lint(errorlint): handle wrapped errors

Enable errorlint and preserve wrapped error chains so runtime checks and tests classify failures correctly. This also makes Route53 surface insert failures instead of silently dropping them. Signed-off-by: Ville Vesilehto <ville@vesilehto.fi>
2026-05-26 03:40:23 -04:00 · 2026-04-25 11:51:45 +03:00
parent a669d74088
commit 3080ec0448
53 changed files with 122 additions and 89 deletions
--- a/plugin/pkg/parse/host.go
+++ b/plugin/pkg/parse/host.go
@@ -92,8 +92,8 @@ func HostPortOrFile(s ...string) ([]string, error) {
 // Try to open this is a file first.
 func tryFile(s string) ([]string, error) {
 	c, err := dns.ClientConfigFromFile(s)
-	if err == os.ErrNotExist {
-		return nil, fmt.Errorf("failed to open file %q: %q", s, err)
+	if errors.Is(err, os.ErrNotExist) {
+		return nil, fmt.Errorf("failed to open file %q: %w", s, err)
 	} else if err != nil {
 		return nil, err
 	}
--- a/plugin/pkg/proxy/connect.go
+++ b/plugin/pkg/proxy/connect.go
@@ -134,7 +134,7 @@ func (p *Proxy) Connect(_ctx context.Context, state request.Request, opts Option

 	if err := pc.c.WriteMsg(state.Req); err != nil {
 		pc.c.Close() // not giving it back
-		if err == io.EOF && cached {
+		if errors.Is(err, io.EOF) && cached {
 			return nil, ErrCachedClosed
 		}
 		return nil, err
@@ -158,7 +158,7 @@ func (p *Proxy) Connect(_ctx context.Context, state request.Request, opts Option
 			}

 			pc.c.Close() // not giving it back
-			if err == io.EOF && cached {
+			if errors.Is(err, io.EOF) && cached {
 				return nil, ErrCachedClosed
 			}
 			// recovery the origin Id after upstream.
@@ -193,7 +193,8 @@ const cumulativeAvgWeight = 4
 func shouldTruncateResponse(err error) bool {
 	// This is to handle a scenario in which upstream sets the TC bit, but doesn't truncate the response
 	// and we get ErrBuf instead of overflow.
-	if _, isDNSErr := err.(*dns.Error); isDNSErr && errors.Is(err, dns.ErrBuf) {
+	var dnsErr *dns.Error
+	if errors.As(err, &dnsErr) && errors.Is(err, dns.ErrBuf) {
 		return true
 	} else if strings.Contains(err.Error(), "overflow") {
 		return true
--- a/plugin/pkg/singleflight/singleflight_test.go
+++ b/plugin/pkg/singleflight/singleflight_test.go
@@ -44,7 +44,7 @@ func TestDoErr(t *testing.T) {
 	v, err := g.Do(1, func() (any, error) {
 		return nil, someErr
 	})
-	if err != someErr {
+	if !errors.Is(err, someErr) {
 		t.Errorf("Do error = %v; want someErr", err)
 	}
 	if v != nil {
--- a/plugin/pkg/tls/tls.go
+++ b/plugin/pkg/tls/tls.go
@@ -97,7 +97,7 @@ func NewTLSConfigFromArgs(args ...string) (*tls.Config, error) {
 func NewTLSConfig(certPath, keyPath, caPath string) (*tls.Config, error) {
 	cert, err := tls.LoadX509KeyPair(certPath, keyPath)
 	if err != nil {
-		return nil, fmt.Errorf("could not load TLS cert: %s", err)
+		return nil, fmt.Errorf("could not load TLS cert: %w", err)
 	}

 	roots, err := loadRoots(caPath)
@@ -140,11 +140,11 @@ func loadRoots(caPath string) (*x509.CertPool, error) {
 	roots := x509.NewCertPool()
 	pem, err := os.ReadFile(filepath.Clean(caPath))
 	if err != nil {
-		return nil, fmt.Errorf("error reading %s: %s", caPath, err)
+		return nil, fmt.Errorf("error reading %s: %w", caPath, err)
 	}
 	ok := roots.AppendCertsFromPEM(pem)
 	if !ok {
-		return nil, fmt.Errorf("could not read root certs: %s", err)
+		return nil, fmt.Errorf("could not read root certs from %s", caPath)
 	}
 	return roots, nil
 }