chore: do not use sentinel errors when unneeded

- main reason being it's a burden to always define sentinel errors at global scope, wrap them with `%w` instead of using a string directly - only use sentinel errors when it has to be checked using `errors.Is` - replace all usage of these sentinel errors in `fmt.Errorf` with direct strings that were in the sentinel error - exclude the sentinel error definition requirement from .golangci.yml - update unit tests to use ContainersError instead of ErrorIs so it stays as a "not a change detector test" without requiring a sentinel error
2026-05-17 06:00:15 +02:00 · 2026-05-02 00:50:16 +00:00
parent 9b6f048fe8
commit 4a78989d9d
172 changed files with 666 additions and 1433 deletions
@@ -80,11 +80,9 @@ func ipPrefixesEqual(instruction, chainRule netip.Prefix) bool {
 		(!instruction.IsValid() && chainRule.Bits() == 0 && chainRule.Addr().IsUnspecified())
 }

-var ErrIptablesCommandMalformed = errors.New("iptables command is malformed")
-
 func parseIptablesInstruction(s string) (instruction iptablesInstruction, err error) {
 	if s == "" {
-		return iptablesInstruction{}, fmt.Errorf("%w: empty instruction", ErrIptablesCommandMalformed)
+		return iptablesInstruction{}, errors.New("iptables command is malformed: empty instruction")
 	}
 	fields := strings.Fields(s)

@@ -173,7 +171,7 @@ func parseInstructionFlag(fields []string, instruction *iptablesInstruction) (co
 			return 0, fmt.Errorf("parsing TCP flags: %w", err)
 		}
 	default:
-		return 0, fmt.Errorf("%w: unknown key %q", ErrIptablesCommandMalformed, flag)
+		return 0, fmt.Errorf("iptables command is malformed: unknown key %q", flag)
 	}
 	return consumed, nil
 }
@@ -185,15 +183,15 @@ func preCheckInstructionFields(fields []string) (consumed int, err error) {
 	case "--tcp-flags": // -m can have 1 or 2 values
 		const expected = 3
 		if len(fields) < expected {
-			return 0, fmt.Errorf("%w: flag %q requires at least 2 values, but got %s",
-				ErrIptablesCommandMalformed, flag, strings.Join(fields, " "))
+			return 0, fmt.Errorf("iptables command is malformed: flag %q requires at least 2 values, but got %s",
+				flag, strings.Join(fields, " "))
 		}
 		return expected, nil
 	default:
 		const expected = 2
 		if len(fields) < expected {
-			return 0, fmt.Errorf("%w: flag %q requires a value, but got none",
-				ErrIptablesCommandMalformed, flag)
+			return 0, fmt.Errorf("iptables command is malformed: flag %q requires a value, but got none",
+				flag)
 		}
 		return expected, nil
 	}
@@ -239,12 +237,12 @@ func parseMatchModule(fields []string, instruction *iptablesInstruction) (
 			consumed++
 			instruction.mark.invert = true
 		default:
-			return consumed, fmt.Errorf("%w: unsupported match mark with value: %s",
-				ErrIptablesCommandMalformed, fields[2])
+			return consumed, fmt.Errorf("iptables command is malformed: unsupported match mark with value: %s",
+				fields[2])
 		}
 	default:
-		return 0, fmt.Errorf("%w: unknown match value: %s",
-			ErrIptablesCommandMalformed, fields[consumed])
+		return 0, fmt.Errorf("iptables command is malformed: unknown match value: %s",
+			fields[consumed])
 	}
 	return consumed, nil
 }