refactor: enable revive and address all lints (#208)

## Description Enable revive and address all lints
validator-labs · Jul 9, 2024 · be2689d · be2689d
1 parent aeeb24c
commit be2689d
Show file tree

Hide file tree

Showing 10 changed files with 25 additions and 31 deletions.
diff --git a/.golangci.yml b/.golangci.yml
@@ -26,6 +26,7 @@ linters:
     - misspell
     - nakedret
     - prealloc
+    - revive
     - staticcheck
     - typecheck
     - unconvert

diff --git a/api/v1alpha1/ocivalidator_types.go b/api/v1alpha1/ocivalidator_types.go
@@ -27,10 +27,12 @@ type OciValidatorSpec struct {
 	OciRegistryRules []OciRegistryRule `json:"ociRegistryRules,omitempty" yaml:"ociRegistryRules,omitempty"`
 }
 
+// ResultCount returns the number of validation results expected for an OciValidatorSpec
 func (s OciValidatorSpec) ResultCount() int {
 	return len(s.OciRegistryRules)
 }
 
+// OciRegistryRule defines the validation rule for an OCI registry
 type OciRegistryRule struct {
 	// Name is the name of the rule
 	RuleName string `json:"name" yaml:"name"`
@@ -51,10 +53,12 @@ type OciRegistryRule struct {
 	SignatureVerification SignatureVerification `json:"signatureVerification,omitempty" yaml:"signatureVerification,omitempty"`
 }
 
+// Name returns the name of the OciRegistryRule
 func (r OciRegistryRule) Name() string {
 	return r.RuleName
 }
 
+// Artifact defines the artifact to be validated
 type Artifact struct {
 	// Ref is the path to the artifact in the host registry that should be validated.
 	// An individual artifact can take any of the following forms:
@@ -72,12 +76,14 @@ type Artifact struct {
 	LayerValidation bool `json:"layerValidation,omitempty" yaml:"layerValidation,omitempty"`
 }
 
+// Auth defines the authentication information for the registry
 type Auth struct {
 	// SecretName is the name of the Kubernetes Secret that exists in the same namespace as the OciValidator
 	// and that contains the credentials used to authenticate to the OCI Registry
 	SecretName string `json:"secretName" yaml:"secretName"`
 }
 
+// SignatureVerification defines the provider and secret name to verify the signatures of artifacts in an OCI registry
 type SignatureVerification struct {
 	// Provider specifies the technology used to sign the OCI Artifact
 	// +kubebuilder:validation:Enum=cosign

diff --git a/chart/validator-plugin-oci/README.md b/chart/validator-plugin-oci/README.md
@@ -15,7 +15,7 @@ The following table lists the configurable parameters of the Validator-plugin-oc
 | `controllerManager.kubeRbacProxy.containerSecurityContext.allowPrivilegeEscalation` |  | `false` |
 | `controllerManager.kubeRbacProxy.containerSecurityContext.capabilities.drop` |  | `["ALL"]` |
 | `controllerManager.kubeRbacProxy.image.repository` |  | `"gcr.io/kubebuilder/kube-rbac-proxy"` |
-| `controllerManager.kubeRbacProxy.image.tag` |  | `"v0.15.0"` |
+| `controllerManager.kubeRbacProxy.image.tag` |  | `"v0.16.0"` |
 | `controllerManager.kubeRbacProxy.resources.limits.cpu` |  | `"500m"` |
 | `controllerManager.kubeRbacProxy.resources.limits.memory` |  | `"128Mi"` |
 | `controllerManager.kubeRbacProxy.resources.requests.cpu` |  | `"5m"` |

diff --git a/cmd/main.go b/cmd/main.go
@@ -14,6 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Package main initializes an OciValidator controller.
 package main
 
 import (

diff --git a/config/crd/bases/validation.spectrocloud.labs_ocivalidators.yaml b/config/crd/bases/validation.spectrocloud.labs_ocivalidators.yaml
@@ -41,11 +41,14 @@ spec:
             properties:
               ociRegistryRules:
                 items:
+                  description: OciRegistryRule defines the validation rule for an
+                    OCI registry
                   properties:
                     artifacts:
                       description: Artifacts is a slice of artifacts in the host registry
                         that should be validated.
                       items:
+                        description: Artifact defines the artifact to be validated
                         properties:
                           layerValidation:
                             description: |-

diff --git a/internal/constants/constants.go b/internal/constants/constants.go
@@ -1,8 +1,11 @@
+// Package constants contains the constants used in validator-plugin-oci
 package constants
 
 const (
+	// PluginCode is the constant for the plugin code
 	PluginCode string = "OCI"
-
+	// OciRegistry is the OCI registry string
 	OciRegistry string = "oci-registry"
+	// EcrRegistry is the ECR registry string
 	EcrRegistry string = "ecr-registry"
 )
diff --git a/internal/controller/ocivalidator_controller.go b/internal/controller/ocivalidator_controller.go
@@ -14,6 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Package controller defines a controller for reconciling OciValidator objects.
 package controller
 
 import (
@@ -137,10 +138,9 @@ func (r *OciValidatorReconciler) secretKeyAuth(req ctrl.Request, rule v1alpha1.O
 			// no secrets found, set creds to empty string
 			r.Log.V(0).Error(err, fmt.Sprintf("Auth secret %s not found for rule %s", secretName, rule.Name()))
 			return "", ""
-		} else {
-			r.Log.V(0).Error(err, fmt.Sprintf("Failed to fetch auth secret %s for rule %s", secretName, rule.Name()))
-			return "", ""
 		}
+		r.Log.V(0).Error(err, fmt.Sprintf("Failed to fetch auth secret %s for rule %s", secretName, rule.Name()))
+		return "", ""
 	}
 
 	errMalformedSecret := fmt.Errorf("malformed secret %s/%s", authSecret.Namespace, authSecret.Name)
@@ -174,10 +174,9 @@ func (r *OciValidatorReconciler) signaturePubKeys(req ctrl.Request, rule v1alpha
 			// no secrets found, set creds to empty string
 			r.Log.V(0).Error(err, fmt.Sprintf("Public Keys secret %s not found for rule %s", secretName, rule.Name()))
 			return pubKeys
-		} else {
-			r.Log.V(0).Error(err, fmt.Sprintf("Failed to fetch Public Keys secret %s for rule %s", secretName, rule.Name()))
-			return pubKeys
 		}
+		r.Log.V(0).Error(err, fmt.Sprintf("Failed to fetch Public Keys secret %s for rule %s", secretName, rule.Name()))
+		return pubKeys
 	}
 
 	for k, data := range pubKeysSecret.Data {

diff --git a/internal/types/types.go b/internal/types/types.go
diff --git a/internal/validators/oci_validator.go b/internal/validators/oci_validator.go
@@ -1,3 +1,4 @@
+// Package validators defines the OCI registry rule service and implements the reconcile function for the OCI registry rule.
 package validators
 
 import (
@@ -32,10 +33,12 @@ const (
 	verificationTimeout = 60 * time.Second
 )
 
+// OciRuleService defines the service for OCI registry rules
 type OciRuleService struct {
 	log logr.Logger
 }
 
+// NewOciRuleService creates a new OCI registry rule service
 func NewOciRuleService(log logr.Logger) *OciRuleService {
 	return &OciRuleService{
 		log: log,

diff --git a/internal/verifier/verifier.go b/internal/verifier/verifier.go
@@ -1,3 +1,4 @@
+// Package verifier contains the verifier interface and the cosign verifier implementation.
 package verifier
 
 import (