Packages are scoped by capability at the repo root (for example policy, ldap, randreader, sync). Shared primitives live in env, net, safe, and xtime, while integration helpers such as certificates sit under certs/. Tests follow Go’s convention of co-locating _test.go files beside the code they exercise. No secondary Go modules exist; the single go.mod at the root governs builds.
make lint– installs tooling viamake getdepswhen missing, then runsgolangci-lintwith the repo’s strict config.make test– executesmake lintandgo test -race -tags kqueue ./...to cover all packages.make test-ldap– focuses on theldappackage against the endpoint defined inLDAP_TEST_SERVER.make clean– removes cache binaries and editor swap artifacts. Run these commands before opening a pull request; they mirror the CI stack.
Always format Go sources with gofmt/goimports. Follow the CLAUDE guidance from miniohq/eos: keep comments minimal, explaining why the code exists, never what, and do not leave “removed because” notes when deleting code. Use descriptive package names that mirror directory names and exported identifiers with GoDoc-ready sentences. Stick to tab-indented Go style and avoid introducing logging or HTTP helpers that bypass established patterns in sibling MinIO repos without prior discussion.
Write focused unit tests in _test.go files and organize table-driven tests for edge cases (credentials, policy evaluation, network fallbacks). Include subtests for protocol-specific behavior. Always run make test; add targeted benchmarks (go test -bench) when optimizing hot paths and share before/after numbers in review.
Structure commits around single concerns with imperative subjects (e.g., Add, Fix, Remove). Reference GitHub issues where applicable. Pull requests must describe motivation, list validation commands, call out performance impact, and note any documentation updates. Keep feedback actionable—mirroring CLAUDE’s expectations—and ensure CI is green before requesting review.
Treat secrets, certificates, and credentials as sensitive: never commit real values. Validate inputs touching filesystem or network boundaries, rely on existing policy enforcement helpers, and update README.md when new environment variables or configuration flags are introduced.