fix linting and test errors

cmd/kosli/cli_utils.go

@@ -4,7 +4,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"net/http"
 	urlPackage "net/url"
 	"os"
 	"path/filepath"
@@ -19,7 +18,6 @@ import (
 	"github.com/kosli-dev/cli/internal/digest"
 	"github.com/kosli-dev/cli/internal/gitview"
 	log "github.com/kosli-dev/cli/internal/logger"
-	"github.com/kosli-dev/cli/internal/requests"
 	"github.com/kosli-dev/cli/internal/utils"
 	cp "github.com/otiai10/copy"
 	"github.com/spf13/cobra"
@@ -311,92 +309,6 @@ func GetFlagFromVarName(varName string) string {
 	return result
 }
 
-type registryProviderEndpoints struct {
-	mainApi string
-	authApi string
-	service string
-}
-
-func getRegistryEndpointForProvider(provider string) (*registryProviderEndpoints, error) {
-	switch provider {
-	case "dockerhub":
-		return &registryProviderEndpoints{
-			mainApi: "https://registry-1.docker.io/v2",
-			authApi: "https://auth.docker.io",
-			service: "registry.docker.io",
-		}, nil
-	case "github":
-		return &registryProviderEndpoints{
-			mainApi: "https://ghcr.io/v2",
-			authApi: "https://ghcr.io",
-			service: "ghcr.io",
-		}, nil
-
-	default:
-		return getRegistryEndpoint(provider)
-	}
-}
-
-func getRegistryEndpoint(url string) (*registryProviderEndpoints, error) {
-	url = strings.TrimPrefix(url, "https://")
-	url = strings.Split(url, "/")[0]
-
-	return &registryProviderEndpoints{
-		mainApi: "https://" + url + "/v2",
-		authApi: "https://" + url + "/oauth2",
-		service: url,
-	}, nil
-}
-
-// getDockerRegistryAPIToken returns a short-lived read-only api token for a docker registry api
-func getDockerRegistryAPIToken(providerInfo *registryProviderEndpoints, username, password, imageName string) (string, error) {
-	var res *requests.HTTPResponse
-	var err error
-
-	if strings.Contains(providerInfo.service, "jfrog") {
-		url := "https://" + providerInfo.service + "/artifactory/api/security/token"
-
-		form := urlPackage.Values{}
-		form.Add("username", username)
-		form.Add("scope", "member-of-groups:readers")
-		form.Add("expires_in", "60")
-
-		reqParams := &requests.RequestParams{
-			Method:            http.MethodPost,
-			URL:               url,
-			Payload:           form.Encode(),
-			Username:          username,
-			Password:          password,
-			AdditionalHeaders: map[string]string{"Content-Type": "application/x-www-form-urlencoded"},
-		}
-		res, err = kosliClient.Do(reqParams)
-	} else {
-		url := fmt.Sprintf("%s/token?scope=repository:%s:pull&service=%s", providerInfo.authApi, imageName, providerInfo.service)
-		reqParams := &requests.RequestParams{
-			Method:   http.MethodGet,
-			URL:      url,
-			Username: username,
-			Password: password,
-		}
-		res, err = kosliClient.Do(reqParams)
-	}
-
-	if err != nil {
-		return "", fmt.Errorf("failed to create an authentication token for the docker registry: %v %v", err, res)
-	}
-
-	var responseData map[string]interface{}
-	err = json.Unmarshal([]byte(res.Body), &responseData)
-	if err != nil {
-		return "", err
-	}
-	token := responseData["token"]
-	if token == nil {
-		token = responseData["access_token"]
-	}
-	return token.(string), nil
-}
-
 // GetSha256Digest calculates the sha256 digest of an artifact.
 // Supported artifact types are: dir, file, docker
 func GetSha256Digest(artifactName string, o *fingerprintOptions, logger *log.Logger) (string, error) {

cmd/kosli/cli_utils_test.go

@@ -561,45 +561,6 @@ func (suite *CliUtilsTestSuite) TestValidateArtifactArg() {
 	}
 }
 
-func (suite *CliUtilsTestSuite) TestGetRegistryEndpointForProvider() {
-	for _, t := range []struct {
-		name        string
-		provider    string
-		want        *registryProviderEndpoints
-		expectError bool
-	}{
-		{
-			name:     "github provider returns expected endpoints",
-			provider: "github",
-			want: &registryProviderEndpoints{
-				mainApi: "https://ghcr.io/v2",
-				authApi: "https://ghcr.io",
-				service: "ghcr.io",
-			},
-		},
-		{
-			name:     "dockerhub provider returns expected endpoints",
-			provider: "dockerhub",
-			want: &registryProviderEndpoints{
-				mainApi: "https://registry-1.docker.io/v2",
-				authApi: "https://auth.docker.io",
-				service: "registry.docker.io",
-			},
-		},
-	} {
-		suite.Run(t.name, func() {
-			endpoints, err := getRegistryEndpointForProvider(t.provider)
-			if t.expectError {
-				require.Errorf(suite.T(), err, "error was expected but got none")
-			} else {
-				require.NoErrorf(suite.T(), err, "error was NOT expected but got %v", err)
-				require.Equalf(suite.T(), t.want, endpoints,
-					"TestGetRegistryEndpointForProvider: got %v -- want %v", t.want, endpoints)
-			}
-		})
-	}
-}
-
 func (suite *CliUtilsTestSuite) TestValidateRegistryFlags() {
 	for _, t := range []struct {
 		name        string
@@ -610,16 +571,14 @@ func (suite *CliUtilsTestSuite) TestValidateRegistryFlags() {
 			name: "registry flags are valid",
 			options: &fingerprintOptions{
 				artifactType:     "docker",
-				registryProvider: "dockerhub",
 				registryUsername: "user",
 				registryPassword: "pass",
 			},
 		},
 		{
-			name: "non-docker type with registry flags set casues an error",
+			name: "non-docker type with registry flags set causes an error",
 			options: &fingerprintOptions{
 				artifactType:     "file",
-				registryProvider: "dockerhub",
 				registryUsername: "user",
 				registryPassword: "pass",
 			},
@@ -629,7 +588,6 @@ func (suite *CliUtilsTestSuite) TestValidateRegistryFlags() {
 			name: "missing username causes an error",
 			options: &fingerprintOptions{
 				artifactType:     "docker",
-				registryProvider: "dockerhub",
 				registryPassword: "pass",
 			},
 			expectError: true,
@@ -638,36 +596,10 @@ func (suite *CliUtilsTestSuite) TestValidateRegistryFlags() {
 			name: "missing password causes an error",
 			options: &fingerprintOptions{
 				artifactType:     "docker",
-				registryProvider: "dockerhub",
 				registryUsername: "user",
 			},
 			expectError: true,
 		},
-		{
-			name: "missing provider causes an error 1",
-			options: &fingerprintOptions{
-				artifactType:     "docker",
-				registryUsername: "user",
-				registryPassword: "pass",
-			},
-			expectError: true,
-		},
-		{
-			name: "missing provider causes an error 2",
-			options: &fingerprintOptions{
-				artifactType:     "docker",
-				registryUsername: "user",
-			},
-			expectError: true,
-		},
-		{
-			name: "missing provider causes an error 3",
-			options: &fingerprintOptions{
-				artifactType:     "docker",
-				registryPassword: "pass",
-			},
-			expectError: true,
-		},
 	} {
 		suite.Run(t.name, func() {
 			err := ValidateRegistryFlags(&cobra.Command{}, t.options)

cmd/kosli/testdata/output/docs/snyk.md

@@ -37,7 +37,7 @@ snyk [IMAGE-NAME | FILE-PATH | DIR-PATH] [flags]
 | Flag | Description |
 | :--- | :--- |
 |        --annotate stringToString  |  [optional] Annotate the attestation with data using key=value.  |
-|    -t, --artifact-type string  |  The type of the artifact to calculate its SHA256 fingerprint. One of: [docker, file, dir]. Only required if you want Kosli to calculate the fingerprint for you (i.e. when you don't specify '--fingerprint' on commands that allow it).  |
+|    -t, --artifact-type string  |  The type of the artifact to calculate its SHA256 fingerprint. One of: [oci, docker, file, dir]. Only required if you want Kosli to calculate the fingerprint for you (i.e. when you don't specify '--fingerprint' on commands that allow it).  |
 |        --attachments strings  |  [optional] The comma-separated list of paths of attachments for the reported attestation. Attachments can be files or directories. All attachments are compressed and uploaded to Kosli's evidence vault.  |
 |    -g, --commit string  |  [conditional] The git commit for which the attestation is associated to. Becomes required when reporting an attestation for an artifact before reporting it to Kosli. (defaulted in some CIs: https://docs.kosli.com/ci-defaults ).  |
 |        --description string  |  [optional] attestation description  |
@@ -51,9 +51,8 @@ snyk [IMAGE-NAME | FILE-PATH | DIR-PATH] [flags]
 |    -n, --name string  |  The name of the attestation as declared in the flow or trail yaml template.  |
 |    -o, --origin-url string  |  [optional] The url pointing to where the attestation came from or is related. (defaulted to the CI url in some CIs: https://docs.kosli.com/ci-defaults ).  |
 |        --redact-commit-info strings  |  [optional] The list of commit info to be redacted before sending to Kosli. Allowed values are one or more of [author, message, branch].  |
-|        --registry-password string  |  [conditional] The docker registry password or access token. Only required if you want to read docker image SHA256 digest from a remote docker registry.  |
-|        --registry-provider string  |  [conditional] The docker registry provider or url. Only required if you want to read docker image SHA256 digest from a remote docker registry.  |
-|        --registry-username string  |  [conditional] The docker registry username. Only required if you want to read docker image SHA256 digest from a remote docker registry.  |
+|        --registry-password string  |  [conditional] The container registry password or access token. Only required if you want to read container image SHA256 digest from a remote container registry.  |
+|        --registry-username string  |  [conditional] The container registry username. Only required if you want to read container image SHA256 digest from a remote container registry.  |
 |        --repo-root string  |  [defaulted] The directory where the source git repository is available. Only used if --commit is used. (default ".")  |
 |    -R, --scan-results string  |  The path to Snyk scan SARIF results file from 'snyk test' and 'snyk container test'. By default, the Snyk results will be uploaded to Kosli's evidence vault.  |
 |    -T, --trail string  |  The Kosli trail name.  |