Fix misc nits and missing/unused imports

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

pkg/cluster/bootstrap.go

@@ -21,13 +21,14 @@ func (c *Cluster) Bootstrap(ctx context.Context) error {
 		return err
 	}
 
-	runBootstrap, err := c.shouldBootstrapLoad(ctx)
+	shouldBootstrap, err := c.shouldBootstrapLoad(ctx)
 	if err != nil {
 		return err
 	}
-	c.shouldBootstrap = runBootstrap
 
-	if runBootstrap {
+	c.shouldBootstrap = shouldBootstrap
+
+	if shouldBootstrap {
 		if err := c.bootstrap(ctx); err != nil {
 			return err
 		}
@@ -93,15 +94,18 @@ func (c *Cluster) shouldBootstrapLoad(ctx context.Context) (bool, error) {
 
 // bootstrapped touches a file to indicate that bootstrap has been completed.
 func (c *Cluster) bootstrapped() error {
-	if err := os.MkdirAll(filepath.Dir(c.bootstrapStamp()), 0700); err != nil {
+	stamp := c.bootstrapStamp()
+	if err := os.MkdirAll(filepath.Dir(stamp), 0700); err != nil {
 		return err
 	}
 
-	if _, err := os.Stat(c.bootstrapStamp()); err == nil {
+	// return if file already exists
+	if _, err := os.Stat(stamp); err == nil {
 		return nil
 	}
 
-	f, err := os.Create(c.bootstrapStamp())
+	// otherwise try to create it
+	f, err := os.Create(stamp)
 	if err != nil {
 		return err
 	}

pkg/cluster/encrypt.go

@@ -19,9 +19,7 @@ import (
 // storageKey returns the etcd key for storing bootstrap data for a given passphrase.
 // The key is derived from the sha256 hash of the passphrase.
 func storageKey(passphrase string) string {
-	d := sha256.New()
+	return "/bootstrap/" + keyHash(passphrase)
-	d.Write([]byte(passphrase))
-	return "/bootstrap/" + hex.EncodeToString(d.Sum(nil)[:])[:12]
 }
 
 // keyHash returns the first 12 characters of the sha256 sum of the passphrase.

pkg/cluster/https.go

@@ -36,22 +36,23 @@ func (c *Cluster) newListener(ctx context.Context) (net.Listener, http.Handler,
 
 	storage := tlsStorage(ctx, c.config.DataDir, c.runtime)
 	return dynamiclistener.NewListener(tcp, storage, cert, key, dynamiclistener.Config{
-		CN:           version.Program,
+		ExpirationDaysCheck: config.CertificateRenewDays,
-		Organization: []string{version.Program},
+		Organization:        []string{version.Program},
+		SANs:                append(c.config.SANs, "localhost", "kubernetes", "kubernetes.default", "kubernetes.default.svc."+c.config.ClusterDomain),
+		CN:                  version.Program,
 		TLSConfig: &tls.Config{
 			ClientAuth:   tls.RequestClientCert,
 			MinVersion:   c.config.TLSMinVersion,
 			CipherSuites: c.config.TLSCipherSuites,
 		},
-		SANs:                append(c.config.SANs, "localhost", "kubernetes", "kubernetes.default", "kubernetes.default.svc."+c.config.ClusterDomain),
-		ExpirationDaysCheck: config.CertificateRenewDays,
 	})
 }
 
 // initClusterAndHTTPS sets up the dynamic tls listener, request router,
 // and cluster database. Once the database is up, it starts the supervisor http server.
 func (c *Cluster) initClusterAndHTTPS(ctx context.Context) error {
-	l, handler, err := c.newListener(ctx)
+	// Set up dynamiclistener TLS listener and request handler
+	listener, handler, err := c.newListener(ctx)
 	if err != nil {
 		return err
 	}
@@ -76,7 +77,7 @@ func (c *Cluster) initClusterAndHTTPS(ctx context.Context) error {
 
 	// Start the supervisor http server on the tls listener
 	go func() {
-		err := server.Serve(l)
+		err := server.Serve(listener)
 		logrus.Fatalf("server stopped: %v", err)
 	}()
 

pkg/cluster/managed.go

@@ -5,13 +5,10 @@ package cluster
 
 import (
 	"context"
-	"net"
 	"net/http"
-	"strings"
 	"time"
 
 	"github.com/rancher/k3s/pkg/cluster/managed"
-	"github.com/rancher/kine/pkg/endpoint"
 	"github.com/sirupsen/logrus"
 )