fix: lint

santhoshmprabhu · santhoshmprabhu · commit 3c0101557600 · 2025-08-19T22:43:55.000-07:00
diff --git a/bpf-prog/azure-block-iptables/cmd/azure-block-iptables/main.go b/bpf-prog/azure-block-iptables/cmd/azure-block-iptables/main.go
@@ -14,7 +14,11 @@ import (
 )
 
 // ProgramVersion is set during build
-var version = "unknown"
+var (
+	version         = "unknown"
+	ErrModeRequired = errors.New("mode is required")
+	ErrInvalidMode  = errors.New("invalid mode. Use -mode=attach or -mode=detach")
+)
 
 // Config holds configuration for the application
 type Config struct {
@@ -45,11 +49,11 @@ func parseArgs() (*Config, error) {
 	}
 
 	if *mode == "" {
-		return nil, fmt.Errorf("mode is required. Use -mode=attach or -mode=detach")
+		return nil, ErrModeRequired
 	}
 
 	if *mode != "attach" && *mode != "detach" {
-		return nil, fmt.Errorf("invalid mode '%s'. Must be 'attach' or 'detach'", *mode)
+		return nil, ErrInvalidMode
 	}
 
 	return &Config{
@@ -107,7 +111,7 @@ func run(config *Config) error {
 	case "detach":
 		return detachMode(config)
 	default:
-		return fmt.Errorf("unsupported mode: %s", config.Mode)
+		return ErrInvalidMode
 	}
 }
 
diff --git a/bpf-prog/azure-block-iptables/cmd/azure-block-iptables/main_test.go b/bpf-prog/azure-block-iptables/cmd/azure-block-iptables/main_test.go
@@ -49,7 +49,9 @@ func TestHandleFileEventWithMock(t *testing.T) {
 			// Reset mock state
 			mockAttacher.Reset()
 
-			run(&Config{Mode: tc.mode, Overwrite: tc.overwrite, AttacherFactory: func() bpfprogram.Attacher { return mockAttacher }})
+			if err := run(&Config{Mode: tc.mode, Overwrite: tc.overwrite, AttacherFactory: func() bpfprogram.Attacher { return mockAttacher }}); err != nil {
+				t.Errorf("Failed to run: %v", err)
+			}
 
 			// Verify expectations
 			if mockAttacher.AttachCallCount() != tc.expectedAttach {
diff --git a/bpf-prog/azure-block-iptables/pkg/bpfprogram/program.go b/bpf-prog/azure-block-iptables/pkg/bpfprogram/program.go
@@ -188,7 +188,12 @@ func (p *Program) Attach() error {
 		}
 
 		pinPath := filepath.Join(BPFMapPinPath, IptablesLegacyBlockProgramName)
-		l.Pin(pinPath)
+		err = l.Pin(pinPath)
+		if err != nil {
+			l.Close()
+			return errors.Wrap(err, "failed to pin iptables_legacy_block LSM")
+		}
+
 		links = append(links, l)
 	}
 
@@ -208,7 +213,16 @@ func (p *Program) Attach() error {
 			return errors.Wrap(err, "failed to attach block_nf_netlink LSM")
 		}
 		pinPath := filepath.Join(BPFMapPinPath, IptablesNftablesBlockProgramName)
-		l.Pin(pinPath)
+		err = l.Pin(pinPath)
+		if err != nil {
+			for _, link := range links {
+				link.Close()
+			}
+
+			l.Close()
+			return errors.Wrap(err, "failed to pin iptables_nftables_block LSM")
+		}
+
 		links = append(links, l)
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,11 @@ import (`
`14`	`14`	`)`
`15`	`15`
`16`	`16`	`// ProgramVersion is set during build`
`17`		`-var version = "unknown"`
	`17`	`+var (`
	`18`	`+ version = "unknown"`
	`19`	`+ ErrModeRequired = errors.New("mode is required")`
	`20`	`+ ErrInvalidMode = errors.New("invalid mode. Use -mode=attach or -mode=detach")`
	`21`	`+)`
`18`	`22`
`19`	`23`	`// Config holds configuration for the application`
`20`	`24`	`type Config struct {`
`@@ -45,11 +49,11 @@ func parseArgs() (*Config, error) {`
`45`	`49`	`}`
`46`	`50`
`47`	`51`	`if *mode == "" {`
`48`		`- return nil, fmt.Errorf("mode is required. Use -mode=attach or -mode=detach")`
	`52`	`+ return nil, ErrModeRequired`
`49`	`53`	`}`
`50`	`54`
`51`	`55`	`if mode != "attach" && mode != "detach" {`
`52`		`- return nil, fmt.Errorf("invalid mode '%s'. Must be 'attach' or 'detach'", *mode)`
	`56`	`+ return nil, ErrInvalidMode`
`53`	`57`	`}`
`54`	`58`
`55`	`59`	`return &Config{`
`@@ -107,7 +111,7 @@ func run(config *Config) error {`
`107`	`111`	`case "detach":`
`108`	`112`	`return detachMode(config)`
`109`	`113`	`default:`
`110`		`- return fmt.Errorf("unsupported mode: %s", config.Mode)`
	`114`	`+ return ErrInvalidMode`
`111`	`115`	`}`
`112`	`116`	`}`
`113`	`117`