool(t)
+	options.Roots = getRootCertPool(t)
-    return options
+	return options
 }
 
 func getRootCertPool(t *testing.T) *x509.CertPool {
-    return getRootCertPoolFor(t, rootCACert)
+	return getRootCertPoolFor(t, rootCACert)
 }
 
 func getRootCertPoolFor(t *testing.T, certs ...string) *x509.CertPool {
-    pool := x509.NewCertPool()
+	pool := x509.NewCertPool()
-    for _, cert := range certs {
+	for _, cert := range certs {
-        pool.AddCert(getCert(t, cert))
+		pool.AddCert(getCert(t, cert))
-    }
+	}
-    return pool
+	return pool
 }
 
 func getCertsFromFile(t *testing.T, names ...string) []*x509.Certificate {
-    certs := []*x509.Certificate{}
+	certs := []*x509.Certificate{}
-    for _, name := range names {
+	for _, name := range names {
-        filename := "testdata/" + name + ".pem"
+		filename := "testdata/" + name + ".pem"
-        data, err := ioutil.ReadFile(filename)
+		data, err := ioutil.ReadFile(filename)
-        if err != nil {
+		if err != nil {
-            t.Fatalf("error reading %s: %v", filename, err)
+			t.Fatalf("error reading %s: %v", filename, err)
-        }
+		}
-        certs = append(certs, getCert(t, string(data)))
+		certs = append(certs, getCert(t, string(data)))
-    }
+	}
-    return certs
+	return certs
 }
 
 func getCert(t *testing.T, pemData string) *x509.Certificate {
-    pemBlock, _ := pem.Decode([]byte(pemData))
+	pemBlock, _ := pem.Decode([]byte(pemData))
-    cert, err := x509.ParseCertificate(pemBlock.Bytes)
+	cert, err := x509.ParseCertificate(pemBlock.Bytes)
-    if err != nil {
+	if err != nil {
-        t.Fatalf("Error parsing cert: %v", err)
+		t.Fatalf("Error parsing cert: %v", err)
-        return nil
+		return nil
-    }
+	}
-    return cert
+	return cert
 }
 
 func getCerts(t *testing.T, pemData ...string) []*x509.Certificate {
-    certs := []*x509.Certificate{}
+	certs := []*x509.Certificate{}
-    for _, pemData := range pemData {
+	for _, pemData := range pemData {
-        certs = append(certs, getCert(t, pemData))
+		certs = append(certs, getCert(t, pemData))
-    }
+	}
-    return certs
+	return certs
 }

pkg/endpoints/apiserver_test.go

@@ -54,9 +54,9 @@ import (
 	"k8s.io/apiserver/pkg/apis/example"
 	examplefuzzer "k8s.io/apiserver/pkg/apis/example/fuzzer"
 	examplev1 "k8s.io/apiserver/pkg/apis/example/v1"
-	"k8s.io/apiserver/pkg/endpoints/request"
 	genericapifilters "k8s.io/apiserver/pkg/endpoints/filters"
 	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
+	"k8s.io/apiserver/pkg/endpoints/request"
 	genericapitesting "k8s.io/apiserver/pkg/endpoints/testing"
 	"k8s.io/apiserver/pkg/registry/rest"
 	"k8s.io/kubernetes/plugin/pkg/admission/admit"

pkg/endpoints/discovery.go

@@ -27,8 +27,8 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/apiserver/pkg/endpoints/handlers/negotiation"
 	"k8s.io/apiserver/pkg/endpoints/handlers"
+	"k8s.io/apiserver/pkg/endpoints/handlers/negotiation"
 	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
 )
 

pkg/endpoints/filters/audit.go

@@ -30,9 +30,9 @@ import (
 	"github.com/pborman/uuid"
 
 	utilnet "k8s.io/apimachinery/pkg/util/net"
+	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
 	"k8s.io/apiserver/pkg/endpoints/request"
 	authenticationapi "k8s.io/client-go/pkg/apis/authentication"
-	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
 )
 
 var _ http.ResponseWriter = &auditResponseWriter{}

pkg/endpoints/filters/authorization.go

@@ -23,8 +23,8 @@ import (
 	"github.com/golang/glog"
 
 	"k8s.io/apiserver/pkg/authorization/authorizer"
-	"k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
+	"k8s.io/apiserver/pkg/endpoints/request"
 )
 
 // WithAuthorizationCheck passes all authorized requests on to handler, and returns a forbidden error otherwise.

pkg/endpoints/filters/authorization_test.go

@@ -24,9 +24,9 @@ import (
 	"testing"
 
 	"k8s.io/apiserver/pkg/authorization/authorizer"
+	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
 	"k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/kubernetes/pkg/apis/batch"
-	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
 )
 
 func TestGetAuthorizerAttributes(t *testing.T) {

pkg/endpoints/filters/impersonation.go

@@ -27,11 +27,11 @@ import (
 	"k8s.io/apiserver/pkg/authentication/serviceaccount"
 	"k8s.io/apiserver/pkg/authentication/user"
 	"k8s.io/apiserver/pkg/authorization/authorizer"
+	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
 	"k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/server/httplog"
 	"k8s.io/client-go/pkg/api"
 	authenticationapi "k8s.io/client-go/pkg/apis/authentication"
-	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
 )
 
 // WithImpersonation is a filter that will inspect and check requests that attempt to change the user.Info for their requests

pkg/endpoints/filters/requestinfo.go

@@ -21,8 +21,8 @@ import (
 	"fmt"
 	"net/http"
 
-	"k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
+	"k8s.io/apiserver/pkg/endpoints/request"
 )
 
 // WithRequestInfo attaches a RequestInfo to the context.

pkg/endpoints/groupversion.go

@@ -30,8 +30,8 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	"k8s.io/apiserver/pkg/admission"
-	"k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/endpoints/handlers"
+	"k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/registry/rest"
 )
 

pkg/endpoints/handlers/proxy.go

@@ -32,12 +32,12 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/util/httpstream"
 	"k8s.io/apimachinery/pkg/util/net"
+	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
 	"k8s.io/apiserver/pkg/endpoints/metrics"
 	"k8s.io/apiserver/pkg/endpoints/request"
+	"k8s.io/apiserver/pkg/registry/rest"
 	"k8s.io/apiserver/pkg/server/httplog"
 	proxyutil "k8s.io/apiserver/pkg/util/proxy"
-	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
-	"k8s.io/apiserver/pkg/registry/rest"
 
 	"github.com/golang/glog"
 )

pkg/endpoints/handlers/responsewriters/writers.go

@@ -27,9 +27,9 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apiserver/pkg/endpoints/handlers/negotiation"
+	"k8s.io/apiserver/pkg/registry/rest"
 	"k8s.io/apiserver/pkg/util/flushwriter"
 	"k8s.io/apiserver/pkg/util/wsstream"
-	"k8s.io/apiserver/pkg/registry/rest"
 )
 
 // WriteObject renders a returned runtime.Object to the response as a stream or an encoded object. If the object

pkg/endpoints/handlers/rest.go

@@ -38,15 +38,15 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/types"
-	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/mergepatch"
+	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/strategicpatch"
 	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/apiserver/pkg/endpoints/handlers/negotiation"
-	"k8s.io/apiserver/pkg/endpoints/request"
-	utiltrace "k8s.io/apiserver/pkg/util/trace"
 	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
+	"k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/registry/rest"
+	utiltrace "k8s.io/apiserver/pkg/util/trace"
 )
 
 // ContextFunc returns a Context given a request - a context must be returned

pkg/endpoints/handlers/rest_test.go

@@ -35,10 +35,10 @@ import (
 	"k8s.io/apimachinery/pkg/util/diff"
 	"k8s.io/apimachinery/pkg/util/strategicpatch"
 	"k8s.io/apiserver/pkg/endpoints/request"
+	"k8s.io/apiserver/pkg/registry/rest"
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/api/testapi"
 	"k8s.io/kubernetes/pkg/api/v1"
-	"k8s.io/apiserver/pkg/registry/rest"
 )
 
 type testPatchType struct {

pkg/features/kube_features.go

@@ -43,5 +43,5 @@ func init() {
 // To add a new feature, define a key for it above and add it here. The features will be
 // available throughout Kubernetes binaries.
 var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureSpec{
-	StreamingProxyRedirects:                     {Default: true, PreRelease: utilfeature.Beta},
+	StreamingProxyRedirects: {Default: true, PreRelease: utilfeature.Beta},
 }

pkg/registry/generic/registry/storage_factory.go

@@ -18,11 +18,11 @@ package registry
 
 import (
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apiserver/pkg/registry/generic"
 	"k8s.io/apiserver/pkg/storage"
 	etcdstorage "k8s.io/apiserver/pkg/storage/etcd"
 	"k8s.io/apiserver/pkg/storage/storagebackend"
 	"k8s.io/apiserver/pkg/storage/storagebackend/factory"
-	"k8s.io/apiserver/pkg/registry/generic"
 )
 
 var _ generic.StorageDecorator = StorageWithCacher

pkg/registry/generic/registry/store.go

@@ -36,10 +36,10 @@ import (
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/apimachinery/pkg/watch"
 	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
-	"k8s.io/apiserver/pkg/storage"
-	storeerr "k8s.io/apiserver/pkg/storage/errors"
 	"k8s.io/apiserver/pkg/registry/generic"
 	"k8s.io/apiserver/pkg/registry/rest"
+	"k8s.io/apiserver/pkg/storage"
+	storeerr "k8s.io/apiserver/pkg/storage/errors"
 
 	"github.com/golang/glog"
 )

pkg/registry/generic/registry/store_test.go

@@ -42,14 +42,14 @@ import (
 	"k8s.io/apiserver/pkg/apis/example"
 	examplev1 "k8s.io/apiserver/pkg/apis/example/v1"
 	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
+	"k8s.io/apiserver/pkg/registry/generic"
+	"k8s.io/apiserver/pkg/registry/rest"
 	"k8s.io/apiserver/pkg/storage"
 	etcdstorage "k8s.io/apiserver/pkg/storage/etcd"
 	etcdtesting "k8s.io/apiserver/pkg/storage/etcd/testing"
 	"k8s.io/apiserver/pkg/storage/names"
 	"k8s.io/apiserver/pkg/storage/storagebackend/factory"
 	storagetesting "k8s.io/apiserver/pkg/storage/testing"
-	"k8s.io/apiserver/pkg/registry/generic"
-	"k8s.io/apiserver/pkg/registry/rest"
 )
 
 var scheme = runtime.NewScheme()

pkg/server/filters/maxinflight_test.go

@@ -26,8 +26,8 @@ import (
 
 	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/util/sets"
-	apirequest "k8s.io/apiserver/pkg/endpoints/request"
 	apifilters "k8s.io/apiserver/pkg/endpoints/filters"
+	apirequest "k8s.io/apiserver/pkg/endpoints/request"
 )
 
 func createMaxInflightServer(callsWg, blockWg *sync.WaitGroup, disableCallsWg *bool, disableCallsWgMutex *sync.Mutex, nonMutating, mutating int) *httptest.Server {

pkg/server/openapi/openapi.go

@@ -27,8 +27,8 @@ import (
 
 	"k8s.io/apimachinery/pkg/openapi"
 	"k8s.io/apimachinery/pkg/util/json"
-	"k8s.io/apiserver/pkg/util/trie"
 	genericmux "k8s.io/apiserver/pkg/server/mux"
+	"k8s.io/apiserver/pkg/util/trie"
 )
 
 const (

pkg/server/options/etcd.go

@@ -44,7 +44,7 @@ type EtcdOptions struct {
 
 func NewEtcdOptions(backendConfig *storagebackend.Config) *EtcdOptions {
 	return &EtcdOptions{
-		StorageConfig: *backendConfig,
+		StorageConfig:           *backendConfig,
 		DefaultStorageMediaType: "application/json",
 		DeleteCollectionWorkers: 1,
 		EnableGarbageCollection: true,
@@ -135,7 +135,7 @@ func (f *simpleRestOptionsFactory) GetRESTOptions(resource schema.GroupResource)
 }
 
 type storageFactoryRestOptionsFactory struct {
-	Options EtcdOptions
+	Options        EtcdOptions
 	StorageFactory serverstorage.StorageFactory
 }
 

pkg/server/routes/metrics.go

@@ -21,8 +21,8 @@ import (
 	"net/http"
 
 	apimetrics "k8s.io/apiserver/pkg/endpoints/metrics"
-	etcdmetrics "k8s.io/apiserver/pkg/storage/etcd/metrics"
 	"k8s.io/apiserver/pkg/server/mux"
+	etcdmetrics "k8s.io/apiserver/pkg/storage/etcd/metrics"
 
 	"github.com/prometheus/client_golang/prometheus"
 )

pkg/server/routes/swaggerui.go

@@ -21,8 +21,8 @@ import (
 
 	assetfs "github.com/elazarl/go-bindata-assetfs"
 
-	"k8s.io/apiserver/pkg/server/routes/data/swagger"
 	"k8s.io/apiserver/pkg/server/mux"
+	"k8s.io/apiserver/pkg/server/routes/data/swagger"
 )
 
 // SwaggerUI exposes files in third_party/swagger-ui/ under /swagger-ui.

pkg/server/storage/storage_factory_test.go

@@ -23,21 +23,21 @@ import (
 
 	"k8s.io/apimachinery/pkg/apimachinery/announced"
 	"k8s.io/apimachinery/pkg/apimachinery/registered"
-	exampleinstall "k8s.io/apiserver/pkg/apis/example/install"
-	"k8s.io/apiserver/pkg/storage/storagebackend"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
 	"k8s.io/apiserver/pkg/apis/example"
+	exampleinstall "k8s.io/apiserver/pkg/apis/example/install"
 	examplev1 "k8s.io/apiserver/pkg/apis/example/v1"
-	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apiserver/pkg/storage/storagebackend"
-	"k8s.io/apimachinery/pkg/runtime"
 )
 
 var (
 	v1GroupVersion = schema.GroupVersion{Group: "", Version: "v1"}
 
-	registry = registered.NewOrDie(os.Getenv("KUBE_API_VERSIONS"))
+	registry       = registered.NewOrDie(os.Getenv("KUBE_API_VERSIONS"))
-	announce = make(announced.APIGroupFactoryRegistry)
+	announce       = make(announced.APIGroupFactoryRegistry)
 	scheme         = runtime.NewScheme()
 	codecs         = serializer.NewCodecFactory(scheme)
 	parameterCodec = runtime.NewParameterCodec(scheme)

pkg/storage/etcd/testing/utils.go

@@ -29,9 +29,9 @@ import (
 
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/util/wait"
-	"k8s.io/apiserver/pkg/storage/storagebackend"
 	"k8s.io/apiserver/pkg/storage/etcd/etcdtest"
 	"k8s.io/apiserver/pkg/storage/etcd/testing/testingcert"
+	"k8s.io/apiserver/pkg/storage/storagebackend"
 
 	etcd "github.com/coreos/etcd/client"
 	"github.com/coreos/etcd/clientv3"

pkg/storage/storagebackend/factory/etcd2.go

@@ -26,8 +26,8 @@ import (
 
 	utilnet "k8s.io/apimachinery/pkg/util/net"
 	"k8s.io/apiserver/pkg/storage"
-	"k8s.io/apiserver/pkg/storage/storagebackend"
 	"k8s.io/apiserver/pkg/storage/etcd"
+	"k8s.io/apiserver/pkg/storage/storagebackend"
 )
 
 func newETCD2Storage(c storagebackend.Config) (storage.Interface, DestroyFunc, error) {

pkg/storage/storagebackend/factory/etcd3.go

@@ -18,8 +18,8 @@ package factory
 
 import (
 	"k8s.io/apiserver/pkg/storage"
-	"k8s.io/apiserver/pkg/storage/storagebackend"
 	"k8s.io/apiserver/pkg/storage/etcd3"
+	"k8s.io/apiserver/pkg/storage/storagebackend"
 
 	"github.com/coreos/etcd/clientv3"
 	"github.com/coreos/etcd/pkg/transport"

pkg/storage/storagebackend/factory/tls_test.go

@@ -33,8 +33,8 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/serializer"
 	"k8s.io/apiserver/pkg/apis/example"
 	examplev1 "k8s.io/apiserver/pkg/apis/example/v1"
-	"k8s.io/apiserver/pkg/storage/storagebackend"
 	"k8s.io/apiserver/pkg/storage/etcd/testing/testingcert"
+	"k8s.io/apiserver/pkg/storage/storagebackend"
 )
 
 var scheme = runtime.NewScheme()

pkg/util/feature/feature_gate.go

@@ -67,7 +67,7 @@ const (
 	// Values for PreRelease.
 	Alpha = prerelease("ALPHA")
 	Beta  = prerelease("BETA")
-	GA = prerelease("")
+	GA    = prerelease("")
 )
 
 // FeatureGate parses and stores flag gates for known features from