chore: remove duplicate word in comments (#5616)

balancer/rls/config.go

@@ -127,7 +127,7 @@ type lbConfigJSON struct {
 //       - across all `headers`, `constant_keys` and `extra_keys` fields:
 //         - must not have the same `key` specified twice
 //         - no `key` must be the empty string
-//   - `lookup_service` field must be set and and must parse as a target URI
+//   - `lookup_service` field must be set and must parse as a target URI
 //   - if `max_age` > 5m, it should be set to 5 minutes
 //   - if `stale_age` > `max_age`, ignore it
 //   - if `stale_age` is set, then `max_age` must also be set
@@ -185,7 +185,7 @@ func parseRLSProto(rlsProto *rlspb.RouteLookupConfig) (*lbConfig, error) {
 		return nil, err
 	}
 
-	// `lookup_service` field must be set and and must parse as a target URI.
+	// `lookup_service` field must be set and must parse as a target URI.
 	lookupService := rlsProto.GetLookupService()
 	if lookupService == "" {
 		return nil, fmt.Errorf("rls: empty lookup_service in route lookup config %+v", rlsProto)

credentials/sts/sts.go

@@ -105,7 +105,7 @@ type Options struct {
 
 	// ActorTokenType is an identifier, as described in
 	// https://tools.ietf.org/html/rfc8693#section-3, that indicates the type of
-	// the the security token in the "actor_token_path" parameter.
+	// the security token in the "actor_token_path" parameter.
 	ActorTokenType string // Optional.
 }
 

credentials/sts/sts_test.go

@@ -114,7 +114,7 @@ func (r errReader) Read(b []byte) (n int, err error) {
 }
 
 // We need a function to construct the response instead of simply declaring it
-// as a variable since the the response body will be consumed by the
+// as a variable since the response body will be consumed by the
 // credentials, and therefore we will need a new one everytime.
 func makeGoodResponse() *http.Response {
 	respJSON, _ := json.Marshal(responseParameters{

credentials/tls/certprovider/store_test.go

@@ -342,7 +342,7 @@ func (s) TestStoreSingleProviderDifferentConfigs(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	// Push new key material into only one of the fake providers and and verify
+	// Push new key material into only one of the fake providers and verify
 	// that the providers returned by the store return the appropriate key
 	// material.
 	km2 := loadKeyMaterials(t, "x509/server2_cert.pem", "x509/server2_key.pem", "x509/client_ca_cert.pem")

internal/balancergroup/balancerstateaggregator.go

@@ -26,7 +26,7 @@ import (
 // state.
 //
 // It takes care of merging sub-picker into one picker. The picking config is
-// passed directly from the the parent to the aggregator implementation (instead
+// passed directly from the parent to the aggregator implementation (instead
 // via balancer group).
 type BalancerStateAggregator interface {
 	// UpdateState updates the state of the id.

internal/testutils/roundrobin/roundrobin.go

@@ -111,7 +111,7 @@ func CheckRoundRobinRPCs(ctx context.Context, client testgrpc.TestServiceClient,
 			}
 			iterations = append(iterations, iteration)
 		}
-		// Ensure the the first iteration contains all addresses in addrs.
+		// Ensure the first iteration contains all addresses in addrs.
 		gotAddrCount := make(map[string]int)
 		for _, addr := range iterations[0] {
 			gotAddrCount[addr]++

security/advancedtls/advancedtls_integration_test.go

@@ -308,7 +308,7 @@ func (s) TestEnd2End(t *testing.T) {
 		// The mutual authentication works at the beginning, since ClientCert1
 		// trusted by ServerTrust1, ServerCert1 by ClientTrust1, and also the
 		// custom verification check on server side allows all connections.
-		// At stage 1, server disallows the the connections by setting custom
+		// At stage 1, server disallows the connections by setting custom
 		// verification check. The following calls should fail. Previous
 		// connections should not be affected.
 		// At stage 2, server allows all the connections again and the
@@ -555,7 +555,7 @@ func createProviders(tmpFiles *tmpCredsFiles) (certprovider.Provider, certprovid
 // Next, we change the identity certs that IdentityProvider is watching. Since
 // the identity key is not changed, the IdentityProvider should ignore the
 // update, and the connection should still be good.
-// Then the the identity key is changed. This time IdentityProvider should pick
+// Then the identity key is changed. This time IdentityProvider should pick
 // up the update, and the connection should fail, due to the trust certs on the
 // other side is not changed.
 // Finally, the trust certs that other-side's RootProvider is watching get

xds/internal/balancer/cdsbalancer/cdsbalancer_test.go

@@ -694,7 +694,7 @@ func (s) TestCircuitBreaking(t *testing.T) {
 	counter.EndRequest()
 }
 
-// TestClose verifies the Close() method in the the CDS balancer.
+// TestClose verifies the Close() method in the CDS balancer.
 func (s) TestClose(t *testing.T) {
 	// This creates a CDS balancer, pushes a ClientConnState update with a fake
 	// xdsClient, and makes sure that the CDS balancer registers a watch on the

xds/internal/resolver/watch_service.go

@@ -143,7 +143,7 @@ func (w *serviceUpdateWatcher) handleLDSResp(update xdsresource.ListenerUpdate,
 		// update before reporting this LDS config.
 		if w.lastUpdate.virtualHost != nil {
 			// We want to send an update with the new fields from the new LDS
-			// (e.g. max stream duration), and old fields from the the previous
+			// (e.g. max stream duration), and old fields from the previous
 			// RDS.
 			//
 			// But note that this should only happen when virtual host is set,