gofmt100%

Gofmt formats Go programs. We run gofmt -s on your code, where -s is for the "simplify" command

No problems detected. Good job!

go_vet100%

go vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string.

No problems detected. Good job!

gocyclo95%

Gocyclo calculates cyclomatic complexities of functions in Go source code. The cyclomatic complexity of a function is calculated according to the following rules: 1 is the base complexity of a function +1 for each 'if', 'for', 'case', '&&' or '||' Go Report Card warns on functions with cyclomatic complexity > 15.

• kritis/cmd/kritis/signer/main.go
  • Line 145: warning: cyclomatic complexity 32 of function main() is high (> 15) (gocyclo)

• kritis/cmd/kritis/gcr-signer/main.go
  • Line 169: warning: cyclomatic complexity 23 of function main() is high (> 15) (gocyclo)

• kritis/cmd/kritis/admission/main.go
  • Line 56: warning: cyclomatic complexity 16 of function main() is high (> 15) (gocyclo)

• kritis/integration/run_test.go
  • Line 569: warning: cyclomatic complexity 18 of function TestKritisCron() is high (> 15) (gocyclo)

• kritis/pkg/attestlib/verify_detached.go
  • Line 53: warning: cyclomatic complexity 18 of function verifyDetached() is high (> 15) (gocyclo)

• kritis/pkg/kritis/metadata/grafeas/grafeas_test.go
  • Line 117: warning: cyclomatic complexity 16 of function TestCreateAttestationNoteAndOccurrence() is high (> 15) (gocyclo)

• kritis/pkg/kritis/metadata/containeranalysis/containeranalysis_int_test.go
  • Line 66: warning: cyclomatic complexity 16 of function TestCreateAttestationNoteAndOccurrence() is high (> 15) (gocyclo)

golint68%

Golint is a linter for Go source code.

• kritis/pkg/kritis/crd/vulnzsigningpolicy/violation.go
  • Line 35: warning: exported function NewViolation should have comment or be unexported (golint)

• kritis/pkg/kritis/signer/cloud_kms.go
  • Line 31: warning: exported type DigestAlgorithm should have comment or be unexported (golint)
  • Line 34: warning: exported const SHA256 should have comment (or a comment on this block) or be unexported (golint)
  • Line 45: warning: exported function NewCloudKmsSigner should have comment or be unexported (golint)

• kritis/pkg/kritis/metadata/metadata.go
  • Line 36: warning: exported type SignatureType should have comment or be unexported (golint)
  • Line 39: warning: exported const UnknownSignatureType should have comment (or a comment on this block) or be unexported (golint)
  • Line 48: warning: comment on exported type ReadWriteClient should be of the form "ReadWriteClient ..." (with optional leading article) (golint)
  • Line 72: warning: comment on exported type ReadOnlyClient should be of the form "ReadOnlyClient ..." (with optional leading article) (golint)
  • Line 84: warning: exported type Vulnerability should have comment or be unexported (golint)
  • Line 99: warning: exported function IsFixAvailable should have comment or be unexported (golint)
  • Line 109: warning: exported function GetVulnerabilityFromOccurrence should have comment or be unexported (golint)

• kritis/pkg/kritis/metadata/containeranalysis/cache.go
  • Line 114: warning: comment on exported method Cache.DeleteAttestationOccurrence should be of the form "DeleteAttestationOccurrence ..." (golint)

• kritis/pkg/kritis/secrets/secrets_test_data.go
  • Line 1: warning: package comment should be of the form "Package secrets ..." (golint)
  • Line 18: warning: exported type SecretTestData should have comment or be unexported (golint)

• kritis/pkg/kritis/testutil/util.go
  • Line 32: warning: exported function CheckErrorAndDeepEqual should have comment or be unexported (golint)
  • Line 40: warning: exported function DeepEqual should have comment or be unexported (golint)
  • Line 48: warning: exported function CheckError should have comment or be unexported (golint)
  • Line 64: warning: exported function CreateKeyPair should have comment or be unexported (golint)
  • Line 89: warning: exported function CreateSecret should have comment or be unexported (golint)
  • Line 101: warning: exported function Base64PublicTestKey should have comment or be unexported (golint)

• kritis/pkg/kritis/apis/kritis/v1beta1/kritisconfig.go
  • Line 28: warning: exported type KritisConfig should have comment or be unexported (golint)

• kritis/pkg/kritis/apis/kritis/v1beta1/securitypolicy.go
  • Line 27: warning: exported type ImageSecurityPolicy should have comment or be unexported (golint)

• kritis/pkg/kritis/crd/genericattestation/genericattestation.go
  • Line 29: warning: comment on exported function Policies should be of the form "Policies ..." (golint)

• kritis/cmd/kritis/gcr-signer/main.go
  • Line 75: warning: exported function ParsePolicy should have comment or be unexported (golint)
  • Line 83: warning: exported function ReadPolicyFile should have comment or be unexported (golint)
  • Line 92: warning: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) (golint)
  • Line 105: warning: comment on exported function IsImageReferenceWithDigest should be of the form "IsImageReferenceWithDigest ..." (golint)
  • Line 118: warning: comment on exported function DoCheck should be of the form "DoCheck ..." (golint)
  • Line 155: warning: comment on exported function DoSign should be of the form "DoSign ..." (golint)

• kritis/pkg/kritis/secrets/secrets_test.go
  • Line 78: warning: if block ends with a return statement, so drop this else and outdent its block (golint)

• kritis/pkg/attestlib/signature_algorithm.go
  • Line 58: warning: comment on exported function ParseSignatureAlgorithm should be of the form "ParseSignatureAlgorithm ..." (golint)

• kritis/pkg/kritis/testutil/constants.go
  • Line 20: warning: exported const QualifiedImage should have comment (or a comment on this block) or be unexported (golint)

• kritis/pkg/kritis/apis/kritis/v1beta1/register.go
  • Line 41: warning: exported var SchemeBuilder should have comment or be unexported (golint)

• kritis/pkg/kritis/crd/authority/authority.go
  • Line 29: warning: exported type Lister should have comment or be unexported (golint)
  • Line 30: warning: exported type Fetcher should have comment or be unexported (golint)

• kritis/pkg/kritis/install/install.go
  • Line 27: warning: exported function RetrieveNamespace should have comment or be unexported (golint)

• kritis/cmd/kritis/admission/main.go
  • Line 42: warning: comment on exported const DefaultMetadataBackend should be of the form "DefaultMetadataBackend ..." (golint)
  • Line 44: warning: exported const DefaultCronInterval should have comment (or a comment on this block) or be unexported (golint)
  • Line 144: warning: exported function NewServer should have comment or be unexported (golint)
  • Line 154: warning: comment on exported function StartCronJob should be of the form "StartCronJob ..." (golint)

• kritis/pkg/kritis/signer/signer.go
  • Line 33: warning: comment on exported type Signer should be of the form "Signer ..." (with optional leading article) (golint)
  • Line 52: warning: comment on exported function New should be of the form "New ..." (golint)

• kritis/pkg/kritis/secrets/secrets.go
  • Line 29: warning: comment on exported const PrivateKey should be of the form "PrivateKey ..." (golint)
  • Line 31: warning: comment on exported const PublicKey should be of the form "PublicKey ..." (golint)

• kritis/pkg/kritis/apis/kritis/v1beta1/buildpolicy.go
  • Line 27: warning: exported type BuildPolicy should have comment or be unexported (golint)
  • Line 41: warning: exported type BuildRequirements should have comment or be unexported (golint)

• kritis/pkg/kritis/constants/constants.go
  • Line 20: warning: comment on exported const AllowAll should be of the form "AllowAll ..." (golint)
  • Line 22: warning: comment on exported const BlockAll should be of the form "BlockAll ..." (golint)
  • Line 25: warning: comment on exported const Critical should be of the form "Critical ..." (golint)
  • Line 27: warning: comment on exported const High should be of the form "High ..." (golint)
  • Line 29: warning: comment on exported const Medium should be of the form "Medium ..." (golint)
  • Line 31: warning: comment on exported const Low should be of the form "Low ..." (golint)
  • Line 36: warning: exported const InvalidImageSecPolicyLabelValue should have comment (or a comment on this block) or be unexported (golint)
  • Line 46: warning: comment on exported const PreviouslyAttestedAnnotation should be of the form "PreviouslyAttestedAnnotation ..." (golint)
  • Line 50: warning: comment on exported const AtomicContainerSigType should be of the form "AtomicContainerSigType ..." (golint)
  • Line 53: warning: comment on exported const PageSize should be of the form "PageSize ..." (golint)
  • Line 57: warning: comment on exported const CloudSourceRepoPattern should be of the form "CloudSourceRepoPattern ..." (golint)
  • Line 60: warning: comment on exported const ContainerAnalysisMetadata should be of the form "ContainerAnalysisMetadata ..." (golint)

• kritis/pkg/kritis/container/container.go
  • Line 98: warning: exported method AtomicContainerSig.JSONBytes should have comment or be unexported (golint)
  • Line 106: warning: exported method AtomicContainerSig.JSON should have comment or be unexported (golint)

• kritis/pkg/kritis/kubernetes/wait.go
  • Line 42: warning: exported function WaitForPodReady should have comment or be unexported (golint)
  • Line 79: warning: exported function WaitForPodComplete should have comment or be unexported (golint)
  • Line 103: warning: exported type PodStore should have comment or be unexported (golint)
  • Line 109: warning: exported method PodStore.List should have comment or be unexported (golint)
  • Line 118: warning: exported method PodStore.Stop should have comment or be unexported (golint)
  • Line 122: warning: exported function NewPodStore should have comment or be unexported (golint)
  • Line 143: warning: exported function StartPods should have comment or be unexported (golint)
  • Line 340: warning: exported function IsRetryableAPIError should have comment or be unexported (golint)

• kritis/pkg/kritis/crd/securitypolicy/violation.go
  • Line 35: warning: exported function NewViolation should have comment or be unexported (golint)
  • Line 66: warning: comment on exported function FixUnavailableReason should be of the form "FixUnavailableReason ..." (golint)

• kritis/integration/crd.go
  • Line 1: warning: package comment should be of the form "Package integration ..." (golint)

• kritis/integration/logs.go
  • Line 1: warning: package comment should be of the form "Package integration ..." (golint)

• kritis/pkg/kritis/apis/kritis/v1beta1/attestationauthority.go
  • Line 24: warning: comment on exported const PgpKeyType should be of the form "PgpKeyType ..." (golint)
  • Line 26: warning: exported const PkixKeyType should have comment (or a comment on this block) or be unexported (golint)
  • Line 33: warning: exported type AttestationAuthority should have comment or be unexported (golint)
  • Line 65: warning: exported type PkixPublicKey should have comment or be unexported (golint)

• kritis/cmd/kritis/signer/main.go
  • Line 36: warning: exported type SignerMode should have comment or be unexported (golint)
  • Line 39: warning: exported const CheckAndSign should have comment (or a comment on this block) or be unexported (golint)

• kritis/pkg/kritis/metadata/containeranalysis/containeranalysis.go
  • Line 69: warning: comment on exported function New should be of the form "New ..." (golint)
  • Line 292: warning: comment on exported method Client.WaitForVulnzAnalysis should be of the form "WaitForVulnzAnalysis ..." (golint)
  • Line 361: warning: comment on exported method Client.DeleteAttestationOccurrence should be of the form "DeleteAttestationOccurrence ..." (golint)

• kritis/pkg/kritis/secrets/pgpkey.go
  • Line 37: warning: exported function NewPgpKey should have comment or be unexported (golint)
  • Line 60: warning: exported method PgpKey.PublicKey should have comment or be unexported (golint)
  • Line 64: warning: exported method PgpKey.PrivateKey should have comment or be unexported (golint)
  • Line 68: warning: exported method PgpKey.Fingerprint should have comment or be unexported (golint)

• kritis/pkg/kritis/review/review.go
  • Line 35: warning: exported type Reviewer should have comment or be unexported (golint)
  • Line 39: warning: exported type Config should have comment or be unexported (golint)
  • Line 47: warning: exported function New should have comment or be unexported (golint)

• kritis/pkg/kritis/util/util.go
  • Line 41: warning: exported const RSABits should have comment (or a comment on this block) or be unexported (golint)
  • Line 55: warning: comment on exported function CheckNoteName should be of the form "CheckNoteName ..." (golint)
  • Line 65: warning: exported function GetProjectFromContainerImage should have comment or be unexported (golint)
  • Line 73: warning: exported function GetResourceURL should have comment or be unexported (golint)
  • Line 77: warning: exported function GetResource should have comment or be unexported (golint)
  • Line 81: warning: exported function CreateAttestation should have comment or be unexported (golint)
  • Line 167: warning: exported function GetAttestationKeyFingerprint should have comment or be unexported (golint)

• kritis/pkg/kritis/metadata/grafeas/grafeas.go
  • Line 46: warning: exported const PkgVulnerability should have comment (or a comment on this block) or be unexported (golint)
  • Line 68: warning: comment on exported function New should be of the form "New ..." (golint)
  • Line 270: warning: comment on exported method Client.WaitForVulnzAnalysis should be of the form "WaitForVulnzAnalysis ..." (golint)
  • Line 335: warning: comment on exported method Client.DeleteAttestationOccurrence should be of the form "DeleteAttestationOccurrence ..." (golint)

• kritis/pkg/kritis/apis/kritis/v1beta1/vulnzsigningpolicy.go
  • Line 27: warning: exported type VulnzSigningPolicy should have comment or be unexported (golint)
  • Line 34: warning: comment on exported type VulnzSigningPolicySpec should be of the form "VulnzSigningPolicySpec ..." (with optional leading article) (golint)

• kritis/pkg/kritis/cron/cron.go
  • Line 46: warning: exported type Config should have comment or be unexported (golint)
  • Line 57: warning: exported function NewCronConfig should have comment or be unexported (golint)

• kritis/pkg/kritis/kubernetes/client.go
  • Line 30: warning: exported function GetClientset should have comment or be unexported (golint)

• kritis/pkg/kritis/violation/strategy.go
  • Line 1: warning: package comment should be of the form "Package violation ..." (golint)
  • Line 28: warning: exported type Strategy should have comment or be unexported (golint)
  • Line 33: warning: exported type LoggingStrategy should have comment or be unexported (golint)
  • Line 36: warning: exported method LoggingStrategy.HandleViolation should have comment or be unexported (golint)
  • Line 48: warning: exported method LoggingStrategy.HandleAttestation should have comment or be unexported (golint)
  • Line 62: warning: exported method AnnotationStrategy.HandleViolation should have comment or be unexported (golint)
  • Line 85: warning: exported method AnnotationStrategy.HandleAttestation should have comment or be unexported (golint)
  • Line 102: warning: comment on exported type MemoryStrategy should be of the form "MemoryStrategy ..." (with optional leading article) (golint)
  • Line 108: warning: exported method MemoryStrategy.HandleViolation should have comment or be unexported (golint)
  • Line 113: warning: exported method MemoryStrategy.HandleAttestation should have comment or be unexported (golint)

• kritis/pkg/kritis/admission/admission.go
  • Line 57: warning: comment on exported type Status should be of the form "Status ..." (with optional leading article) (golint)
  • Line 171: warning: exported function ReviewHandler should have comment or be unexported (golint)

• kritis/cmd/kritis/gcr-signer/server.go
  • Line 33: warning: exported type EvaluationStatus should have comment or be unexported (golint)
  • Line 36: warning: exported const Ok should have comment (or a comment on this block) or be unexported (golint)
  • Line 42: warning: exported type SignRequest should have comment or be unexported (golint)
  • Line 46: warning: exported type SignResponse should have comment or be unexported (golint)
  • Line 53: warning: comment on exported function WriteResponse should be of the form "WriteResponse ..." (golint)
  • Line 66: warning: comment on exported type PubSubMessage should be of the form "PubSubMessage ..." (with optional leading article) (golint)
  • Line 75: warning: comment on exported type ContainerAnalysisOccurrenceEvent should be of the form "ContainerAnalysisOccurrenceEvent ..." (with optional leading article) (golint)
  • Line 82: warning: comment on exported function GetOccurrence should be of the form "GetOccurrence ..." (golint)
  • Line 220: warning: exported function Serve should have comment or be unexported (golint)

• kritis/docs/standalone/create_attestation.go
  • Line 39: warning: exported const AttestationAuthority should have comment (or a comment on this block) or be unexported (golint)

• kritis/pkg/kritis/review/validating_transport.go
  • Line 39: warning: comment on exported type AttestorValidatingTransport should be of the form "AttestorValidatingTransport ..." (with optional leading article) (golint)
  • Line 148: warning: exported method AttestorValidatingTransport.GetValidatedAttestations should have comment or be unexported (golint)

• kritis/pkg/kritis/apis/kritis/v1beta1/genericattestation.go
  • Line 27: warning: exported type GenericAttestationPolicy should have comment or be unexported (golint)
  • Line 34: warning: exported type AdmissionAllowlistPatternSpec should have comment or be unexported (golint)

• kritis/pkg/kritis/apis/kritis/register.go
  • Line 20: warning: exported const GroupName should have comment (or a comment on this block) or be unexported (golint)

• kritis/cmd/kritis/version/version.go
  • Line 19: warning: exported var Commit should have comment or be unexported (golint)
  • Line 20: warning: exported var Version should have comment or be unexported (golint)

• kritis/pkg/kritis/crd/vulnzsigningpolicy/vulnzsigningpolicy.go
  • Line 34: warning: comment on exported function ValidateVulnzSigningPolicy should be of the form "ValidateVulnzSigningPolicy ..." (golint)

• kritis/pkg/kritis/integration_util/cmd.go
  • Line 37: warning: exported function RunCmdOut should have comment or be unexported (golint)
  • Line 41: warning: exported function RunCmd should have comment or be unexported (golint)

• kritis/pkg/kritis/integration_util/util.go
  • Line 24: warning: exported function RandomID should have comment or be unexported (golint)

• kritis/pkg/kritis/testutil/metadata_mock.go
  • Line 31: warning: comment on exported type MockMetadataClient should be of the form "MockMetadataClient ..." (with optional leading article) (golint)
  • Line 40: warning: exported method MockMetadataClient.SetError should have comment or be unexported (golint)
  • Line 49: warning: exported method MockMetadataClient.Vulnerabilities should have comment or be unexported (golint)
  • Line 56: warning: exported method MockMetadataClient.CreateAttestationOccurrence should have comment or be unexported (golint)
  • Line 67: warning: exported method MockMetadataClient.UploadAttestationOccurrence should have comment or be unexported (golint)
  • Line 78: warning: exported method MockMetadataClient.AttestationNote should have comment or be unexported (golint)
  • Line 90: warning: exported method MockMetadataClient.CreateAttestationNote should have comment or be unexported (golint)
  • Line 99: warning: exported method MockMetadataClient.Attestations should have comment or be unexported (golint)
  • Line 106: warning: exported method MockMetadataClient.WaitForVulnzAnalysis should have comment or be unexported (golint)
  • Line 113: warning: exported method MockMetadataClient.DeleteAttestationOccurrence should have comment or be unexported (golint)
  • Line 120: warning: exported function NilReadWriteClient should have comment or be unexported (golint)
  • Line 130: warning: exported function NilReadOnlyClient should have comment or be unexported (golint)

• kritis/pkg/kritis/testutil/review_mock.go
  • Line 27: warning: exported type ReviewerMock should have comment or be unexported (golint)
  • Line 33: warning: exported function NewReviewer should have comment or be unexported (golint)
  • Line 41: warning: exported method ReviewerMock.ReviewGAP should have comment or be unexported (golint)
  • Line 48: warning: exported method ReviewerMock.ReviewISP should have comment or be unexported (golint)

• kritis/helm-hooks/preinstall/preinstall.go
  • Line 34: warning: exported type Cert should have comment or be unexported (golint)
  • Line 40: warning: exported type CSR should have comment or be unexported (golint)

license100%

Checks whether your project has a LICENSE file.

No problems detected. Good job!

ineffassign98%

IneffAssign detects ineffectual assignments in Go code.

• kritis/docs/standalone/create_attestation.go
  • Line 66: warning: ineffectual assignment to err (ineffassign)

• kritis/pkg/attestlib/pkix_test.go
  • Line 138: warning: ineffectual assignment to err (ineffassign)

misspell96%

Misspell Finds commonly misspelled English words

• kritis/pkg/kritis/admission/admission.go
  • Line 326: warning: "sucessful" is a misspelling of "successful" (misspell)

• kritis/pkg/kritis/metadata/containeranalysis/containeranalysis.go
  • Line 107: warning: "scannig" is a misspelling of "scanning" (misspell)

• kritis/pkg/kritis/metadata/containeranalysis/containeranalysis_int_test.go
  • Line 93: warning: "Occurence" is a misspelling of "Occurrence" (misspell)
  • Line 110: warning: "Occurence" is a misspelling of "Occurrence" (misspell)

• kritis/pkg/kritis/pods/pods_test.go
  • Line 116: warning: "existant" is a misspelling of "existent" (misspell)

• kritis/pkg/attestlib/jwt.go
  • Line 89: warning: "implimented" is a misspelling of "implemented" (misspell)

• kritis/pkg/attestlib/jwt_test.go
  • Line 45: warning: "implimented" is a misspelling of "implemented" (misspell)