Merge pull request #1010 from fredbi/chore/slightly-more-linting

Chore/slightly more linting

.golangci.yml

@@ -14,23 +14,21 @@ linters:
     - gosec
     - staticcheck
     - nolintlint
+    - gofmt
+    - unused
+    - govet
+    - bodyclose
+    - typecheck
+    - goimports
+    - ineffassign
+    - gosimple
   disable:
     # temporarily disabled
     - varcheck
-    - ineffassign
-    - unused
-    - typecheck
     - errcheck
-    - govet
-    - gosimple
-    - deadcode
-    - gofmt
-    - goimports
-    - bodyclose
     - dupl
-    - gocognit
     - gocritic
-    - goimports
+    - gocognit
     - nakedret
     - revive
     - stylecheck
@@ -38,6 +36,7 @@ linters:
     - unparam
     #- forbidigo # <- see later
     # should remain disabled
+    - deadcode   # deprecated linter
     - maligned
     - lll
     - gochecknoinits

cmd/scan/validators_test.go

@@ -1,8 +1,9 @@
 package scan
 
 import (
-	"github.com/kubescape/kubescape/v2/core/cautils"
 	"testing"
+
+	"github.com/kubescape/kubescape/v2/core/cautils"
 )
 
 // Test_validateControlScanInfo tests how scan info is validated for the `scan control` command

core/cautils/getter/getpoliciesutils.go

@@ -26,8 +26,8 @@ func SaveInFile(policy interface{}, pathStr string) error {
 		if os.IsNotExist(err) {
 			pathDir := path.Dir(pathStr)
 			// pathDir could contain subdirectories
-			if err := os.MkdirAll(pathDir, 0755); err != nil {
-				return err
+			if erm := os.MkdirAll(pathDir, 0755); erm != nil {
+				return erm
 			}
 		} else {
 			return err

core/cautils/getter/loadpolicy.go

@@ -71,27 +71,29 @@ func (lp *LoadPolicy) GetControl(controlID string) (*reporthandling.Control, err
 	return control, nil
 }
 
+// GetFramework retrieves a framework configuration from the policy.
 func (lp *LoadPolicy) GetFramework(frameworkName string) (*reporthandling.Framework, error) {
-	var framework reporthandling.Framework
-	var err error
+	if frameworkName == "" {
+		return &reporthandling.Framework{}, nil
+	}
+
 	for _, filePath := range lp.filePaths {
-		framework = reporthandling.Framework{}
 		f, err := os.ReadFile(filePath)
 		if err != nil {
 			return nil, err
 		}
-		if err = json.Unmarshal(f, &framework); err != nil {
+
+		var fw reporthandling.Framework
+		if err = json.Unmarshal(f, &fw); err != nil {
 			return nil, err
 		}
-		if strings.EqualFold(frameworkName, framework.Name) {
-			break
+
+		if strings.EqualFold(frameworkName, fw.Name) {
+			return &fw, nil
 		}
 	}
-	if frameworkName != "" && !strings.EqualFold(frameworkName, framework.Name) {
 
-		return nil, fmt.Errorf("framework from file not matching")
-	}
-	return &framework, err
+	return nil, fmt.Errorf("framework from file not matching")
 }
 
 func (lp *LoadPolicy) GetFrameworks() ([]reporthandling.Framework, error) {
@@ -103,6 +105,7 @@ func (lp *LoadPolicy) GetFrameworks() ([]reporthandling.Framework, error) {
 func (lp *LoadPolicy) ListFrameworks() ([]string, error) {
 	fwNames := []string{}
 	framework := &reporthandling.Framework{}
+
 	for _, f := range lp.filePaths {
 		file, err := os.ReadFile(f)
 		if err == nil {
@@ -113,6 +116,7 @@ func (lp *LoadPolicy) ListFrameworks() ([]string, error) {
 			}
 		}
 	}
+
 	return fwNames, nil
 }
 

core/cautils/getter/loadpolicy_test.go

@@ -1,13 +1,176 @@
 package getter
 
 import (
+	"fmt"
 	"path/filepath"
-)
+	"testing"
 
-var mockFrameworkBasePath = filepath.Join("examples", "mocks", "frameworks")
+	"github.com/stretchr/testify/require"
+)
 
 func MockNewLoadPolicy() *LoadPolicy {
 	return &LoadPolicy{
 		filePaths: []string{""},
 	}
 }
+
+func testFrameworkFile(framework string) string {
+	return filepath.Join(".", "testdata", fmt.Sprintf("%s.json", framework))
+}
+
+func TestLoadPolicy(t *testing.T) {
+	t.Parallel()
+
+	const testFramework = "MITRE"
+
+	t.Run("with GetFramework", func(t *testing.T) {
+		t.Run("should retrieve named framework", func(t *testing.T) {
+			t.Parallel()
+
+			p := NewLoadPolicy([]string{testFrameworkFile(testFramework)})
+			fw, err := p.GetFramework(testFramework)
+			require.NoError(t, err)
+			require.NotNil(t, fw)
+
+			require.Equal(t, testFramework, fw.Name)
+		})
+
+		t.Run("should fail to retrieve framework", func(t *testing.T) {
+			t.Parallel()
+
+			p := NewLoadPolicy([]string{testFrameworkFile(testFramework)})
+			fw, err := p.GetFramework("wrong")
+			require.Error(t, err)
+			require.Nil(t, fw)
+		})
+
+		t.Run("edge case: should return empty framework", func(t *testing.T) {
+			// NOTE(fredbi): this edge case corresponds to the original working of GetFramework.
+			// IMHO, this is a bad request call and it should return an error.
+			t.Parallel()
+
+			p := NewLoadPolicy([]string{testFrameworkFile(testFramework)})
+			fw, err := p.GetFramework("")
+			require.NoError(t, err)
+			require.NotNil(t, fw)
+			require.Empty(t, *fw)
+		})
+
+		t.Run("edge case: corrupted json", func(t *testing.T) {
+			t.Parallel()
+
+			const invalidFramework = "invalid-fw"
+			p := NewLoadPolicy([]string{testFrameworkFile(invalidFramework)})
+			fw, err := p.GetFramework(invalidFramework)
+			require.Error(t, err)
+			require.Nil(t, fw)
+		})
+
+		t.Run("edge case: missing json", func(t *testing.T) {
+			t.Parallel()
+
+			const invalidFramework = "nowheretobefound"
+			p := NewLoadPolicy([]string{testFrameworkFile(invalidFramework)})
+			_, err := p.GetFramework(invalidFramework)
+			require.Error(t, err)
+		})
+	})
+
+	t.Run("with GetControl", func(t *testing.T) {
+		t.Run("should retrieve named control", func(t *testing.T) {
+			t.Parallel()
+
+			const (
+				testControl         = "C-0053"
+				expectedControlName = "Access container service account"
+			)
+			p := NewLoadPolicy([]string{testFrameworkFile(testFramework)})
+			ctrl, err := p.GetControl(testControl)
+			require.NoError(t, err)
+			require.NotNil(t, ctrl)
+
+			require.Equal(t, testControl, ctrl.ControlID)
+			require.Equal(t, expectedControlName, ctrl.Name)
+		})
+
+		t.Run("should fail to retrieve named control", func(t *testing.T) {
+			// NOTE(fredbi): IMHO, this case should bubble up an error
+			t.Parallel()
+
+			const testControl = "wrong"
+			p := NewLoadPolicy([]string{testFrameworkFile(testFramework)})
+			ctrl, err := p.GetControl(testControl)
+			require.NoError(t, err)
+			require.NotNil(t, ctrl) // no error, but still don't get the requested control...
+		})
+
+		t.Run("edge case: corrupted json", func(t *testing.T) {
+			t.Parallel()
+
+			const invalidControl = "invalid-fw"
+			p := NewLoadPolicy([]string{testFrameworkFile(invalidControl)})
+			_, err := p.GetControl(invalidControl)
+			require.Error(t, err)
+		})
+
+		t.Run("edge case: missing json", func(t *testing.T) {
+			t.Parallel()
+
+			const invalidControl = "nowheretobefound"
+			p := NewLoadPolicy([]string{testFrameworkFile(invalidControl)})
+			_, err := p.GetControl(invalidControl)
+			require.Error(t, err)
+		})
+
+		t.Run("edge case: should return empty control", func(t *testing.T) {
+			// NOTE(fredbi): this edge case corresponds to the original working of GetFramework.
+			// IMHO, this is a bad request call and it should return an error.
+			t.Parallel()
+
+			p := NewLoadPolicy([]string{testFrameworkFile(testFramework)})
+			ctrl, err := p.GetControl("")
+			require.NoError(t, err)
+			require.NotNil(t, ctrl)
+		})
+	})
+
+	t.Run("ListFrameworks should return all frameworks in the policy path", func(t *testing.T) {
+		t.Parallel()
+
+		const extraFramework = "NSA"
+		p := NewLoadPolicy([]string{
+			testFrameworkFile(testFramework),
+			testFrameworkFile(extraFramework),
+		})
+		fws, err := p.ListFrameworks()
+		require.NoError(t, err)
+		require.Len(t, fws, 2)
+
+		require.Equal(t, testFramework, fws[0])
+		require.Equal(t, extraFramework, fws[1])
+	})
+
+	t.Run("edge case: policy without path", func(t *testing.T) {
+		t.Parallel()
+
+		p := NewLoadPolicy([]string{})
+		require.Empty(t, p.filePath())
+	})
+
+	t.Run("GetFrameworks is currently stubbed", func(t *testing.T) {
+		t.Parallel()
+
+		p := NewLoadPolicy([]string{testFrameworkFile(testFramework)})
+		fws, err := p.GetFrameworks()
+		require.NoError(t, err)
+		require.Empty(t, fws)
+	})
+
+	t.Run("ListControls is currently unsupported", func(t *testing.T) {
+		t.Parallel()
+
+		p := NewLoadPolicy([]string{testFrameworkFile(testFramework)})
+		_, err := p.ListControls()
+		require.Error(t, err)
+	})
+}

core/cautils/getter/testdata/invalid-fw.json

@@ -0,0 +1,3 @@
+{
+  "guid": "",
+}

core/cautils/localgitrepository_test.go

@@ -28,40 +28,58 @@ func unzipFile(zipPath, destinationFolder string) (*zip.ReadCloser, error) {
 	if err != nil {
 		return nil, err
 	}
+
 	for _, f := range archive.File {
 		filePath := filepath.Join(destinationFolder, f.Name) //nolint:gosec
 		if !strings.HasPrefix(filePath, filepath.Clean(destinationFolder)+string(os.PathSeparator)) {
 			return nil, fmt.Errorf("invalid file path")
 		}
+
 		if f.FileInfo().IsDir() {
 			os.MkdirAll(filePath, os.ModePerm)
 			continue
 		}
 
-		if err := os.MkdirAll(filepath.Dir(filePath), os.ModePerm); err != nil {
-			return nil, err
+		if erc := copyFileInFolder(filePath, f); erc != nil {
+			return nil, erc
 		}
-
-		dstFile, err := os.OpenFile(filePath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, f.Mode())
-		if err != nil {
-			return nil, err
-		}
-
-		fileInArchive, err := f.Open()
-		if err != nil {
-			return nil, err
-		}
-
-		if _, err := io.Copy(dstFile, fileInArchive); err != nil { //nolint:gosec
-			return nil, err
-		}
-
-		dstFile.Close()
-		fileInArchive.Close()
 	}
 
 	return archive, err
+}
 
+func copyFileInFolder(filePath string, f *zip.File) (err error) {
+	if err = os.MkdirAll(filepath.Dir(filePath), os.ModePerm); err != nil {
+		return err
+	}
+
+	dstFile, err := os.OpenFile(filePath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, f.Mode())
+	if err != nil {
+		return err
+	}
+	defer func() {
+		_ = dstFile.Close()
+	}()
+
+	fileInArchive, err := f.Open()
+	if err != nil {
+		return err
+	}
+	defer func() {
+		_ = fileInArchive.Close()
+	}()
+
+	_, err = io.Copy(dstFile, fileInArchive) //nolint:gosec
+
+	if err = dstFile.Close(); err != nil {
+		return err
+	}
+
+	if err = fileInArchive.Close(); err != nil {
+		return err
+	}
+
+	return err
 }
 
 func (s *LocalGitRepositoryTestSuite) SetupSuite() {

core/pkg/hostsensorutils/hostsensorgetfrompod.go

@@ -204,9 +204,9 @@ func (hsh *HostSensorHandler) GetKubeletConfigurations() ([]hostsensor.HostSenso
 	// loop over pods and port-forward it to each of them
 	res, err := hsh.sendAllPodsHTTPGETRequest("/kubeletConfigurations", "KubeletConfiguration") // empty kind, will be overridden
 	for resIdx := range res {
-		jsonBytes, err := yaml.YAMLToJSON(res[resIdx].Data)
-		if err != nil {
-			logger.L().Error("failed to convert kubelet configurations from yaml to json", helpers.Error(err))
+		jsonBytes, ery := yaml.YAMLToJSON(res[resIdx].Data)
+		if ery != nil {
+			logger.L().Error("failed to convert kubelet configurations from yaml to json", helpers.Error(ery))
 			continue
 		}
 		res[resIdx].SetData(jsonBytes)

core/pkg/hostsensorutils/hostsensorworkerpool.go

@@ -32,7 +32,7 @@ func NewWorkerPool() workerPool {
 }
 
 func (wp *workerPool) init(noOfPods ...int) {
-	if noOfPods != nil && len(noOfPods) > 0 && noOfPods[0] < noOfWorkers {
+	if len(noOfPods) > 0 && noOfPods[0] < noOfWorkers {
 		wp.noOfWorkers = noOfPods[0]
 	}
 	// init the channels
@@ -82,13 +82,13 @@ func (wp *workerPool) hostSensorGetResults(result *[]hostsensor.HostSensorDataEn
 func (wp *workerPool) hostSensorApplyJobs(podList map[string]string, path, requestKind string) {
 	go func() {
 		for podName, nodeName := range podList {
-			job := job{
+			thisJob := job{
 				podName:     podName,
 				nodeName:    nodeName,
 				requestKind: requestKind,
 				path:        path,
 			}
-			wp.jobs <- job
+			wp.jobs <- thisJob
 
 		}
 		close(wp.jobs)

core/pkg/opaprocessor/processorhandlerutils.go

@@ -91,9 +91,6 @@ func getKSObjects(k8sResources *cautils.KSResources, allResources map[string]wor
 					groupResources := k8sinterface.ResourceGroupToString(groups, version, resource)
 					for _, groupResource := range groupResources {
 						if k8sObj, ok := (*k8sResources)[groupResource]; ok {
-							// if k8sObj == nil {
-							// 	logger.L().Debug(fmt.Sprintf("resource '%s' is nil, probably failed to pull the resource", groupResource))
-							// }
 							for i := range k8sObj {
 								k8sObjects = append(k8sObjects, allResources[k8sObj[i]])
 							}

core/pkg/policyhandler/handlenotification.go

@@ -11,7 +11,6 @@ import (
 	cloudsupportv1 "github.com/kubescape/k8s-interface/cloudsupport/v1"
 	reportv2 "github.com/kubescape/opa-utils/reporthandling/v2"
 
-	"github.com/armosec/armoapi-go/armotypes"
 	"github.com/kubescape/k8s-interface/cloudsupport"
 	"github.com/kubescape/k8s-interface/k8sinterface"
 	"github.com/kubescape/kubescape/v2/core/cautils"
@@ -74,12 +73,14 @@ func (policyHandler *PolicyHandler) getResources(policyIdentifier []cautils.Poli
 	return nil
 }
 
+/* unused for now
 func getDesignator(policyIdentifier []cautils.PolicyIdentifier) *armotypes.PortalDesignator {
 	if len(policyIdentifier) > 0 {
 		return &policyIdentifier[0].Designators
 	}
 	return &armotypes.PortalDesignator{}
 }
+*/
 
 func setCloudMetadata(opaSessionObj *cautils.OPASessionObj) {
 	iCloudMetadata := getCloudMetadata(opaSessionObj, k8sinterface.GetConfig())

core/pkg/registryadaptors/gcp/v1/gcpadaptormock.go

@@ -41,7 +41,7 @@ func (GCPAdaptorMock *GCPAdaptorMock) GetImageVulnerability(imageID *registryvul
 	occurrence := []*grafeaspb.Occurrence{}
 	arr := GetMockData()
 
-	for i, _ := range arr {
+	for i := range arr {
 		if imageID.Tag == "gcr.io/myproject/nginx@sha256:2XXXXX" && i == 4 {
 			break
 		}

core/pkg/resourcehandler/fieldselector.go

@@ -34,10 +34,7 @@ func NewExcludeSelector(ns string) *ExcludeSelector {
 
 func (es *ExcludeSelector) GetClusterScope(resource *schema.GroupVersionResource) bool {
 	// for selector, 'namespace' is in Namespaced scope
-	if resource.Resource == "namespaces" {
-		return true
-	}
-	return false
+	return resource.Resource == "namespaces"
 }
 
 type IncludeSelector struct {
@@ -50,10 +47,7 @@ func NewIncludeSelector(ns string) *IncludeSelector {
 
 func (is *IncludeSelector) GetClusterScope(resource *schema.GroupVersionResource) bool {
 	// for selector, 'namespace' is in Namespaced scope
-	if resource.Resource == "namespaces" {
-		return true
-	}
-	return false
+	return resource.Resource == "namespaces"
 }
 
 func (es *ExcludeSelector) GetNamespacesSelectors(resource *schema.GroupVersionResource) []string {

core/pkg/resourcehandler/filesloaderutils.go

@@ -10,7 +10,6 @@ import (
 	"github.com/kubescape/k8s-interface/k8sinterface"
 	"github.com/kubescape/k8s-interface/workloadinterface"
 	"github.com/kubescape/kubescape/v2/core/cautils"
-	"github.com/kubescape/opa-utils/reporthandling"
 )
 
 // Clone git repository
@@ -63,6 +62,7 @@ func mapResources(workloads []workloadinterface.IMetadata) map[string][]workload
 
 }
 
+/* unused for now
 func addCommitData(input string, workloadIDToSource map[string]reporthandling.Source) {
 	giRepo, err := cautils.NewLocalGitRepository(input)
 	if err != nil || giRepo == nil {
@@ -84,3 +84,4 @@ func addCommitData(input string, workloadIDToSource map[string]reporthandling.So
 		workloadIDToSource[k] = sourceObj
 	}
 }
+*/

core/pkg/resourcehandler/remotegitutils.go

@@ -20,14 +20,13 @@ func isGitRepoPublic(u string) bool {
 	if err != nil {
 		return false
 	}
+	defer func() {
+		_ = resp.Body.Close()
+	}()
 
 	// if the status code is 200, our get request is successful.
 	// It only happens when the repository is public.
-	if resp.StatusCode == 200 {
-		return true
-	}
-
-	return false
+	return resp.StatusCode == nethttp.StatusOK
 }
 
 // Check if the GITHUB_TOKEN is present

core/pkg/resourcehandler/repositoryscanner.go

@@ -204,13 +204,13 @@ func (g *GitHubRepository) setTree() error {
 	}
 
 	// press all tree to json
-	var tree tree
-	err = json.Unmarshal([]byte(body), &tree)
+	var thisTree tree
+	err = json.Unmarshal([]byte(body), &thisTree)
 	if err != nil {
 		return fmt.Errorf("failed to unmarshal response body from '%s', reason: %s", g.treeAPI(), err.Error())
 		// return nil
 	}
-	g.tree = tree
+	g.tree = thisTree
 
 	return nil
 }

core/pkg/resourcehandler/repositoryscanner_test.go

@@ -10,7 +10,7 @@ var (
 	urlA = "https://github.com/kubescape/kubescape"
 	urlB = "https://github.com/kubescape/kubescape/blob/master/examples/online-boutique/adservice.yaml"
 	urlC = "https://github.com/kubescape/kubescape/tree/master/examples/online-boutique"
-	urlD = "https://raw.githubusercontent.com/kubescape/kubescape/master/examples/online-boutique/adservice.yaml"
+	// urlD = "https://raw.githubusercontent.com/kubescape/kubescape/master/examples/online-boutique/adservice.yaml"
 )
 
 /*

core/pkg/resourcehandler/urlloader.go

@@ -1,13 +1,6 @@
 package resourcehandler
 
-import (
-	giturl "github.com/kubescape/go-git-url"
-	logger "github.com/kubescape/go-logger"
-	"github.com/kubescape/go-logger/helpers"
-	"github.com/kubescape/k8s-interface/workloadinterface"
-	"github.com/kubescape/kubescape/v2/core/cautils"
-)
-
+/* unused for now
 func loadResourcesFromUrl(inputPatterns []string) (map[string][]workloadinterface.IMetadata, error) {
 	if len(inputPatterns) == 0 {
 		return nil, nil
@@ -46,3 +39,4 @@ func loadResourcesFromUrl(inputPatterns []string) (map[string][]workloadinterfac
 
 	return workloads, nil
 }
+*/

core/pkg/resultshandling/printer/v2/attacktracks.go

@@ -18,6 +18,7 @@ import (
 const TOP_RESOURCE_COUNT = 15
 const TOP_VECTOR_COUNT = 10
 
+/* unused for now
 func (prettyPrinter *PrettyPrinter) printAttackTreeNode(node v1alpha1.IAttackTrackStep, depth int) {
 	prefix := strings.Repeat("\t", depth)
 	text := prefix + node.GetName() + "\n"
@@ -31,6 +32,7 @@ func (prettyPrinter *PrettyPrinter) printAttackTreeNode(node v1alpha1.IAttackTra
 		prettyPrinter.printAttackTreeNode(node.SubStepAt(i), depth+1)
 	}
 }
+*/
 
 func (prettyPrinter *PrettyPrinter) createFailedControlList(node v1alpha1.IAttackTrackStep) string {
 	var r string
@@ -85,7 +87,7 @@ func getNumericValueFromEnvVar(envVar string, defaultValue int) int {
 	return defaultValue
 }
 func (prettyPrinter *PrettyPrinter) printAttackTracks(opaSessionObj *cautils.OPASessionObj) {
-	if prettyPrinter.printAttackTree == false || opaSessionObj.ResourceAttackTracks == nil {
+	if !prettyPrinter.printAttackTree || opaSessionObj.ResourceAttackTracks == nil {
 		return
 	}
 

core/pkg/resultshandling/printer/v2/controltable.go

@@ -91,6 +91,7 @@ func getSortedControlsIDs(controls reportsummary.ControlSummaries) [][]string {
 	return controlIDs
 }
 
+/* unused for now
 func getSortedControlsNames(controls reportsummary.ControlSummaries) [][]string {
 	controlNames := make([][]string, 5)
 	for k := range controls {
@@ -103,6 +104,7 @@ func getSortedControlsNames(controls reportsummary.ControlSummaries) [][]string
 	}
 	return controlNames
 }
+*/
 
 func getControlTableHeaders() []string {
 	headers := make([]string, _rowLen)

core/pkg/resultshandling/printer/v2/htmlprinter.go

@@ -114,7 +114,6 @@ func (hp *HtmlPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
 }
 
 func (hp *HtmlPrinter) Score(score float32) {
-	return
 }
 
 func buildResourceTableView(opaSessionObj *cautils.OPASessionObj) ResourceTableView {

core/pkg/resultshandling/printer/v2/prettyprinter.go

@@ -168,7 +168,6 @@ func (pp *PrettyPrinter) printGroupedResources(workloads map[string][]WorkloadSu
 }
 
 func (pp *PrettyPrinter) printGroupedResource(indent string, title string, rsc []WorkloadSummary) {
-	preIndent := indent
 	if title != "" {
 		cautils.SimpleDisplay(pp.writer, "%s%s\n", indent, title)
 		indent += indent
@@ -184,8 +183,6 @@ func (pp *PrettyPrinter) printGroupedResource(indent string, title string, rsc [
 	for i := range resources {
 		cautils.SimpleDisplay(pp.writer, resources[i]+"\n")
 	}
-
-	indent = preIndent
 }
 
 func generateRelatedObjectsStr(workload WorkloadSummary) string {

core/pkg/resultshandling/printer/v2/prometheusutils.go

@@ -4,11 +4,9 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/kubescape/k8s-interface/workloadinterface"
 	"github.com/kubescape/kubescape/v2/core/cautils"
 	"github.com/kubescape/opa-utils/reporthandling/apis"
 	"github.com/kubescape/opa-utils/reporthandling/results/v1/reportsummary"
-	"github.com/kubescape/opa-utils/reporthandling/results/v1/resourcesresults"
 )
 
 type metricsName string
@@ -231,11 +229,11 @@ type mFrameworkRiskScore struct {
 }
 
 type mResources struct {
-	name                  string
-	namespace             string
-	apiVersion            string
-	kind                  string
-	controlsCountPassed   int
+	name       string
+	namespace  string
+	apiVersion string
+	kind       string
+	// controlsCountPassed   int // unused
 	controlsCountFailed   int
 	controlsCountExcluded int
 }
@@ -298,6 +296,7 @@ func (m *Metrics) setRiskScores(summaryDetails *reportsummary.SummaryDetails) {
 	}
 }
 
+/* unused for now
 // return -> (passed, exceluded, failed)
 func resourceControlStatusCounters(result *resourcesresults.Result) (int, int, int) {
 	failed := 0
@@ -315,6 +314,7 @@ func resourceControlStatusCounters(result *resourcesresults.Result) (int, int, i
 	}
 	return passed, excluded, failed
 }
+
 func (m *Metrics) setResourcesCounters(
 	resources map[string]workloadinterface.IMetadata,
 	results map[string]resourcesresults.Result) {
@@ -342,3 +342,4 @@ func (m *Metrics) setResourcesCounters(
 		m.listResources = append(m.listResources, mrc)
 	}
 }
+*/

core/pkg/resultshandling/printer/v2/sarifprinter.go

@@ -62,7 +62,6 @@ func NewSARIFPrinter() *SARIFPrinter {
 }
 
 func (sp *SARIFPrinter) Score(score float32) {
-	return
 }
 
 func (sp *SARIFPrinter) SetWriter(outputFile string) {

core/pkg/resultshandling/reporter/v2/utils.go

@@ -5,6 +5,7 @@ import (
 	"strings"
 )
 
+/* unused for now
 func maskID(id string) string {
 	sep := "-"
 	splitted := strings.Split(id, sep)
@@ -22,6 +23,7 @@ func maskID(id string) string {
 
 	return strings.TrimSuffix(str, sep)
 }
+*/
 
 func parseHost(urlObj *url.URL) {
 	if strings.Contains(urlObj.Host, "http://") {