Merge pull request #23193 from allencloud/fix-typos

use grep to find all a/an typos

CHANGELOG.md

@@ -1721,7 +1721,7 @@ With the ongoing changes to the networking and execution subsystems of docker te
 + Add -rm to docker run for removing a container on exit
 - Remove error messages which are not actually errors
 - Fix `docker rm` with volumes
-- Fix some error cases where a HTTP body might not be closed
+- Fix some error cases where an HTTP body might not be closed
 - Fix panic with wrong dockercfg file
 - Fix the attach behavior with -i
 * Record termination time in state.

CONTRIBUTING.md

@@ -121,7 +121,7 @@ However, there might be a way to implement that feature *on top of* Docker.
     <td>
       The <a href="https://groups.google.com/forum/#!forum/docker-dev" target="_blank">docker-dev</a>
       group is for contributors and other people contributing to the Docker project.
-      You can join them without an google account by sending an email to 
+      You can join them without a google account by sending an email to 
       <a href="mailto:docker-dev+subscribe@googlegroups.com">docker-dev+subscribe@googlegroups.com</a>.
       After receiving the join-request message, you can simply reply to that to confirm the subscribtion.
     </td>

api/client/trust.go

@@ -117,7 +117,7 @@ func (scs simpleCredentialStore) SetRefreshToken(*url.URL, string, string) {
 
 // getNotaryRepository returns a NotaryRepository which stores all the
 // information needed to operate on a notary repository.
-// It creates a HTTP transport providing authentication support.
+// It creates an HTTP transport providing authentication support.
 func (cli *DockerCli) getNotaryRepository(repoInfo *registry.RepositoryInfo, authConfig types.AuthConfig, actions ...string) (*client.NotaryRepository, error) {
 	server, err := trustServer(repoInfo.Index)
 	if err != nil {

api/server/httputils/httputils.go

@@ -19,7 +19,7 @@ const APIVersionKey = "api-version"
 const UAStringKey = "upstream-user-agent"
 
 // APIFunc is an adapter to allow the use of ordinary functions as Docker API endpoints.
-// Any function that has the appropriate signature can be registered as a API endpoint (e.g. getVersion).
+// Any function that has the appropriate signature can be registered as an API endpoint (e.g. getVersion).
 type APIFunc func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error
 
 // HijackConnection interrupts the http response writer to get the

daemon/graphdriver/driver.go

@@ -123,7 +123,7 @@ func init() {
 	drivers = make(map[string]InitFunc)
 }
 
-// Register registers a InitFunc for the driver.
+// Register registers an InitFunc for the driver.
 func Register(name string, initFunc InitFunc) error {
 	if _, exists := drivers[name]; exists {
 		return fmt.Errorf("Name already registered %s", name)

daemon/graphdriver/graphtest/graphtest_unix.go

@@ -94,7 +94,7 @@ func cleanup(t *testing.T, d *Driver) {
 	os.RemoveAll(d.root)
 }
 
-// GetDriver create a new driver with given name or return a existing driver with the name updating the reference count.
+// GetDriver create a new driver with given name or return an existing driver with the name updating the reference count.
 func GetDriver(t *testing.T, name string) graphdriver.Driver {
 	if drv == nil {
 		drv = newDriver(t, name)
@@ -172,7 +172,7 @@ func readDir(dir string) ([]os.FileInfo, error) {
 	return b, nil
 }
 
-// DriverTestCreateEmpty creates an new image and verifies it is empty and the right metadata
+// DriverTestCreateEmpty creates a new image and verifies it is empty and the right metadata
 func DriverTestCreateEmpty(t *testing.T, drivername string) {
 	driver := GetDriver(t, drivername)
 	defer PutDriver(t)

daemon/graphdriver/overlay/overlay.go

@@ -74,8 +74,8 @@ func (d *naiveDiffDriverWithApply) ApplyDiff(id, parent string, diff archive.Rea
 // layer in the overlay. The overlay itself is mounted in the "merged"
 // directory, and the "work" dir is needed for overlay to work.
 
-// When a overlay layer is created there are two cases, either the
-// parent has a "root" dir, then we start out with a empty "upper"
+// When an overlay layer is created there are two cases, either the
+// parent has a "root" dir, then we start out with an empty "upper"
 // directory overlaid on the parents root. This is typically the
 // case with the init layer of a container which is based on an image.
 // If there is no "root" in the parent, we inherit the lower-id from
@@ -103,7 +103,7 @@ func init() {
 
 // Init returns the NaiveDiffDriver, a native diff driver for overlay filesystem.
 // If overlay filesystem is not supported on the host, graphdriver.ErrNotSupported is returned as error.
-// If a overlay filesystem is not supported over a existing filesystem then error graphdriver.ErrIncompatibleFS is returned.
+// If an overlay filesystem is not supported over an existing filesystem then error graphdriver.ErrIncompatibleFS is returned.
 func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (graphdriver.Driver, error) {
 
 	if err := supportsOverlay(); err != nil {
@@ -265,7 +265,7 @@ func (d *Driver) Create(id, parent, mountLabel string, storageOpt map[string]str
 		return err
 	}
 
-	// If parent has a root, just do a overlay to it
+	// If parent has a root, just do an overlay to it
 	parentRoot := path.Join(parentDir, "root")
 
 	if s, err := os.Lstat(parentRoot); err == nil {
@@ -386,7 +386,7 @@ func (d *Driver) Put(id string) error {
 	return nil
 }
 
-// ApplyDiff applies the new layer on top of the root, if parent does not exist with will return a ErrApplyDiffFallback error.
+// ApplyDiff applies the new layer on top of the root, if parent does not exist with will return an ErrApplyDiffFallback error.
 func (d *Driver) ApplyDiff(id string, parent string, diff archive.Reader) (size int64, err error) {
 	dir := d.dir(id)
 

daemon/graphdriver/zfs/zfs.go

@@ -40,7 +40,7 @@ func (*Logger) Log(cmd []string) {
 }
 
 // Init returns a new ZFS driver.
-// It takes base mount path and a array of options which are represented as key value pairs.
+// It takes base mount path and an array of options which are represented as key value pairs.
 // Each option is in the for key=value. 'zfs.fsname' is expected to be a valid key in the options.
 func Init(base string, opt []string, uidMaps, gidMaps []idtools.IDMap) (graphdriver.Driver, error) {
 	var err error

daemon/logger/etwlogs/etwlogs_windows.go

@@ -8,7 +8,7 @@
 // 3. logman stop -ets DockerContainerLogs
 // 4. You can then convert the etl log file to XML using: tracerpt -y trace.etl
 //
-// Each container log message generates a ETW event that also contains:
+// Each container log message generates an ETW event that also contains:
 // the container name and ID, the timestamp, and the stream type.
 package etwlogs
 

daemon/oci_linux.go

@@ -305,7 +305,7 @@ func setNamespaces(daemon *Daemon, s *specs.Spec, c *container.Container) error
 		ns.Path = fmt.Sprintf("/proc/%d/ns/pid", pc.State.GetPID())
 		setNamespace(s, ns)
 		if userNS {
-			// to share an PID namespace, they must also share a user namespace
+			// to share a PID namespace, they must also share a user namespace
 			nsUser := specs.Namespace{Type: "user"}
 			nsUser.Path = fmt.Sprintf("/proc/%d/ns/user", pc.State.GetPID())
 			setNamespace(s, nsUser)

distribution/registry.go

@@ -34,7 +34,7 @@ func (dcs dumbCredentialStore) RefreshToken(*url.URL, string) string {
 func (dcs dumbCredentialStore) SetRefreshToken(*url.URL, string, string) {
 }
 
-// NewV2Repository returns a repository (v2 only). It creates a HTTP transport
+// NewV2Repository returns a repository (v2 only). It creates an HTTP transport
 // providing timeout settings and authentication support, and also verifies the
 // remote API version.
 func NewV2Repository(ctx context.Context, repoInfo *registry.RepositoryInfo, endpoint registry.APIEndpoint, metaHeaders http.Header, authConfig *types.AuthConfig, actions ...string) (repo distribution.Repository, foundVersion bool, err error) {

docs/admin/configuring.md

@@ -48,7 +48,7 @@ Some of the daemon's options are:
 | `--tls=false`         | Enable or disable TLS. By default, this is false.         |
 
 
-Here is a an example of running the `docker` daemon with configuration options:
+Here is an example of running the `docker` daemon with configuration options:
 
     $ dockerd -D --tls=true --tlscert=/var/docker/server.pem --tlskey=/var/docker/serverkey.pem -H tcp://192.168.59.3:2376
 

docs/admin/logging/fluentd.md

@@ -89,7 +89,7 @@ and [its documents](http://docs.fluentd.org/).
 To use this logging driver, start the `fluentd` daemon on a host. We recommend
 that you use [the Fluentd docker
 image](https://hub.docker.com/r/fluent/fluentd/). This image is
-especially useful if you want to aggregate multiple container logs on a each
+especially useful if you want to aggregate multiple container logs on each
 host then, later, transfer the logs to another Fluentd node to create an
 aggregate store.
 

docs/admin/systemd.md

@@ -123,7 +123,7 @@ If you fail to specify an empty configuration, Docker reports an error such as:
 
 This example overrides the default `docker.service` file.
 
-If you are behind a HTTP proxy server, for example in corporate settings,
+If you are behind an HTTP proxy server, for example in corporate settings,
 you will need to add this configuration in the Docker systemd service file.
 
 First, create a systemd drop-in directory for the docker service:

docs/examples/running_redis_service.md

@@ -1,7 +1,7 @@
 <!--[metadata]>
 +++
 title = "Dockerizing a Redis service"
-description = "Installing and running an redis service"
+description = "Installing and running a redis service"
 keywords = ["docker, example, package installation, networking,  redis"]
 [menu.main]
 parent = "engine_dockerize"

docs/installation/linux/fedora.md

@@ -26,7 +26,7 @@ version, open a terminal and use `uname -r` to display your kernel version:
     $ uname -r
     3.19.5-100.fc21.x86_64
 
-If your kernel is at a older version, you must update it.
+If your kernel is at an older version, you must update it.
 
 Finally, is it recommended that you fully update your system. Please keep in
 mind that your system should be fully patched to fix any potential kernel bugs. Any

docs/installation/windows.md

@@ -85,7 +85,7 @@ Docker container using standard localhost addressing such as `localhost:8000` or
 
 ![Linux Architecture Diagram](images/linux_docker_host.svg)
 
-In an Windows installation, the `docker` daemon is running inside a Linux virtual
+In a Windows installation, the `docker` daemon is running inside a Linux virtual
 machine. You use the Windows Docker client to talk to the Docker host VM. Your
 Docker containers run inside this host.
 

docs/reference/api/docker_remote_api.md

@@ -116,8 +116,8 @@ This section lists each version from latest to oldest.  Each listing includes a
 * `GET /info` now returns `SecurityOptions` field, showing if `apparmor`, `seccomp`, or `selinux` is supported.
 * `GET /networks` now supports filtering by `label` and `driver`.
 * `POST /containers/create` now takes `MaximumIOps` and `MaximumIOBps` fields. Windows daemon only.
-* `POST /containers/create` now returns a HTTP 400 "bad parameter" message
-  if no command is specified (instead of a HTTP 500 "server error")
+* `POST /containers/create` now returns an HTTP 400 "bad parameter" message
+  if no command is specified (instead of an HTTP 500 "server error")
 * `GET /images/search` now takes a `filters` query parameter.
 * `GET /events` now supports a `reload` event that is emitted when the daemon configuration is reloaded.
 * `GET /events` now supports filtering by daemon name or ID.

docs/reference/api/docker_remote_api_v1.20.md

@@ -1128,7 +1128,7 @@ following section.
 
 `GET /containers/(id or name)/archive`
 
-Get an tar archive of a resource in the filesystem of container `id`.
+Get a tar archive of a resource in the filesystem of container `id`.
 
 Query Parameters:
 

docs/reference/api/docker_remote_api_v1.21.md

@@ -1219,7 +1219,7 @@ following section.
 
 `GET /containers/(id or name)/archive`
 
-Get an tar archive of a resource in the filesystem of container `id`.
+Get a tar archive of a resource in the filesystem of container `id`.
 
 Query Parameters:
 

docs/reference/api/docker_remote_api_v1.22.md

@@ -1390,7 +1390,7 @@ following section.
 
 `GET /containers/(id or name)/archive`
 
-Get an tar archive of a resource in the filesystem of container `id`.
+Get a tar archive of a resource in the filesystem of container `id`.
 
 Query Parameters:
 

docs/reference/api/docker_remote_api_v1.23.md

@@ -1420,7 +1420,7 @@ following section.
 
 `GET /containers/(id or name)/archive`
 
-Get an tar archive of a resource in the filesystem of container `id`.
+Get a tar archive of a resource in the filesystem of container `id`.
 
 Query Parameters:
 

docs/reference/api/docker_remote_api_v1.24.md

@@ -1430,7 +1430,7 @@ following section.
 
 `GET /containers/(id or name)/archive`
 
-Get an tar archive of a resource in the filesystem of container `id`.
+Get a tar archive of a resource in the filesystem of container `id`.
 
 Query Parameters:
 

docs/reference/commandline/attach.md

@@ -51,7 +51,7 @@ foreground over a slow client connection. Instead, users should use the
 
 ## Override the detach sequence
 
-If you want, you can configure a override the Docker key sequence for detach.
+If you want, you can configure an override the Docker key sequence for detach.
 This is is useful if the Docker default sequence conflicts with key squence you
 use for other applications. There are two ways to defines a your own detach key
 sequence, as a per-container override or as a configuration property on  your

docs/reference/commandline/dockerd.md

@@ -587,9 +587,9 @@ system's list of trusted CAs instead of enabling `--insecure-registry`.
 
 Enabling `--disable-legacy-registry` forces a docker daemon to only interact with registries which support the V2 protocol.  Specifically, the daemon will not attempt `push`, `pull` and `login` to v1 registries.  The exception to this is `search` which can still be performed on v1 registries.
 
-## Running a Docker daemon behind a HTTPS_PROXY
+## Running a Docker daemon behind an HTTPS_PROXY
 
-When running inside a LAN that uses a `HTTPS` proxy, the Docker Hub
+When running inside a LAN that uses an `HTTPS` proxy, the Docker Hub
 certificates will be replaced by the proxy's certificates. These certificates
 need to be added to your Docker host's configuration:
 

docs/reference/commandline/pull.md

@@ -29,7 +29,7 @@ use `docker pull`.
 
 ## Proxy configuration
 
-If you are behind a HTTP proxy server, for example in corporate settings,
+If you are behind an HTTP proxy server, for example in corporate settings,
 before open a connect to registry, you may need to configure the Docker
 daemon's proxy settings, using the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY`
 environment variables. To set these environment variables on a host using

docs/security/https.md

@@ -12,7 +12,7 @@ parent = "smn_secure_docker"
 # Protect the Docker daemon socket
 
 By default, Docker runs via a non-networked Unix socket. It can also
-optionally communicate using a HTTP socket.
+optionally communicate using an HTTP socket.
 
 If you need Docker to be reachable via the network in a safe manner, you can
 enable TLS by specifying the `tlsverify` flag and pointing Docker's

docs/security/trust/content_trust.md

@@ -107,7 +107,7 @@ Trust for an image tag is managed through the use of signing keys. A key set is
 created when an operation using content trust is first invoked. A key set consists
 of the following classes of keys:
 
-- an offline key that is the root of content trust for a image tag
+- an offline key that is the root of content trust for an image tag
 - repository or tagging keys that sign tags
 - server-managed keys such as the timestamp key, which provides freshness
 	security guarantees for your repository

docs/security/trust/trust_delegation.md

@@ -67,7 +67,7 @@ e is 65537 (0x10001)
 They should keep `delegation.key` private - this is what they will use to sign
 tags.
 
-Then they need to generate a x509 certificate containing the public key, which is
+Then they need to generate an x509 certificate containing the public key, which is
 what they will give to you.  Here is the command to generate a CSR (certificate
 signing request):
 

docs/security/trust/trust_key_mng.md

@@ -15,7 +15,7 @@ trust makes use of five different types of keys:
 
 | Key                 | Description                                                                                                                                                                                                                                                                                                                                                                         |
 |---------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| root key         | Root of content trust for a image tag. When content trust is enabled, you create the root key once. Also known as the offline key, because it should be kept offline. |
+| root key         | Root of content trust for an image tag. When content trust is enabled, you create the root key once. Also known as the offline key, because it should be kept offline. |
 | targets          | This key allows you to sign image tags, to manage delegations including delegated keys or permitted delegation paths. Also known as the repository key, since this key determines what tags can be signed into an image repository. |
 | snapshot         | This key signs the current collection of image tags, preventing mix and match attacks.
 | timestamp        | This key allows Docker image repositories to have freshness security guarantees without requiring periodic content refreshes on the client's side. |

docs/userguide/intro.md

@@ -87,7 +87,7 @@ Go to [Docker Machine user guide](https://docs.docker.com/machine/).
 
 ### Docker Compose
 
-Docker Compose allows you to define a application's components -- their containers,
+Docker Compose allows you to define an application's components -- their containers,
 configuration, links and volumes -- in a single file. Then a single command
 will set everything up and start your application running.
 

integration-cli/docker_cli_authz_unix_test.go

@@ -76,7 +76,7 @@ func (s *DockerAuthzSuite) TearDownTest(c *check.C) {
 func (s *DockerAuthzSuite) SetUpSuite(c *check.C) {
 	mux := http.NewServeMux()
 	s.server = httptest.NewServer(mux)
-	c.Assert(s.server, check.NotNil, check.Commentf("Failed to start a HTTP Server"))
+	c.Assert(s.server, check.NotNil, check.Commentf("Failed to start an HTTP Server"))
 
 	mux.HandleFunc("/Plugin.Activate", func(w http.ResponseWriter, r *http.Request) {
 		b, err := json.Marshal(plugins.Manifest{Implements: []string{authorization.AuthZApiImplements}})

integration-cli/docker_cli_by_digest_test.go

@@ -346,7 +346,7 @@ func (s *DockerRegistrySuite) TestPsListContainersFilterAncestorImageByDigest(c
 	// pull from the registry using the <name>@<digest> reference
 	dockerCmd(c, "pull", imageReference)
 
-	// build a image from it
+	// build an image from it
 	imageName1 := "images_ps_filter_test"
 	_, err = buildImage(imageName1, fmt.Sprintf(
 		`FROM %s

integration-cli/docker_cli_cp_test.go

@@ -647,7 +647,7 @@ func (s *DockerSuite) TestCpSymlinkFromConToHostFollowSymlink(c *check.C) {
 	}
 	os.Remove(expectedPath)
 
-	// now test copy symbol link to an non-existing file in host
+	// now test copy symbol link to a non-existing file in host
 	expectedPath = filepath.Join(testDir, "somefile_host")
 	// expectedPath shouldn't exist, if exists, remove it
 	if _, err := os.Lstat(expectedPath); err == nil {

integration-cli/docker_cli_daemon_test.go

@@ -449,7 +449,7 @@ func (s *DockerDaemonSuite) TestDaemonIPv6FixedCIDR(c *check.C) {
 }
 
 // TestDaemonIPv6FixedCIDRAndMac checks that when the daemon is started with ipv6 fixed CIDR
-// the running containers are given a an IPv6 address derived from the MAC address and the ipv6 fixed CIDR
+// the running containers are given an IPv6 address derived from the MAC address and the ipv6 fixed CIDR
 func (s *DockerDaemonSuite) TestDaemonIPv6FixedCIDRAndMac(c *check.C) {
 	// IPv6 setup is messing with local bridge address.
 	testRequires(c, SameHostDaemon)

integration-cli/docker_cli_external_volume_driver_unix_test.go

@@ -72,7 +72,7 @@ func (s *DockerExternalVolumeSuite) SetUpSuite(c *check.C) {
 	type vol struct {
 		Name       string
 		Mountpoint string
-		Ninja      bool // hack used to trigger an null volume return on `Get`
+		Ninja      bool // hack used to trigger a null volume return on `Get`
 		Status     map[string]interface{}
 	}
 	var volList []vol

integration-cli/docker_cli_history_test.go

@@ -73,7 +73,7 @@ func (s *DockerSuite) TestHistoryNonExistentImage(c *check.C) {
 func (s *DockerSuite) TestHistoryImageWithComment(c *check.C) {
 	name := "testhistoryimagewithcomment"
 
-	// make a image through docker commit <container id> [ -m messages ]
+	// make an image through docker commit <container id> [ -m messages ]
 
 	dockerCmd(c, "run", "--name", name, "busybox", "true")
 	dockerCmd(c, "wait", name)

integration-cli/docker_cli_netmode_test.go

@@ -13,7 +13,7 @@ import (
 const stringCheckPS = "PID   USER"
 
 // DockerCmdWithFail executes a docker command that is supposed to fail and returns
-// the output, the exit code. If the command returns an Nil error, it will fail and
+// the output, the exit code. If the command returns a Nil error, it will fail and
 // stop the tests.
 func dockerCmdWithFail(c *check.C, args ...string) (string, int) {
 	out, status, err := dockerCmdWithError(args...)

integration-cli/docker_cli_network_unix_test.go

@@ -56,7 +56,7 @@ func (s *DockerNetworkSuite) TearDownTest(c *check.C) {
 func (s *DockerNetworkSuite) SetUpSuite(c *check.C) {
 	mux := http.NewServeMux()
 	s.server = httptest.NewServer(mux)
-	c.Assert(s.server, check.NotNil, check.Commentf("Failed to start a HTTP Server"))
+	c.Assert(s.server, check.NotNil, check.Commentf("Failed to start an HTTP Server"))
 	setupRemoteNetworkDrivers(c, mux, s.server.URL, dummyNetworkDriver, dummyIpamDriver)
 }
 

integration-cli/docker_cli_rmi_test.go

@@ -270,7 +270,7 @@ func (s *DockerSuite) TestRmiContainerImageNotFound(c *check.C) {
 // #13422
 func (s *DockerSuite) TestRmiUntagHistoryLayer(c *check.C) {
 	image := "tmp1"
-	// Build a image for testing.
+	// Build an image for testing.
 	dockerfile := `FROM busybox
 MAINTAINER foo
 RUN echo 0 #layer0

integration-cli/docker_hub_pull_suite_test.go

@@ -17,7 +17,7 @@ func init() {
 	}
 }
 
-// DockerHubPullSuite provides a isolated daemon that doesn't have all the
+// DockerHubPullSuite provides an isolated daemon that doesn't have all the
 // images that are baked into our 'global' test environment daemon (e.g.,
 // busybox, httpserver, ...).
 //
@@ -82,7 +82,7 @@ func (s *DockerHubPullSuite) CmdWithError(name string, arg ...string) (string, e
 	return string(b), err
 }
 
-// MakeCmd returns a exec.Cmd command to run against the suite daemon.
+// MakeCmd returns an exec.Cmd command to run against the suite daemon.
 func (s *DockerHubPullSuite) MakeCmd(name string, arg ...string) *exec.Cmd {
 	args := []string{"--host", s.d.sock(), name}
 	args = append(args, arg...)

man/docker-attach.1.md

@@ -43,7 +43,7 @@ attaching to a tty-enabled container (i.e.: launched with `-t`).
 
 # Override the detach sequence
 
-If you want, you can configure a override the Docker key sequence for detach.
+If you want, you can configure an override the Docker key sequence for detach.
 This is is useful if the Docker default sequence conflicts with key squence you
 use for other applications. There are two ways to defines a your own detach key
 sequence, as a per-container override or as a configuration property on  your

man/docker-inspect.1.md

@@ -223,7 +223,7 @@ output:
 You can get more information about how to write a Go template from:
 https://golang.org/pkg/text/template/.
 
-## Getting size information on an container
+## Getting size information on a container
 
     $ docker inspect -s d2cc496561d6
     [

man/docker-run.1.md

@@ -219,7 +219,7 @@ See **config-json(5)** for documentation on using a configuration file.
    Limit write rate to a device (e.g. --device-write-bps=/dev/sda:1mb)
 
 **--device-write-iops**=[]
-   Limit write rate a a device (e.g. --device-write-iops=/dev/sda:1000)
+   Limit write rate to a device (e.g. --device-write-iops=/dev/sda:1000)
 
 **--dns-search**=[]
    Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain)

opts/opts.go

@@ -251,7 +251,7 @@ func ValidateLabel(val string) (string, error) {
 	return val, nil
 }
 
-// ValidateSysctl validates an sysctl and returns it.
+// ValidateSysctl validates a sysctl and returns it.
 func ValidateSysctl(val string) (string, error) {
 	validSysctlMap := map[string]bool{
 		"kernel.msgmax":          true,

pkg/archive/archive_test.go

@@ -132,7 +132,7 @@ func TestDecompressStreamXz(t *testing.T) {
 	archive, err := os.Open(tmp + "archive.xz")
 	_, err = DecompressStream(archive)
 	if err != nil {
-		t.Fatalf("Failed to decompress a xz file.")
+		t.Fatalf("Failed to decompress an xz file.")
 	}
 }
 
@@ -181,7 +181,7 @@ func TestExtensionUncompressed(t *testing.T) {
 	compression := Uncompressed
 	output := compression.Extension()
 	if output != "tar" {
-		t.Fatalf("The extension of a uncompressed archive should be 'tar'.")
+		t.Fatalf("The extension of an uncompressed archive should be 'tar'.")
 	}
 }
 func TestExtensionBzip2(t *testing.T) {

pkg/archive/changes_test.go

@@ -252,7 +252,7 @@ func TestChangesWithChangesGH13590(t *testing.T) {
 	checkChanges(expectedChanges, changes, t)
 }
 
-// Create an directory, copy it, make sure we report no changes between the two
+// Create a directory, copy it, make sure we report no changes between the two
 func TestChangesDirsEmpty(t *testing.T) {
 	// TODO Windows. There may be a way of running this, but turning off for now
 	// as createSampleDir uses symlinks.

pkg/authorization/authz.go

@@ -40,7 +40,7 @@ func NewCtx(authZPlugins []Plugin, user, userAuthNMethod, requestMethod, request
 	}
 }
 
-// Ctx stores a a single request-response interaction context
+// Ctx stores a single request-response interaction context
 type Ctx struct {
 	user            string
 	userAuthNMethod string

pkg/httputils/resumablerequestreader_test.go

@@ -99,7 +99,7 @@ func (errorReaderCloser) Read(p []byte) (n int, err error) {
 	return 0, fmt.Errorf("An error occurred")
 }
 
-// If a an unknown error is encountered, return 0, nil and log it
+// If an unknown error is encountered, return 0, nil and log it
 func TestResumableRequestReaderWithReadError(t *testing.T) {
 	var req *http.Request
 	req, err := http.NewRequest("GET", "", nil)

pkg/ioutils/readers.go

@@ -55,7 +55,7 @@ func HashData(src io.Reader) (string, error) {
 	return "sha256:" + hex.EncodeToString(h.Sum(nil)), nil
 }
 
-// OnEOFReader wraps a io.ReadCloser and a function
+// OnEOFReader wraps an io.ReadCloser and a function
 // the function will run at the end of file or close the file.
 type OnEOFReader struct {
 	Rc io.ReadCloser

pkg/jsonmessage/jsonmessage.go

@@ -13,7 +13,7 @@ import (
 )
 
 // JSONError wraps a concrete Code and Message, `Code` is
-// is a integer error code, `Message` is the error message.
+// is an integer error code, `Message` is the error message.
 type JSONError struct {
 	Code    int    `json:"code,omitempty"`
 	Message string `json:"message,omitempty"`

pkg/mflag/README.md

@@ -1,5 +1,5 @@
 Package mflag (aka multiple-flag) implements command-line flag parsing.  
-It's an **hacky** fork of the [official golang package](http://golang.org/pkg/flag/)
+It's a **hacky** fork of the [official golang package](http://golang.org/pkg/flag/)
 
 It adds:
 

pkg/mflag/flag.go

@@ -24,7 +24,7 @@
 //
 //	You can also add "deprecated" flags, they are still usable, but are not shown
 //	in the usage and will display a warning when you try to use them. `#` before
-//	an option means this option is deprecated, if there is an following option
+//	an option means this option is deprecated, if there is a following option
 //	without `#` ahead, then that's the replacement, if not, it will just be removed:
 //		var ip = flag.Int([]string{"#f", "#flagname", "-flagname"}, 1234, "help message for flagname")
 //	this will display: `Warning: '-f' is deprecated, it will be replaced by '--flagname' soon. See usage.` or
@@ -1236,7 +1236,7 @@ func (v mergeVal) Name() string {
 	return v.key
 }
 
-// Merge is an helper function that merges n FlagSets into a single dest FlagSet
+// Merge is a helper function that merges n FlagSets into a single dest FlagSet
 // In case of name collision between the flagsets it will apply
 // the destination FlagSet's errorHandling behavior.
 func Merge(dest *FlagSet, flagsets ...*FlagSet) error {

pkg/progress/progress.go

@@ -38,7 +38,7 @@ func (out chanOutput) WriteProgress(p Progress) error {
 	return nil
 }
 
-// ChanOutput returns a Output that writes progress updates to the
+// ChanOutput returns an Output that writes progress updates to the
 // supplied channel.
 func ChanOutput(progressChan chan<- Progress) Output {
 	return chanOutput(progressChan)

reference/reference.go

@@ -155,7 +155,7 @@ func IsNameOnly(ref Named) bool {
 	return true
 }
 
-// ParseIDOrReference parses string for a image ID or a reference. ID can be
+// ParseIDOrReference parses string for an image ID or a reference. ID can be
 // without a default prefix.
 func ParseIDOrReference(idOrRef string) (digest.Digest, Named, error) {
 	if err := v1.ValidateID(idOrRef); err == nil {

reference/store.go

@@ -48,7 +48,7 @@ type store struct {
 	referencesByIDCache map[image.ID]map[string]Named
 }
 
-// Repository maps tags to image IDs. The key is a a stringified Reference,
+// Repository maps tags to image IDs. The key is a stringified Reference,
 // including the repository name.
 type repository map[string]image.ID
 

registry/registry.go

@@ -114,7 +114,7 @@ func DockerHeaders(userAgent string, metaHeaders http.Header) []transport.Reques
 	return modifiers
 }
 
-// HTTPClient returns a HTTP client structure which uses the given transport
+// HTTPClient returns an HTTP client structure which uses the given transport
 // and contains the necessary headers for redirected requests
 func HTTPClient(transport http.RoundTripper) *http.Client {
 	return &http.Client{

registry/session.go

@@ -95,7 +95,7 @@ func cloneRequest(r *http.Request) *http.Request {
 	return r2
 }
 
-// RoundTrip changes a HTTP request's headers to add the necessary
+// RoundTrip changes an HTTP request's headers to add the necessary
 // authentication-related headers
 func (tr *authTransport) RoundTrip(orig *http.Request) (*http.Response, error) {
 	// Authorization should not be set on 302 redirect for untrusted locations.

registry/types.go

@@ -29,7 +29,7 @@ type ImgData struct {
 // indicates the registry's version and whether the registry claims to be a
 // standalone registry.
 type PingResult struct {
-	// Version is the registry version supplied by the registry in a HTTP
+	// Version is the registry version supplied by the registry in an HTTP
 	// header
 	Version string `json:"version"`
 	// Standalone is set to true if the registry indicates it is a

runconfig/opts/envfile_test.go

@@ -95,10 +95,10 @@ func TestParseEnvFileBadlyFormattedFile(t *testing.T) {
 
 	_, err := ParseEnvFile(tmpFile)
 	if err == nil {
-		t.Fatalf("Expected a ErrBadEnvVariable, got nothing")
+		t.Fatalf("Expected an ErrBadEnvVariable, got nothing")
 	}
 	if _, ok := err.(ErrBadEnvVariable); !ok {
-		t.Fatalf("Expected a ErrBadEnvVariable, got [%v]", err)
+		t.Fatalf("Expected an ErrBadEnvVariable, got [%v]", err)
 	}
 	expectedMessage := "poorly formatted environment: variable 'f   ' has white spaces"
 	if err.Error() != expectedMessage {
@@ -130,10 +130,10 @@ another invalid line`
 	_, err := ParseEnvFile(tmpFile)
 
 	if err == nil {
-		t.Fatalf("Expected a ErrBadEnvVariable, got nothing")
+		t.Fatalf("Expected an ErrBadEnvVariable, got nothing")
 	}
 	if _, ok := err.(ErrBadEnvVariable); !ok {
-		t.Fatalf("Expected a ErrBadEnvvariable, got [%v]", err)
+		t.Fatalf("Expected an ErrBadEnvvariable, got [%v]", err)
 	}
 	expectedMessage := "poorly formatted environment: variable 'first line' has white spaces"
 	if err.Error() != expectedMessage {

runconfig/opts/parse_test.go

@@ -654,14 +654,14 @@ func TestParseEnvfileVariables(t *testing.T) {
 		t.Fatal(err)
 	}
 	if len(config.Env) != 1 || config.Env[0] != "ENV1=value1" {
-		t.Fatalf("Expected a a config with [ENV1=value1], got %v", config.Env)
+		t.Fatalf("Expected a config with [ENV1=value1], got %v", config.Env)
 	}
 	config, _, _, _, err = parseRun([]string{"--env-file=fixtures/valid.env", "--env=ENV2=value2", "img", "cmd"})
 	if err != nil {
 		t.Fatal(err)
 	}
 	if len(config.Env) != 2 || config.Env[0] != "ENV1=value1" || config.Env[1] != "ENV2=value2" {
-		t.Fatalf("Expected a a config with [ENV1=value1 ENV2=value2], got %v", config.Env)
+		t.Fatalf("Expected a config with [ENV1=value1 ENV2=value2], got %v", config.Env)
 	}
 }
 
@@ -680,14 +680,14 @@ func TestParseLabelfileVariables(t *testing.T) {
 		t.Fatal(err)
 	}
 	if len(config.Labels) != 1 || config.Labels["LABEL1"] != "value1" {
-		t.Fatalf("Expected a a config with [LABEL1:value1], got %v", config.Labels)
+		t.Fatalf("Expected a config with [LABEL1:value1], got %v", config.Labels)
 	}
 	config, _, _, _, err = parseRun([]string{"--label-file=fixtures/valid.label", "--label=LABEL2=value2", "img", "cmd"})
 	if err != nil {
 		t.Fatal(err)
 	}
 	if len(config.Labels) != 2 || config.Labels["LABEL1"] != "value1" || config.Labels["LABEL2"] != "value2" {
-		t.Fatalf("Expected a a config with [LABEL1:value1 LABEL2:value2], got %v", config.Labels)
+		t.Fatalf("Expected a config with [LABEL1:value1 LABEL2:value2], got %v", config.Labels)
 	}
 }