Merge pull request #11 from eunomie/lint

Lint code, catch missing errors, and improve style, simplify code.
No real change in term of logic, just fixes.

Author: eunomie

.github/workflows/go.yaml

@@ -23,3 +23,6 @@ jobs:
 
     - name: Test
       run: go test -v ./...
+
+    - name: Lint
+      run: docker run --rm -v $(pwd):/app -v $(go env GOPATH)/pkg:/go/pkg -v $(go env GOCACHE):/cache/go -e GOCACHE=/cache/go -e GOLANGCI_LINT_CACHE=/cache/go -w /app golangci/golangci-lint:v1.50.1 golangci-lint run -v --timeout 10m

.golangci.yml

@@ -0,0 +1,43 @@
+linters:
+  enable: # defaults @ top
+    - errcheck
+    - gosimple
+    - govet
+    - ineffassign
+    - staticcheck
+    - typecheck
+    - unused
+    - unconvert
+    - gofmt
+    - misspell
+    - bodyclose
+    - revive
+    - gocyclo
+    - whitespace
+    - sqlclosecheck
+    - goimports
+    - unparam
+run:
+  deadline: 2m
+  allow-parallel-runners: true
+  concurrency: 2
+  tests: true
+linters-settings:
+  gosimple:
+    go: '1.19'
+  staticcheck:
+    go: '1.19'
+  stylecheck:
+    go: '1.19'
+  unused:
+    go: '1.19'
+  revive:
+    rules:
+      - name: exported
+        disabled: true
+issues:
+  max-issues-per-linter: 0
+  max-same-issues: 0
+  exclude-use-default: false
+output:
+  format: tab

Taskfile.yaml

@@ -25,10 +25,14 @@ tasks:
 
   go:fmt:
     cmds:
-      - goimports -w .
+      - goimports -w -local github.com/atomist-skills,github.com/docker,github.com/docker/index-cli-plugin .
       - gofmt -w .
       #- go mod tidy
 
+  go:lint:
+    cmds:
+      - docker run --rm -v $(pwd):/app -v $(go env GOPATH)/pkg:/go/pkg -v $(go env GOCACHE):/cache/go -e GOCACHE=/cache/go -e GOLANGCI_LINT_CACHE=/cache/go -w /app golangci/golangci-lint:v1.50.1 golangci-lint run -v --timeout 10m
+
   go:release:
     cmds:
       - goreleaser release --rm-dist

commands/cmd.go

@@ -24,18 +24,20 @@ import (
 	"os"
 	"strings"
 
+	"github.com/moby/term"
+	"github.com/pkg/errors"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+
 	"github.com/atomist-skills/go-skill"
+
 	"github.com/docker/cli/cli"
 	"github.com/docker/cli/cli-plugins/plugin"
 	"github.com/docker/cli/cli/command"
 	"github.com/docker/index-cli-plugin/format"
 	"github.com/docker/index-cli-plugin/query"
 	"github.com/docker/index-cli-plugin/sbom"
 	"github.com/docker/index-cli-plugin/types"
-	"github.com/moby/term"
-	"github.com/pkg/errors"
-	"github.com/sirupsen/logrus"
-	"github.com/spf13/cobra"
 )
 
 func NewRootCmd(name string, isPlugin bool, dockerCli command.Cli) *cobra.Command {
@@ -129,7 +131,7 @@ func NewRootCmd(name string, isPlugin bool, dockerCli command.Cli) *cobra.Comman
 				return err
 			}
 			if output != "" {
-				_ = os.WriteFile(output, js, 0644)
+				_ = os.WriteFile(output, js, 0o644)
 				skill.Log.Infof("SBOM written to %s", output)
 			} else {
 				fmt.Println(string(js))
@@ -177,9 +179,7 @@ func NewRootCmd(name string, isPlugin bool, dockerCli command.Cli) *cobra.Comman
 			if err != nil {
 				return err
 			}
-			err = sbom.UploadSbom(sb, workspace, apiKey)
-
-			return nil
+			return sbom.UploadSbom(sb, workspace, apiKey)
 		},
 	}
 	uploadCommandFlags := uploadCommand.Flags()
@@ -254,7 +254,7 @@ func readWorkspace(args []string, cli command.Cli) (string, error) {
 	} else if v, ok := os.LookupEnv("ATOMIST_WORKSPACE"); v != "" && ok {
 		workspace = v
 	} else {
-		fmt.Fprintf(cli.Out(), "Workspace: ")
+		_, _ = fmt.Fprintf(cli.Out(), "Workspace: ")
 
 		workspace = readInput(cli.In(), cli.Out())
 		if workspace == "" {
@@ -282,12 +282,12 @@ func readApiKey(apiKeyStdin bool, cli command.Cli) (string, error) {
 		if err != nil {
 			return "", err
 		}
-		fmt.Fprintf(cli.Out(), "API key: ")
-		term.DisableEcho(cli.In().FD(), oldState)
+		_, _ = fmt.Fprintf(cli.Out(), "API key: ")
+		_ = term.DisableEcho(cli.In().FD(), oldState)
 
 		apiKey = readInput(cli.In(), cli.Out())
-		fmt.Fprint(cli.Out(), "\n")
-		term.RestoreTerminal(cli.In().FD(), oldState)
+		_, _ = fmt.Fprint(cli.Out(), "\n")
+		_ = term.RestoreTerminal(cli.In().FD(), oldState)
 		if apiKey == "" {
 			return "", errors.Errorf("Error: API key required")
 		}
@@ -299,7 +299,7 @@ func readInput(in io.Reader, out io.Writer) string {
 	reader := bufio.NewReader(in)
 	line, _, err := reader.ReadLine()
 	if err != nil {
-		fmt.Fprintln(out, err.Error())
+		_, _ = fmt.Fprintln(out, err.Error())
 		os.Exit(1)
 	}
 	return string(line)

format/cve.go

@@ -35,7 +35,7 @@ func Cves(cve string, cves *[]types.Cve, sb *types.Sbom, remediate bool, dockerC
 				continue
 			}
 
-			var remediation = make([]string, 0)
+			remediation := make([]string, 0)
 			layerIndex := -1
 			for _, p := range sb.Artifacts {
 				if p.Purl == c.Purl {
@@ -102,6 +102,6 @@ func Cves(cve string, cves *[]types.Cve, sb *types.Sbom, remediate bool, dockerC
 			Remediation(remediation)
 		}
 	} else {
-		fmt.Println(fmt.Sprintf("%s not detected", cve))
+		fmt.Printf("%s not detected\n", cve)
 	}
 }

format/format.go

@@ -21,10 +21,11 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/docker/index-cli-plugin/internal"
-	"github.com/docker/index-cli-plugin/types"
 	"github.com/gookit/color"
 	"github.com/xeonx/timeago"
+
+	"github.com/docker/index-cli-plugin/internal"
+	"github.com/docker/index-cli-plugin/types"
 )
 
 type colors struct {
@@ -173,19 +174,19 @@ func Cve(sb *types.Sbom, c *types.Cve) {
 		sourceId = c.Cve.SourceId
 	}
 	fmt.Println("")
-	fmt.Println(defaultColors.underline.Sprintf(fmt.Sprintf("Detected %s %s", sourceId, ColorizeSeverity(ToSeverity(*c)))))
-	fmt.Println(fmt.Sprintf("https://dso.docker.com/cve/%s", sourceId))
+	defaultColors.underline.Printf("Detected %s %s\n", sourceId, ColorizeSeverity(ToSeverity(*c)))
+	fmt.Printf("https://dso.docker.com/cve/%s\n", sourceId)
 	fmt.Println("")
 	purl := c.Purl
 	for _, p := range sb.Artifacts {
 		if p.Purl == purl {
-			fmt.Println(defaultColors.cyan.Sprintf(p.Purl))
+			defaultColors.cyan.Println(p.Purl)
 			loc := p.Locations[0]
 			for i, l := range sb.Source.Image.Config.RootFS.DiffIDs {
 				if l.String() == loc.DiffId {
 					h := sb.Source.Image.Config.History[i]
 					fmt.Println(formatCreatedBy(h.CreatedBy))
-					fmt.Println(fmt.Sprintf("%d: %s", i, loc.Digest))
+					fmt.Printf("%d: %s\n", i, loc.Digest)
 				}
 			}
 		}
@@ -195,9 +196,9 @@ func Cve(sb *types.Sbom, c *types.Cve) {
 func Remediation(remediation []string) {
 	if len(remediation) > 0 {
 		fmt.Println("")
-		fmt.Println(defaultColors.underline.Sprintf("Suggested remediation"))
+		defaultColors.underline.Println("Suggested remediation")
 		for i, r := range remediation {
-			fmt.Println(fmt.Sprintf("\n%d. %s", i+1, r))
+			fmt.Printf("\n%d. %s\n", i+1, r)
 		}
 	}
 }

internal/spinner.go

@@ -21,10 +21,11 @@ import (
 	"strings"
 	"time"
 
-	"github.com/atomist-skills/go-skill"
 	"github.com/briandowns/spinner"
 	"github.com/gookit/color"
 	"github.com/sirupsen/logrus"
+
+	"github.com/atomist-skills/go-skill"
 )
 
 type Fields map[string]interface{}
@@ -63,7 +64,7 @@ func StartInfoSpinner(text string, isTerminal bool) *Spinner {
 func StartSpinner(level string, text string, isTerminal bool) *Spinner {
 	if isTerminal {
 		s := spinner.New(spinner.CharSets[14], 100*time.Millisecond)
-		s.Color("yellow")
+		_ = s.Color("yellow")
 
 		spinner := &Spinner{
 			level:      level,

main.go

@@ -21,6 +21,7 @@ import (
 	"os"
 
 	"github.com/atomist-skills/go-skill"
+
 	"github.com/docker/cli/cli-plugins/manager"
 	"github.com/docker/cli/cli-plugins/plugin"
 	"github.com/docker/cli/cli/command"

query/async.go

@@ -20,6 +20,7 @@ import (
 	"sync"
 
 	"github.com/atomist-skills/go-skill"
+
 	"github.com/docker/index-cli-plugin/types"
 )
 

query/base.go

@@ -26,14 +26,16 @@ import (
 	"sort"
 	"strings"
 
-	"github.com/atomist-skills/go-skill"
-	"github.com/docker/index-cli-plugin/types"
 	v1 "github.com/google/go-containerregistry/pkg/v1"
 	"github.com/hasura/go-graphql-client"
 	"github.com/opencontainers/go-digest"
 	"github.com/opencontainers/image-spec/identity"
 	"github.com/pkg/errors"
 	"olympos.io/encoding/edn"
+
+	"github.com/atomist-skills/go-skill"
+
+	"github.com/docker/index-cli-plugin/types"
 )
 
 type ImageQueryResult struct {
@@ -99,6 +101,7 @@ func ForBaseImageInIndex(digest digest.Digest, workspace string, apiKey string)
 
 	if resp.StatusCode == 200 {
 		var manifestList []types.IndexManifestList
+		defer resp.Body.Close() //nolint:errcheck
 		body, err := io.ReadAll(resp.Body)
 		if err != nil {
 			return nil, errors.Wrapf(err, "failed to read response body")
@@ -116,7 +119,7 @@ func ForBaseImageInIndex(digest digest.Digest, workspace string, apiKey string)
 		}
 		repository, err := ForRepositoryInDb(manifestList[0].Name, workspace, apiKey)
 		if err != nil {
-			return nil, errors.Wrapf(err, "failed to query for respository")
+			return nil, errors.Wrapf(err, "failed to query for repository")
 		}
 		image := types.Image{
 			Digest:     ii.Digest,
@@ -136,8 +139,12 @@ func ForBaseImageInIndex(digest digest.Digest, workspace string, apiKey string)
 func ForBaseImageWithoutCve(cve string, name string, sb *types.Sbom, workspace string, apiKey string) (*[]types.Image, error) {
 	cf := (*sb).Source.Image.Config
 	resp, err := query(fmt.Sprintf(baseImageCveQuery, cve, name, cf.OS, cf.Architecture, cf.Variant), "base_image_cve_query", workspace, apiKey)
+	if err != nil {
+		return nil, errors.Wrapf(err, "failed to query for base image without CVE")
+	}
 
 	var result ImageQueryResult
+	defer resp.Body.Close() //nolint:errcheck
 	err = edn.NewDecoder(resp.Body).Decode(&result)
 	if err != nil {
 		return nil, errors.Wrapf(err, "failed to unmarshal response")
@@ -174,8 +181,12 @@ func ForBaseImageWithoutCve(cve string, name string, sb *types.Sbom, workspace s
 // ForBaseImageInDb returns images with matching digest in :docker.image/blob-digest or :docker.image/diff-chain-id
 func ForBaseImageInDb(digest digest.Digest, workspace string, apiKey string) (*[]types.Image, error) {
 	resp, err := query(fmt.Sprintf(baseImageQuery, digest), "base_image_query", workspace, apiKey)
+	if err != nil {
+		return nil, errors.Wrapf(err, "failed to query for base image in DB")
+	}
 
 	var result ImageQueryResult
+	defer resp.Body.Close() //nolint:errcheck
 	err = edn.NewDecoder(resp.Body).Decode(&result)
 	if err != nil {
 		return nil, errors.Wrapf(err, "failed to unmarshal response")
@@ -204,8 +215,12 @@ func ForBaseImageInDb(digest digest.Digest, workspace string, apiKey string) (*[
 
 func ForRepositoryInDb(repo string, workspace string, apiKey string) (*types.Repository, error) {
 	resp, err := query(fmt.Sprintf(repositoryQuery, repo), "repository_query", workspace, apiKey)
+	if err != nil {
+		return nil, errors.Wrapf(err, "failed to query for repository in DB")
+	}
 
 	var result RepositoryQueryResult
+	defer resp.Body.Close() //nolint:errcheck
 	err = edn.NewDecoder(resp.Body).Decode(&result)
 	if err != nil {
 		return nil, errors.Wrapf(err, "failed to unmarshal response")
@@ -236,12 +251,11 @@ func ForBaseImageInGraphQL(cfg *v1.ConfigFile) (*types.BaseImagesByDiffIdsQuery,
 	var q types.BaseImagesByDiffIdsQuery
 	err := client.Query(context.Background(), &q, variables)
 	if err != nil {
-		fmt.Sprintf("error %v", err)
 		return nil, errors.Wrapf(err, "failed to run query")
 	}
 	count := 0
-	for ii, _ := range q.ImagesByDiffIds {
-		for bi, _ := range q.ImagesByDiffIds[ii].Images {
+	for ii := range q.ImagesByDiffIds {
+		for bi := range q.ImagesByDiffIds[ii].Images {
 			count++
 			q.ImagesByDiffIds[ii].Images[bi].Repository = normalizeRepository(&q.ImagesByDiffIds[ii].Images[bi]).Repository
 		}
@@ -271,7 +285,6 @@ func ForImageInGraphQL(sb *types.Sbom) (*types.ImageByDigestQuery, error) {
 	var q types.ImageByDigestQuery
 	err := client.Query(context.Background(), &q, variables)
 	if err != nil {
-		fmt.Sprintf("error %v", err)
 		return nil, errors.Wrapf(err, "failed to run query")
 	}
 	if q.ImageDetailsByDigest.Digest != "" {
@@ -282,7 +295,7 @@ func ForImageInGraphQL(sb *types.Sbom) (*types.ImageByDigestQuery, error) {
 }
 
 func normalizeRepository(image *types.BaseImage) *types.BaseImage {
-	if image.Repository.Host == "hub.docker.com" && strings.Index(image.Repository.Repo, "/") < 0 {
+	if image.Repository.Host == "hub.docker.com" && strings.Contains(image.Repository.Repo, "/") {
 		image.Repository.Badge = "OFFICIAL"
 	}
 	if image.Repository.Badge != "" {