more lint

evantravers18 · Oct 13, 2023 · 58dcd83 · 58dcd83
1 parent ada7ba6
commit 58dcd83
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 21 deletions.
diff --git a/pkg/common/oras/authprovider/k8secret_authprovider.go b/pkg/common/oras/authprovider/k8secret_authprovider.go
@@ -25,6 +25,8 @@ import (
 	"time"
 
 	re "github.com/deislabs/ratify/errors"
+	"github.com/deislabs/ratify/pkg/utils"
+
 	"github.com/docker/cli/cli/config"
 	core "k8s.io/api/core/v1"
 	meta "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -51,7 +53,6 @@ type k8SecretAuthProviderConf struct {
 }
 
 const defaultName = "default"
-const ratifyNamespaceEnv = "RATIFY_NAMESPACE"
 const secretTimeout = time.Hour * 12
 
 // init calls Register for our k8Secrets provider
@@ -87,7 +88,7 @@ func (s *k8SecretProviderFactory) Create(authProviderConfig AuthProviderConfig)
 	}
 
 	// get name of namespace ratify is running in
-	namespace := os.Getenv(ratifyNamespaceEnv)
+	namespace := os.Getenv(utils.RatifyNamespaceEnvVar)
 	if namespace == "" {
 		return nil, re.ErrorCodeEnvNotSet.WithComponentType(re.AuthProvider).WithDetail(fmt.Sprintf("environment variable %s not set", ratifyNamespaceEnv))
 	}

diff --git a/pkg/controllers/verifier_controller.go b/pkg/controllers/verifier_controller.go
@@ -24,6 +24,7 @@ import (
 	configv1beta1 "github.com/deislabs/ratify/api/v1beta1"
 	"github.com/deislabs/ratify/config"
 	re "github.com/deislabs/ratify/errors"
+	"github.com/deislabs/ratify/pkg/utils"
 	vr "github.com/deislabs/ratify/pkg/verifier"
 	vc "github.com/deislabs/ratify/pkg/verifier/config"
 	vf "github.com/deislabs/ratify/pkg/verifier/factory"
@@ -47,8 +48,6 @@ var (
 	VerifierMap = map[string]vr.ReferenceVerifier{}
 )
 
-const ratifyNamespaceEnvVar = "RATIFY_NAMESPACE"
-
 //+kubebuilder:rbac:groups=config.ratify.deislabs.io,resources=verifiers,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=config.ratify.deislabs.io,resources=verifiers/status,verbs=get;update;patch
 //+kubebuilder:rbac:groups=config.ratify.deislabs.io,resources=verifiers/finalizers,verbs=update
@@ -166,7 +165,7 @@ func getCertStoreNamespace(verifierNamesapce string) (string, error) {
 	}
 
 	// next, return the ratify deployed namespace
-	ns, found := os.LookupEnv(ratifyNamespaceEnvVar)
+	ns, found := os.LookupEnv(utils.RatifyNamespaceEnvVar)
 	if !found {
 		return "", re.ErrorCodeEnvNotSet.WithComponentType(re.Verifier).WithDetail(fmt.Sprintf("environment variable %s not set", ratifyNamespaceEnvVar))
 	}

diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go
@@ -27,6 +27,8 @@ import (
 	"github.com/opencontainers/go-digest"
 )
 
+const RatifyNamespaceEnvVar = "RATIFY_NAMESPACE"
+
 // ParseDigest parses the given string and returns a validated Digest object.
 func ParseDigest(digestStr string) (digest.Digest, error) {
 	digest, err := digest.Parse(digestStr)

diff --git a/pkg/verifier/factory/factory_test.go b/pkg/verifier/factory/factory_test.go
@@ -52,7 +52,7 @@ func (s *TestVerifier) GetNestedReferences() []string {
 	return []string{}
 }
 
-func (f *TestVerifierFactory) Create(_ string, _ config.VerifierConfig, pluginDirectory string, namespace string) (verifier.ReferenceVerifier, error) {
+func (f *TestVerifierFactory) Create(_ string, _ config.VerifierConfig, pluginDirectory string, _ string) (verifier.ReferenceVerifier, error) {
 	return &TestVerifier{verifierDirectory: pluginDirectory}, nil
 }
 

diff --git a/pkg/verifier/notation/notation.go b/pkg/verifier/notation/notation.go
@@ -42,8 +42,9 @@ import (
 )
 
 const (
-	verifierName    = "notation"
-	defaultCertPath = "ratify-certs/notation/truststore"
+	verifierName       = "notation"
+	defaultCertPath    = "ratify-certs/notation/truststore"
+	namespaceSeperator = "/"
 )
 
 // NotationPluginVerifierConfig describes the configuration of notation verifier
@@ -182,13 +183,6 @@ func parseVerifierConfig(verifierConfig config.VerifierConfig, namespace string)
 	// append verifier's namespace to uniquely identify the certstore
 	// TODO add unit test
 	if len(conf.VerificationCertStores) > 0 {
-		/*for i, certStores := range conf.VerificationCertStores {
-			for j, certstore := range conf.VerificationCertStores[i] {
-				if !strings.Contains(certstore, "/") {
-					certStores[j] = namespace + "/" + certstore
-				}
-			}
-		}*/
 		conf.VerificationCertStores, err = appendNamespaceToCertStore(conf.VerificationCertStores, namespace)
 		if err != nil {
 			return nil, err
@@ -205,21 +199,18 @@ func (v *notationPluginVerifier) GetNestedReferences() []string {
 	return []string{}
 }
 
+// append namespace to certStore so they are uniquely identifiable
 func appendNamespaceToCertStore(verificationCertStore map[string][]string, namespace string) (map[string][]string, error) {
 	if namespace == "" {
 		re.ErrorCodeEnvNotSet.WithComponentType(re.Verifier).WithDetail(fmt.Sprintf("failure to parse VerificationCertStores, default namespace for VerificationCertStores must be provided"))
 	}
 
 	for i, certStores := range verificationCertStore {
 		for j, certstore := range verificationCertStore[i] {
-			if !strings.Contains(certstore, "/") { //TODO convert to const
-				certStores[j] = namespace + "/" + certstore
+			if !strings.Contains(certstore, namespaceSeperator) {
+				certStores[j] = namespace + namespaceSeperator + certstore
 			}
 		}
 	}
 	return verificationCertStore, nil
-	// double check / is not allowed in name
-	// test scenario, if namespace is empty
-	// if cert already contains namespace
-	// if cert doesnt contain namespace
 }