Skip to content

Commit 46dc2a2

Browse files
committed
removes deadcode
1 parent c6ed86b commit 46dc2a2

40 files changed

Lines changed: 84 additions & 2022 deletions

accesscontrol/members.go

Lines changed: 0 additions & 68 deletions
Original file line numberDiff line numberDiff line change
@@ -15,71 +15,3 @@
1515

1616
package accesscontrol
1717

18-
import (
19-
"maps"
20-
21-
"github.com/l3montree-dev/devguard/dtos"
22-
"github.com/l3montree-dev/devguard/shared"
23-
"github.com/l3montree-dev/devguard/utils"
24-
"github.com/ory/client-go"
25-
)
26-
27-
// FetchMembersOfOrganization retrieves all members of an organization including their roles
28-
// from both the RBAC system and third-party integrations
29-
func FetchMembersOfOrganization(ctx shared.Context) ([]dtos.UserDTO, error) {
30-
// get all members from the organization
31-
organization := shared.GetOrg(ctx)
32-
accessControl := shared.GetRBAC(ctx)
33-
34-
members, err := accessControl.GetAllMembersOfOrganization()
35-
36-
if err != nil {
37-
return nil, err
38-
}
39-
40-
users := make([]dtos.UserDTO, 0, len(members))
41-
if len(members) > 0 {
42-
// get the auth admin client from the context
43-
authAdminClient := shared.GetAuthAdminClient(ctx)
44-
// fetch the users from the auth service
45-
m, err := authAdminClient.ListUser(client.IdentityAPIListIdentitiesRequest{}.Ids(members))
46-
if err != nil {
47-
return nil, err
48-
}
49-
50-
// get the roles for the members
51-
errGroup := utils.ErrGroup[map[string]shared.Role](10)
52-
for _, member := range m {
53-
errGroup.Go(func() (map[string]shared.Role, error) {
54-
role, err := accessControl.GetDomainRole(member.Id)
55-
if err != nil {
56-
return map[string]shared.Role{member.Id: shared.RoleUnknown}, nil
57-
}
58-
return map[string]shared.Role{member.Id: role}, nil
59-
})
60-
}
61-
62-
roles, err := errGroup.WaitAndCollect()
63-
if err != nil {
64-
return nil, err
65-
}
66-
67-
roleMap := utils.Reduce(roles, func(acc map[string]shared.Role, r map[string]shared.Role) map[string]shared.Role {
68-
maps.Copy(acc, r)
69-
return acc
70-
}, make(map[string]shared.Role))
71-
72-
for _, member := range m {
73-
users = append(users, dtos.UserDTO{
74-
ID: member.Id,
75-
Name: shared.IdentityName(member.Traits),
76-
Role: string(roleMap[member.Id]),
77-
})
78-
}
79-
}
80-
81-
// fetch all members from third party integrations
82-
thirdPartyIntegrations := shared.GetThirdPartyIntegration(ctx)
83-
users = append(users, thirdPartyIntegrations.GetUsers(organization)...)
84-
return users, nil
85-
}

cmd/devguard-cli/commands/trustscore.go

Lines changed: 0 additions & 113 deletions
Original file line numberDiff line numberDiff line change
@@ -4,17 +4,13 @@ import (
44
"context"
55
"fmt"
66
"log/slog"
7-
"math"
8-
"strings"
97

108
"github.com/google/uuid"
119
"github.com/l3montree-dev/devguard/database"
1210
"github.com/l3montree-dev/devguard/database/repositories"
1311
"github.com/l3montree-dev/devguard/shared"
1412
"github.com/spf13/cobra"
1513
"go.uber.org/fx"
16-
17-
"github.com/l3montree-dev/devguard/database/models"
1814
)
1915

2016
type CrowdResult struct {
@@ -164,112 +160,3 @@ func assignTrustScore(ctx context.Context, entityType string, entityID string, s
164160

165161
return assignErr
166162
}
167-
168-
func CalculateConfidenceScoreForPath(ctx context.Context, rules []models.VEXRule, markedAsAffected []models.VEXRule, trustedEntities []models.TrustedEntity) ([]CrowdResult, error) {
169-
var result []CrowdResult
170-
var confidenceValues = make(map[string]float64)
171-
var assignErr error
172-
app := fx.New(
173-
fx.NopLogger,
174-
fx.Supply(database.GetPoolConfigFromEnv()),
175-
database.Module,
176-
repositories.Module,
177-
fx.Invoke(func(
178-
orgRepo shared.OrganizationRepository,
179-
projectRepo shared.ProjectRepository,
180-
assetRepo shared.AssetRepository,
181-
) error {
182-
183-
for _, rule := range rules {
184-
rulaPath := strings.Join(rule.PathPattern, "->")
185-
186-
asset, err := assetRepo.Read(ctx, nil, rule.AssetID)
187-
if err != nil {
188-
slog.Error("failed to read asset for VEX rule", "assetID", rule.AssetID, "error", err)
189-
continue
190-
}
191-
project, err := projectRepo.Read(ctx, nil, asset.ProjectID)
192-
if err != nil {
193-
slog.Error("failed to read project for asset", "projectID", asset.ProjectID, "error", err)
194-
continue
195-
}
196-
org, err := orgRepo.Read(ctx, nil, project.OrganizationID)
197-
if err != nil {
198-
slog.Error("failed to read organization for project", "organizationID", project.OrganizationID, "error", err)
199-
continue
200-
}
201-
organizationTrustscore := 0.0
202-
projectTrustscore := 0.0
203-
204-
for _, te := range trustedEntities {
205-
if te.OrganizationID != nil && *te.OrganizationID == org.ID {
206-
organizationTrustscore = te.TrustScore
207-
} else if te.ProjectID != nil && *te.ProjectID == project.ID {
208-
projectTrustscore = te.TrustScore
209-
}
210-
}
211-
212-
ruleConfidence := 1.0 * math.Max(projectTrustscore, organizationTrustscore)
213-
confidenceValues[rulaPath] += ruleConfidence
214-
}
215-
216-
for _, rule := range markedAsAffected {
217-
rulaPath := strings.Join(rule.PathPattern, "")
218-
219-
asset, err := assetRepo.Read(ctx, nil, rule.AssetID)
220-
if err != nil {
221-
slog.Error("failed to read asset for VEX rule", "assetID", rule.AssetID, "error", err)
222-
continue
223-
}
224-
project, err := projectRepo.Read(ctx, nil, asset.ProjectID)
225-
if err != nil {
226-
slog.Error("failed to read project for asset", "projectID", asset.ProjectID, "error", err)
227-
continue
228-
}
229-
org, err := orgRepo.Read(ctx, nil, project.OrganizationID)
230-
if err != nil {
231-
slog.Error("failed to read organization for project", "organizationID", project.OrganizationID, "error", err)
232-
continue
233-
}
234-
organizationTrustscore := 0.0
235-
projectTrustscore := 0.0
236-
237-
for _, te := range trustedEntities {
238-
if te.OrganizationID != nil && *te.OrganizationID == org.ID {
239-
organizationTrustscore = te.TrustScore
240-
} else if te.ProjectID != nil && *te.ProjectID == project.ID {
241-
projectTrustscore = te.TrustScore
242-
}
243-
}
244-
245-
ruleConfidence := 1.0 * math.Max(projectTrustscore, organizationTrustscore)
246-
confidenceValues[rulaPath] += ruleConfidence
247-
}
248-
249-
totalConfidence := 0.0
250-
for _, conf := range confidenceValues {
251-
totalConfidence += conf
252-
}
253-
if totalConfidence == 0 {
254-
return nil
255-
}
256-
for key, value := range confidenceValues {
257-
result = append(result, CrowdResult{
258-
ConfidenceScore: value / totalConfidence,
259-
Rule: key,
260-
})
261-
}
262-
return nil
263-
}),
264-
)
265-
266-
if err := app.Start(context.Background()); err != nil {
267-
assignErr = err
268-
}
269-
270-
if err := app.Stop(context.Background()); err != nil {
271-
assignErr = err
272-
}
273-
274-
return result, assignErr
275-
}

cmd/devguard-scanner/commands/clean.go

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,6 @@
11
package commands
22

33
import (
4-
"context"
54
"log/slog"
65

76
"github.com/google/go-containerregistry/pkg/authn"
@@ -12,10 +11,6 @@ import (
1211
"github.com/spf13/cobra"
1312
)
1413

15-
func cleanImage(ctx context.Context, regOpts cosignoptions.RegistryOptions, cleanType cosignoptions.CleanType, imageRef string) error {
16-
return cosignclean.CleanCmd(ctx, regOpts, cleanType, imageRef, true)
17-
}
18-
1914
// NewCleanCommand returns a command that removes attestations/signatures from an OCI image.
2015
func NewCleanCommand() *cobra.Command {
2116
cmd := &cobra.Command{

cmd/devguard-scanner/commands/clean_test.go

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,7 @@ import (
2525
"github.com/google/go-containerregistry/pkg/registry"
2626
"github.com/google/go-containerregistry/pkg/v1/random"
2727
"github.com/google/go-containerregistry/pkg/v1/remote"
28+
cosignclean "github.com/sigstore/cosign/v2/cmd/cosign/cli"
2829
cosignoptions "github.com/sigstore/cosign/v2/cmd/cosign/cli/options"
2930
ociremote "github.com/sigstore/cosign/v2/pkg/oci/remote"
3031
)
@@ -100,7 +101,7 @@ func TestCleanImageCleanTypeAllRemovesAllTags(t *testing.T) {
100101
t.Fatal("signature tag should exist before clean")
101102
}
102103

103-
if err := cleanImage(context.Background(), regOpts, cosignoptions.CleanTypeAll, imageRef); err != nil {
104+
if err := cosignclean.CleanCmd(context.Background(), regOpts, cosignoptions.CleanTypeAll, imageRef, true); err != nil {
104105
t.Fatalf("cleanImage: %v", err)
105106
}
106107

@@ -130,7 +131,7 @@ func TestCleanImageCleanTypeAttestationLeavesSignatureTag(t *testing.T) {
130131
pushDummyImage(t, attTag, remoteOpts)
131132
pushDummyImage(t, sigTag, remoteOpts)
132133

133-
if err := cleanImage(context.Background(), regOpts, cosignoptions.CleanTypeAttestation, imageRef); err != nil {
134+
if err := cosignclean.CleanCmd(context.Background(), regOpts, cosignoptions.CleanTypeAttestation, imageRef, true); err != nil {
134135
t.Fatalf("cleanImage: %v", err)
135136
}
136137

@@ -160,7 +161,7 @@ func TestCleanImageCleanTypeSignatureLeavesAttestationTag(t *testing.T) {
160161
pushDummyImage(t, attTag, remoteOpts)
161162
pushDummyImage(t, sigTag, remoteOpts)
162163

163-
if err := cleanImage(context.Background(), regOpts, cosignoptions.CleanTypeSignature, imageRef); err != nil {
164+
if err := cosignclean.CleanCmd(context.Background(), regOpts, cosignoptions.CleanTypeSignature, imageRef, true); err != nil {
164165
t.Fatalf("cleanImage: %v", err)
165166
}
166167

@@ -179,7 +180,7 @@ func TestCleanImageNoTagsDoesNotError(t *testing.T) {
179180
pushBaseImage(t, imageRef, remoteOpts)
180181

181182
// no attestation/signature tags present — clean should still succeed
182-
if err := cleanImage(context.Background(), regOpts, cosignoptions.CleanTypeAll, imageRef); err != nil {
183+
if err := cosignclean.CleanCmd(context.Background(), regOpts, cosignoptions.CleanTypeAll, imageRef, true); err != nil {
183184
t.Fatalf("cleanImage on image with no sig/att tags failed: %v", err)
184185
}
185186
}

cmd/devguard-scanner/commands/intoto/intoto_record.go

Lines changed: 0 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -20,41 +20,14 @@ import (
2020
"fmt"
2121
"log/slog"
2222
"os"
23-
"strings"
2423

2524
toto "github.com/in-toto/in-toto-golang/in_toto"
2625
"github.com/l3montree-dev/devguard/cmd/devguard-scanner/config"
2726
"github.com/l3montree-dev/devguard/cmd/devguard-scanner/scanner"
28-
"github.com/l3montree-dev/devguard/utils"
2927
"github.com/pkg/errors"
3028
"github.com/spf13/cobra"
3129
)
3230

33-
func parseGitIgnore(path string) ([]string, error) {
34-
// read .gitignore if exists
35-
content, err := os.ReadFile(path)
36-
if err == nil {
37-
ignorePaths := strings.Split(string(content), "\n")
38-
39-
// make sure to remove new lines and empty strings
40-
ignorePaths = utils.Filter(
41-
utils.Map(utils.Map(ignorePaths, strings.TrimSpace), func(e string) string {
42-
// nextjs products a gitignore which contains /node_modules but we need to ignore /node_modules/
43-
if e == "/node_modules" {
44-
return e + "/"
45-
}
46-
return e
47-
}),
48-
func(e string) bool {
49-
return e != "" && e != "\n" && !strings.HasPrefix(strings.TrimSpace(e), "#")
50-
})
51-
52-
return ignorePaths, nil
53-
}
54-
55-
return nil, err
56-
}
57-
5831
func stopInTotoRecording(cmd *cobra.Command, args []string) error {
5932
if config.RuntimeInTotoConfig.Disabled {
6033
return nil
Lines changed: 0 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -1,32 +1 @@
11
package intotocmd
2-
3-
import (
4-
"os"
5-
"path"
6-
"testing"
7-
8-
"github.com/stretchr/testify/assert"
9-
)
10-
11-
func TestParseGitIgnore(t *testing.T) {
12-
t.Run("parseGitIgnore with empty strings", func(t *testing.T) {
13-
// create temp dir for testing
14-
dir, err := os.MkdirTemp("", "test")
15-
assert.NoError(t, err, "failed to create temporary directory")
16-
17-
defer os.RemoveAll(dir)
18-
19-
// Create a temporary .gitignore file for testing
20-
gitignoreContent := "\n.DS_Store\n\t\t\t\n"
21-
22-
filepath := path.Join(dir, ".gitignore")
23-
24-
err = os.WriteFile(filepath, []byte(gitignoreContent), 0600)
25-
assert.NoError(t, err, "failed to create temporary .gitignore file")
26-
27-
ignorePaths, err := parseGitIgnore(filepath)
28-
assert.NoError(t, err, "expected no error when reading .gitignore")
29-
assert.Equal(t, []string{".DS_Store"}, ignorePaths, "unexpected ignore paths")
30-
31-
})
32-
}

controllers/asset_controller.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -476,7 +476,7 @@ func (a *AssetController) GetBadges(ctx shared.Context) error {
476476
}
477477
var artifactName *string
478478
artifact, err := shared.MaybeGetArtifact(ctx)
479-
if err == nil {
479+
if err == nil && artifact != nil {
480480
artifactName = &artifact.ArtifactName
481481
}
482482

controllers/dependencyfirewall/oci.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,7 @@ import (
2525
"net/http"
2626
"net/url"
2727
"os"
28+
2829
"regexp"
2930
"strings"
3031
"time"

controllers/helpers.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ func ctxToBOMMetadata(ctx shared.Context) normalize.BOMMetadata {
2828
assetVersion := shared.GetAssetVersion(ctx)
2929
artifactName := ""
3030
artifact, err := shared.MaybeGetArtifact(ctx)
31-
if err != nil {
31+
if err != nil || artifact == nil {
3232
org := shared.GetOrg(ctx)
3333
project := shared.GetProject(ctx)
3434

0 commit comments

Comments
 (0)