fixes for golint ./...

2024-12-14 11:57:48 +00:00 · 2020-11-17 13:07:30 -08:00 · 2020-11-17 13:07:30 -08:00 · b9fb926ddb
commit b9fb926ddb
parent e985ee4031
46 changed files with 221 additions and 167 deletions
--- a/api/swaggerDoc.go
+++ b/api/swaggerDoc.go
@ -1,5 +1,6 @@
 package data

+// SwaggerDoc is the OpenAPISchema definitions for k8s objects
 const SwaggerDoc = `
 {
  "definitions": {
--- a/go.mod
+++ b/go.mod
@ -53,7 +53,9 @@ require (
 	github.com/spf13/viper v1.6.2 // indirect
 	github.com/stretchr/testify v1.4.0
 	github.com/tevino/abool v0.0.0-20170917061928-9b9efcf221b5
+	golang.org/x/lint v0.0.0-20200302205851-738671d3881b // indirect
 	golang.org/x/time v0.0.0-20191024005414-555d28b269f0 // indirect
+	golang.org/x/tools v0.0.0-20201117152513-9036a0f9af11 // indirect
 	google.golang.org/appengine v1.6.5 // indirect
 	gopkg.in/yaml.v2 v2.3.0
 	gopkg.in/yaml.v3 v3.0.0-20200121175148-a6ecf24a6d71
--- a/go.sum
+++ b/go.sum
@ -742,6 +742,7 @@ github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca h1:1CFlNzQhALwjS9mB
 github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca/go.mod h1:ce1O1j6UtZfjr22oyGxGLbauSBp2YVXpARAosm7dHBg=
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
 github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yujunz/go-getter v1.4.1-lite/go.mod h1:sbmqxXjyLunH1PkF3n7zSlnVeMvmYUuIl9ZVs/7NyCc=
 go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
@ -802,6 +803,7 @@ golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHl
 golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
+golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
 golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
 golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
@ -842,6 +844,8 @@ golang.org/x/net v0.0.0-20200226121028-0de0cce0169b h1:0mm1VjtFUOIlE1SbDlwjYaDxZ
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200625001655-4c5254603344 h1:vGXIOMxbNfDTk/aXCmfdLgkrSV+Z2tcbze+pEc3v5W4=
 golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974 h1:IX6qOQeG5uLjB/hjjwjedwfjND0hgjPMMyO1RoIXQNI=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@ -855,6 +859,7 @@ golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@ -898,12 +903,16 @@ golang.org/x/sys v0.0.0-20200116001909-b77594299b42 h1:vEOn+mP2zCOVzKckCZy6YsCtD
 golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd h1:xhmwyvizuTgC2qz7ZlMluP20uW+C3Rm0FD/WLDX8884=
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f h1:+Nyd8tzPX9R7BWHguqsrbFdRx3WQ/1ib8I44HXV5yTA=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20181227161524-e6919f6577db/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@ -950,12 +959,17 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
 golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191204011308-9611592c72f6/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/tools v0.0.0-20200226224502-204d844ad48d h1:loGv/4fxITSrCD4t2P8ZF4oUC4RlRFDAsczcoUS2g6c=
 golang.org/x/tools v0.0.0-20200226224502-204d844ad48d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200823205832-c024452afbcd/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
+golang.org/x/tools v0.0.0-20201117152513-9036a0f9af11 h1:gqcmLJzeDSNhSzkyhJ4kxP6CtTimi/5hWFDGp0lFd1w=
+golang.org/x/tools v0.0.0-20201117152513-9036a0f9af11/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gomodules.xyz/jsonpatch/v2 v2.0.1/go.mod h1:IhYNNY4jnS53ZnfE4PAmpKtDpTCj1JFXc+3mwe7XcUU=
 google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
 google.golang.org/api v0.5.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
--- a/pkg/api/kyverno/v1/policy_types.go
+++ b/pkg/api/kyverno/v1/policy_types.go
@ -124,7 +124,7 @@ const (
 	Equal ConditionOperator = "Equal"
 	// Equals evaluates if the key is equal to the value.
 	Equals ConditionOperator = "Equals"
-	// Equals evaluates if the key is not equal to the value.
+	// NotEqual evaluates if the key is not equal to the value.
 	NotEqual ConditionOperator = "NotEqual"
 	// NotEquals evaluates if the key is not equal to the value.
 	NotEquals ConditionOperator = "NotEquals"
--- a/pkg/api/kyverno/v1/utils.go
+++ b/pkg/api/kyverno/v1/utils.go
@ -5,6 +5,7 @@ import (
 	"reflect"
 )

+// HasAutoGenAnnotation checks if a policy has auto-gen annotation
 func (p *ClusterPolicy) HasAutoGenAnnotation() bool {
 	annotations := p.GetAnnotations()
 	_, ok := annotations["pod-policies.kyverno.io/autogen-controllers"]
@ -21,6 +22,7 @@ func (p *ClusterPolicy) HasMutateOrValidateOrGenerate() bool {
 	return false
 }

+// BackgroundProcessingEnabled checks if background is set to true
 func (p *ClusterPolicy) BackgroundProcessingEnabled() bool {
 	if p.Spec.Background == nil {
 		return true
@ -29,17 +31,17 @@ func (p *ClusterPolicy) BackgroundProcessingEnabled() bool {
 	return *p.Spec.Background
 }

-//HasMutate checks for mutate rule
+// HasMutate checks for mutate rule
 func (r Rule) HasMutate() bool {
 	return !reflect.DeepEqual(r.Mutation, Mutation{})
 }

-//HasValidate checks for validate rule
+// HasValidate checks for validate rule
 func (r Rule) HasValidate() bool {
 	return !reflect.DeepEqual(r.Validation, Validation{})
 }

-//HasGenerate checks for generate rule
+// HasGenerate checks for generate rule
 func (r Rule) HasGenerate() bool {
 	return !reflect.DeepEqual(r.Generation, Generation{})
 }
--- a/pkg/api/kyverno/v1alpha1/clusterreportchangerequest_types.go
+++ b/pkg/api/kyverno/v1alpha1/clusterreportchangerequest_types.go
@ -62,9 +62,9 @@ type ClusterReportChangeRequest struct {
 	Results []*report.PolicyReportResult `json:"results,omitempty"`
 }

+// ClusterReportChangeRequestList contains a list of ClusterReportChangeRequest
 // +kubebuilder:object:root=true
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-// ClusterReportChangeRequestList contains a list of ClusterReportChangeRequest
 type ClusterReportChangeRequestList struct {
 	metav1.TypeMeta `json:",inline"`
 	metav1.ListMeta `json:"metadata,omitempty"`
--- a/pkg/api/kyverno/v1alpha1/reportchangerequest_types.go
+++ b/pkg/api/kyverno/v1alpha1/reportchangerequest_types.go
@ -60,9 +60,9 @@ type ReportChangeRequest struct {
 	Results []*report.PolicyReportResult `json:"results,omitempty"`
 }

+// ReportChangeRequestList contains a list of ReportChangeRequest
 // +kubebuilder:object:root=true
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-// ReportChangeRequestList contains a list of ReportChangeRequest
 type ReportChangeRequestList struct {
 	metav1.TypeMeta `json:",inline"`
 	metav1.ListMeta `json:"metadata,omitempty"`
--- a/pkg/api/policyreport/v1alpha1/clusterpolicyreport_types.go
+++ b/pkg/api/policyreport/v1alpha1/clusterpolicyreport_types.go
@ -61,9 +61,9 @@ type ClusterPolicyReport struct {
 	Results []*PolicyReportResult `json:"results,omitempty"`
 }

+// ClusterPolicyReportList contains a list of ClusterPolicyReport
 // +kubebuilder:object:root=true
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-// ClusterPolicyReportList contains a list of ClusterPolicyReport
 type ClusterPolicyReportList struct {
 	metav1.TypeMeta `json:",inline"`
 	metav1.ListMeta `json:"metadata,omitempty"`
--- a/pkg/api/policyreport/v1alpha1/policyreport_types.go
+++ b/pkg/api/policyreport/v1alpha1/policyreport_types.go
@ -21,6 +21,7 @@ import (
 // EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
 // NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.

+// Status specifies state of a policy result
 const (
 	StatusPass  = "pass"
 	StatusFail  = "fail"
@ -148,9 +149,9 @@ type PolicyReport struct {
 	Results []*PolicyReportResult `json:"results,omitempty"`
 }

+// PolicyReportList contains a list of PolicyReport
 // +kubebuilder:object:root=true
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-// PolicyReportList contains a list of PolicyReport
 type PolicyReportList struct {
 	metav1.TypeMeta `json:",inline"`
 	metav1.ListMeta `json:"metadata,omitempty"`
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@ -58,8 +58,6 @@ var (
 	KubePolicyNamespace = getKyvernoNameSpace()
 	// KubePolicyDeploymentName define the default deployment namespace
 	KubePolicyDeploymentName = "kyverno"
-	// Kyverno CLI Image
-	KyvernoCliImage = "nirmata/kyverno-cli:latest"

 	//WebhookServiceName default kyverno webhook service name
 	WebhookServiceName = getWebhookServiceName()
--- a/pkg/constant/constant.go
+++ b/pkg/constant/constant.go
@ -2,6 +2,7 @@ package constant

 import "time"

+// Resync period for Kyverno controllers
 const (
 	CRDControllerResync             = 15 * time.Minute
 	PolicyReportControllerResync    = 15 * time.Minute
@ -13,15 +14,3 @@ const (
 	PolicyReportPolicyChangeResync   = 60 * time.Second
 	PolicyReportResourceChangeResync = 60 * time.Second
 )
-
-const (
-	Namespace string = "Namespace"
-	Cluster   string = "Cluster"
-	All       string = "All"
-)
-
-const (
-	ConfigmapMode        string = "CONFIGMAP"
-	BackgroundPolicySync string = "POLICYSYNC"
-	BackgroundSync       string = "SYNC"
-)
--- a/pkg/dclient/certificates.go
+++ b/pkg/dclient/certificates.go
@ -16,7 +16,7 @@ import (
 // InitTLSPemPair Loads or creates PEM private key and TLS certificate for webhook server.
 // Created pair is stored in cluster's secret.
 // Returns struct with key/certificate pair.
-func (c *Client) InitTLSPemPair(configuration *rest.Config, fqdncn bool) (*tls.TlsPemPair, error) {
+func (c *Client) InitTLSPemPair(configuration *rest.Config, fqdncn bool) (*tls.PemPair, error) {
 	logger := c.log
 	certProps, err := c.GetTLSCertProps(configuration)
 	if err != nil {
@ -24,20 +24,20 @@ func (c *Client) InitTLSPemPair(configuration *rest.Config, fqdncn bool) (*tls.T
 	}

 	logger.Info("Building key/certificate pair for TLS")
-	tlsPair, err := c.buildTlsPemPair(certProps, fqdncn)
+	tlsPair, err := c.buildTLSPemPair(certProps, fqdncn)
 	if err != nil {
 		return nil, err
 	}
-	if err = c.WriteTlsPairToSecret(certProps, tlsPair); err != nil {
+	if err = c.WriteTLSPairToSecret(certProps, tlsPair); err != nil {
 		return nil, fmt.Errorf("Unable to save TLS pair to the cluster: %v", err)
 	}

 	return tlsPair, nil
 }

-//buildTlsPemPair Issues TLS certificate for webhook server using self-signed CA cert
+// buildTLSPemPair Issues TLS certificate for webhook server using self-signed CA cert
 // Returns signed and approved TLS certificate in PEM format
-func (c *Client) buildTlsPemPair(props tls.TlsCertificateProps, fqdncn bool) (*tls.TlsPemPair, error) {
+func (c *Client) buildTLSPemPair(props tls.CertificateProps, fqdncn bool) (*tls.PemPair, error) {
 	caCert, caPEM, err := tls.GenerateCACert()
 	if err != nil {
 		return nil, err
@ -80,9 +80,9 @@ func (c *Client) ReadRootCASecret() (result []byte) {
 const selfSignedAnnotation string = "self-signed-cert"
 const rootCAKey string = "rootCA.crt"

-//ReadTlsPair Reads the pair of TLS certificate and key from the specified secret.
-func (c *Client) ReadTlsPair(props tls.TlsCertificateProps) *tls.TlsPemPair {
-	logger := c.log.WithName("ReadTlsPair")
+// ReadTLSPair Reads the pair of TLS certificate and key from the specified secret.
+func (c *Client) ReadTLSPair(props tls.CertificateProps) *tls.PemPair {
+	logger := c.log.WithName("ReadTLSPair")
 	sname := generateTLSPairSecretName(props)
 	unstrSecret, err := c.GetResource("", Secrets, props.Namespace, sname)
 	if err != nil {
@ -105,7 +105,7 @@ func (c *Client) ReadTlsPair(props tls.TlsCertificateProps) *tls.TlsPemPair {
 	if err != nil {
 		return nil
 	}
-	pemPair := tls.TlsPemPair{
+	pemPair := tls.PemPair{
 		Certificate: secret.Data[v1.TLSCertKey],
 		PrivateKey:  secret.Data[v1.TLSPrivateKeyKey],
 	}
@ -120,7 +120,8 @@ func (c *Client) ReadTlsPair(props tls.TlsCertificateProps) *tls.TlsPemPair {
 	return &pemPair
 }

-func (c *Client) WriteCACertToSecret(caPEM *tls.TlsPemPair, props tls.TlsCertificateProps) error {
+// WriteCACertToSecret stores the CA cert in secret
+func (c *Client) WriteCACertToSecret(caPEM *tls.PemPair, props tls.CertificateProps) error {
 	logger := c.log.WithName("CAcert")
 	name := generateRootCASecretName(props)

@ -170,10 +171,10 @@ func (c *Client) WriteCACertToSecret(caPEM *tls.TlsPemPair, props tls.TlsCertifi
 	return nil
 }

-//WriteTlsPairToSecret Writes the pair of TLS certificate and key to the specified secret.
+// WriteTLSPairToSecret Writes the pair of TLS certificate and key to the specified secret.
 // Updates existing secret or creates new one.
-func (c *Client) WriteTlsPairToSecret(props tls.TlsCertificateProps, pemPair *tls.TlsPemPair) error {
-	logger := c.log.WithName("WriteTlsPair")
+func (c *Client) WriteTLSPairToSecret(props tls.CertificateProps, pemPair *tls.PemPair) error {
+	logger := c.log.WithName("WriteTLSPair")
 	name := generateTLSPairSecretName(props)
 	secretUnstr, err := c.GetResource("", Secrets, props.Namespace, name)
 	if err != nil {
@ -218,24 +219,24 @@ func (c *Client) WriteTlsPairToSecret(props tls.TlsCertificateProps, pemPair *tl
 	return nil
 }

-func generateTLSPairSecretName(props tls.TlsCertificateProps) string {
+func generateTLSPairSecretName(props tls.CertificateProps) string {
 	return tls.GenerateInClusterServiceName(props) + ".kyverno-tls-pair"
 }

-func generateRootCASecretName(props tls.TlsCertificateProps) string {
+func generateRootCASecretName(props tls.CertificateProps) string {
 	return tls.GenerateInClusterServiceName(props) + ".kyverno-tls-ca"
 }

 //GetTLSCertProps provides the TLS Certificate Properties
-func (c *Client) GetTLSCertProps(configuration *rest.Config) (certProps tls.TlsCertificateProps, err error) {
+func (c *Client) GetTLSCertProps(configuration *rest.Config) (certProps tls.CertificateProps, err error) {
 	apiServerURL, err := url.Parse(configuration.Host)
 	if err != nil {
 		return certProps, err
 	}
-	certProps = tls.TlsCertificateProps{
+	certProps = tls.CertificateProps{
 		Service:       config.WebhookServiceName,
 		Namespace:     config.KubePolicyNamespace,
-		ApiServerHost: apiServerURL.Hostname(),
+		APIServerHost: apiServerURL.Hostname(),
 	}
 	return certProps, nil
 }
--- a/pkg/engine/anchor/common/common.go
+++ b/pkg/engine/anchor/common/common.go
@ -58,6 +58,7 @@ func IsExistenceAnchor(str string) bool {
 	return (str[:len(left)] == left && str[len(str)-len(right):] == right)
 }

+// RemoveAnchor remove anchor from the given key
 func RemoveAnchor(key string) string {
 	if IsConditionAnchor(key) {
 		return key[1 : len(key)-1]
--- a/pkg/engine/common/anchorKey.go
+++ b/pkg/engine/common/anchorKey.go
@ -30,8 +30,7 @@ func (ac *AnchorKey) IsAnchorError() bool {
 	return false
 }

-// CheckAnchorInResource
-// Check if condition anchor key has values
+// CheckAnchorInResource checks if condition anchor key has values
 func (ac *AnchorKey) CheckAnchorInResource(pattern interface{}, resource interface{}) {
 	switch typed := pattern.(type) {
 	case map[string]interface{}:
--- a/pkg/engine/context/context.go
+++ b/pkg/engine/context/context.go
@ -65,6 +65,7 @@ func (ctx *Context) AddJSON(dataRaw []byte) error {
 	return nil
 }

+// AddRequest addes an admission request to context
 func (ctx *Context) AddRequest(request *v1beta1.AdmissionRequest) error {
 	modifiedResource := struct {
 		Request interface{} `json:"request"`
--- a/pkg/engine/mutate/mutation.go
+++ b/pkg/engine/mutate/mutation.go
@ -10,11 +10,13 @@ import (
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 )

-type MutateHandler interface {
+// Handler knows how to mutate resources with given pattern
+type Handler interface {
 	Handle() (resp response.RuleResponse, newPatchedResource unstructured.Unstructured)
 }

-func CreateMutateHandler(ruleName string, mutate *kyverno.Mutation, patchedResource unstructured.Unstructured, context context.EvalInterface, logger logr.Logger) MutateHandler {
+// CreateMutateHandler initilizes a new instance of mutation handler
+func CreateMutateHandler(ruleName string, mutate *kyverno.Mutation, patchedResource unstructured.Unstructured, context context.EvalInterface, logger logr.Logger) Handler {

 	switch {
 	case isPatchStrategicMerge(mutate):
@ -43,7 +45,7 @@ type patchStrategicMergeHandler struct {
 	logger          logr.Logger
 }

-func newpatchStrategicMergeHandler(ruleName string, mutate *kyverno.Mutation, patchedResource unstructured.Unstructured, context context.EvalInterface, logger logr.Logger) MutateHandler {
+func newpatchStrategicMergeHandler(ruleName string, mutate *kyverno.Mutation, patchedResource unstructured.Unstructured, context context.EvalInterface, logger logr.Logger) Handler {
 	return patchStrategicMergeHandler{
 		ruleName:        ruleName,
 		mutation:        mutate,
@ -79,7 +81,7 @@ type overlayHandler struct {
 	logger          logr.Logger
 }

-func newOverlayHandler(ruleName string, mutate *kyverno.Mutation, patchedResource unstructured.Unstructured, context context.EvalInterface, logger logr.Logger) MutateHandler {
+func newOverlayHandler(ruleName string, mutate *kyverno.Mutation, patchedResource unstructured.Unstructured, context context.EvalInterface, logger logr.Logger) Handler {
 	return overlayHandler{
 		ruleName:        ruleName,
 		mutation:        mutate,
@ -98,7 +100,7 @@ type patchesJSON6902Handler struct {
 	logger          logr.Logger
 }

-func newPatchesJSON6902Handler(ruleName string, mutate *kyverno.Mutation, patchedResource unstructured.Unstructured, logger logr.Logger) MutateHandler {
+func newPatchesJSON6902Handler(ruleName string, mutate *kyverno.Mutation, patchedResource unstructured.Unstructured, logger logr.Logger) Handler {
 	return patchesJSON6902Handler{
 		ruleName:        ruleName,
 		mutation:        mutate,
@ -149,7 +151,7 @@ type patchesHandler struct {
 	logger          logr.Logger
 }

-func newpatchesHandler(ruleName string, mutate *kyverno.Mutation, patchedResource unstructured.Unstructured, context context.EvalInterface, logger logr.Logger) MutateHandler {
+func newpatchesHandler(ruleName string, mutate *kyverno.Mutation, patchedResource unstructured.Unstructured, context context.EvalInterface, logger logr.Logger) Handler {
 	return patchesHandler{
 		ruleName:        ruleName,
 		mutation:        mutate,
@ -181,7 +183,7 @@ type emptyHandler struct {
 	patchedResource unstructured.Unstructured
 }

-func newEmptyHandler(patchedResource unstructured.Unstructured) MutateHandler {
+func newEmptyHandler(patchedResource unstructured.Unstructured) Handler {
 	return emptyHandler{
 		patchedResource: patchedResource,
 	}
--- a/pkg/engine/mutate/patchJson6902.go
+++ b/pkg/engine/mutate/patchJson6902.go
@ -18,6 +18,7 @@ import (
 	"sigs.k8s.io/yaml"
 )

+// ProcessPatchJSON6902 ...
 func ProcessPatchJSON6902(ruleName string, mutation kyverno.Mutation, resource unstructured.Unstructured, log logr.Logger) (resp response.RuleResponse, patchedResource unstructured.Unstructured) {
 	logger := log.WithValues("rule", ruleName)
 	startTime := time.Now()
--- a/pkg/engine/mutate/strategicMergePatch.go
+++ b/pkg/engine/mutate/strategicMergePatch.go
@ -3,7 +3,6 @@ package mutate
 import (
 	"bytes"
 	"encoding/json"
-	"errors"
 	"fmt"
 	"reflect"
 	"time"
@ -17,6 +16,7 @@ import (
 	yaml "sigs.k8s.io/kustomize/kyaml/yaml"
 )

+// ProcessStrategicMergePatch ...
 func ProcessStrategicMergePatch(ruleName string, overlay interface{}, resource unstructured.Unstructured, log logr.Logger) (resp response.RuleResponse, patchedResource unstructured.Unstructured) {
 	startTime := time.Now()
 	logger := log.WithName("ProcessStrategicMergePatch").WithValues("rule", ruleName)
@ -103,7 +103,7 @@ func strategicMergePatch(base, overlay string) ([]byte, error) {
 	patch := yaml.MustParse(overlay)
 	preprocessedYaml, err := preProcessStrategicMergePatch(overlay, base)
 	if err != nil {
-		return []byte{}, errors.New(fmt.Sprintf("failed to preProcess rule : %+v", err))
+		return []byte{}, fmt.Errorf("failed to preProcess rule : %+v", err)
 	}
 	patch = preprocessedYaml
 	f := patchstrategicmerge.Filter{
--- a/pkg/engine/variables/operator/in.go
+++ b/pkg/engine/variables/operator/in.go
@ -57,6 +57,7 @@ func (in InHandler) validateValuewithStringPattern(key string, value interface{}
 	return keyExists
 }

+// ValidateStringPattern ...
 func ValidateStringPattern(key string, value interface{}, log logr.Logger) (invalidType bool, keyExists bool) {
 	stringType := reflect.TypeOf("")
 	switch valuesAvaliable := value.(type) {
@ -69,6 +70,7 @@ func ValidateStringPattern(key string, value interface{}, log logr.Logger) (inva
 				keyExists = true
 			}
 		}
+
 	// add to handle the configMap lookup, as configmap.data
 	// takes string-string map, when looking for a value of array
 	// data:
--- a/pkg/engine/variables/vars.go
+++ b/pkg/engine/variables/vars.go
@ -70,6 +70,7 @@ func subArray(log logr.Logger, ctx context.EvalInterface, patternList []interfac
 	return patternList, nil
 }

+// NotFoundVariableErr ...
 type NotFoundVariableErr struct {
 	variable string
 	path     string
--- a/pkg/generate/generate.go
+++ b/pkg/generate/generate.go
@ -220,8 +220,8 @@ func (vc generateSyncStats) UpdateStatus(status kyverno.PolicyStatus) kyverno.Po

 	for i := range status.Rules {
 		if executionTime, exist := vc.ruleNameToProcessingTime[status.Rules[i].Name]; exist {
-			status.ResourcesGeneratedCount += 1
-			status.Rules[i].ResourcesGeneratedCount += 1
+			status.ResourcesGeneratedCount++
+			status.Rules[i].ResourcesGeneratedCount++
 			averageOver := int64(status.Rules[i].AppliedCount + status.Rules[i].FailedCount)
 			status.Rules[i].ExecutionTime = updateGenerateExecutionTime(
 				executionTime,
--- a/pkg/kyverno/apply/command.go
+++ b/pkg/kyverno/apply/command.go
@ -16,7 +16,7 @@ import (
 	"github.com/kyverno/kyverno/pkg/engine"
 	"github.com/kyverno/kyverno/pkg/engine/context"
 	"github.com/kyverno/kyverno/pkg/kyverno/common"
-	"github.com/kyverno/kyverno/pkg/kyverno/sanitizedError"
+	sanitizederror "github.com/kyverno/kyverno/pkg/kyverno/sanitizedError"
 	"github.com/kyverno/kyverno/pkg/openapi"
 	policy2 "github.com/kyverno/kyverno/pkg/policy"
 	"github.com/kyverno/kyverno/pkg/utils"
@ -36,6 +36,7 @@ type resultCounts struct {
 	skip  int
 }

+// Command returns apply command
 func Command() *cobra.Command {
 	var cmd *cobra.Command
 	var resourcePaths []string
@ -68,7 +69,7 @@ func Command() *cobra.Command {
 		RunE: func(cmd *cobra.Command, policyPaths []string) (err error) {
 			defer func() {
 				if err != nil {
-					if !sanitizedError.IsErrorSanitized(err) {
+					if !sanitizederror.IsErrorSanitized(err) {
 						log.Log.Error(err, "failed to sanitize")
 						err = fmt.Errorf("internal error")
 					}
@ -76,23 +77,23 @@ func Command() *cobra.Command {
 			}()

 			if valuesFile != "" && variablesString != "" {
-				return sanitizedError.NewWithError("pass the values either using set flag or values_file flag", err)
+				return sanitizederror.NewWithError("pass the values either using set flag or values_file flag", err)
 			}

 			if valuesFile != "" {
 				yamlFile, err := ioutil.ReadFile(valuesFile)
 				if err != nil {
-					return sanitizedError.NewWithError("unable to read yaml", err)
+					return sanitizederror.NewWithError("unable to read yaml", err)
 				}

 				valuesBytes, err := yaml.ToJSON(yamlFile)
 				if err != nil {
-					return sanitizedError.NewWithError("failed to convert json", err)
+					return sanitizederror.NewWithError("failed to convert json", err)
 				}

 				values := &Values{}
 				if err := json.Unmarshal(valuesBytes, values); err != nil {
-					return sanitizedError.NewWithError("failed to decode yaml", err)
+					return sanitizederror.NewWithError("failed to decode yaml", err)
 				}

 				for _, p := range values.Policies {
@ -113,7 +114,7 @@ func Command() *cobra.Command {
 			}

 			if len(resourcePaths) == 0 && !cluster {
-				return sanitizedError.NewWithError(fmt.Sprintf("resource file(s) or cluster required"), err)
+				return sanitizederror.NewWithError(fmt.Sprintf("resource file(s) or cluster required"), err)
 			}

 			var mutateLogPathIsDir bool
@ -128,8 +129,8 @@ func Command() *cobra.Command {

 				err = createFileOrFolder(mutateLogPath, mutateLogPathIsDir)
 				if err != nil {
-					if !sanitizedError.IsErrorSanitized(err) {
-						return sanitizedError.NewWithError("failed to create file/folder.", err)
+					if !sanitizederror.IsErrorSanitized(err) {
+						return sanitizederror.NewWithError("failed to create file/folder.", err)
 					}
 					return err
 				}
@ -137,15 +138,15 @@ func Command() *cobra.Command {

 			policies, err := common.GetPoliciesValidation(policyPaths)
 			if err != nil {
-				if !sanitizedError.IsErrorSanitized(err) {
-					return sanitizedError.NewWithError("failed to mutate policies.", err)
+				if !sanitizederror.IsErrorSanitized(err) {
+					return sanitizederror.NewWithError("failed to mutate policies.", err)
 				}
 				return err
 			}

 			openAPIController, err := openapi.NewOpenAPIController()
 			if err != nil {
-				return sanitizedError.NewWithError("failed to initialize openAPIController", err)
+				return sanitizederror.NewWithError("failed to initialize openAPIController", err)
 			}

 			var dClient *client.Client
@ -172,13 +173,13 @@ func Command() *cobra.Command {
 					yamlBytes := []byte(resourceStr)
 					resources, err = common.GetResource(yamlBytes)
 					if err != nil {
-						return sanitizedError.NewWithError("failed to extract the resources", err)
+						return sanitizederror.NewWithError("failed to extract the resources", err)
 					}
 				}
 			} else {
 				resources, err = common.GetResources(policies, resourcePaths, dClient)
 				if err != nil {
-					return sanitizedError.NewWithError("failed to load resources", err)
+					return sanitizederror.NewWithError("failed to load resources", err)
 				}
 			}

@ -216,7 +217,7 @@ func Command() *cobra.Command {
 				}

 				if common.PolicyHasVariables(*policy) && variablesString == "" && valuesFile == "" {
-					return sanitizedError.NewWithError(fmt.Sprintf("policy %s have variables. pass the values for the variables using set/values_file flag", policy.Name), err)
+					return sanitizederror.NewWithError(fmt.Sprintf("policy %s have variables. pass the values for the variables using set/values_file flag", policy.Name), err)
 				}

 				for _, resource := range resources {
@ -231,12 +232,12 @@ func Command() *cobra.Command {
 					}

 					if common.PolicyHasVariables(*policy) && len(thisPolicyResouceValues) == 0 {
-						return sanitizedError.NewWithError(fmt.Sprintf("policy %s have variables. pass the values for the variables using set/values_file flag", policy.Name), err)
+						return sanitizederror.NewWithError(fmt.Sprintf("policy %s have variables. pass the values for the variables using set/values_file flag", policy.Name), err)
 					}

 					err = applyPolicyOnResource(policy, resource, mutateLogPath, mutateLogPathIsDir, thisPolicyResouceValues, rc)
 					if err != nil {
-						return sanitizedError.NewWithError(fmt.Errorf("failed to apply policy %v on resource %v", policy.Name, resource.GetName()).Error(), err)
+						return sanitizederror.NewWithError(fmt.Errorf("failed to apply policy %v on resource %v", policy.Name, resource.GetName()).Error(), err)
 					}
 				}
 			}
@ -307,7 +308,7 @@ func applyPolicyOnResource(policy *v1.ClusterPolicy, resource *unstructured.Unst
 			} else {
 				err := printMutatedOutput(mutateLogPath, mutateLogPathIsDir, string(yamlEncodedResource), resource.GetName()+"-mutated")
 				if err != nil {
-					return sanitizedError.NewWithError("failed to print mutated result", err)
+					return sanitizederror.NewWithError("failed to print mutated result", err)
 				}
 				fmt.Printf("\n\nMutation:\nMutation has been applied successfully. Check the files.")
 			}
@ -364,8 +365,8 @@ func mutatePolices(policies []*v1.ClusterPolicy) ([]*v1.ClusterPolicy, error) {
 	for _, policy := range policies {
 		p, err := common.MutatePolicy(policy, logger)
 		if err != nil {
-			if !sanitizedError.IsErrorSanitized(err) {
-				return nil, sanitizedError.NewWithError("failed to mutate policy.", err)
+			if !sanitizederror.IsErrorSanitized(err) {
+				return nil, sanitizederror.NewWithError("failed to mutate policy.", err)
 			}
 			return nil, err
 		}
@ -418,30 +419,30 @@ func createFileOrFolder(mutateLogPath string, mutateLogPathIsDir bool) error {
 					if os.IsNotExist(err) {
 						errDir := os.MkdirAll(folderPath, 0755)
 						if errDir != nil {
-							return sanitizedError.NewWithError(fmt.Sprintf("failed to create directory"), err)
+							return sanitizederror.NewWithError(fmt.Sprintf("failed to create directory"), err)
 						}
 					}
 				}

 				file, err := os.OpenFile(mutateLogPath, os.O_RDONLY|os.O_CREATE, 0644)
 				if err != nil {
-					return sanitizedError.NewWithError(fmt.Sprintf("failed to create file"), err)
+					return sanitizederror.NewWithError(fmt.Sprintf("failed to create file"), err)
 				}

 				err = file.Close()
 				if err != nil {
-					return sanitizedError.NewWithError(fmt.Sprintf("failed to close file"), err)
+					return sanitizederror.NewWithError(fmt.Sprintf("failed to close file"), err)
 				}

 			} else {
 				errDir := os.MkdirAll(mutateLogPath, 0755)
 				if errDir != nil {
-					return sanitizedError.NewWithError(fmt.Sprintf("failed to create directory"), err)
+					return sanitizederror.NewWithError(fmt.Sprintf("failed to create directory"), err)
 				}
 			}

 		} else {
-			return sanitizedError.NewWithError(fmt.Sprintf("failed to describe file"), err)
+			return sanitizederror.NewWithError(fmt.Sprintf("failed to describe file"), err)
 		}
 	}

--- a/pkg/kyverno/apply/generate.go
+++ b/pkg/kyverno/apply/generate.go
@ -5,7 +5,7 @@ import (

 	report "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
 	client "github.com/kyverno/kyverno/pkg/dclient"
-	"github.com/kyverno/kyverno/pkg/kyverno/sanitizedError"
+	sanitizederror "github.com/kyverno/kyverno/pkg/kyverno/sanitizedError"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"sigs.k8s.io/controller-runtime/pkg/log"
@ -96,12 +96,12 @@ func mergeClusterReport(reports []*unstructured.Unstructured) (*unstructured.Uns
 	}

 	if err := unstructured.SetNestedSlice(res.Object, resultsEntry, "results"); err != nil {
-		return nil, sanitizedError.NewWithError("failed to set results entry", err)
+		return nil, sanitizederror.NewWithError("failed to set results entry", err)
 	}

 	summary := updateSummary(resultsEntry)
 	if err := unstructured.SetNestedField(res.Object, summary, "summary"); err != nil {
-		return nil, sanitizedError.NewWithError("failed to set summary", err)
+		return nil, sanitizederror.NewWithError("failed to set summary", err)
 	}

 	return res, nil
--- a/pkg/kyverno/common/common.go
+++ b/pkg/kyverno/common/common.go
@ -7,18 +7,18 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
-	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
-	"k8s.io/apimachinery/pkg/util/yaml"
 	"os"
 	"path/filepath"
-	yaml_v2 "sigs.k8s.io/yaml"

 	jsonpatch "github.com/evanphx/json-patch"
 	"github.com/go-logr/logr"
 	v1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
-	"github.com/kyverno/kyverno/pkg/kyverno/sanitizedError"
+	sanitizederror "github.com/kyverno/kyverno/pkg/kyverno/sanitizedError"
 	"github.com/kyverno/kyverno/pkg/policymutation"
 	"github.com/kyverno/kyverno/pkg/utils"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/apimachinery/pkg/util/yaml"
+	yaml_v2 "sigs.k8s.io/yaml"
 )

 // GetPolicies - Extracting the policies from multiple YAML
@ -34,7 +34,7 @@ func GetPolicies(paths []string) (policies []*v1.ClusterPolicy, error error) {
 		if fileDesc.IsDir() {
 			files, err := ioutil.ReadDir(path)
 			if err != nil {
-				return nil, sanitizedError.NewWithError(fmt.Sprintf("failed to parse %v", path), err)
+				return nil, sanitizederror.NewWithError(fmt.Sprintf("failed to parse %v", path), err)
 			}

 			listOfFiles := make([]string, 0)
@ -44,14 +44,14 @@ func GetPolicies(paths []string) (policies []*v1.ClusterPolicy, error error) {

 			policiesFromDir, err := GetPolicies(listOfFiles)
 			if err != nil {
-				return nil, sanitizedError.NewWithError(fmt.Sprintf("failed to extract policies from %v", listOfFiles), err)
+				return nil, sanitizederror.NewWithError(fmt.Sprintf("failed to extract policies from %v", listOfFiles), err)
 			}

 			policies = append(policies, policiesFromDir...)
 		} else {
 			file, err := ioutil.ReadFile(path)
 			if err != nil {
-				return nil, sanitizedError.NewWithError(fmt.Sprintf("failed to load file %v", path), err)
+				return nil, sanitizederror.NewWithError(fmt.Sprintf("failed to load file %v", path), err)
 			}
 			getPolicies, getErrors := utils.GetPolicy(file)
 			var errString string
@ -77,8 +77,8 @@ func GetPolicies(paths []string) (policies []*v1.ClusterPolicy, error error) {
 func GetPoliciesValidation(policyPaths []string) ([]*v1.ClusterPolicy, error) {
 	policies, err := GetPolicies(policyPaths)
 	if err != nil {
-		if !sanitizedError.IsErrorSanitized(err) {
-			return nil, sanitizedError.NewWithError((fmt.Sprintf("failed to parse %v path/s.", policyPaths)), err)
+		if !sanitizederror.IsErrorSanitized(err) {
+			return nil, sanitizederror.NewWithError((fmt.Sprintf("failed to parse %v path/s.", policyPaths)), err)
 		}
 		return nil, err
 	}
@ -88,7 +88,7 @@ func GetPoliciesValidation(policyPaths []string) ([]*v1.ClusterPolicy, error) {
 // PolicyHasVariables - check for variables in the policy
 func PolicyHasVariables(policy v1.ClusterPolicy) bool {
 	policyRaw, _ := json.Marshal(policy)
-	matches := REGEX_VARIABLES.FindAllStringSubmatch(string(policyRaw), -1)
+	matches := RegexVariables.FindAllStringSubmatch(string(policyRaw), -1)
 	return len(matches) > 0
 }

@ -96,8 +96,8 @@ func PolicyHasVariables(policy v1.ClusterPolicy) bool {
 func PolicyHasNonAllowedVariables(policy v1.ClusterPolicy) bool {
 	policyRaw, _ := json.Marshal(policy)

-	matchesAll := REGEX_VARIABLES.FindAllStringSubmatch(string(policyRaw), -1)
-	matchesAllowed := ALLOWED_VARIABLES.FindAllStringSubmatch(string(policyRaw), -1)
+	matchesAll := RegexVariables.FindAllStringSubmatch(string(policyRaw), -1)
+	matchesAllowed := AllowedVariables.FindAllStringSubmatch(string(policyRaw), -1)

 	if len(matchesAll) > len(matchesAllowed) {
 		// If rules contains Context then skip this validation
@ -130,26 +130,26 @@ func MutatePolicy(policy *v1.ClusterPolicy, logger logr.Logger) (*v1.ClusterPoli
 	var jsonPatches []jsonPatch
 	err := json.Unmarshal(patches, &jsonPatches)
 	if err != nil {
-		return nil, sanitizedError.NewWithError(fmt.Sprintf("failed to unmarshal patches for %s policy", policy.Name), err)
+		return nil, sanitizederror.NewWithError(fmt.Sprintf("failed to unmarshal patches for %s policy", policy.Name), err)
 	}
 	patch, err := jsonpatch.DecodePatch(patches)
 	if err != nil {
-		return nil, sanitizedError.NewWithError(fmt.Sprintf("failed to decode patch for %s policy", policy.Name), err)
+		return nil, sanitizederror.NewWithError(fmt.Sprintf("failed to decode patch for %s policy", policy.Name), err)
 	}

 	policyBytes, _ := json.Marshal(policy)
 	if err != nil {
-		return nil, sanitizedError.NewWithError(fmt.Sprintf("failed to marshal %s policy", policy.Name), err)
+		return nil, sanitizederror.NewWithError(fmt.Sprintf("failed to marshal %s policy", policy.Name), err)
 	}
 	modifiedPolicy, err := patch.Apply(policyBytes)
 	if err != nil {
-		return nil, sanitizedError.NewWithError(fmt.Sprintf("failed to apply %s policy", policy.Name), err)
+		return nil, sanitizederror.NewWithError(fmt.Sprintf("failed to apply %s policy", policy.Name), err)
 	}

 	var p v1.ClusterPolicy
 	err = json.Unmarshal(modifiedPolicy, &p)
 	if err != nil {
-		return nil, sanitizedError.NewWithError(fmt.Sprintf("failed to unmarshal %s policy", policy.Name), err)
+		return nil, sanitizederror.NewWithError(fmt.Sprintf("failed to unmarshal %s policy", policy.Name), err)
 	}

 	return &p, nil
@ -169,7 +169,7 @@ func GetCRDs(paths []string) (unstructuredCrds []*unstructured.Unstructured, err
 		if fileDesc.IsDir() {
 			files, err := ioutil.ReadDir(path)
 			if err != nil {
-				return nil, sanitizedError.NewWithError(fmt.Sprintf("failed to parse %v", path), err)
+				return nil, sanitizederror.NewWithError(fmt.Sprintf("failed to parse %v", path), err)
 			}

 			listOfFiles := make([]string, 0)
@ -179,7 +179,7 @@ func GetCRDs(paths []string) (unstructuredCrds []*unstructured.Unstructured, err

 			policiesFromDir, err := GetCRDs(listOfFiles)
 			if err != nil {
-				return nil, sanitizedError.NewWithError(fmt.Sprintf("failed to extract crds from %v", listOfFiles), err)
+				return nil, sanitizederror.NewWithError(fmt.Sprintf("failed to extract crds from %v", listOfFiles), err)
 			}

 			unstructuredCrds = append(unstructuredCrds, policiesFromDir...)
--- a/pkg/kyverno/common/regex.go
+++ b/pkg/kyverno/common/regex.go
@ -4,5 +4,8 @@ import (
 	"regexp"
 )

-var REGEX_VARIABLES = regexp.MustCompile(`\{\{[^{}]*\}\}`)
-var ALLOWED_VARIABLES = regexp.MustCompile(`\{\{\s*[request\.|serviceAccountName|serviceAccountNamespace][^{}]*\}\}`)
+// RegexVariables represents regex for '{{}}'
+var RegexVariables = regexp.MustCompile(`\{\{[^{}]*\}\}`)
+
+// AllowedVariables represents regex for {{request.}} {{serviceAccountName}} and {{serviceAccountNamespace}}
+var AllowedVariables = regexp.MustCompile(`\{\{\s*[request\.|serviceAccountName|serviceAccountNamespace][^{}]*\}\}`)
--- a/pkg/kyverno/main.go
+++ b/pkg/kyverno/main.go
@ -13,6 +13,7 @@ import (
 	log "sigs.k8s.io/controller-runtime/pkg/log"
 )

+// CLI ...
 func CLI() {
 	cli := &cobra.Command{
 		Use:   "kyverno",
--- a/pkg/kyverno/sanitizedError/error.go
+++ b/pkg/kyverno/sanitizedError/error.go
@ -1,4 +1,4 @@
-package sanitizedError
+package sanitizederror

 import "fmt"

@ -10,10 +10,12 @@ func (c customError) Error() string {
 	return c.message
 }

+// New creates a new sanitized error with given message
 func New(message string) error {
 	return customError{message: message}
 }

+// NewWithError creates a new sanitized error with given message and error
 func NewWithError(message string, err error) error {
 	if err == nil {
 		return customError{message: message}
@ -23,6 +25,7 @@ func NewWithError(message string, err error) error {
 	return customError{message: msg}
 }

+// IsErrorSanitized checks if the error is sanitized error
 func IsErrorSanitized(err error) bool {
 	if _, ok := err.(customError); !ok {
 		return false
--- a/pkg/kyverno/validate/command.go
+++ b/pkg/kyverno/validate/command.go
@ -8,21 +8,18 @@ import (
 	"os"

 	v1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
-	"github.com/kyverno/kyverno/pkg/openapi"
-	"github.com/kyverno/kyverno/pkg/utils"
-
 	"github.com/kyverno/kyverno/pkg/kyverno/common"
-	"github.com/kyverno/kyverno/pkg/kyverno/sanitizedError"
-
+	sanitizederror "github.com/kyverno/kyverno/pkg/kyverno/sanitizedError"
+	"github.com/kyverno/kyverno/pkg/openapi"
 	policy2 "github.com/kyverno/kyverno/pkg/policy"
+	"github.com/kyverno/kyverno/pkg/utils"
 	"github.com/spf13/cobra"
-
 	_ "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/validation"
-
 	log "sigs.k8s.io/controller-runtime/pkg/log"
 	yaml "sigs.k8s.io/yaml"
 )

+// Command returns validate command
 func Command() *cobra.Command {
 	var outputType string
 	var crdPaths []string
@ -35,7 +32,7 @@ func Command() *cobra.Command {

 			defer func() {
 				if err != nil {
-					if !sanitizedError.IsErrorSanitized(err) {
+					if !sanitizederror.IsErrorSanitized(err) {
 						log.Error(err, "failed to sanitize")
 						err = fmt.Errorf("internal error")
 					}
@ -44,12 +41,12 @@ func Command() *cobra.Command {

 			if outputType != "" {
 				if outputType != "yaml" && outputType != "json" {
-					return sanitizedError.NewWithError(fmt.Sprintf("%s format is not supported", outputType), errors.New("yaml and json are supported"))
+					return sanitizederror.NewWithError(fmt.Sprintf("%s format is not supported", outputType), errors.New("yaml and json are supported"))
 				}
 			}

 			if len(policyPaths) == 0 {
-				return sanitizedError.NewWithError(fmt.Sprintf("policy file(s) required"), err)
+				return sanitizederror.NewWithError(fmt.Sprintf("policy file(s) required"), err)
 			}

 			var policies []*v1.ClusterPolicy
@ -72,14 +69,14 @@ func Command() *cobra.Command {
 						}
 					}
 					if errString != "" {
-						return sanitizedError.NewWithError("failed to extract the resources", errors.New(errString))
+						return sanitizederror.NewWithError("failed to extract the resources", errors.New(errString))
 					}
 				}
 			} else {
 				policies, err = common.GetPoliciesValidation(policyPaths)
 				if err != nil {
-					if !sanitizedError.IsErrorSanitized(err) {
-						return sanitizedError.NewWithError("failed to mutate policies.", err)
+					if !sanitizederror.IsErrorSanitized(err) {
+						return sanitizederror.NewWithError("failed to mutate policies.", err)
 					}
 					return err
 				}
@ -87,7 +84,7 @@ func Command() *cobra.Command {

 			openAPIController, err := openapi.NewOpenAPIController()
 			if err != nil {
-				return sanitizedError.NewWithError("failed to initialize openAPIController", err)
+				return sanitizederror.NewWithError("failed to initialize openAPIController", err)
 			}

 			// if CRD's are passed, add these to OpenAPIController
@ -115,8 +112,8 @@ func Command() *cobra.Command {
 						logger := log.WithName("validate")
 						p, err := common.MutatePolicy(policy, logger)
 						if err != nil {
-							if !sanitizedError.IsErrorSanitized(err) {
-								return sanitizedError.NewWithError("failed to mutate policy.", err)
+							if !sanitizederror.IsErrorSanitized(err) {
+								return sanitizederror.NewWithError("failed to mutate policy.", err)
 							}
 							return err
 						}
--- a/pkg/kyverno/version/command.go
+++ b/pkg/kyverno/version/command.go
@ -7,6 +7,7 @@ import (
 	"github.com/spf13/cobra"
 )

+// Command returns version command
 func Command() *cobra.Command {
 	return &cobra.Command{
 		Use:   "version",
--- a/pkg/openapi/crdSync.go
+++ b/pkg/openapi/crdSync.go
@ -51,6 +51,7 @@ var crdDefinitionNew struct {
 	} `json:"spec"`
 }

+// NewCRDSync ...
 func NewCRDSync(client *client.Client, controller *Controller) *crdSync {
 	if controller == nil {
 		panic(fmt.Errorf("nil controller sent into crd sync"))
@ -68,7 +69,7 @@ func (c *crdSync) Run(workers int, stopCh <-chan struct{}) {
 		log.Log.Error(err, "cannot get OpenAPI schema")
 	}

-	err = c.controller.useOpenApiDocument(newDoc)
+	err = c.controller.useOpenAPIDocument(newDoc)
 	if err != nil {
 		log.Log.Error(err, "Could not set custom OpenAPI document")
 	}
@ -111,6 +112,7 @@ func (o *Controller) deleteCRDFromPreviousSync() {
 	o.crdList = make([]string, 0)
 }

+// ParseCRD loads CRD to the cache
 func (o *Controller) ParseCRD(crd unstructured.Unstructured) {
 	var err error

--- a/pkg/openapi/validation.go
+++ b/pkg/openapi/validation.go
@ -25,6 +25,7 @@ import (
 	"gopkg.in/yaml.v2"
 )

+// Controller represents OpenAPIController
 type Controller struct {
 	mutex       sync.RWMutex
 	definitions map[string]*openapi_v2.Schema
@ -35,6 +36,7 @@ type Controller struct {
 	models               proto.Models
 }

+// NewOpenAPIController initializes a new instance of OpenAPIController
 func NewOpenAPIController() (*Controller, error) {
 	controller := &Controller{
 		definitions:          make(map[string]*openapi_v2.Schema),
@ -46,7 +48,7 @@ func NewOpenAPIController() (*Controller, error) {
 		return nil, err
 	}

-	err = controller.useOpenApiDocument(defaultDoc)
+	err = controller.useOpenAPIDocument(defaultDoc)
 	if err != nil {
 		return nil, err
 	}
@ -54,6 +56,7 @@ func NewOpenAPIController() (*Controller, error) {
 	return controller, nil
 }

+// ValidatePolicyFields ...
 func (o *Controller) ValidatePolicyFields(policyRaw []byte) error {
 	o.mutex.RLock()
 	defer o.mutex.RUnlock()
@ -77,6 +80,7 @@ func (o *Controller) ValidatePolicyFields(policyRaw []byte) error {
 	return o.ValidatePolicyMutation(policy)
 }

+// ValidateResource ...
 func (o *Controller) ValidateResource(patchedResource unstructured.Unstructured, kind string) error {
 	o.mutex.RLock()
 	defer o.mutex.RUnlock()
@ -105,12 +109,14 @@ func (o *Controller) ValidateResource(patchedResource unstructured.Unstructured,
 	return nil
 }

+// GetDefinitionNameFromKind ...
 func (o *Controller) GetDefinitionNameFromKind(kind string) string {
 	o.mutex.RLock()
 	defer o.mutex.RUnlock()
 	return o.kindToDefinitionName[kind]
 }

+// ValidatePolicyMutation ...
 func (o *Controller) ValidatePolicyMutation(policy v1.ClusterPolicy) error {
 	o.mutex.RLock()
 	defer o.mutex.RUnlock()
@ -150,7 +156,7 @@ func (o *Controller) ValidatePolicyMutation(policy v1.ClusterPolicy) error {
 	return nil
 }

-func (o *Controller) useOpenApiDocument(doc *openapi_v2.Document) error {
+func (o *Controller) useOpenAPIDocument(doc *openapi_v2.Document) error {
 	o.mutex.Lock()
 	defer o.mutex.Unlock()

--- a/pkg/policy/common.go
+++ b/pkg/policy/common.go
@ -69,14 +69,14 @@ func parseNamespacedPolicy(key string) (string, string, bool) {
 	return namespace, key, false
 }

-// merge b into a map
+// MergeResources merges b into a map
 func MergeResources(a, b map[string]unstructured.Unstructured) {
 	for k, v := range b {
 		a[k] = v
 	}
 }

-// excludePod filter out the pods with ownerReference
+// ExcludePod filters out the pods with ownerReference
 func ExcludePod(resourceMap map[string]unstructured.Unstructured, log logr.Logger) map[string]unstructured.Unstructured {
 	for uid, r := range resourceMap {
 		if r.GetKind() != "Pod" {
@ -92,6 +92,7 @@ func ExcludePod(resourceMap map[string]unstructured.Unstructured, log logr.Logge
 	return resourceMap
 }

+// GetNamespacesForRule gets the matched namespacse list for the given rule
 func GetNamespacesForRule(rule *kyverno.Rule, nslister listerv1.NamespaceLister, log logr.Logger) []string {
 	if len(rule.MatchResources.Namespaces) == 0 {
 		return GetAllNamespaces(nslister, log)
@ -115,6 +116,7 @@ func GetNamespacesForRule(rule *kyverno.Rule, nslister listerv1.NamespaceLister,
 	return results
 }

+// HasWildcard ...
 func HasWildcard(s string) bool {
 	if s == "" {
 		return false
@ -123,6 +125,7 @@ func HasWildcard(s string) bool {
 	return strings.Contains(s, "*") || strings.Contains(s, "?")
 }

+// GetMatchingNamespaces ...
 func GetMatchingNamespaces(wildcards []string, nslister listerv1.NamespaceLister, log logr.Logger) []string {
 	all := GetAllNamespaces(nslister, log)
 	if len(all) == 0 {
@ -141,6 +144,7 @@ func GetMatchingNamespaces(wildcards []string, nslister listerv1.NamespaceLister
 	return results
 }

+// GetAllNamespaces gets all namespaces in the cluster
 func GetAllNamespaces(nslister listerv1.NamespaceLister, log logr.Logger) []string {
 	var results []string
 	namespaces, err := nslister.List(labels.NewSelector())
@ -155,6 +159,7 @@ func GetAllNamespaces(nslister listerv1.NamespaceLister, log logr.Logger) []stri
 	return results
 }

+// GetResourcesPerNamespace ...
 func GetResourcesPerNamespace(kind string, client *client.Client, namespace string, rule kyverno.Rule, configHandler config.Interface, log logr.Logger) map[string]unstructured.Unstructured {
 	resourceMap := map[string]unstructured.Unstructured{}
 	ls := rule.MatchResources.Selector
@ -201,6 +206,7 @@ func GetResourcesPerNamespace(kind string, client *client.Client, namespace stri
 	return resourceMap
 }

+// ExcludeResources ...
 func ExcludeResources(included map[string]unstructured.Unstructured, exclude kyverno.ResourceDescription, configHandler config.Interface, log logr.Logger) {
 	if reflect.DeepEqual(exclude, (kyverno.ResourceDescription{})) {
 		return
--- a/pkg/policycache/type.go
+++ b/pkg/policycache/type.go
@ -1,7 +1,9 @@
 package policycache

+// PolicyType represents types of policies
 type PolicyType uint8

+// Types of policies
 const (
 	Mutate PolicyType = 1 << iota
 	ValidateEnforce
--- a/pkg/policymutation/policymutation.go
+++ b/pkg/policymutation/policymutation.go
@ -17,6 +17,10 @@ import (
 	kyverno "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
 )

+// GenerateJSONPatchesForDefaults generates default JSON patches for
+// - ValidationFailureAction
+// - Background
+// - auto-gen annotation and rules
 func GenerateJSONPatchesForDefaults(policy *kyverno.ClusterPolicy, log logr.Logger) ([]byte, []string) {
 	var patches [][]byte
 	var updateMsgs []string
--- a/pkg/policyreport/builder.go
+++ b/pkg/policyreport/builder.go
@ -66,6 +66,7 @@ type requestBuilder struct {
 	polLister  kyvernolister.PolicyLister
 }

+// NewBuilder ...
 func NewBuilder(cpolLister kyvernolister.ClusterPolicyLister, polLister kyvernolister.PolicyLister) *requestBuilder {
 	return &requestBuilder{cpolLister: cpolLister, polLister: polLister}
 }
--- a/pkg/policystatus/main.go
+++ b/pkg/policystatus/main.go
@ -37,8 +37,10 @@ type statusUpdater interface {
 	UpdateStatus(status v1.PolicyStatus) v1.PolicyStatus
 }

+// Listener ...
 type Listener chan statusUpdater

+// Send sends an update request
 func (l Listener) Send(s statusUpdater) {
 	l <- s
 }
@ -61,6 +63,7 @@ type cache struct {
 	keyToMutex *keyToMutex
 }

+// NewSync ...
 func NewSync(c *versioned.Clientset, lister kyvernolister.ClusterPolicyLister, nsLister kyvernolister.PolicyLister) *Sync {
 	return &Sync{
 		cache: &cache{
@ -75,6 +78,7 @@ func NewSync(c *versioned.Clientset, lister kyvernolister.ClusterPolicyLister, n
 	}
 }

+// Run ...
 func (s *Sync) Run(workers int, stopCh <-chan struct{}) {
 	for i := 0; i < workers; i++ {
 		go s.updateStatusCache(stopCh)
--- a/pkg/resourcecache/resourcecache.go
+++ b/pkg/resourcecache/resourcecache.go
@ -6,7 +6,7 @@ import (

 // RunAllInformers - run the informers for the GVR of all the resources available in GVRCacheData
 func (resc *ResourceCache) RunAllInformers(log logr.Logger) {
-	for key, _ := range resc.GVRCacheData {
+	for key := range resc.GVRCacheData {
 		resc.CreateResourceInformer(log, key)
 		log.V(4).Info("created informer for resource", "name", key)
 	}
--- a/pkg/tls/tls.go
+++ b/pkg/tls/tls.go
@ -15,31 +15,32 @@ import (

 const certValidityDuration = 10 * 365 * 24 * time.Hour

-//TlsCertificateProps Properties of TLS certificate which should be issued for webhook server
-type TlsCertificateProps struct {
+// CertificateProps Properties of TLS certificate which should be issued for webhook server
+type CertificateProps struct {
 	Service       string
 	Namespace     string
-	ApiServerHost string
+	APIServerHost string
 }

-//TlsPemPair The pair of TLS certificate corresponding private key, both in PEM format
-type TlsPemPair struct {
+// PemPair The pair of TLS certificate corresponding private key, both in PEM format
+type PemPair struct {
 	Certificate []byte
 	PrivateKey  []byte
 }

+// KeyPair ...
 type KeyPair struct {
 	Cert *x509.Certificate
 	Key  *rsa.PrivateKey
 }

-//TLSGeneratePrivateKey Generates RSA private key
-func TLSGeneratePrivateKey() (*rsa.PrivateKey, error) {
+// GeneratePrivateKey Generates RSA private key
+func GeneratePrivateKey() (*rsa.PrivateKey, error) {
 	return rsa.GenerateKey(rand.Reader, 2048)
 }

-//TLSPrivateKeyToPem Creates PEM block from private key object
-func TLSPrivateKeyToPem(rsaKey *rsa.PrivateKey) []byte {
+// PrivateKeyToPem Creates PEM block from private key object
+func PrivateKeyToPem(rsaKey *rsa.PrivateKey) []byte {
 	privateKey := &pem.Block{
 		Type:  "PRIVATE KEY",
 		Bytes: x509.MarshalPKCS1PrivateKey(rsaKey),
@ -48,7 +49,8 @@ func TLSPrivateKeyToPem(rsaKey *rsa.PrivateKey) []byte {
 	return pem.EncodeToMemory(privateKey)
 }

-func TLSCertificateToPem(certificateDER []byte) []byte {
+// CertificateToPem ...
+func CertificateToPem(certificateDER []byte) []byte {
 	certificate := &pem.Block{
 		Type:  "CERTIFICATE",
 		Bytes: certificateDER,
@ -59,7 +61,7 @@ func TLSCertificateToPem(certificateDER []byte) []byte {

 // GenerateCACert creates the self-signed CA cert and private key
 // it will be used to sign the webhook server certificate
-func GenerateCACert() (*KeyPair, *TlsPemPair, error) {
+func GenerateCACert() (*KeyPair, *PemPair, error) {
 	now := time.Now()
 	begin := now.Add(-1 * time.Hour)
 	end := now.Add(certValidityDuration)
@ -83,9 +85,9 @@ func GenerateCACert() (*KeyPair, *TlsPemPair, error) {
 		return nil, nil, fmt.Errorf("error creating certificate: %v", err)
 	}

-	pemPair := &TlsPemPair{
-		Certificate: TLSCertificateToPem(der),
-		PrivateKey:  TLSPrivateKeyToPem(key),
+	pemPair := &PemPair{
+		Certificate: CertificateToPem(der),
+		PrivateKey:  PrivateKeyToPem(key),
 	}

 	cert, err := x509.ParseCertificate(der)
@ -103,7 +105,7 @@ func GenerateCACert() (*KeyPair, *TlsPemPair, error) {

 // GenerateCertPem takes the results of GenerateCACert and uses it to create the
 // PEM-encoded public certificate and private key, respectively
-func GenerateCertPem(caCert *KeyPair, props TlsCertificateProps, fqdncn bool) (*TlsPemPair, error) {
+func GenerateCertPem(caCert *KeyPair, props CertificateProps, fqdncn bool) (*PemPair, error) {
 	now := time.Now()
 	begin := now.Add(-1 * time.Hour)
 	end := now.Add(certValidityDuration)
@ -123,11 +125,11 @@ func GenerateCertPem(caCert *KeyPair, props TlsCertificateProps, fqdncn bool) (*
 	}

 	var ips []net.IP
-	apiServerIP := net.ParseIP(props.ApiServerHost)
+	apiServerIP := net.ParseIP(props.APIServerHost)
 	if apiServerIP != nil {
 		ips = append(ips, apiServerIP)
 	} else {
-		dnsNames = append(dnsNames, props.ApiServerHost)
+		dnsNames = append(dnsNames, props.APIServerHost)
 	}

 	templ := &x509.Certificate{
@ -153,16 +155,16 @@ func GenerateCertPem(caCert *KeyPair, props TlsCertificateProps, fqdncn bool) (*
 		return nil, fmt.Errorf("error creating certificate for webhook %v", err)
 	}

-	pemPair := &TlsPemPair{
-		Certificate: TLSCertificateToPem(der),
-		PrivateKey:  TLSPrivateKeyToPem(key),
+	pemPair := &PemPair{
+		Certificate: CertificateToPem(der),
+		PrivateKey:  PrivateKeyToPem(key),
 	}

 	return pemPair, nil
 }

 //GenerateInClusterServiceName The generated service name should be the common name for TLS certificate
-func GenerateInClusterServiceName(props TlsCertificateProps) string {
+func GenerateInClusterServiceName(props CertificateProps) string {
 	return props.Service + "." + props.Namespace + ".svc"
 }

@ -185,7 +187,7 @@ func tlsCertificateGetExpirationDate(certData []byte) (*time.Time, error) {
 const timeReserveBeforeCertificateExpiration time.Duration = time.Hour * 24 * 30 * 6 // About half a year

 //IsTLSPairShouldBeUpdated checks if TLS pair has expited and needs to be updated
-func IsTLSPairShouldBeUpdated(tlsPair *TlsPemPair) bool {
+func IsTLSPairShouldBeUpdated(tlsPair *PemPair) bool {
 	if tlsPair == nil {
 		return true
 	}
--- a/pkg/userinfo/roleRef.go
+++ b/pkg/userinfo/roleRef.go
@ -17,8 +17,10 @@ import (
 const (
 	clusterrolekind = "ClusterRole"
 	rolekind        = "Role"
-	SaPrefix        = "system:serviceaccount:"
-	KyvernoSuffix   = "kyverno:"
+	// SaPrefix represents service account prefix in admission requests
+	SaPrefix = "system:serviceaccount:"
+	// KyvernoSuffix ...
+	KyvernoSuffix = "kyverno:"
 )

 type allRolesStruct struct {
@ -105,10 +107,10 @@ func matchSubjectsMap(subject rbacv1.Subject, userInfo authenticationv1.UserInfo
 	// ServiceAccount
 	if strings.Contains(userInfo.Username, SaPrefix) {
 		return matchServiceAccount(subject, userInfo)
-	} else {
-		// User or Group
-		return matchUserOrGroup(subject, userInfo)
 	}
+
+	// User or Group
+	return matchUserOrGroup(subject, userInfo)
 }

 // matchServiceAccount checks if userInfo sa matche the subject sa
--- a/pkg/utils/util.go
+++ b/pkg/utils/util.go
@ -79,7 +79,7 @@ func CRDInstalled(discovery client.IDiscovery, log logr.Logger) bool {
 	return true
 }

-// extracts the new and old resource as unstructured
+// ExtractResources extracts the new and old resource as unstructured
 func ExtractResources(newRaw []byte, request *v1beta1.AdmissionRequest) (unstructured.Unstructured, unstructured.Unstructured, error) {
 	var emptyResource unstructured.Unstructured
 	var newResource unstructured.Unstructured
@ -110,7 +110,7 @@ func ExtractResources(newRaw []byte, request *v1beta1.AdmissionRequest) (unstruc
 	return newResource, oldResource, err
 }

-// convertResource converts raw bytes to an unstructured object
+// ConvertResource converts raw bytes to an unstructured object
 func ConvertResource(raw []byte, group, version, kind, namespace string) (unstructured.Unstructured, error) {
 	obj, err := engineutils.ConvertToUnstructured(raw)
 	if err != nil {
@ -168,6 +168,7 @@ func isVersionHigher(version string, major int, minor int, patch int) (bool, err
 	return true, nil
 }

+// SliceContains checks whether values are contained in slice
 func SliceContains(slice []string, values ...string) bool {

 	var sliceElementsMap = make(map[string]bool, len(slice))
--- a/pkg/utils/util_test.go
+++ b/pkg/utils/util_test.go
@ -67,7 +67,6 @@ func Test_containsNs(t *testing.T) {
 	assert.Assert(t, res == false)
 }

-
 func Test_higherVersion(t *testing.T) {
 	v, err := isVersionHigher("invalid.version", 1, 1, 1)
 	assert.Assert(t, v == false && err != nil)
--- a/pkg/webhooks/generate/generate.go
+++ b/pkg/webhooks/generate/generate.go
@ -17,11 +17,12 @@ import (
 	"k8s.io/apimachinery/pkg/util/wait"
 )

-//GenerateRequests provides interface to manage generate requests
+// GenerateRequests provides interface to manage generate requests
 type GenerateRequests interface {
 	Apply(gr kyverno.GenerateRequestSpec, action v1beta1.Operation) error
 }

+// GeneratorChannel ...
 type GeneratorChannel struct {
 	spec   kyverno.GenerateRequestSpec
 	action v1beta1.Operation
@ -36,7 +37,7 @@ type Generator struct {
 	log    logr.Logger
 }

-//NewGenerator returns a new instance of Generate-Request resource generator
+// NewGenerator returns a new instance of Generate-Request resource generator
 func NewGenerator(client *kyvernoclient.Clientset, stopCh <-chan struct{}, log logr.Logger) *Generator {
 	gen := &Generator{
 		ch:     make(chan GeneratorChannel, 1000),
@ -47,7 +48,7 @@ func NewGenerator(client *kyvernoclient.Clientset, stopCh <-chan struct{}, log l
 	return gen
 }

-//Create to create generate request resoruce (blocking call if channel is full)
+// Apply creates generate request resoruce (blocking call if channel is full)
 func (g *Generator) Apply(gr kyverno.GenerateRequestSpec, action v1beta1.Operation) error {
 	logger := g.log
 	logger.V(4).Info("creating Generate Request", "request", gr)
--- a/pkg/webhooks/server.go
+++ b/pkg/webhooks/server.go
@ -121,7 +121,7 @@ type WebhookServer struct {
 func NewWebhookServer(
 	kyvernoClient *kyvernoclient.Clientset,
 	client *client.Client,
-	tlsPair *tlsutils.TlsPemPair,
+	tlsPair *tlsutils.PemPair,
 	pInformer kyvernoinformer.ClusterPolicyInformer,
 	rbInformer rbacinformer.RoleBindingInformer,
 	crbInformer rbacinformer.ClusterRoleBindingInformer,
@ -265,6 +265,7 @@ func writeResponse(rw http.ResponseWriter, admissionReview *v1beta1.AdmissionRev
 	}
 }

+// ResourceMutation mutates resource
 func (ws *WebhookServer) ResourceMutation(request *v1beta1.AdmissionRequest) *v1beta1.AdmissionResponse {

 	logger := ws.log.WithName("ResourceMutation").WithValues("uid", request.UID, "kind", request.Kind.Kind, "namespace", request.Namespace, "name", request.Name, "operation", request.Operation)
@ -598,7 +599,7 @@ func (ws *WebhookServer) excludeKyvernoResources(request *v1beta1.AdmissionReque
 				}
 				if !isAuthorized {
 					// convert RAW to unstructured
-					return fmt.Errorf("resource is managed by a Kyverno policy and cannot be update manually. You can edit the policy %s to update this resource.", labels["policy.kyverno.io/policy-name"])
+					return fmt.Errorf("resource is managed by a Kyverno policy and cannot be update manually. You can edit the policy %s to update this resource", labels["policy.kyverno.io/policy-name"])
 				}
 			}
 		}
--- a/pkg/webhooks/validate_audit.go
+++ b/pkg/webhooks/validate_audit.go
@ -29,7 +29,7 @@ const (
 	workQueueRetryLimit = 3
 )

-// Handler applies validate audit policies to the admission request
+// AuditHandler applies validate audit policies to the admission request
 // the handler adds the request to the work queue and returns immediately
 // the request is processed in background, with the exact same logic
 // when process the admission request in the webhook
--- a/test/e2e/generate/config.go
+++ b/test/e2e/generate/config.go
@ -1,6 +1,6 @@
 package generate

-// E2E Test Config for Role and RoleBinding
+// RoleTests is E2E Test Config for Role and RoleBinding
 // TODO:- Clone for Role and RoleBinding
 var RoleTests = []struct {
 	//TestName - Name of the Test
@ -56,7 +56,7 @@ var RoleTests = []struct {
 	},
 }

-// E2E Test Config for ClusterRole and ClusterRoleBinding
+// ClusterRoleTests - E2E Test Config for ClusterRole and ClusterRoleBinding
 var ClusterRoleTests = []struct {
 	//TestName - Name of the Test
 	TestName string
--- a/test/e2e/generate/utils.go
+++ b/test/e2e/generate/utils.go
@ -13,10 +13,12 @@ import (
 	"sigs.k8s.io/yaml"
 )

+// E2EClient ...
 type E2EClient struct {
 	Client dynamic.Interface
 }

+// NewE2EClient returns a new instance of E2EClient
 func NewE2EClient() (*E2EClient, error) {
 	kubeconfig := os.Getenv("KUBECONFIG")
 	if kubeconfig == "" {
@ -58,7 +60,7 @@ func (e2e *E2EClient) GetNamespacedResource(gvr schema.GroupVersionResource, nam
 	return e2e.Client.Resource(gvr).Namespace(namespace).Get(context.TODO(), name, metav1.GetOptions{})
 }

-// GetClusterResource ...
+// GetClusteredResource ...
 func (e2e *E2EClient) GetClusteredResource(gvr schema.GroupVersionResource, name string) (*unstructured.Unstructured, error) {
 	return e2e.Client.Resource(gvr).Get(context.TODO(), name, metav1.GetOptions{})
 }
@ -81,7 +83,7 @@ func (e2e *E2EClient) DeleteNamespacedResource(gvr schema.GroupVersionResource,
 	return e2e.Client.Resource(gvr).Namespace(namespace).Delete(context.TODO(), name, metav1.DeleteOptions{})
 }

-// DeleteClusterResource ...
+// DeleteClusteredResource ...
 func (e2e *E2EClient) DeleteClusteredResource(gvr schema.GroupVersionResource, name string) error {
 	return e2e.Client.Resource(gvr).Delete(context.TODO(), name, metav1.DeleteOptions{})
 }
@ -101,7 +103,7 @@ func (e2e *E2EClient) ListNamespacedResources(gvr schema.GroupVersionResource, n
 	return e2e.Client.Resource(gvr).Namespace(namespace).List(context.TODO(), metav1.ListOptions{})
 }

-// CreateNamespacedResource creates namespaced resources like Pods, Services, Deployments etc
+// CreateNamespacedResourceYaml creates namespaced resources like Pods, Services, Deployments etc
 func (e2e *E2EClient) CreateNamespacedResourceYaml(gvr schema.GroupVersionResource, namespace string, resourceData []byte) (*unstructured.Unstructured, error) {
 	resource := unstructured.Unstructured{}
 	err := yaml.Unmarshal(resourceData, &resource)
@ -112,7 +114,7 @@ func (e2e *E2EClient) CreateNamespacedResourceYaml(gvr schema.GroupVersionResour
 	return result, err
 }

-// CreateClusteredResource creates cluster resources from YAML like Namespace, ClusterRole, ClusterRoleBinding etc ...
+// CreateClusteredResourceYaml creates cluster resources from YAML like Namespace, ClusterRole, ClusterRoleBinding etc ...
 func (e2e *E2EClient) CreateClusteredResourceYaml(gvr schema.GroupVersionResource, resourceData []byte) (*unstructured.Unstructured, error) {
 	resource := unstructured.Unstructured{}
 	err := yaml.Unmarshal(resourceData, &resource)