Remove unused function and add nolint where it's wrong

Signed-off-by: Tingmao Wang <[email protected]>

Author: micromaomao

pkg/securitypolicy/securitypolicy_linux.go

@@ -24,6 +24,7 @@ const osType = "linux"
 // substituteUVMPath substitutes mount prefix to an appropriate path inside
 // UVM. At policy generation time, it's impossible to tell what the sandboxID
 // will be, so the prefix substitution needs to happen during runtime.
+//nolint:unused // linting is wrong, this is used in rego_utils_test.go
 func substituteUVMPath(sandboxID string, m mountInternal) mountInternal {
 	if strings.HasPrefix(m.Source, guestpath.SandboxMountPrefix) {
 		m.Source = specInternal.SandboxMountSource(sandboxID, m.Source)

pkg/securitypolicy/securitypolicyenforcer.go

@@ -2,8 +2,6 @@ package securitypolicy
 
 import (
 	"context"
-	"encoding/base64"
-	"encoding/json"
 	"fmt"
 	"syscall"
 
@@ -144,26 +142,6 @@ func (s stringSet) contains(item string) bool {
 	return contains
 }
 
-func newSecurityPolicyFromBase64JSON(base64EncodedPolicy string) (*SecurityPolicy, error) {
-	// base64 decode the incoming policy string
-	// its base64 encoded because it is coming from an annotation
-	// annotations are a map of string to string
-	// we want to store a complex json object so.... base64 it is
-	jsonPolicy, err := base64.StdEncoding.DecodeString(base64EncodedPolicy)
-	if err != nil {
-		return nil, errors.Wrap(err, "unable to decode policy from Base64 format")
-	}
-
-	// json unmarshall the decoded to a SecurityPolicy
-	securityPolicy := new(SecurityPolicy)
-	err = json.Unmarshal(jsonPolicy, securityPolicy)
-	if err != nil {
-		return nil, errors.Wrap(err, "unable to unmarshal JSON policy")
-	}
-
-	return securityPolicy, nil
-}
-
 // CreateSecurityPolicyEnforcer returns an appropriate enforcer for input
 // parameters.  Returns an error if the requested `enforcer` implementation
 // isn't registered.