fix linting

internal/permissions/assignments.go

@@ -38,7 +38,7 @@ func (c *Client) AssignRole(ctx context.Context, roleID gidx.PrefixedID, memberI
 
 	var response RoleAssignResponse
 
-	if _, err = c.DoRequest(ctx, http.MethodPost, path, body, &response); err != nil {
+	if _, err = c.DoRequest(ctx, http.MethodPost, path, body, &response); err != nil { // nolint:bodyclose // body is closed by Do json decode.
 		return err
 	}
 
@@ -62,7 +62,7 @@ func (c *Client) UnassignRole(ctx context.Context, roleID gidx.PrefixedID, membe
 
 	var response RoleAssignResponse
 
-	if _, err = c.DoRequest(ctx, http.MethodDelete, path, body, &response); err != nil {
+	if _, err = c.DoRequest(ctx, http.MethodDelete, path, body, &response); err != nil { // nolint:bodyclose // body is closed by Do json decode.
 		return err
 	}
 
@@ -79,7 +79,7 @@ func (c *Client) ListRoleAssignments(ctx context.Context, roleID gidx.PrefixedID
 
 	var response roleAssignmentData
 
-	if _, err := c.DoRequest(ctx, http.MethodGet, path, nil, &response); err != nil {
+	if _, err := c.DoRequest(ctx, http.MethodGet, path, nil, &response); err != nil { // nolint:bodyclose // body is closed by Do json decode.
 		return nil, err
 	}
 

internal/permissions/client.go

@@ -18,7 +18,7 @@ import (
 const defaultPermissionsURL = "https://permissions-api.hollow-a.sv15.metalkube.net"
 
 var defaultHTTPClient = &http.Client{
-	Timeout: 5 * time.Second,
+	Timeout: 5 * time.Second, // nolint:gomnd // unexported
 }
 
 // Client is the permissions client.
@@ -104,6 +104,7 @@ func encodeJSON(v any) (*bytes.Buffer, error) {
 	return &buff, nil
 }
 
+// NewClient creats a new permissions client.
 func NewClient(token string, options ...Option) (*Client, error) {
 	client := &Client{
 		logger:     zap.NewNop().Sugar(),

internal/permissions/relationships.go

@@ -47,7 +47,7 @@ func (c *Client) DeleteResourceRelationship(ctx context.Context, resourceID gidx
 
 	var response ResourceRelationshipDeleteResponse
 
-	if _, err := c.DoRequest(ctx, http.MethodDelete, path, body, &response); err != nil {
+	if _, err := c.DoRequest(ctx, http.MethodDelete, path, body, &response); err != nil { // nolint:bodyclose // closed by Do on json decode.
 		return err
 	}
 
@@ -75,11 +75,12 @@ func (c *Client) ListResourceRelationships(ctx context.Context, resourceID gidx.
 		Data []resourceRelationship `json:"data"`
 	}
 
-	if _, err := c.DoRequest(ctx, http.MethodGet, url.String(), nil, &response); err != nil {
+	if _, err := c.DoRequest(ctx, http.MethodGet, url.String(), nil, &response); err != nil { // nolint:bodyclose // closed by Do on json decode.
 		return nil, err
 	}
 
 	data := make([]ResourceRelationship, len(response.Data))
+
 	for i, entry := range response.Data {
 		var (
 			resID, subID gidx.PrefixedID

internal/permissions/roles.go

@@ -46,7 +46,7 @@ func (c *Client) CreateRole(ctx context.Context, resourceID gidx.PrefixedID, act
 
 	var response ResourceRoleCreateResponse
 
-	if _, err = c.DoRequest(ctx, http.MethodPost, path, body, &response); err != nil {
+	if _, err = c.DoRequest(ctx, http.MethodPost, path, body, &response); err != nil { // nolint:bodyclose // closed by Do on json decode.
 		return gidx.NullPrefixedID, err
 	}
 
@@ -64,7 +64,7 @@ func (c *Client) DeleteRole(ctx context.Context, roleID gidx.PrefixedID) error {
 
 	var response ResourceRoleDeleteResponse
 
-	if _, err := c.DoRequest(ctx, http.MethodDelete, path, nil, &response); err != nil {
+	if _, err := c.DoRequest(ctx, http.MethodDelete, path, nil, &response); err != nil { // nolint:bodyclose // closed by Do on json decode.
 		return err
 	}
 
@@ -83,7 +83,7 @@ func (c *Client) ListResourceRoles(ctx context.Context, resourceID gidx.Prefixed
 		Data ResourceRoles `json:"data"`
 	}
 
-	if _, err := c.DoRequest(ctx, http.MethodGet, path, nil, &response); err != nil {
+	if _, err := c.DoRequest(ctx, http.MethodGet, path, nil, &response); err != nil { // nolint:bodyclose // closed by Do on json decode.
 		return nil, err
 	}