Run gofmt 1.19

Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2022-08-04 18:18:33 -07:00 · 2022-08-04 18:18:33 -07:00 · ca3b9b50fe
commit ca3b9b50fe
parent 4a11a40189
31 changed files with 206 additions and 192 deletions
--- a/cmd/ctr/commands/cni.go
+++ b/cmd/ctr/commands/cni.go
@ -36,7 +36,7 @@ const (
 	CtrCniMetadataExtension = "ctr.cni-containerd.metadata"
 )
-//ctr pass cni network metadata to containerd if ctr run use option of --cni
+// ctr pass cni network metadata to containerd if ctr run use option of --cni
 type NetworkMetaData struct {
 	EnableCni bool
 }
--- a/content/local/store.go
+++ b/content/local/store.go
@ -34,7 +34,7 @@ import (
 	"github.com/containerd/containerd/log"
 	"github.com/sirupsen/logrus"
-	digest "github.com/opencontainers/go-digest"
+	"github.com/opencontainers/go-digest"
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 )
@ -643,7 +643,6 @@ func (s *store) ingestRoot(ref string) string {
 // - root: entire ingest directory
 // - ref: name of the starting ref, must be unique
 // - data: file where data is written
 //
 func (s *store) ingestPaths(ref string) (string, string, string) {
 	var (
 		fp = s.ingestRoot(ref)
--- a/contrib/fuzz/daemon.go
+++ b/contrib/fuzz/daemon.go
@ -2,16 +2,18 @@
 // +build gofuzz
 /*
-   Copyright The containerd Authors.
+Copyright The containerd Authors.
-   Licensed under the Apache License, Version 2.0 (the "License");
+Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
+you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
+You may obtain a copy of the License at
-       http://www.apache.org/licenses/LICENSE-2.0
+
-   Unless required by applicable law or agreed to in writing, software
+	http://www.apache.org/licenses/LICENSE-2.0
-   distributed under the License is distributed on an "AS IS" BASIS,
+
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+Unless required by applicable law or agreed to in writing, software
-   See the License for the specific language governing permissions and
+distributed under the License is distributed on an "AS IS" BASIS,
-   limitations under the License.
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package fuzz
--- a/filters/filter.go
+++ b/filters/filter.go
@ -65,7 +65,6 @@
 // ```
 // name==foo,labels.bar
 // ```
 //
 package filters
 import (
--- a/filters/parser.go
+++ b/filters/parser.go
@ -45,7 +45,6 @@ field     := quoted | [A-Za-z] [A-Za-z0-9_]+
 operator  := "==" | "!=" | "~="
 value     := quoted | [^\s,]+
 quoted    := <go string syntax>
 */
 func Parse(s string) (Filter, error) {
 	// special case empty to match all
--- a/filters/quote.go
+++ b/filters/quote.go
@ -31,10 +31,10 @@ var errQuoteSyntax = errors.New("quote syntax error")
 // or character literal represented by the string s.
 // It returns four values:
 //
-//	1) value, the decoded Unicode code point or byte value;
+//  1. value, the decoded Unicode code point or byte value;
-//	2) multibyte, a boolean indicating whether the decoded character requires a multibyte UTF-8 representation;
+//  2. multibyte, a boolean indicating whether the decoded character requires a multibyte UTF-8 representation;
-//	3) tail, the remainder of the string after the character; and
+//  3. tail, the remainder of the string after the character; and
-//	4) an error that will be nil if the character is syntactically valid.
+//  4. an error that will be nil if the character is syntactically valid.
 //
 // The second argument, quote, specifies the type of literal being parsed
 // and therefore which escaped quote character is permitted.
--- a/images/archive/importer.go
+++ b/images/archive/importer.go
@ -55,12 +55,12 @@ func WithImportCompression() ImportOpt {
 }
 // ImportIndex imports an index from a tar archive image bundle
-// - implements Docker v1.1, v1.2 and OCI v1.
+//   - implements Docker v1.1, v1.2 and OCI v1.
-// - prefers OCI v1 when provided
+//   - prefers OCI v1 when provided
-// - creates OCI index for Docker formats
+//   - creates OCI index for Docker formats
-// - normalizes Docker references and adds as OCI ref name
+//   - normalizes Docker references and adds as OCI ref name
-//      e.g. alpine:latest -> docker.io/library/alpine:latest
+//     e.g. alpine:latest -> docker.io/library/alpine:latest
-// - existing OCI reference names are untouched
+//   - existing OCI reference names are untouched
 func ImportIndex(ctx context.Context, store content.Store, reader io.Reader, opts ...ImportOpt) (ocispec.Descriptor, error) {
 	var (
 		tr = tar.NewReader(reader)
--- a/integration/failpoint/cmd/cni-bridge-fp/main_linux.go
+++ b/integration/failpoint/cmd/cni-bridge-fp/main_linux.go
@ -20,7 +20,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"os"
 	"path/filepath"
 	"syscall"
@ -168,7 +168,7 @@ func (c *failpointControl) updateTx(updateFn func(conf *failpointConf) error) er
 	}
 	defer unflock(f.Fd())
-	data, err := ioutil.ReadAll(f)
+	data, err := io.ReadAll(f)
 	if err != nil {
 		return fmt.Errorf("failed to read failpoint setting %s: %w", c.confPath, err)
 	}
--- a/integration/image_pull_timeout_test.go
+++ b/integration/image_pull_timeout_test.go
@ -64,7 +64,7 @@ func TestCRIImagePullTimeout(t *testing.T) {
 // testCRIImagePullTimeoutByHoldingContentOpenWriter tests that
 //
-//  It should not cancel if there is no active http requests.
+//	It should not cancel if there is no active http requests.
 //
 // When there are several pulling requests for the same blob content, there
 // will only one active http request. It is singleflight. For the waiting pulling
@ -197,7 +197,7 @@ func testCRIImagePullTimeoutByHoldingContentOpenWriter(t *testing.T) {
 // testCRIImagePullTimeoutByNoDataTransferred tests that
 //
-//   It should fail because there is no data transferred in open http request.
+//	It should fail because there is no data transferred in open http request.
 //
 // The case uses the local mirror registry to forward request with circuit
 // breaker. If the local registry has transferred a certain amount of data in
--- a/metadata/buckets.go
+++ b/metadata/buckets.go
@ -26,7 +26,7 @@
 //
 // Generically, we try to do the following:
 //
-// 	<version>/<namespace>/<object>/<key> -> <field>
+//	<version>/<namespace>/<object>/<key> -> <field>
 //
 // version: Currently, this is "v1". Additions can be made to v1 in a backwards
 // compatible way. If the layout changes, a new version must be made, along
@ -46,77 +46,80 @@
 // the structure is changed in addition to adding a migration and incrementing
 // the database version.
 // Notes:
 //  * `╘══*...*` refers to maps with arbitrary keys
 //  * `version` is a key to a numeric value identifying the minor revisions
 //    of schema version
 //  * a namespace in a schema bucket cannot be named "version"
 //
-//  └──v1                                        - Schema version bucket
+//   - `╘══*...*` refers to maps with arbitrary keys
 //
 //   - `version` is a key to a numeric value identifying the minor revisions
 //     of schema version
 //
 //   - a namespace in a schema bucket cannot be named "version"
 //
 //     └──v1                                        - Schema version bucket
 //     ├──version : <varint>                     - Latest version, see migrations
 //     ╘══*namespace*
-//        ├──labels
+//     ├──labels
-//        │  ╘══*key* : <string>                 - Label value
+//     │  ╘══*key* : <string>                 - Label value
-//        ├──image
+//     ├──image
-//        │  ╘══*image name*
+//     │  ╘══*image name*
-//        │     ├──createdat : <binary time>     - Created at
+//     │     ├──createdat : <binary time>     - Created at
-//        │     ├──updatedat : <binary time>     - Updated at
+//     │     ├──updatedat : <binary time>     - Updated at
-//        │     ├──target
+//     │     ├──target
-//        │     │  ├──digest : <digest>          - Descriptor digest
+//     │     │  ├──digest : <digest>          - Descriptor digest
-//        │     │  ├──mediatype : <string>       - Descriptor media type
+//     │     │  ├──mediatype : <string>       - Descriptor media type
-//        │     │  └──size : <varint>            - Descriptor size
+//     │     │  └──size : <varint>            - Descriptor size
-//        │     └──labels
+//     │     └──labels
-//        │        ╘══*key* : <string>           - Label value
+//     │        ╘══*key* : <string>           - Label value
-//        ├──containers
+//     ├──containers
-//        │  ╘══*container id*
+//     │  ╘══*container id*
-//        │     ├──createdat : <binary time>     - Created at
+//     │     ├──createdat : <binary time>     - Created at
-//        │     ├──updatedat : <binary time>     - Updated at
+//     │     ├──updatedat : <binary time>     - Updated at
-//        │     ├──spec : <binary>               - Proto marshaled spec
+//     │     ├──spec : <binary>               - Proto marshaled spec
-//        │     ├──image : <string>              - Image name
+//     │     ├──image : <string>              - Image name
-//        │     ├──snapshotter : <string>        - Snapshotter name
+//     │     ├──snapshotter : <string>        - Snapshotter name
-//        │     ├──snapshotKey : <string>        - Snapshot key
+//     │     ├──snapshotKey : <string>        - Snapshot key
-//        │     ├──runtime
+//     │     ├──runtime
-//        │     │  ├──name : <string>            - Runtime name
+//     │     │  ├──name : <string>            - Runtime name
-//        │     │  ├──extensions
+//     │     │  ├──extensions
-//        │     │  │  ╘══*name* : <binary>       - Proto marshaled extension
+//     │     │  │  ╘══*name* : <binary>       - Proto marshaled extension
-//        │     │  └──options : <binary>         - Proto marshaled options
+//     │     │  └──options : <binary>         - Proto marshaled options
-//        │     └──labels
+//     │     └──labels
-//        │        ╘══*key* : <string>           - Label value
+//     │        ╘══*key* : <string>           - Label value
-//        ├──snapshots
+//     ├──snapshots
-//        │  ╘══*snapshotter*
+//     │  ╘══*snapshotter*
-//        │     ╘══*snapshot key*
+//     │     ╘══*snapshot key*
-//        │        ├──name : <string>            - Snapshot name in backend
+//     │        ├──name : <string>            - Snapshot name in backend
-//        │        ├──createdat : <binary time>  - Created at
+//     │        ├──createdat : <binary time>  - Created at
-//        │        ├──updatedat : <binary time>  - Updated at
+//     │        ├──updatedat : <binary time>  - Updated at
-//        │        ├──parent : <string>          - Parent snapshot name
+//     │        ├──parent : <string>          - Parent snapshot name
-//        │        ├──children
+//     │        ├──children
-//        │        │  ╘══*snapshot key* : <nil>  - Child snapshot reference
+//     │        │  ╘══*snapshot key* : <nil>  - Child snapshot reference
-//        │        └──labels
+//     │        └──labels
-//        │           ╘══*key* : <string>        - Label value
+//     │           ╘══*key* : <string>        - Label value
-//        ├──content
+//     ├──content
-//        │  ├──blob
+//     │  ├──blob
-//        │  │  ╘══*blob digest*
+//     │  │  ╘══*blob digest*
-//        │  │     ├──createdat : <binary time>  - Created at
+//     │  │     ├──createdat : <binary time>  - Created at
-//        │  │     ├──updatedat : <binary time>  - Updated at
+//     │  │     ├──updatedat : <binary time>  - Updated at
-//        │  │     ├──size : <varint>            - Blob size
+//     │  │     ├──size : <varint>            - Blob size
-//        │  │     └──labels
+//     │  │     └──labels
-//        │  │        ╘══*key* : <string>        - Label value
+//     │  │        ╘══*key* : <string>        - Label value
-//        │  └──ingests
+//     │  └──ingests
-//        │     ╘══*ingest reference*
+//     │     ╘══*ingest reference*
-//        │        ├──ref : <string>             - Ingest reference in backend
+//     │        ├──ref : <string>             - Ingest reference in backend
-//        │        ├──expireat : <binary time>   - Time to expire ingest
+//     │        ├──expireat : <binary time>   - Time to expire ingest
-//        │        └──expected : <digest>        - Expected commit digest
+//     │        └──expected : <digest>        - Expected commit digest
-//        └──leases
+//     └──leases
-//           ╘══*lease id*
+//     ╘══*lease id*
-//              ├──createdat : <binary time>     - Created at
+//     ├──createdat : <binary time>     - Created at
-//              ├──labels
+//     ├──labels
-//              │  ╘══*key* : <string>           - Label value
+//     │  ╘══*key* : <string>           - Label value
-//              ├──snapshots
+//     ├──snapshots
-//              │  ╘══*snapshotter*
+//     │  ╘══*snapshotter*
-//              │     ╘══*snapshot key* : <nil>  - Snapshot reference
+//     │     ╘══*snapshot key* : <nil>  - Snapshot reference
-//              ├──content
+//     ├──content
-//              │  ╘══*blob digest* : <nil>      - Content blob reference
+//     │  ╘══*blob digest* : <nil>      - Content blob reference
-//              └──ingests
+//     └──ingests
-//                 ╘══*ingest reference* : <nil> - Content ingest reference
+//     ╘══*ingest reference* : <nil> - Content ingest reference
 package metadata
 import (
--- a/metadata/db.go
+++ b/metadata/db.go
@ -274,11 +274,11 @@ func (m *DB) RegisterMutationCallback(fn func(bool)) {
 // to be tracked by go away after reboot or process restart.
 //
 // A few limitations to consider:
-// - Collectible Resources cannot reference other resources.
+//   - Collectible Resources cannot reference other resources.
-// - A failure to complete collection will not fail the garbage collection,
+//   - A failure to complete collection will not fail the garbage collection,
-//   however, the resources can be collected in a later run.
+//     however, the resources can be collected in a later run.
-// - Collectible Resources must track whether the resource is active and/or
+//   - Collectible Resources must track whether the resource is active and/or
-//   lease membership.
+//     lease membership.
 func (m *DB) RegisterCollectibleResource(t gc.ResourceType, c Collector) {
 	if t < resourceEnd {
 		panic("cannot re-register metadata resource")
--- a/namespaces/store.go
+++ b/namespaces/store.go
@ -24,8 +24,6 @@ import "context"
 // oriented. A namespace is really just a name and a set of labels. Objects
 // that belong to a namespace are returned when the namespace is assigned to a
 // given context.
 //
 //
 type Store interface {
 	Create(ctx context.Context, namespace string, labels map[string]string) error
 	Labels(ctx context.Context, namespace string) (map[string]string, error)
--- a/oci/spec_opts.go
+++ b/oci/spec_opts.go
@ -591,7 +591,8 @@ func WithNamespacedCgroup() SpecOpts {
 // WithUser sets the user to be used within the container.
 // It accepts a valid user string in OCI Image Spec v1.0.0:
-//   user, uid, user:group, uid:gid, uid:group, user:gid
+//
 //	user, uid, user:group, uid:gid, uid:group, user:gid
 func WithUser(userstr string) SpecOpts {
 	return func(ctx context.Context, client Client, c *containers.Container, s *Spec) error {
 		setProcess(s)
--- a/oci/spec_opts_nonlinux.go
+++ b/oci/spec_opts_nonlinux.go
@ -28,19 +28,19 @@ import (
 // WithAllCurrentCapabilities propagates the effective capabilities of the caller process to the container process.
 // The capability set may differ from WithAllKnownCapabilities when running in a container.
-//nolint: deadcode, unused
+// nolint: deadcode, unused
 var WithAllCurrentCapabilities = func(ctx context.Context, client Client, c *containers.Container, s *Spec) error {
 	return WithCapabilities(nil)(ctx, client, c, s)
 }
 // WithAllKnownCapabilities sets all the the known linux capabilities for the container process
-//nolint: deadcode, unused
+// nolint: deadcode, unused
 var WithAllKnownCapabilities = func(ctx context.Context, client Client, c *containers.Container, s *Spec) error {
 	return WithCapabilities(nil)(ctx, client, c, s)
 }
 // WithBlockIO sets the container's blkio parameters
-//nolint: deadcode, unused
+// nolint: deadcode, unused
 func WithBlockIO(blockio interface{}) SpecOpts {
 	return func(ctx context.Context, _ Client, c *containers.Container, s *Spec) error {
 		return errors.New("blkio not supported")
@ -48,7 +48,7 @@ func WithBlockIO(blockio interface{}) SpecOpts {
 }
 // WithCPUShares sets the container's cpu shares
-//nolint: deadcode, unused
+// nolint: deadcode, unused
 func WithCPUShares(shares uint64) SpecOpts {
 	return func(ctx context.Context, _ Client, c *containers.Container, s *Spec) error {
 		return nil
--- a/pkg/apparmor/apparmor.go
+++ b/pkg/apparmor/apparmor.go
@ -18,10 +18,11 @@ package apparmor
 // HostSupports returns true if apparmor is enabled for the host, // On non-Linux returns false
 // On Linux returns true if apparmor_parser is enabled, and if we
 //  are not running docker-in-docker.
 //
-//  It is a modified version of libcontainer/apparmor.IsEnabled(), which does not
+//	are not running docker-in-docker.
-//  check for apparmor_parser to be present, or if we're running docker-in-docker.
+//
 //	It is a modified version of libcontainer/apparmor.IsEnabled(), which does not
 //	check for apparmor_parser to be present, or if we're running docker-in-docker.
 func HostSupports() bool {
 	return hostSupports()
 }
--- a/pkg/cri/opts/spec.go
+++ b/pkg/cri/opts/spec.go
@ -77,7 +77,8 @@ func WithProcessArgs(config *runtime.ContainerConfig, image *imagespec.ImageConf
 // mounts defines how to sort runtime.Mount.
 // This is the same with the Docker implementation:
-//   https://github.com/moby/moby/blob/17.05.x/daemon/volumes.go#L26
+//
 //	https://github.com/moby/moby/blob/17.05.x/daemon/volumes.go#L26
 type orderedMounts []*runtime.Mount
 // Len returns the number of mounts. Used in sorting.
--- a/pkg/cri/sbserver/events.go
+++ b/pkg/cri/sbserver/events.go
@ -234,11 +234,11 @@ func convertEvent(e typeurl.Any) (string, interface{}, error) {
 // event monitor.
 //
 // NOTE:
-// 1. start must be called after subscribe.
+//  1. start must be called after subscribe.
-// 2. The task exit event has been handled in individual startSandboxExitMonitor
+//  2. The task exit event has been handled in individual startSandboxExitMonitor
-//    or startContainerExitMonitor goroutine at the first. If the goroutine fails,
+//     or startContainerExitMonitor goroutine at the first. If the goroutine fails,
-//    it puts the event into backoff retry queue and event monitor will handle
+//     it puts the event into backoff retry queue and event monitor will handle
-//    it later.
+//     it later.
 func (em *eventMonitor) start() <-chan error {
 	errCh := make(chan error)
 	if em.ch == nil || em.errCh == nil {
--- a/pkg/cri/server/events.go
+++ b/pkg/cri/server/events.go
@ -234,11 +234,11 @@ func convertEvent(e typeurl.Any) (string, interface{}, error) {
 // event monitor.
 //
 // NOTE:
-// 1. start must be called after subscribe.
+//  1. start must be called after subscribe.
-// 2. The task exit event has been handled in individual startSandboxExitMonitor
+//  2. The task exit event has been handled in individual startSandboxExitMonitor
-//    or startContainerExitMonitor goroutine at the first. If the goroutine fails,
+//     or startContainerExitMonitor goroutine at the first. If the goroutine fails,
-//    it puts the event into backoff retry queue and event monitor will handle
+//     it puts the event into backoff retry queue and event monitor will handle
-//    it later.
+//     it later.
 func (em *eventMonitor) start() <-chan error {
 	errCh := make(chan error)
 	if em.ch == nil || em.errCh == nil {
--- a/pkg/cri/streaming/server.go
+++ b/pkg/cri/streaming/server.go
@ -45,7 +45,7 @@ import (
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
-	restful "github.com/emicklei/go-restful/v3"
+	"github.com/emicklei/go-restful/v3"
 	"k8s.io/apimachinery/pkg/types"
 	remotecommandconsts "k8s.io/apimachinery/pkg/util/remotecommand"
@ -162,9 +162,10 @@ func NewServer(config Config, runtime Runtime) (Server, error) {
 	handler.Add(ws)
 	s.handler = handler
 	s.server = &http.Server{
-		Addr:      s.config.Addr,
+		Addr:              s.config.Addr,
-		Handler:   s.handler,
+		Handler:           s.handler,
-		TLSConfig: s.config.TLSConfig,
+		TLSConfig:         s.config.TLSConfig,
 		ReadHeaderTimeout: 3 * time.Second, // Fix linter G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server
 	}
 	return s, nil
--- a/pkg/failpoint/fail.go
+++ b/pkg/failpoint/fail.go
@ -68,7 +68,7 @@ func (t Type) String() string {
 // user. The user controlled variable will be parsed for how the error injected
 // code should fire. There is the way to set the rule for failpoint.
 //
-// 	<count>*<type>[(arg)][-><more terms>]
+//	<count>*<type>[(arg)][-><more terms>]
 //
 // The <type> argument specifies which action to take; it can be one of:
 //
--- a/pkg/ioutil/write_closer.go
+++ b/pkg/ioutil/write_closer.go
@ -73,10 +73,10 @@ func (n *nopWriteCloser) Close() error {
 // serialWriteCloser wraps a write closer and makes sure all writes
 // are done in serial.
 // Parallel write won't intersect with each other. Use case:
-// 1) Pipe: Write content longer than PIPE_BUF.
+//  1. Pipe: Write content longer than PIPE_BUF.
-//    See http://man7.org/linux/man-pages/man7/pipe.7.html
+//     See http://man7.org/linux/man-pages/man7/pipe.7.html
-// 2) <3.14 Linux Kernel: write is not atomic
+//  2. <3.14 Linux Kernel: write is not atomic
-//    See http://man7.org/linux/man-pages/man2/write.2.html
+//     See http://man7.org/linux/man-pages/man2/write.2.html
 type serialWriteCloser struct {
 	mu sync.Mutex
 	wc io.WriteCloser
--- a/pkg/os/os_windows.go
+++ b/pkg/os/os_windows.go
@ -29,9 +29,10 @@ import (
 // It works for both file and directory paths.
 //
 // We are not able to use builtin Go functionality for opening a directory path:
-// - os.Open on a directory returns a os.File where Fd() is a search handle from FindFirstFile.
+//   - os.Open on a directory returns a os.File where Fd() is a search handle from FindFirstFile.
-// - syscall.Open does not provide a way to specify FILE_FLAG_BACKUP_SEMANTICS, which is needed to
+//   - syscall.Open does not provide a way to specify FILE_FLAG_BACKUP_SEMANTICS, which is needed to
-//   open a directory.
+//     open a directory.
 //
 // We could use os.Open if the path is a file, but it's easier to just use the same code for both.
 // Therefore, we call windows.CreateFile directly.
 func openPath(path string) (windows.Handle, error) {
@ -58,6 +59,7 @@ func openPath(path string) (windows.Handle, error) {
 }
 // GetFinalPathNameByHandle flags.
 //
 //nolint:revive // SNAKE_CASE is not idiomatic in Go, but aligned with Win32 API.
 const (
 	cFILE_NAME_OPENED = 0x8
--- a/platforms/platforms.go
+++ b/platforms/platforms.go
@ -27,40 +27,40 @@
 // The vast majority of use cases should simply use the match function with
 // user input. The first step is to parse a specifier into a matcher:
 //
-//   m, err := Parse("linux")
+//	m, err := Parse("linux")
-//   if err != nil { ... }
+//	if err != nil { ... }
 //
 // Once you have a matcher, use it to match against the platform declared by a
 // component, typically from an image or runtime. Since extracting an images
 // platform is a little more involved, we'll use an example against the
 // platform default:
 //
-//   if ok := m.Match(Default()); !ok { /* doesn't match */ }
+//	if ok := m.Match(Default()); !ok { /* doesn't match */ }
 //
 // This can be composed in loops for resolving runtimes or used as a filter for
 // fetch and select images.
 //
 // More details of the specifier syntax and platform spec follow.
 //
-// Declaring Platform Support
+// # Declaring Platform Support
 //
 // Components that have strict platform requirements should use the OCI
 // platform specification to declare their support. Typically, this will be
 // images and runtimes that should make these declaring which platform they
 // support specifically. This looks roughly as follows:
 //
-//   type Platform struct {
+//	  type Platform struct {
-//	   Architecture string
+//		   Architecture string
-//	   OS           string
+//		   OS           string
-//	   Variant      string
+//		   Variant      string
-//   }
+//	  }
 //
 // Most images and runtimes should at least set Architecture and OS, according
 // to their GOARCH and GOOS values, respectively (follow the OCI image
 // specification when in doubt). ARM should set variant under certain
 // discussions, which are outlined below.
 //
-// Platform Specifiers
+// # Platform Specifiers
 //
 // While the OCI platform specifications provide a tool for components to
 // specify structured information, user input typically doesn't need the full
@ -77,7 +77,7 @@
 // where the architecture may be known but a runtime may support images from
 // different operating systems.
 //
-// Normalization
+// # Normalization
 //
 // Because not all users are familiar with the way the Go runtime represents
 // platforms, several normalizations have been provided to make this package
@ -85,17 +85,17 @@
 //
 // The following are performed for architectures:
 //
-//   Value    Normalized
+//	Value    Normalized
-//   aarch64  arm64
+//	aarch64  arm64
-//   armhf    arm
+//	armhf    arm
-//   armel    arm/v6
+//	armel    arm/v6
-//   i386     386
+//	i386     386
-//   x86_64   amd64
+//	x86_64   amd64
-//   x86-64   amd64
+//	x86-64   amd64
 //
 // We also normalize the operating system `macos` to `darwin`.
 //
-// ARM Support
+// # ARM Support
 //
 // To qualify ARM architecture, the Variant field is used to qualify the arm
 // version. The most common arm version, v7, is represented without the variant
--- a/process.go
+++ b/process.go
@ -72,8 +72,10 @@ type ExitStatus struct {
 // Result returns the exit code and time of the exit status.
 // An error may be returned here to which indicates there was an error
-//   at some point while waiting for the exit status. It does not signify
+//
-//   an error with the process itself.
+//	at some point while waiting for the exit status. It does not signify
 //	an error with the process itself.
 //
 // If an error is returned, the process may still be running.
 func (s ExitStatus) Result() (uint32, time.Time, error) {
 	return s.code, s.exitedAt, s.err
--- a/reference/docker/reference.go
+++ b/reference/docker/reference.go
@ -19,13 +19,13 @@
 //
 // Grammar
 //
-// 	reference                       := name [ ":" tag ] [ "@" digest ]
+//	reference                       := name [ ":" tag ] [ "@" digest ]
 //	name                            := [domain '/'] path-component ['/' path-component]*
 //	domain                          := domain-component ['.' domain-component]* [':' port-number]
 //	domain-component                := /([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])/
 //	port-number                     := /[0-9]+/
 //	path-component                  := alpha-numeric [separator alpha-numeric]*
-// 	alpha-numeric                   := /[a-z0-9]+/
+//	alpha-numeric                   := /[a-z0-9]+/
 //	separator                       := /[_.]|__|[-]*/
 //
 //	tag                             := /[\w][\w.-]{0,127}/
--- a/remotes/docker/config/hosts.go
+++ b/remotes/docker/config/hosts.go
@ -530,13 +530,13 @@ func makeAbsPath(p string, base string) string {
 // loadCertsDir loads certs from certsDir like "/etc/docker/certs.d" .
 // Compatible with Docker file layout
-// - files ending with ".crt" are treated as CA certificate files
+//   - files ending with ".crt" are treated as CA certificate files
-// - files ending with ".cert" are treated as client certificates, and
+//   - files ending with ".cert" are treated as client certificates, and
-//   files with the same name but ending with ".key" are treated as the
+//     files with the same name but ending with ".key" are treated as the
-//   corresponding private key.
+//     corresponding private key.
-//   NOTE: If a ".key" file is missing, this function will just return
+//     NOTE: If a ".key" file is missing, this function will just return
-//   the ".cert", which may contain the private key. If the ".cert" file
+//     the ".cert", which may contain the private key. If the ".cert" file
-//   does not contain the private key, the caller should detect and error.
+//     does not contain the private key, the caller should detect and error.
 func loadCertFiles(ctx context.Context, certsDir string) ([]hostConfig, error) {
 	fs, err := os.ReadDir(certsDir)
 	if err != nil && !os.IsNotExist(err) {
--- a/remotes/handlers.go
+++ b/remotes/handlers.go
@ -257,8 +257,8 @@ func PushContent(ctx context.Context, pusher Pusher, desc ocispec.Descriptor, st
 // An example of this kind of content would be a Windows base layer, which is not supposed to be redistributed.
 //
 // This is based on the media type of the content:
-// 	- application/vnd.oci.image.layer.nondistributable
+//   - application/vnd.oci.image.layer.nondistributable
-// 	- application/vnd.docker.image.rootfs.foreign
+//   - application/vnd.docker.image.rootfs.foreign
 func SkipNonDistributableBlobs(f images.HandlerFunc) images.HandlerFunc {
 	return func(ctx context.Context, desc ocispec.Descriptor) ([]ocispec.Descriptor, error) {
 		if images.IsNonDistributable(desc.MediaType) {
--- a/snapshots/devmapper/dmsetup/dmsetup.go
+++ b/snapshots/devmapper/dmsetup/dmsetup.go
@ -353,7 +353,8 @@ func BlockDeviceSize(path string) (int64, error) {
 }
 // DiscardBlocks discards all blocks for the given thin device
-//  ported from https://github.com/moby/moby/blob/7b9275c0da707b030e62c96b679a976f31f929d3/pkg/devicemapper/devmapper.go#L416
+//
 //	ported from https://github.com/moby/moby/blob/7b9275c0da707b030e62c96b679a976f31f929d3/pkg/devicemapper/devmapper.go#L416
 func DiscardBlocks(deviceName string) error {
 	inUse, err := isInUse(deviceName)
 	if err != nil {
@ -402,8 +403,10 @@ func tryGetUnixError(output string) (unix.Errno, bool) {
 }
 // dmsetup returns error messages in format:
-// 	device-mapper: message ioctl on <name> failed: File exists\n
+//
-// 	Command failed\n
+//	device-mapper: message ioctl on <name> failed: File exists\n
 //	Command failed\n
 //
 // parseDmsetupError extracts text between "failed: " and "\n"
 func parseDmsetupError(output string) string {
 	lines := strings.SplitN(output, "\n", 2)
--- a/snapshots/devmapper/pool_device.go
+++ b/snapshots/devmapper/pool_device.go
@ -484,7 +484,9 @@ func (p *PoolDevice) IsLoaded(deviceName string) bool {
 // GetUsage reports total size in bytes consumed by a thin-device.
 // It relies on the number of used blocks reported by 'dmsetup status'.
 // The output looks like:
-//  device2: 0 204800 thin 17280 204799
+//
 //	device2: 0 204800 thin 17280 204799
 //
 // Where 17280 is the number of used sectors
 func (p *PoolDevice) GetUsage(deviceName string) (int64, error) {
 	status, err := dmsetup.Status(deviceName)
--- a/snapshots/snapshotter.go
+++ b/snapshots/snapshotter.go
@ -153,10 +153,10 @@ type WalkFunc func(context.Context, Info) error
 // For consistency, we define the following terms to be used throughout this
 // interface for snapshotter implementations:
 //
-// 	`ctx` - refers to a context.Context
+//	`ctx` - refers to a context.Context
-// 	`key` - refers to an active snapshot
+//	`key` - refers to an active snapshot
-// 	`name` - refers to a committed snapshot
+//	`name` - refers to a committed snapshot
-// 	`parent` - refers to the parent in relation
+//	`parent` - refers to the parent in relation
 //
 // Most methods take various combinations of these identifiers. Typically,
 // `name` and `parent` will be used in cases where a method *only* takes
@ -167,7 +167,7 @@ type WalkFunc func(context.Context, Info) error
 //
 // We cover several examples below to demonstrate the utility of the snapshotter.
 //
-// Importing a Layer
+// # Importing a Layer
 //
 // To import a layer, we simply have the snapshotter provide a list of
 // mounts to be applied such that our dst will capture a changeset. We start
@ -184,7 +184,7 @@ type WalkFunc func(context.Context, Info) error
 //		"containerd.io/gc.root": time.Now().UTC().Format(time.RFC3339),
 //	})
 //	mounts, err := snapshotter.Prepare(ctx, key, "", noGcOpt)
-// 	if err != nil { ... }
+//	if err != nil { ... }
 //
 // We get back a list of mounts from snapshotter.Prepare(), with the key identifying
 // the active snapshot. Mount this to the temporary location with the
@ -201,8 +201,8 @@ type WalkFunc func(context.Context, Info) error
 //
 //	layer, err := os.Open(layerPath)
 //	if err != nil { ... }
-// 	digest, err := unpackLayer(tmpLocation, layer) // unpack into layer location
+//	digest, err := unpackLayer(tmpLocation, layer) // unpack into layer location
-// 	if err != nil { ... }
+//	if err != nil { ... }
 //
 // When the above completes, we should have a filesystem that represents the
 // contents of the layer. Careful implementations should verify that digest
@ -220,30 +220,30 @@ type WalkFunc func(context.Context, Info) error
 // Now, we have a layer in the snapshotter that can be accessed with the digest
 // provided during commit.
 //
-// Importing the Next Layer
+// # Importing the Next Layer
 //
 // Making a layer depend on the above is identical to the process described
 // above except that the parent is provided as parent when calling
 // snapshotter.Prepare(), assuming a clean, unique key identifier:
 //
-// 	mounts, err := snapshotter.Prepare(ctx, key, parentDigest, noGcOpt)
+//	mounts, err := snapshotter.Prepare(ctx, key, parentDigest, noGcOpt)
 //
 // We then mount, apply and commit, as we did above. The new snapshot will be
 // based on the content of the previous one.
 //
-// Running a Container
+// # Running a Container
 //
 // To run a container, we simply provide snapshotter.Prepare() the committed image
 // snapshot as the parent. After mounting, the prepared path can
 // be used directly as the container's filesystem:
 //
-// 	mounts, err := snapshotter.Prepare(ctx, containerKey, imageRootFSChainID)
+//	mounts, err := snapshotter.Prepare(ctx, containerKey, imageRootFSChainID)
 //
 // The returned mounts can then be passed directly to the container runtime. If
 // one would like to create a new image from the filesystem, snapshotter.Commit() is
 // called:
 //
-// 	if err := snapshotter.Commit(ctx, newImageSnapshot, containerKey); err != nil { ... }
+//	if err := snapshotter.Commit(ctx, newImageSnapshot, containerKey); err != nil { ... }
 //
 // Alternatively, for most container runs, snapshotter.Remove() will be called to
 // signal the snapshotter to abandon the changes.
--- a/snapshots/testsuite/testsuite.go
+++ b/snapshots/testsuite/testsuite.go
@ -505,7 +505,7 @@ func checkDeletedFilesInChildSnapshot(ctx context.Context, t *testing.T, snapsho
 }
-//Create three layers. Deleting intermediate layer must fail.
+// Create three layers. Deleting intermediate layer must fail.
 func checkRemoveIntermediateSnapshot(ctx context.Context, t *testing.T, snapshotter snapshots.Snapshotter, work string) {
 	base, err := snapshotterPrepareMount(ctx, snapshotter, "base", "", work)
@ -559,12 +559,13 @@ func checkRemoveIntermediateSnapshot(ctx context.Context, t *testing.T, snapshot
 // baseTestSnapshots creates a base set of snapshots for tests, each snapshot is empty
 // Tests snapshots:
-//  c1 - committed snapshot, no parent
+//
-//  c2 - committed snapshot, c1 is parent
+//	c1 - committed snapshot, no parent
-//  a1 - active snapshot, c2 is parent
+//	c2 - committed snapshot, c1 is parent
-//  a1 - active snapshot, no parent
+//	a1 - active snapshot, c2 is parent
-//  v1 - view snapshot, v1 is parent
+//	a1 - active snapshot, no parent
-//  v2 - view snapshot, no parent
+//	v1 - view snapshot, v1 is parent
 //	v2 - view snapshot, no parent
 func baseTestSnapshots(ctx context.Context, snapshotter snapshots.Snapshotter) error {
 	if _, err := snapshotter.Prepare(ctx, "c1-a", "", opt); err != nil {
 		return err