A few more linter errors

acme/challenge.go

@@ -162,7 +162,7 @@ func tlsalpn01Validate(ctx context.Context, ch *Challenge, db DB, jwk *jose.JSON
 		// [RFC5246] or higher when connecting to clients for validation.
 		MinVersion:         tls.VersionTLS12,
 		ServerName:         serverName(ch),
-		InsecureSkipVerify: true, // nolint:gosec // we expect a self-signed challenge certificate
+		InsecureSkipVerify: true, //nolint:gosec // we expect a self-signed challenge certificate
 	}
 
 	hostPort := net.JoinHostPort(ch.Value, "443")

acme/common.go

@@ -112,13 +112,9 @@ type MockProvisioner struct {
 	MauthorizeOrderIdentifier func(ctx context.Context, identifier provisioner.ACMEIdentifier) error
 	MauthorizeSign            func(ctx context.Context, ott string) ([]provisioner.SignOption, error)
 	MauthorizeRevoke          func(ctx context.Context, token string) error
-<<<<<<< HEAD
 	MisChallengeEnabled       func(ctx context.Context, challenge provisioner.ACMEChallenge) bool
 	MisAttFormatEnabled       func(ctx context.Context, format provisioner.ACMEAttestationFormat) bool
 	MgetAttestationRoots      func() (*x509.CertPool, bool)
-=======
-	MauthorizeChallenge       func(Ctx context.Context, challenge string) error
->>>>>>> 0f84b333 (Add acme property to enable challenges)
 	MdefaultTLSCertDuration   func() time.Duration
 	MgetOptions               func() *provisioner.Options
 }
@@ -155,7 +151,6 @@ func (m *MockProvisioner) AuthorizeRevoke(ctx context.Context, token string) err
 	return m.Merr
 }
 
-<<<<<<< HEAD
 // IsChallengeEnabled mock
 func (m *MockProvisioner) IsChallengeEnabled(ctx context.Context, challenge provisioner.ACMEChallenge) bool {
 	if m.MisChallengeEnabled != nil {
@@ -177,14 +172,6 @@ func (m *MockProvisioner) GetAttestationRoots() (*x509.CertPool, bool) {
 		return m.MgetAttestationRoots()
 	}
 	return m.Mret1.(*x509.CertPool), m.Mret1 != nil
-=======
-// AuthorizeChallenge mock
-func (m *MockProvisioner) AuthorizeChallenge(ctx context.Context, challenge string) error {
-	if m.MauthorizeChallenge != nil {
-		return m.MauthorizeChallenge(ctx, challenge)
-	}
-	return m.Merr
->>>>>>> 0f84b333 (Add acme property to enable challenges)
 }
 
 // DefaultTLSCertDuration mock

acme/order.go

@@ -324,7 +324,6 @@ func numberOfIdentifierType(typ IdentifierType, ids []Identifier) int {
 // addresses or DNS names slice, depending on whether it can be parsed as an IP
 // or not. This might result in an additional SAN in the final certificate.
 func canonicalize(csr *x509.CertificateRequest) (canonicalized *x509.CertificateRequest) {
-
 	// for clarity only; we're operating on the same object by pointer
 	canonicalized = csr
 

authority/provisioner/acme.go

@@ -217,7 +217,6 @@ type ACMEIdentifier struct {
 // AuthorizeOrderIdentifier verifies the provisioner is allowed to issue a
 // certificate for an ACME Order Identifier.
 func (p *ACME) AuthorizeOrderIdentifier(ctx context.Context, identifier ACMEIdentifier) error {
-
 	x509Policy := p.ctl.getPolicy().getX509()
 
 	// identifier is allowed if no policy is configured

authority/provisioners.go

@@ -145,7 +145,6 @@ func (a *Authority) generateProvisionerConfig(ctx context.Context) (provisioner.
 		AuthorizeRenewFunc:    a.authorizeRenewFunc,
 		AuthorizeSSHRenewFunc: a.authorizeSSHRenewFunc,
 	}, nil
-
 }
 
 // StoreProvisioner stores a provisioner to the authority.
@@ -530,6 +529,7 @@ func durationsToLinkedca(d *provisioner.Duration) string {
 // certifictes claims type.
 func claimsToCertificates(c *linkedca.Claims) (*provisioner.Claims, error) {
 	if c == nil {
+		//nolint:nilnil // nil claims do not pose an issue.
 		return nil, nil
 	}