Add --format json support for verifycommit and audit commands (#318)

* add --format json support for verifycommit and audit commands

This change adds machine-readable JSON output to the verifycommit and
audit commands, making it easier to extract data programmatically
(e.g., with jq) instead of parsing text output with bash.

Changes:
- Add common OutputFormat framework (internal/cmd/output.go)
- Add --format flag to verifycommit command with JSON support
- Add --format flag to audit command with JSON support
- Include comprehensive test coverage for both commands

The JSON output includes:
- verifycommit: success status, commit info, verified SLSA levels
- audit: commit results with summary statistics

All tests pass and the implementation maintains backward compatibility
with existing text output (default format).

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

* Fix golangci-lint issues in output formatting code

- Add status constants (statusPassed, statusFailed) to avoid string repetition
- Rename writeText to writeTextf following Go printf naming conventions
- Fix errcheck by adding nolint comment for intentional error ignore
- Auto-fix gci import grouping issues

All linting issues now resolved. Tests pass.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

* Refactor audit command to use single loop for both JSON and text output

This addresses the code duplication issue raised in PR review. Instead of
having separate loops for JSON and text output that could diverge over time,
we now use a single loop that handles both cases.

Changes:
- Initialize JSON result structure before the loop (if needed)
- Single loop processes results for both formats
- Within loop, conditionally call JSON conversion or text printing
- Early termination conditions work for both formats
- Summary statistics (passed/failed counts) now tracked for both formats

This makes the code more maintainable and ensures JSON and text outputs
stay in sync.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

* Improve test robustness with semantic JSON comparison

Replace string-based JSON comparison with semantic comparison using
reflect.DeepEqual. This makes tests more robust against:
- Field ordering changes in JSON output
- Whitespace/formatting differences
- Future changes to JSON encoder settings

Changes:
- Add shared assertJSONEqual helper function
- Convert test expectations from JSON strings to Go structs
- Tests now compare semantic meaning rather than exact string format

This addresses the code review feedback about brittle string comparisons.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

* Implement idiomatic Go output handling with String() and writeResult()

This addresses PR review feedback to use Go idioms for output formatting:

1. Added String() method to VerifyCommitResult
   - Implements fmt.Stringer interface for text output
   - Eliminates need for manual string formatting at call sites

2. Created writeResult() method in outputOptions
   - Automatically selects JSON or text output based on format
   - Uses String() method for text when available
   - Simplifies call sites from 4-6 lines to 1 line

Benefits:
- More idiomatic Go code using standard interfaces
- Eliminates repetitive if/else checks for output format
- Cleaner, more maintainable code
- Easier to add new output types in future

Example simplification in verifycommit.go:
  Before: if opts.isJSON() { ... } else { opts.writeTextf(...) }
  After:  return opts.writeResult(result)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

* Simplify OutputFormat from int to string type

Change OutputFormat from an int-based custom type with String(), Set(),
and Type() methods to simple string constants. This eliminates unnecessary
type conversion logic between int and string.

- Remove OutputFormat custom type and its methods
- Use string constants: OutputFormatText = "text", OutputFormatJSON = "json"
- Update format field in outputOptions from OutputFormat to string
- Change flag registration from Var() to StringVar() in audit.go and verifycommit.go
- Update tests to use string type instead of OutputFormat type
- Remove obsolete tests for OutputFormat.String() and OutputFormat.Set()

This addresses code review feedback requesting a simpler string-based
approach instead of the int-based enum pattern.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>
Signed-off-by: Ralph Bean <[email protected]>

* Replace writer property with getWriter() method

Replace the stored io.Writer property with a getWriter() method that
returns os.Stdout. This follows the "open -> write -> close" usage
pattern and prepares for future expansion to support file output.

- Remove writer field from outputOptions struct
- Add getWriter() method that returns os.Stdout
- Remove init() method that was only used to initialize writer
- Update all methods to call getWriter() instead of using oo.writer
- Update test to work without direct writer injection

This addresses code review feedback requesting that the writer not be
stored as a property, with the option to expand getWriter() later to
support file output.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>
Signed-off-by: Ralph Bean <[email protected]>

* Rename isJSON() to outputFormatIsJSON() for clarity

Rename the isJSON() method to outputFormatIsJSON() to make it more
descriptive when called on embedded option sets. This improves code
readability when the method is accessed as `opts.outputFormatIsJSON()`
instead of the more ambiguous `opts.isJSON()`.

- Rename isJSON() to outputFormatIsJSON() in outputOptions
- Update all call sites in audit.go to use new method name
- Update test name and assertions to match new method name

This addresses code review feedback requesting a more descriptive
method name for clarity when outputOptions is embedded in other structs.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>
Signed-off-by: Ralph Bean <[email protected]>

* Add AddFlags() and Validate() methods to outputOptions

Add architecture methods to outputOptions to follow the established
pattern used by other option sets in the codebase (branchOptions,
verifierOptions, etc.).

- Add AddFlags() method to initialize format and register the --format flag
- Add Validate() method to verify format is either 'text' or 'json'
- Add test coverage for Validate() method with valid and invalid inputs
- Import cobra package for AddFlags() implementation

This prepares outputOptions to be properly integrated into embedding
option sets following the command architecture pattern.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>
Signed-off-by: Ralph Bean <[email protected]>

* Integrate outputOptions into embedding option sets

Update auditOpts and verifyCommitOptions to properly use the new
outputOptions architecture methods instead of directly managing
the format flag.

- Call outputOptions.AddFlags() in both auditOpts and verifyCommitOptions
- Call outputOptions.Validate() in both Validate() methods
- Remove direct format flag registration from both files
- Remove manual format initialization (now handled by AddFlags())

This completes the refactoring to follow the established command
architecture pattern where option sets manage their own flags and
validation through AddFlags() and Validate() methods.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>
Signed-off-by: Ralph Bean <[email protected]>

---------

Signed-off-by: Ralph Bean <[email protected]>
Co-authored-by: Claude <[email protected]>

Author: ralphbean

internal/cmd/audit.go

@@ -22,6 +22,11 @@ const (
 	AuditModeFull  AuditMode = 2
 )
 
+const (
+	statusPassed = "passed"
+	statusFailed = "failed"
+)
+
 // Enable audit mode enum
 // String is used both by fmt.Print and by Cobra in help text
 func (e *AuditMode) String() string {
@@ -56,22 +61,56 @@ func (e *AuditMode) Type() string {
 type auditOpts struct {
 	branchOptions
 	verifierOptions
+	outputOptions
 	auditDepth   int
 	endingCommit string
 	auditMode    AuditMode
 }
 
+// AuditCommitResultJSON represents a single commit audit result in JSON format
+type AuditCommitResultJSON struct {
+	Commit            string      `json:"commit"`
+	Status            string      `json:"status"`
+	VerifiedLevels    []string    `json:"verified_levels,omitempty"`
+	PrevCommitMatches *bool       `json:"prev_commit_matches,omitempty"`
+	ProvControls      interface{} `json:"prov_controls,omitempty"`
+	GhControls        interface{} `json:"gh_controls,omitempty"`
+	PrevCommit        string      `json:"prev_commit,omitempty"`
+	GhPriorCommit     string      `json:"gh_prior_commit,omitempty"`
+	Link              string      `json:"link,omitempty"`
+	Error             string      `json:"error,omitempty"`
+}
+
+// AuditResultJSON represents the full audit result in JSON format
+type AuditResultJSON struct {
+	Owner         string                  `json:"owner"`
+	Repository    string                  `json:"repository"`
+	Branch        string                  `json:"branch"`
+	LatestCommit  string                  `json:"latest_commit"`
+	CommitResults []AuditCommitResultJSON `json:"commit_results"`
+	Summary       *AuditSummary           `json:"summary,omitempty"`
+}
+
+// AuditSummary provides summary statistics for the audit
+type AuditSummary struct {
+	TotalCommits  int `json:"total_commits"`
+	PassedCommits int `json:"passed_commits"`
+	FailedCommits int `json:"failed_commits"`
+}
+
 func (ao *auditOpts) Validate() error {
 	errs := []error{
 		ao.branchOptions.Validate(),
 		ao.verifierOptions.Validate(),
+		ao.outputOptions.Validate(),
 	}
 	return errors.Join(errs...)
 }
 
 func (ao *auditOpts) AddFlags(cmd *cobra.Command) {
 	ao.branchOptions.AddFlags(cmd)
 	ao.verifierOptions.AddFlags(cmd)
+	ao.outputOptions.AddFlags(cmd)
 	cmd.PersistentFlags().IntVar(&ao.auditDepth, "depth", 0, "The max number of revisions to audit (depth <= audit all revisions).")
 	cmd.PersistentFlags().StringVar(&ao.endingCommit, "ending-commit", "", "The commit to stop auditing at.")
 	ao.auditMode = AuditModeBasic
@@ -124,9 +163,9 @@ Future:
 
 func printResult(ghc *ghcontrol.GitHubConnection, ar *audit.AuditCommitResult, mode AuditMode) {
 	good := ar.IsGood()
-	status := "passed"
+	status := statusPassed
 	if !good {
-		status = "failed"
+		status = statusFailed
 	}
 	fmt.Printf("commit: %s - %v\n", ar.Commit, status)
 
@@ -157,6 +196,41 @@ func printResult(ghc *ghcontrol.GitHubConnection, ar *audit.AuditCommitResult, m
 	fmt.Printf("\tlink: https://github.com/%s/%s/commit/%s\n", ghc.Owner(), ghc.Repo(), ar.GhPriorCommit)
 }
 
+func convertAuditResultToJSON(ghc *ghcontrol.GitHubConnection, ar *audit.AuditCommitResult, mode AuditMode) AuditCommitResultJSON {
+	good := ar.IsGood()
+	status := statusPassed
+	if !good {
+		status = statusFailed
+	}
+
+	result := AuditCommitResultJSON{
+		Commit: ar.Commit,
+		Status: status,
+		Link:   fmt.Sprintf("https://github.com/%s/%s/commit/%s", ghc.Owner(), ghc.Repo(), ar.GhPriorCommit),
+	}
+
+	// Only include details if mode is Full or status is failed
+	if mode == AuditModeFull || !good {
+		if ar.VsaPred != nil {
+			result.VerifiedLevels = ar.VsaPred.GetVerifiedLevels()
+		}
+
+		if ar.ProvPred != nil {
+			result.ProvControls = ar.ProvPred.GetControls()
+			result.PrevCommit = ar.ProvPred.GetPrevCommit()
+			result.GhPriorCommit = ar.GhPriorCommit
+			matches := ar.ProvPred.GetPrevCommit() == ar.GhPriorCommit
+			result.PrevCommitMatches = &matches
+		}
+
+		if ar.GhControlStatus != nil {
+			result.GhControls = ar.GhControlStatus.Controls
+		}
+	}
+
+	return result
+}
+
 func doAudit(auditArgs *auditOpts) error {
 	ghc := ghcontrol.NewGhConnection(auditArgs.owner, auditArgs.repository, ghcontrol.BranchToFullRef(auditArgs.branch)).WithAuthToken(githubToken)
 	ctx := context.Background()
@@ -170,27 +244,76 @@ func doAudit(auditArgs *auditOpts) error {
 		return fmt.Errorf("could not get latest commit for %s", auditArgs.branch)
 	}
 
-	fmt.Printf("Auditing branch %s starting from revision %s\n", auditArgs.branch, latestCommit)
+	// Initialize JSON result structure if needed
+	var jsonResult *AuditResultJSON
+	if auditArgs.outputFormatIsJSON() {
+		jsonResult = &AuditResultJSON{
+			Owner:         auditArgs.owner,
+			Repository:    auditArgs.repository,
+			Branch:        auditArgs.branch,
+			LatestCommit:  latestCommit,
+			CommitResults: []AuditCommitResultJSON{},
+		}
+	} else {
+		// Print header for text output
+		auditArgs.writeTextf("Auditing branch %s starting from revision %s\n", auditArgs.branch, latestCommit)
+	}
 
+	// Single loop for both JSON and text output
 	count := 0
+	passed := 0
+	failed := 0
+
 	for ar, err := range auditor.AuditBranch(ctx, auditArgs.branch) {
 		if ar == nil {
 			return err
 		}
-		if err != nil {
-			fmt.Printf("\terror: %v\n", err)
+
+		// Process result based on output format
+		if auditArgs.outputFormatIsJSON() {
+			commitResult := convertAuditResultToJSON(ghc, ar, auditArgs.auditMode)
+			if err != nil {
+				commitResult.Error = err.Error()
+			}
+			if commitResult.Status == statusPassed {
+				passed++
+			} else {
+				failed++
+			}
+			jsonResult.CommitResults = append(jsonResult.CommitResults, commitResult)
+		} else {
+			// Text output
+			if err != nil {
+				auditArgs.writeTextf("\terror: %v\n", err)
+			}
+			printResult(ghc, ar, auditArgs.auditMode)
 		}
-		printResult(ghc, ar, auditArgs.auditMode)
+
+		// Check for early termination conditions
 		if auditArgs.endingCommit != "" && auditArgs.endingCommit == ar.Commit {
-			fmt.Printf("Found ending commit %s\n", auditArgs.endingCommit)
-			return nil
+			if !auditArgs.outputFormatIsJSON() {
+				auditArgs.writeTextf("Found ending commit %s\n", auditArgs.endingCommit)
+			}
+			break
 		}
 		if auditArgs.auditDepth > 0 && count >= auditArgs.auditDepth {
-			fmt.Printf("Reached depth limit %d\n", auditArgs.auditDepth)
-			return nil
+			if !auditArgs.outputFormatIsJSON() {
+				auditArgs.writeTextf("Reached depth limit %d\n", auditArgs.auditDepth)
+			}
+			break
 		}
 		count++
 	}
 
+	// Write JSON output if needed
+	if auditArgs.outputFormatIsJSON() {
+		jsonResult.Summary = &AuditSummary{
+			TotalCommits:  len(jsonResult.CommitResults),
+			PassedCommits: passed,
+			FailedCommits: failed,
+		}
+		return auditArgs.writeJSON(jsonResult)
+	}
+
 	return nil
 }