use errors.Is instead of comparison with errors.Cause

Signed-off-by: Matthieu MOREL <[email protected]>

Author: mmorel-35

agent/config.go

@@ -1,11 +1,12 @@
 package agent
 
 import (
+	"errors"
+
 	"github.com/docker/go-events"
 	"github.com/moby/swarmkit/v2/agent/exec"
 	"github.com/moby/swarmkit/v2/api"
 	"github.com/moby/swarmkit/v2/connectionbroker"
-	"github.com/pkg/errors"
 	bolt "go.etcd.io/bbolt"
 	"google.golang.org/grpc/credentials"
 )

agent/exec/controller.go

@@ -2,14 +2,14 @@ package exec
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"time"
 
 	"github.com/moby/swarmkit/v2/api"
 	"github.com/moby/swarmkit/v2/api/equality"
 	"github.com/moby/swarmkit/v2/log"
 	"github.com/moby/swarmkit/v2/protobuf/ptypes"
-	"github.com/pkg/errors"
 )
 
 // Controller controls execution of a task.
@@ -197,7 +197,7 @@ func Do(ctx context.Context, task *api.Task, ctlr Controller) (*api.TaskStatus,
 			exitCode = ec.ExitCode()
 		}
 
-		if cause := errors.Cause(err); cause == context.DeadlineExceeded || cause == context.Canceled {
+		if errors.Is(err, context.DeadlineExceeded) || errors.Is(err, context.Canceled) {
 			return retry()
 		}
 
@@ -355,6 +355,5 @@ func logStateChange(ctx context.Context, desired, previous, next api.TaskState)
 }
 
 func contextDoneError(err error) bool {
-	cause := errors.Cause(err)
-	return cause == context.Canceled || cause == context.DeadlineExceeded
+	return errors.Is(err, context.Canceled) || errors.Is(err, context.DeadlineExceeded)
 }

agent/exec/errors.go

@@ -1,6 +1,6 @@
 package exec
 
-import "github.com/pkg/errors"
+import "errors"
 
 var (
 	// ErrRuntimeUnsupported encountered when a task requires a runtime

ca/certificates.go

@@ -12,6 +12,7 @@ import (
 	"crypto/x509"
 	"encoding/asn1"
 	"encoding/pem"
+	"errors"
 	"fmt"
 	"io"
 	"os"
@@ -30,7 +31,6 @@ import (
 	"github.com/moby/swarmkit/v2/connectionbroker"
 	"github.com/moby/swarmkit/v2/ioutils"
 	"github.com/opencontainers/go-digest"
-	"github.com/pkg/errors"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/credentials"

ca/config.go

@@ -5,6 +5,7 @@ import (
 	cryptorand "crypto/rand"
 	"crypto/tls"
 	"crypto/x509"
+	"errors"
 	"fmt"
 	"math/big"
 	"math/rand"
@@ -16,7 +17,6 @@ import (
 	cfconfig "github.com/cloudflare/cfssl/config"
 	events "github.com/docker/go-events"
 	"github.com/opencontainers/go-digest"
-	"github.com/pkg/errors"
 	"google.golang.org/grpc/credentials"
 
 	"github.com/moby/swarmkit/v2/api"
@@ -513,8 +513,8 @@ func (rootCA RootCA) CreateSecurityConfig(ctx context.Context, krw *KeyReadWrite
 
 	proposedRole := ManagerRole
 	tlsKeyPair, issuerInfo, err := rootCA.IssueAndSaveNewCertificates(krw, cn, proposedRole, org)
-	switch errors.Cause(err) {
-	case ErrNoValidSigner:
+	switch {
+	case errors.Is(err, ErrNoValidSigner):
 		config.RetryInterval = GetCertRetryInterval
 		// Request certificate issuance from a remote CA.
 		// Last argument is nil because at this point we don't have any valid TLS creds
@@ -523,7 +523,7 @@ func (rootCA RootCA) CreateSecurityConfig(ctx context.Context, krw *KeyReadWrite
 			log.G(ctx).WithError(err).Error("failed to request and save new certificate")
 			return nil, nil, err
 		}
-	case nil:
+	case err == nil:
 		log.G(ctx).WithFields(log.Fields{
 			"node.id":   cn,
 			"node.role": proposedRole,

ca/config_test.go

@@ -5,6 +5,7 @@ import (
 	"context"
 	"crypto/tls"
 	"crypto/x509"
+	"errors"
 	"net"
 	"os"
 	"path/filepath"
@@ -25,7 +26,6 @@ import (
 	"github.com/moby/swarmkit/v2/manager/state"
 	"github.com/moby/swarmkit/v2/manager/state/store"
 	"github.com/moby/swarmkit/v2/testutils"
-	"github.com/pkg/errors"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
@@ -236,19 +236,22 @@ func TestLoadSecurityConfigExpiredCert(t *testing.T) {
 
 	_, _, err = ca.LoadSecurityConfig(tc.Context, tc.RootCA, krw, false)
 	require.Error(t, err)
-	require.IsType(t, x509.CertificateInvalidError{}, errors.Cause(err))
+	var cie1 x509.CertificateInvalidError
+	require.ErrorAs(t, err, &cie1)
 
 	_, _, err = ca.LoadSecurityConfig(tc.Context, tc.RootCA, krw, true)
 	require.Error(t, err)
-	require.IsType(t, x509.CertificateInvalidError{}, errors.Cause(err))
+	var cie2 x509.CertificateInvalidError
+	require.ErrorAs(t, err, &cie2)
 
 	// a cert that is expired is not valid if expiry is not allowed
 	invalidCert = cautils.ReDateCert(t, certBytes, tc.RootCA.Certs, s.Key, now.Add(-2*time.Minute), now.Add(-1*time.Minute))
 	require.NoError(t, os.WriteFile(tc.Paths.Node.Cert, invalidCert, 0o700))
 
 	_, _, err = ca.LoadSecurityConfig(tc.Context, tc.RootCA, krw, false)
 	require.Error(t, err)
-	require.IsType(t, x509.CertificateInvalidError{}, errors.Cause(err))
+	var cie3 x509.CertificateInvalidError
+	require.ErrorAs(t, err, &cie3)
 
 	// but it is valid if expiry is allowed
 	_, cancel, err := ca.LoadSecurityConfig(tc.Context, tc.RootCA, krw, true)
@@ -798,7 +801,8 @@ func TestRenewTLSConfigUpdatesRootNonUnknownAuthError(t *testing.T) {
 
 	err = ca.RenewTLSConfigNow(tc.Context, secConfig, fakeCAServer.getConnBroker(), tc.Paths.RootCA)
 	require.Error(t, err)
-	require.IsType(t, x509.CertificateInvalidError{}, errors.Cause(err))
+	var cie x509.CertificateInvalidError
+	require.ErrorAs(t, err, &cie)
 	require.NoError(t, <-signErr)
 }
 

ca/external.go

@@ -9,6 +9,7 @@ import (
 	"encoding/hex"
 	"encoding/json"
 	"encoding/pem"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -20,7 +21,6 @@ import (
 	"github.com/cloudflare/cfssl/csr"
 	"github.com/cloudflare/cfssl/signer"
 	"github.com/moby/swarmkit/v2/log"
-	"github.com/pkg/errors"
 	"golang.org/x/net/context/ctxhttp"
 )
 

ca/keyreadwriter.go

@@ -3,6 +3,7 @@ package ca
 import (
 	"crypto/x509"
 	"encoding/pem"
+	"errors"
 	"fmt"
 	"os"
 	"path/filepath"
@@ -15,7 +16,6 @@ import (
 	"github.com/moby/swarmkit/v2/ca/keyutils"
 	"github.com/moby/swarmkit/v2/ca/pkcs8"
 	"github.com/moby/swarmkit/v2/ioutils"
-	"github.com/pkg/errors"
 )
 
 const (

ca/reconciler.go

@@ -3,6 +3,7 @@ package ca
 import (
 	"bytes"
 	"context"
+	"errors"
 	"fmt"
 	"reflect"
 	"sync"
@@ -13,7 +14,6 @@ import (
 	"github.com/moby/swarmkit/v2/api/equality"
 	"github.com/moby/swarmkit/v2/log"
 	"github.com/moby/swarmkit/v2/manager/state/store"
-	"github.com/pkg/errors"
 )
 
 // IssuanceStateRotateMaxBatchSize is the maximum number of nodes we'll tell to rotate their certificates in any given update

ca/renewer.go

@@ -2,13 +2,13 @@ package ca
 
 import (
 	"context"
+	"errors"
 	"sync"
 	"time"
 
 	"github.com/docker/go-events"
 	"github.com/moby/swarmkit/v2/connectionbroker"
 	"github.com/moby/swarmkit/v2/log"
-	"github.com/pkg/errors"
 )
 
 // RenewTLSExponentialBackoff sets the exponential backoff when trying to renew TLS certificates that have expired