unexport top level subcommand funcs

Signed-off-by: Meredith Lancaster <malancas@github.com>
2024-03-12 18:05:02 -06:00 · 2024-03-12 18:05:02 -06:00 · 4ae0470dcd
commit 4ae0470dcd
parent 9ad3b220a3
6 changed files with 40 additions and 40 deletions
--- a/pkg/cmd/attestation/download/download.go
+++ b/pkg/cmd/attestation/download/download.go
@ -88,7 +88,7 @@ func NewDownloadCmd(f *cmdutil.Factory) *cobra.Command {
 			if err := auth.IsHostSupported(); err != nil {
 				return err
 			}
-			if err := RunDownload(opts); err != nil {
+			if err := runDownload(opts); err != nil {
 				return fmt.Errorf("Failed to download the artifact's bundle(s): %w", err)
 			}
 			return nil
@ -106,7 +106,7 @@ func NewDownloadCmd(f *cmdutil.Factory) *cobra.Command {
 	return downloadCmd
 }

-func RunDownload(opts *Options) error {
+func runDownload(opts *Options) error {
 	if opts.APIClient == nil {
 		return fmt.Errorf("missing API client")
 	}
--- a/pkg/cmd/attestation/download/download_test.go
+++ b/pkg/cmd/attestation/download/download_test.go
@ -30,7 +30,7 @@ func TestRunDownload(t *testing.T) {
 	}

 	t.Run("fetch and store attestations successfully with owner", func(t *testing.T) {
-		err := RunDownload(&baseOpts)
+		err := runDownload(&baseOpts)
 		require.NoError(t, err)

 		artifact, err := artifact.NewDigestedArtifact(baseOpts.OCIClient, baseOpts.ArtifactPath, baseOpts.DigestAlgorithm)
@ -50,7 +50,7 @@ func TestRunDownload(t *testing.T) {
 		opts.Owner = ""
 		opts.Repo = "sigstore/sigstore-js"

-		err := RunDownload(&opts)
+		err := runDownload(&opts)
 		require.NoError(t, err)

 		artifact, err := artifact.NewDigestedArtifact(opts.OCIClient, opts.ArtifactPath, opts.DigestAlgorithm)
@ -69,7 +69,7 @@ func TestRunDownload(t *testing.T) {
 		opts := baseOpts
 		opts.ArtifactPath = "oci://ghcr.io/github/test"

-		err := RunDownload(&opts)
+		err := runDownload(&opts)
 		require.NoError(t, err)

 		artifact, err := artifact.NewDigestedArtifact(opts.OCIClient, opts.ArtifactPath, opts.DigestAlgorithm)
@ -88,7 +88,7 @@ func TestRunDownload(t *testing.T) {
 		opts := baseOpts
 		opts.ArtifactPath = "../test/data/not-real.zip"

-		err := RunDownload(&opts)
+		err := runDownload(&opts)
 		require.Error(t, err)
 	})

@ -100,7 +100,7 @@ func TestRunDownload(t *testing.T) {
 			},
 		}

-		err := RunDownload(&opts)
+		err := runDownload(&opts)
 		require.NoError(t, err)

 		artifact, err := artifact.NewDigestedArtifact(opts.OCIClient, opts.ArtifactPath, opts.DigestAlgorithm)
@ -113,7 +113,7 @@ func TestRunDownload(t *testing.T) {
 		opts.ArtifactPath = "oci://ghcr.io/github/test"
 		opts.OCIClient = oci.ReferenceFailClient{}

-		err := RunDownload(&opts)
+		err := runDownload(&opts)
 		require.Error(t, err)
 		require.ErrorContains(t, err, "failed to digest artifact")
 	})
@ -122,13 +122,13 @@ func TestRunDownload(t *testing.T) {
 		customOpts := baseOpts
 		customOpts.ArtifactPath = "oci://ghcr.io/github/test"
 		customOpts.OCIClient = nil
-		require.Error(t, RunDownload(&customOpts))
+		require.Error(t, runDownload(&customOpts))
 	})

 	t.Run("with missing API client", func(t *testing.T) {
 		customOpts := baseOpts
 		customOpts.APIClient = nil
-		require.Error(t, RunDownload(&customOpts))
+		require.Error(t, runDownload(&customOpts))
 	})
 }

--- a/pkg/cmd/attestation/inspect/inspect.go
+++ b/pkg/cmd/attestation/inspect/inspect.go
@ -66,7 +66,7 @@ func NewInspectCmd(f *cmdutil.Factory) *cobra.Command {

 			return nil
 		},
-		// Use Run instead of RunE because if an error is returned by RunInspect
+		// Use Run instead of RunE because if an error is returned by runInspect
 		// when RunE is used, the command usage will be printed
 		// We only want to print the error, not usage
 		RunE: func(cmd *cobra.Command, args []string) error {
@ -75,7 +75,7 @@ func NewInspectCmd(f *cmdutil.Factory) *cobra.Command {
 			if err := auth.IsHostSupported(); err != nil {
 				return err
 			}
-			if err := RunInspect(opts); err != nil {
+			if err := runInspect(opts); err != nil {
 				return fmt.Errorf("Failed to inspect the artifact and bundle: %w", err)
 			}
 			return nil
@ -93,7 +93,7 @@ func NewInspectCmd(f *cmdutil.Factory) *cobra.Command {
 	return inspectCmd
 }

-func RunInspect(opts *Options) error {
+func runInspect(opts *Options) error {
 	artifact, err := artifact.NewDigestedArtifact(opts.OCIClient, opts.ArtifactPath, opts.DigestAlgorithm)
 	if err != nil {
 		return fmt.Errorf("failed to digest artifact: %s", err)
--- a/pkg/cmd/attestation/inspect/inspect_test.go
+++ b/pkg/cmd/attestation/inspect/inspect_test.go
@ -30,26 +30,26 @@ func TestRunInspect(t *testing.T) {
 	}

 	t.Run("with valid artifact and bundle", func(t *testing.T) {
-		require.Nil(t, RunInspect(&opts))
+		require.Nil(t, runInspect(&opts))
 	})

 	t.Run("with missing artifact path", func(t *testing.T) {
 		customOpts := opts
 		customOpts.ArtifactPath = "../test/data/non-existent-artifact.zip"
-		require.Error(t, RunInspect(&customOpts))
+		require.Error(t, runInspect(&customOpts))
 	})

 	t.Run("with missing bundle path", func(t *testing.T) {
 		customOpts := opts
 		customOpts.BundlePath = "../test/data/non-existent-sigstoreBundle.json"
-		require.Error(t, RunInspect(&customOpts))
+		require.Error(t, runInspect(&customOpts))
 	})

 	t.Run("with invalid signature", func(t *testing.T) {
 		customOpts := opts
 		customOpts.BundlePath = "../test/data/sigstoreBundle-invalid-signature.json"

-		err := RunInspect(&customOpts)
+		err := runInspect(&customOpts)
 		require.Error(t, err)
 		require.ErrorContains(t, err, "at least one attestation failed to verify")
 		require.ErrorContains(t, err, "verifying with issuer \"sigstore.dev\"")
@ -58,13 +58,13 @@ func TestRunInspect(t *testing.T) {
 	t.Run("with valid artifact and JSON lines file containing multiple bundles", func(t *testing.T) {
 		customOpts := opts
 		customOpts.BundlePath = "../test/data/sigstore-js-2.1.0_with_2_bundles.jsonl"
-		require.Nil(t, RunInspect(&customOpts))
+		require.Nil(t, runInspect(&customOpts))
 	})

 	t.Run("with missing OCI client", func(t *testing.T) {
 		customOpts := opts
 		customOpts.ArtifactPath = "oci://ghcr.io/github/test"
 		customOpts.OCIClient = nil
-		require.Error(t, RunInspect(&customOpts))
+		require.Error(t, runInspect(&customOpts))
 	})
 }
--- a/pkg/cmd/attestation/verify/verify.go
+++ b/pkg/cmd/attestation/verify/verify.go
@ -88,7 +88,7 @@ func NewVerifyCmd(f *cmdutil.Factory) *cobra.Command {

 			return nil
 		},
-		// Use Run instead of RunE because if an error is returned by RunVerify
+		// Use Run instead of RunE because if an error is returned by runVerify
 		// when RunE is used, the command usage will be printed
 		// We only want to print the error, not usage
 		RunE: func(cmd *cobra.Command, args []string) error {
@ -103,7 +103,7 @@ func NewVerifyCmd(f *cmdutil.Factory) *cobra.Command {
 			if err := auth.IsHostSupported(); err != nil {
 				return err
 			}
-			if err := RunVerify(opts); err != nil {
+			if err := runVerify(opts); err != nil {
 				return fmt.Errorf("Failed to verify the artifact: %w", err)
 			}
 			return nil
@ -134,7 +134,7 @@ func NewVerifyCmd(f *cmdutil.Factory) *cobra.Command {
 	return verifyCmd
 }

-func RunVerify(opts *Options) error {
+func runVerify(opts *Options) error {
 	artifact, err := artifact.NewDigestedArtifact(opts.OCIClient, opts.ArtifactPath, opts.DigestAlgorithm)
 	if err != nil {
 		return fmt.Errorf("failed to digest artifact: %s", err)
--- a/pkg/cmd/attestation/verify/verify_test.go
+++ b/pkg/cmd/attestation/verify/verify_test.go
@ -36,7 +36,7 @@ func TestRunVerify(t *testing.T) {
 	}

 	t.Run("with valid artifact and bundle", func(t *testing.T) {
-		require.Nil(t, RunVerify(&publicGoodOpts))
+		require.Nil(t, runVerify(&publicGoodOpts))
 	})

 	t.Run("with failing OCI artifact fetch", func(t *testing.T) {
@ -44,7 +44,7 @@ func TestRunVerify(t *testing.T) {
 		opts.ArtifactPath = "oci://ghcr.io/github/test"
 		opts.OCIClient = oci.ReferenceFailClient{}

-		err := RunVerify(&opts)
+		err := runVerify(&opts)
 		require.Error(t, err)
 		require.ErrorContains(t, err, "failed to digest artifact")
 	})
@ -52,20 +52,20 @@ func TestRunVerify(t *testing.T) {
 	t.Run("with missing artifact path", func(t *testing.T) {
 		opts := publicGoodOpts
 		opts.ArtifactPath = "../test/data/non-existent-artifact.zip"
-		require.Error(t, RunVerify(&opts))
+		require.Error(t, runVerify(&opts))
 	})

 	t.Run("with missing bundle path", func(t *testing.T) {
 		opts := publicGoodOpts
 		opts.BundlePath = "../test/data/non-existent-sigstoreBundle.json"
-		require.Error(t, RunVerify(&opts))
+		require.Error(t, runVerify(&opts))
 	})

 	t.Run("with invalid signature", func(t *testing.T) {
 		opts := publicGoodOpts
 		opts.BundlePath = "../test/data/sigstoreBundle-invalid-signature.json"

-		err := RunVerify(&opts)
+		err := runVerify(&opts)
 		require.Error(t, err)
 		require.ErrorContains(t, err, "at least one attestation failed to verify")
 		require.ErrorContains(t, err, "verifying with issuer \"sigstore.dev\"")
@ -76,7 +76,7 @@ func TestRunVerify(t *testing.T) {
 		opts.BundlePath = ""
 		opts.Owner = "sigstore"

-		require.Nil(t, RunVerify(&opts))
+		require.Nil(t, runVerify(&opts))
 	})

 	t.Run("with repo", func(t *testing.T) {
@ -84,7 +84,7 @@ func TestRunVerify(t *testing.T) {
 		opts.BundlePath = ""
 		opts.Repo = "github/example"

-		require.Nil(t, RunVerify(&opts))
+		require.Nil(t, runVerify(&opts))
 	})

 	t.Run("with invalid repo", func(t *testing.T) {
@ -93,7 +93,7 @@ func TestRunVerify(t *testing.T) {
 		opts.Repo = "wrong/example"
 		opts.APIClient = api.NewFailTestClient()

-		err := RunVerify(&opts)
+		err := runVerify(&opts)
 		require.Error(t, err)
 		require.ErrorContains(t, err, "failed to fetch attestations for subject")
 	})
@ -104,7 +104,7 @@ func TestRunVerify(t *testing.T) {
 		opts.APIClient = api.NewFailTestClient()
 		opts.Owner = "wrong-owner"

-		err := RunVerify(&opts)
+		err := runVerify(&opts)
 		require.Error(t, err)
 		require.ErrorContains(t, err, "failed to fetch attestations for subject")
 	})
@ -112,7 +112,7 @@ func TestRunVerify(t *testing.T) {
 	t.Run("with invalid OIDC issuer", func(t *testing.T) {
 		opts := publicGoodOpts
 		opts.OIDCIssuer = "not-a-real-issuer"
-		require.Error(t, RunVerify(&opts))
+		require.Error(t, runVerify(&opts))
 	})

 	t.Run("with SAN enforcement", func(t *testing.T) {
@ -126,52 +126,52 @@ func TestRunVerify(t *testing.T) {
 			Owner:           "sigstore",
 			SAN:             SigstoreSanValue,
 		}
-		require.Nil(t, RunVerify(&opts))
+		require.Nil(t, runVerify(&opts))
 	})

 	t.Run("with invalid SAN", func(t *testing.T) {
 		opts := publicGoodOpts
 		opts.SAN = "fake san"
-		require.Error(t, RunVerify(&opts))
+		require.Error(t, runVerify(&opts))
 	})

 	t.Run("with SAN regex enforcement", func(t *testing.T) {
 		opts := publicGoodOpts
 		opts.SANRegex = SigstoreSanRegex
-		require.Nil(t, RunVerify(&opts))
+		require.Nil(t, runVerify(&opts))
 	})

 	t.Run("with invalid SAN regex", func(t *testing.T) {
 		opts := publicGoodOpts
 		opts.SANRegex = "^https://github.com/sigstore/not-real/"
-		require.Error(t, RunVerify(&opts))
+		require.Error(t, runVerify(&opts))
 	})

 	t.Run("with no matching OIDC issuer", func(t *testing.T) {
 		opts := publicGoodOpts
 		opts.OIDCIssuer = "some-other-issuer"

-		require.Error(t, RunVerify(&opts))
+		require.Error(t, runVerify(&opts))
 	})

 	t.Run("with valid artifact and JSON lines file containing multiple Sigstore bundles", func(t *testing.T) {
 		opts := publicGoodOpts
 		opts.BundlePath = "../test/data/sigstore-js-2.1.0_with_2_bundles.jsonl"
-		require.Nil(t, RunVerify(&opts))
+		require.Nil(t, runVerify(&opts))
 	})

 	t.Run("with missing OCI client", func(t *testing.T) {
 		customOpts := publicGoodOpts
 		customOpts.ArtifactPath = "oci://ghcr.io/github/test"
 		customOpts.OCIClient = nil
-		require.Error(t, RunVerify(&customOpts))
+		require.Error(t, runVerify(&customOpts))
 	})

 	t.Run("with missing API client", func(t *testing.T) {
 		customOpts := publicGoodOpts
 		customOpts.APIClient = nil
 		customOpts.BundlePath = ""
-		require.Error(t, RunVerify(&customOpts))
+		require.Error(t, runVerify(&customOpts))
 	})
 }