fix review findings

Author: sbueringer

pkg/client/client_test.go

@@ -1979,7 +1979,6 @@ U5wwSivyi7vmegHKmblOzNVKA5qPO8zWzqBC
 			// Test this with an integrated type and a CRD to make sure it covers both proto
 			// and json deserialization.
 			for idx, object := range []client.Object{&corev1.ConfigMap{}, &pkg.ChaosPod{}} {
-				idx, object := idx, object
 				It(fmt.Sprintf("should not retain any data in the obj variable that is not on the server for %T", object), func() {
 					cl, err := client.New(cfg, client.Options{})
 					Expect(err).NotTo(HaveOccurred())

pkg/envtest/crd.go

@@ -229,7 +229,6 @@ func UninstallCRDs(config *rest.Config, options CRDInstallOptions) error {
 
 	// Uninstall each CRD
 	for _, crd := range options.CRDs {
-		crd := crd
 		log.V(1).Info("uninstalling CRD", "crd", crd.GetName())
 		if err := cs.Delete(context.TODO(), crd); err != nil {
 			// If CRD is not found, we can consider success
@@ -251,7 +250,6 @@ func CreateCRDs(config *rest.Config, crds []*apiextensionsv1.CustomResourceDefin
 
 	// Create each CRD
 	for _, crd := range crds {
-		crd := crd
 		log.V(1).Info("installing CRD", "crd", crd.GetName())
 		existingCrd := crd.DeepCopy()
 		err := cs.Get(context.TODO(), client.ObjectKey{Name: crd.GetName()}, existingCrd)

pkg/envtest/envtest_test.go

@@ -57,7 +57,6 @@ var _ = Describe("Test", func() {
 	// Cleanup CRDs
 	AfterEach(func() {
 		for _, crd := range crds {
-			crd := crd
 			// Delete only if CRD exists.
 			crdObjectKey := client.ObjectKey{
 				Name: crd.GetName(),

pkg/envtest/webhook.go

@@ -313,14 +313,12 @@ func createWebhooks(config *rest.Config, mutHooks []*admissionv1.MutatingWebhook
 
 	// Create each webhook
 	for _, hook := range mutHooks {
-		hook := hook
 		log.V(1).Info("installing mutating webhook", "webhook", hook.GetName())
 		if err := ensureCreated(cs, hook); err != nil {
 			return err
 		}
 	}
 	for _, hook := range valHooks {
-		hook := hook
 		log.V(1).Info("installing validating webhook", "webhook", hook.GetName())
 		if err := ensureCreated(cs, hook); err != nil {
 			return err

pkg/log/zap/flags.go

@@ -85,7 +85,7 @@ func (ev *levelFlag) Set(flagValue string) error {
 		}
 		if logLevel > 0 {
 			intLevel := -1 * logLevel
-			ev.setFunc(zap.NewAtomicLevelAt(zapcore.Level(int8(intLevel)))) //nolint:gosec // We don't care about G115.
+			ev.setFunc(zap.NewAtomicLevelAt(zapcore.Level(int8(intLevel)))) //nolint:gosec // We are not worried about integer overflows (G115) here.
 		} else {
 			return fmt.Errorf("invalid log level \"%s\"", flagValue)
 		}

pkg/webhook/admission/response.go

@@ -71,7 +71,7 @@ func ValidationResponse(allowed bool, message string) Response {
 		AdmissionResponse: admissionv1.AdmissionResponse{
 			Allowed: allowed,
 			Result: &metav1.Status{
-				Code:   int32(code), //nolint:gosec // We don't care about G115.
+				Code:   int32(code), //nolint:gosec // Integer overflows (G115) cannot occur here.
 				Reason: reason,
 			},
 		},

tools/setup-envtest/store/store.go

@@ -168,7 +168,7 @@ func (s *Store) Add(ctx context.Context, item Item, contents io.Reader) (resErr
 		targetPath := filepath.Base(header.Name)
 		log.V(1).Info("writing archive file to disk", "archive file", header.Name, "on-disk file", targetPath)
 		perms := 0555 & header.Mode                                                                        // make sure we're at most r+x
-		binOut, err := itemPath.OpenFile(targetPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, os.FileMode(perms)) //nolint:gosec // We don't care about G115.
+		binOut, err := itemPath.OpenFile(targetPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, os.FileMode(perms)) //nolint:gosec // Integer overflows (G115) seem unlikely here.
 		if err != nil {
 			return fmt.Errorf("unable to create file %s from archive to disk for version-platform pair %s", targetPath, itemName)
 		}