Add `stylecheck` to our list of lints, since it got separated out from
`staticcheck`. Fix the way we configure both to be clearer and not
rely on regexes.
Additionally fix a number of easy-to-change `staticcheck` and
`stylecheck` violations, allowing us to reduce our number of ignored
checks.
Part of #5681
We can scan metadata and get the age of responses.
We can scan responses and print them in base64.
Note: this issues a GET for each key, and blocks on the result. For much
faster scanning we will want to introduce parallel GETs in a subsequent
PR.
Also, add a `get` operation to get a single entry.
Fixes#5830
Add a not found error type to rocsp.
Handle redis value not found lookup errors in the ocsp-responder different
than other redis lookup errors.
Add labels to the to ocspLookup metric and delete the source used
metric. This can now be determined based on which lookup metric
reports success.
Fixes#5833
This scans the database for certificateStatus rows, gets them signed by the CA, and writes them to Redis.
Also, bump the default PoolSize for Redis to 100.
This is a sort of proof of concept of the Redis interaction, which will
evolve into a tool for inspection and manual repair of missing entries,
if we find ourselves needing to do that.
The important bits here are rocsp/rocsp.go and
cmd/rocsp-tool/main.go. Also, the newly-vendored Redis client.
Aaron Gable