chore(go-lint): enable go-lint (#8022)

.github/CODEOWNERS

@@ -12,3 +12,4 @@
 /pkg/factory/ @grandwizard28
 /pkg/types/ @grandwizard28
 /pkg/sqlmigration/ @vikrantgupta25
+.golangci.yml @grandwizard28

.golangci.yml

@@ -0,0 +1,4 @@
+issues:
+  exclude-dirs:
+    - "pkg/query-service"
+    - "ee/query-service"

ee/modules/user/impluser/handler.go

@@ -159,7 +159,7 @@ func (h *Handler) AcceptInvite(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 
-		user, err = h.module.CreateUserWithPassword(ctx, user, password)
+		_, err = h.module.CreateUserWithPassword(ctx, user, password)
 		if err != nil {
 			render.Error(w, err)
 			return
@@ -202,7 +202,6 @@ func (h *Handler) GetInvite(w http.ResponseWriter, r *http.Request) {
 	}
 
 	render.Success(w, http.StatusOK, gettableInvite)
-	return
 }
 
 func (h *Handler) CreateAPIKey(w http.ResponseWriter, r *http.Request) {

pkg/apis/fields/parse.go

@@ -34,7 +34,7 @@ func parseFieldKeyRequest(r *http.Request) (*telemetrytypes.FieldKeySelector, er
 	var startUnixMilli, endUnixMilli int64
 
 	if r.URL.Query().Get("startUnixMilli") != "" {
-		startUnixMilli, err := strconv.ParseInt(r.URL.Query().Get("startUnixMilli"), 10, 64)
+		startUnixMilli, err = strconv.ParseInt(r.URL.Query().Get("startUnixMilli"), 10, 64)
 		if err != nil {
 			return nil, errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to parse startUnixMilli")
 		}

pkg/cache/cachetest/provider.go

@@ -8,8 +8,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/factory/factorytest"
 )
 
-type provider struct{}
-
 func New(config cache.Config) (cache.Cache, error) {
 	cache, err := memorycache.New(context.TODO(), factorytest.NewSettings(), config)
 	if err != nil {

pkg/modules/user/impluser/handler.go

@@ -101,7 +101,6 @@ func (h *handler) CreateInvite(rw http.ResponseWriter, r *http.Request) {
 	}
 
 	render.Success(rw, http.StatusCreated, nil)
-	return
 }
 
 func (h *handler) CreateBulkInvite(rw http.ResponseWriter, r *http.Request) {
@@ -133,7 +132,6 @@ func (h *handler) CreateBulkInvite(rw http.ResponseWriter, r *http.Request) {
 	}
 
 	render.Success(rw, http.StatusCreated, nil)
-	return
 }
 
 func (h *handler) GetInvite(w http.ResponseWriter, r *http.Request) {
@@ -148,7 +146,6 @@ func (h *handler) GetInvite(w http.ResponseWriter, r *http.Request) {
 	}
 
 	render.Success(w, http.StatusOK, invite)
-	return
 }
 
 func (h *handler) ListInvite(w http.ResponseWriter, r *http.Request) {
@@ -160,11 +157,13 @@ func (h *handler) ListInvite(w http.ResponseWriter, r *http.Request) {
 		render.Error(w, err)
 		return
 	}
+
 	invites, err := h.module.ListInvite(ctx, claims.OrgID)
 	if err != nil {
 		render.Error(w, err)
 		return
 	}
+
 	render.Success(w, http.StatusOK, invites)
 }
 

pkg/modules/user/impluser/module.go

@@ -271,25 +271,16 @@ func (m *Module) GetAuthenticatedUser(ctx context.Context, orgID, email, passwor
 	}
 
 	var dbUser *types.User
-
-	// when the orgID is provided
-	if orgID != "" {
-		user, err := m.store.GetUserByEmailInOrg(ctx, orgID, email)
-		if err != nil {
-			return nil, err
-		}
-		dbUser = &user.User
-	}
-
 	// when the orgID is not provided we login if the user exists in just one org
-	user, err := m.store.GetUsersByEmail(ctx, email)
+	users, err := m.store.GetUsersByEmail(ctx, email)
 	if err != nil {
 		return nil, err
 	}
-	if len(user) == 0 {
+
+	if len(users) == 0 {
 		return nil, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "user with email: %s does not exist", email)
-	} else if len(user) == 1 {
+	} else if len(users) == 1 {
-		dbUser = &user[0].User
+		dbUser = &users[0].User
 	} else {
 		return nil, errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "please provide an orgID")
 	}

pkg/modules/user/impluser/store.go

@@ -116,7 +116,9 @@ func (s *Store) CreateUserWithPassword(ctx context.Context, user *types.User, pa
 		return nil, errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to start transaction")
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	if _, err := tx.NewInsert().
 		Model(user).
@@ -304,7 +306,9 @@ func (s *Store) DeleteUser(ctx context.Context, orgID string, id string) error {
 		return errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to start transaction")
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	// get the password id
 
@@ -427,7 +431,9 @@ func (s *Store) UpdatePasswordAndDeleteResetPasswordEntry(ctx context.Context, u
 		return errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to start transaction")
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	factorPassword := &types.FactorPassword{
 		UserID:   userID,

pkg/sqlmigration/011_modify_datetime.go

@@ -37,7 +37,10 @@ func (migration *modifyDatetime) Up(ctx context.Context, db *bun.DB) error {
 	if err != nil {
 		return err
 	}
-	defer tx.Rollback() //nolint:errcheck
+
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	tables := []string{"dashboards", "rules", "planned_maintenance", "ttl_status", "saved_views"}
 	columns := []string{"created_at", "updated_at"}

pkg/sqlmigration/012_modify_org_domain.go

@@ -38,7 +38,10 @@ func (migration *modifyOrgDomain) Up(ctx context.Context, db *bun.DB) error {
 	if err != nil {
 		return err
 	}
-	defer tx.Rollback() //nolint:errcheck
+
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	// rename old column
 	if _, err := tx.ExecContext(ctx, `ALTER TABLE org_domains RENAME COLUMN updated_at TO updated_at_old`); err != nil {

pkg/sqlmigration/013_update_organization.go

@@ -36,13 +36,14 @@ func (migration *updateOrganization) Register(migrations *migrate.Migrations) er
 }
 
 func (migration *updateOrganization) Up(ctx context.Context, db *bun.DB) error {
-
-	// begin transaction
 	tx, err := db.BeginTx(ctx, nil)
 	if err != nil {
 		return err
 	}
-	defer tx.Rollback() //nolint:errcheck
+
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	// update apdex settings table
 	if err := updateApdexSettings(ctx, tx); err != nil {

pkg/sqlmigration/014_add_alertmanager.go

@@ -47,7 +47,9 @@ func (migration *addAlertmanager) Up(ctx context.Context, db *bun.DB) error {
 		return err
 	}
 
-	defer tx.Rollback() //nolint:errcheck
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	if exists, err := migration.store.Dialect().ColumnExists(ctx, tx, "notification_channels", "deleted"); err != nil {
 		return err

pkg/sqlmigration/015_update_dashboards_savedviews.go

@@ -35,13 +35,14 @@ func (migration *updateDashboardAndSavedViews) Register(migrations *migrate.Migr
 }
 
 func (migration *updateDashboardAndSavedViews) Up(ctx context.Context, db *bun.DB) error {
-
-	// begin transaction
 	tx, err := db.BeginTx(ctx, nil)
 	if err != nil {
 		return err
 	}
-	defer tx.Rollback() //nolint:errcheck
+
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	// get all org ids
 	var orgIDs []string

pkg/sqlmigration/016_pat_org_domains.go

@@ -35,13 +35,15 @@ func (migration *updatePatAndOrgDomains) Register(migrations *migrate.Migrations
 }
 
 func (migration *updatePatAndOrgDomains) Up(ctx context.Context, db *bun.DB) error {
-
 	// begin transaction
 	tx, err := db.BeginTx(ctx, nil)
 	if err != nil {
 		return err
 	}
-	defer tx.Rollback()
+
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	// get all org ids
 	var orgIDs []string

pkg/sqlmigration/017_update_pipelines.go

@@ -35,13 +35,14 @@ func (migration *updatePipelines) Register(migrations *migrate.Migrations) error
 }
 
 func (migration *updatePipelines) Up(ctx context.Context, db *bun.DB) error {
-
-	// begin transaction
 	tx, err := db.BeginTx(ctx, nil)
 	if err != nil {
 		return err
 	}
-	defer tx.Rollback() //nolint:errcheck
+
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	// get all org ids
 	var orgIDs []string

pkg/sqlmigration/018_drop_licenses_sites.go

@@ -36,7 +36,10 @@ func (migration *dropLicensesSites) Up(ctx context.Context, db *bun.DB) error {
 	if err != nil {
 		return err
 	}
-	defer tx.Rollback()
+
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	if _, err := tx.
 		NewDropTable().

pkg/sqlmigration/019_update_invites.go

@@ -65,7 +65,9 @@ func (migration *updateInvites) Up(ctx context.Context, db *bun.DB) error {
 		return err
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	err = migration.
 		store.

pkg/sqlmigration/020_pat_update.go

@@ -37,7 +37,9 @@ func (migration *updatePat) Up(ctx context.Context, db *bun.DB) error {
 		return err
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	for _, column := range []string{"last_used", "expires_at"} {
 		if err := migration.

pkg/sqlmigration/021_update_alertmanager.go

@@ -100,7 +100,9 @@ func (migration *updateAlertmanager) Up(ctx context.Context, db *bun.DB) error {
 		return err
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	err = migration.
 		store.

pkg/sqlmigration/022_update_preferences.go

@@ -72,7 +72,9 @@ func (migration *updatePreferences) Up(ctx context.Context, db *bun.DB) error {
 		return err
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	err = migration.
 		store.

pkg/sqlmigration/023_update_apdex_ttl.go

@@ -84,7 +84,9 @@ func (migration *updateApdexTtl) Up(ctx context.Context, db *bun.DB) error {
 		return err
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	err = migration.
 		store.

pkg/sqlmigration/024_update_reset_password.go

@@ -84,7 +84,9 @@ func (migration *updateResetPassword) Up(ctx context.Context, db *bun.DB) error
 		return err
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	err = migration.store.Dialect().UpdatePrimaryKey(ctx, tx, new(existingResetPasswordRequest), new(newResetPasswordRequest), UserReference, func(ctx context.Context) error {
 		existingResetPasswordRequests := make([]*existingResetPasswordRequest, 0)

pkg/sqlmigration/026_update_integrations.go

@@ -122,7 +122,9 @@ func (migration *updateIntegrations) Up(ctx context.Context, db *bun.DB) error {
 	if err != nil {
 		return err
 	}
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	// don't run the migration if there are multiple org ids
 	orgIDs := make([]string, 0)

pkg/sqlmigration/027_update_rules.go

@@ -116,7 +116,9 @@ func (migration *updateRules) Up(ctx context.Context, db *bun.DB) error {
 		return err
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	ruleIDToRuleUUIDMap := map[int]valuer.UUID{}
 	err = migration.

pkg/sqlmigration/028_update_organizations.go

@@ -37,7 +37,9 @@ func (migration *updateOrganizations) Up(ctx context.Context, db *bun.DB) error
 		return err
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	err = migration.
 		store.

pkg/sqlmigration/029_drop_groups.go

@@ -61,7 +61,9 @@ func (migration *dropGroups) Up(ctx context.Context, db *bun.DB) error {
 		return err
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	type existingUser struct {
 		bun.BaseModel `bun:"table:users"`

pkg/sqlmigration/030_create_quick_filters.go

@@ -3,6 +3,7 @@ package sqlmigration
 import (
 	"context"
 	"database/sql"
+
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
@@ -42,7 +43,9 @@ func (m *createQuickFilters) Up(ctx context.Context, db *bun.DB) error {
 	if err != nil {
 		return err
 	}
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	// Create table if not exists
 	_, err = tx.NewCreateTable().

pkg/sqlmigration/031_update_quick_filters.go

@@ -3,6 +3,7 @@ package sqlmigration
 import (
 	"context"
 	"database/sql"
+
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
@@ -42,7 +43,9 @@ func (migration *updateQuickFilters) Up(ctx context.Context, db *bun.DB) error {
 		return err
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	// Delete all existing quick filters
 	_, err = tx.NewDelete().

pkg/sqlmigration/032_auth_refactor.go

@@ -80,7 +80,9 @@ func (migration *authRefactor) Up(ctx context.Context, db *bun.DB) error {
 		return err
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	if _, err := tx.NewCreateTable().
 		Model(new(factorPassword32)).

pkg/sqlmigration/033_api_keys.go

@@ -78,7 +78,9 @@ func (migration *migratePATToFactorAPIKey) Up(ctx context.Context, db *bun.DB) e
 		return err
 	}
 
-	defer tx.Rollback()
+	defer func() {
+		_ = tx.Rollback()
+	}()
 
 	err = migration.
 		store.

pkg/types/pipelinetypes/pipeline.go

@@ -150,7 +150,7 @@ func (p *PostablePipeline) IsValid() error {
 	// check the filter
 	_, err := queryBuilderToExpr.Parse(p.Filter)
 	if err != nil {
-		return fmt.Errorf(fmt.Sprintf("filter for pipeline %v is not correct: %v", p.Name, err.Error()))
+		return fmt.Errorf("filter for pipeline %v is not correct: %v", p.Name, err.Error())
 	}
 
 	idUnique := map[string]struct{}{}
@@ -168,10 +168,10 @@ func (p *PostablePipeline) IsValid() error {
 			return fmt.Errorf("type of an operator cannot be empty")
 		}
 		if i != (l-1) && op.Output == "" {
-			return fmt.Errorf(fmt.Sprintf("Output of operator %s cannot be nil", op.ID))
+			return fmt.Errorf("output of operator %s cannot be nil", op.ID)
 		}
 		if i == (l-1) && op.Output != "" {
-			return fmt.Errorf(fmt.Sprintf("Output of operator %s should be empty", op.ID))
+			return fmt.Errorf("output of operator %s should be empty", op.ID)
 		}
 
 		if _, ok := idUnique[op.ID]; ok {
@@ -204,19 +204,19 @@ func isValidOperator(op PipelineOperator) error {
 	switch op.Type {
 	case "json_parser":
 		if op.ParseFrom == "" && op.ParseTo == "" {
-			return fmt.Errorf(fmt.Sprintf("parse from and parse to of %s json operator cannot be empty", op.ID))
+			return fmt.Errorf("parse from and parse to of %s json operator cannot be empty", op.ID)
 		}
 	case "grok_parser":
 		if op.Pattern == "" {
-			return fmt.Errorf(fmt.Sprintf("pattern of %s grok operator cannot be empty", op.ID))
+			return fmt.Errorf("pattern of %s grok operator cannot be empty", op.ID)
 		}
 	case "regex_parser":
 		if op.Regex == "" {
-			return fmt.Errorf(fmt.Sprintf("regex of %s regex operator cannot be empty", op.ID))
+			return fmt.Errorf("regex of %s regex operator cannot be empty", op.ID)
 		}
 		r, err := regexp.Compile(op.Regex)
 		if err != nil {
-			return fmt.Errorf(fmt.Sprintf("error compiling regex expression of %s regex operator", op.ID))
+			return fmt.Errorf("error compiling regex expression of %s regex operator", op.ID)
 		}
 		namedCaptureGroups := 0
 		for _, groupName := range r.SubexpNames() {
@@ -225,27 +225,27 @@ func isValidOperator(op PipelineOperator) error {
 			}
 		}
 		if namedCaptureGroups == 0 {
-			return fmt.Errorf(fmt.Sprintf("no capture groups in regex expression of %s regex operator", op.ID))
+			return fmt.Errorf("no capture groups in regex expression of %s regex operator", op.ID)
 		}
 	case "copy":
 		if op.From == "" || op.To == "" {
-			return fmt.Errorf(fmt.Sprintf("from or to of %s copy operator cannot be empty", op.ID))
+			return fmt.Errorf("from or to of %s copy operator cannot be empty", op.ID)
 		}
 	case "move":
 		if op.From == "" || op.To == "" {
-			return fmt.Errorf(fmt.Sprintf("from or to of %s move operator cannot be empty", op.ID))
+			return fmt.Errorf("from or to of %s move operator cannot be empty", op.ID)
 		}
 	case "add":
 		if op.Field == "" || op.Value == "" {
-			return fmt.Errorf(fmt.Sprintf("field or value of %s add operator cannot be empty", op.ID))
+			return fmt.Errorf("field or value of %s add operator cannot be empty", op.ID)
 		}
 	case "remove":
 		if op.Field == "" {
-			return fmt.Errorf(fmt.Sprintf("field of %s remove operator cannot be empty", op.ID))
+			return fmt.Errorf("field of %s remove operator cannot be empty", op.ID)
 		}
 	case "trace_parser":
 		if op.TraceParser == nil {
-			return fmt.Errorf(fmt.Sprintf("field of %s remove operator cannot be empty", op.ID))
+			return fmt.Errorf("field of %s remove operator cannot be empty", op.ID)
 		}
 
 		hasTraceIdParseFrom := (op.TraceParser.TraceId != nil && op.TraceParser.TraceId.ParseFrom != "")
@@ -253,7 +253,7 @@ func isValidOperator(op PipelineOperator) error {
 		hasTraceFlagsParseFrom := (op.TraceParser.TraceFlags != nil && op.TraceParser.TraceFlags.ParseFrom != "")
 
 		if !(hasTraceIdParseFrom || hasSpanIdParseFrom || hasTraceFlagsParseFrom) {
-			return fmt.Errorf(fmt.Sprintf("one of trace_id, span_id, trace_flags of %s trace_parser operator must be present", op.ID))
+			return fmt.Errorf("one of trace_id, span_id, trace_flags of %s trace_parser operator must be present", op.ID)
 		}
 
 		if hasTraceIdParseFrom && !isValidOtelValue(op.TraceParser.TraceId.ParseFrom) {
@@ -268,7 +268,7 @@ func isValidOperator(op PipelineOperator) error {
 
 	case "retain":
 		if len(op.Fields) == 0 {
-			return fmt.Errorf(fmt.Sprintf("fields of %s retain operator cannot be empty", op.ID))
+			return fmt.Errorf("fields of %s retain operator cannot be empty", op.ID)
 		}
 
 	case "time_parser":
@@ -282,7 +282,7 @@ func isValidOperator(op PipelineOperator) error {
 			)
 		}
 		if op.Layout == "" {
-			return fmt.Errorf(fmt.Sprintf("format can not be empty for time parsing processor %s", op.ID))
+			return fmt.Errorf("format can not be empty for time parsing processor %s", op.ID)
 		}
 
 		validEpochLayouts := []string{"s", "ms", "us", "ns", "s.ms", "s.us", "s.ns"}
@@ -297,9 +297,7 @@ func isValidOperator(op PipelineOperator) error {
 		if op.LayoutType == "strptime" {
 			_, err := RegexForStrptimeLayout(op.Layout)
 			if err != nil {
-				return fmt.Errorf(
+				return fmt.Errorf("invalid strptime format '%s' of time parsing processor %s: %w", op.LayoutType, op.ID, err)
-					"invalid strptime format '%s' of time parsing processor %s: %w", op.LayoutType, op.ID, err,
-				)
 			}
 		}
 
@@ -316,7 +314,7 @@ func isValidOperator(op PipelineOperator) error {
 		}
 
 	default:
-		return fmt.Errorf(fmt.Sprintf("operator type %s not supported for %s, use one of (grok_parser, regex_parser, copy, move, add, remove, trace_parser, retain)", op.Type, op.ID))
+		return fmt.Errorf("operator type %s not supported for %s, use one of (grok_parser, regex_parser, copy, move, add, remove, trace_parser, retain)", op.Type, op.ID)
 	}
 
 	if !isValidOtelValue(op.ParseFrom) ||
@@ -325,7 +323,7 @@ func isValidOperator(op PipelineOperator) error {
 		!isValidOtelValue(op.To) ||
 		!isValidOtelValue(op.Field) {
 		valueErrStr := "value should have prefix of body, attributes, resource"
-		return fmt.Errorf(fmt.Sprintf("%s for operator Id %s", valueErrStr, op.ID))
+		return fmt.Errorf("%s for operator Id %s", valueErrStr, op.ID)
 	}
 	return nil
 }

pkg/types/ssotypes/saml.go

@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"strings"
 
+	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/query-service/constants"
 	saml2 "github.com/russellhaering/gosaml2"
 	dsig "github.com/russellhaering/goxmldsig"
@@ -20,12 +21,12 @@ func LoadCertificateStore(certString string) (dsig.X509CertificateStore, error)
 
 	certData, err := base64.StdEncoding.DecodeString(certString)
 	if err != nil {
-		return certStore, fmt.Errorf(fmt.Sprintf("failed to read certificate: %v", err))
+		return certStore, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to read certificate: %v", err)
 	}
 
 	idpCert, err := x509.ParseCertificate(certData)
 	if err != nil {
-		return certStore, fmt.Errorf(fmt.Sprintf("failed to prepare saml request, invalid cert: %s", err.Error()))
+		return certStore, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to prepare saml request, invalid cert: %s", err.Error())
 	}
 
 	certStore.Roots = append(certStore.Roots, idpCert)
@@ -40,12 +41,12 @@ func LoadCertFromPem(certString string) (dsig.X509CertificateStore, error) {
 
 	block, _ := pem.Decode([]byte(certString))
 	if block == nil {
-		return certStore, fmt.Errorf("no valid pem cert found")
+		return certStore, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "no valid pem cert found")
 	}
 
 	idpCert, err := x509.ParseCertificate(block.Bytes)
 	if err != nil {
-		return certStore, fmt.Errorf(fmt.Sprintf("failed to parse pem cert: %s", err.Error()))
+		return certStore, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to parse pem cert: %s", err.Error())
 	}
 
 	certStore.Roots = append(certStore.Roots, idpCert)