Fix problems signaled by new linter version v1.45.2

PR (linter: upgrade linter version #405) triggered lint job which failed with many errors generated by various linters. Configurations were added to golangcilint.yaml and several refactorings were made in order to improve the results of the linter. maintidx linter disabled Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
2026-06-16 04:17:55 +08:00 · 2022-03-21 17:37:23 +00:00
parent d19a4bf2a1
commit d325c8b5f4
42 changed files with 367 additions and 260 deletions
@@ -43,7 +43,7 @@ func EnableExtensions(config *config.Config, log log.Logger, rootDir string) {
 		if config.Extensions.Search.CVE.UpdateInterval < defaultUpdateInterval {
 			config.Extensions.Search.CVE.UpdateInterval = defaultUpdateInterval

-			log.Warn().Msg("CVE update interval set to too-short interval < 2h, changing update duration to 2 hours and continuing.") // nolint: lll
+			log.Warn().Msg("CVE update interval set to too-short interval < 2h, changing update duration to 2 hours and continuing.") //nolint:lll // gofumpt conflicts with lll
 		}

 		go func() {
@@ -72,7 +72,8 @@ func EnableExtensions(config *config.Config, log log.Logger, rootDir string) {

 // EnableSyncExtension enables sync extension.
 func EnableSyncExtension(ctx context.Context, config *config.Config, wg *goSync.WaitGroup,
-	storeController storage.StoreController, log log.Logger) {
+	storeController storage.StoreController, log log.Logger,
+) {
 	if config.Extensions.Sync != nil && *config.Extensions.Sync.Enable {
 		if err := sync.Run(ctx, *config.Extensions.Sync, storeController, wg, log); err != nil {
 			log.Error().Err(err).Msg("Error encountered while setting up syncing")
@@ -84,7 +85,8 @@ func EnableSyncExtension(ctx context.Context, config *config.Config, wg *goSync.

 // EnableScrubExtension enables scrub extension.
 func EnableScrubExtension(config *config.Config, storeController storage.StoreController,
-	log log.Logger) {
+	log log.Logger,
+) {
 	if config.Extensions.Scrub != nil &&
 		config.Extensions.Scrub.Interval != 0 {
 		minScrubInterval, _ := time.ParseDuration("2h")
@@ -92,7 +94,7 @@ func EnableScrubExtension(config *config.Config, storeController storage.StoreCo
 		if config.Extensions.Scrub.Interval < minScrubInterval {
 			config.Extensions.Scrub.Interval = minScrubInterval

-			log.Warn().Msg("Scrub interval set to too-short interval < 2h, changing scrub duration to 2 hours and continuing.") // nolint: lll
+			log.Warn().Msg("Scrub interval set to too-short interval < 2h, changing scrub duration to 2 hours and continuing.") //nolint:lll // gofumpt conflicts with lll
 		}

 		go func() {
@@ -108,7 +110,8 @@ func EnableScrubExtension(config *config.Config, storeController storage.StoreCo

 // SetupRoutes ...
 func SetupRoutes(config *config.Config, router *mux.Router, storeController storage.StoreController,
-	l log.Logger) {
+	l log.Logger,
+) {
 	// fork a new zerolog child to avoid data race
 	log := log.Logger{Logger: l.With().Caller().Timestamp().Logger()}
 	log.Info().Msg("setting up extensions routes")
@@ -134,7 +137,8 @@ func SetupRoutes(config *config.Config, router *mux.Router, storeController stor

 // SyncOneImage syncs one image.
 func SyncOneImage(config *config.Config, storeController storage.StoreController,
-	repoName, reference string, isArtifact bool, log log.Logger) error {
+	repoName, reference string, isArtifact bool, log log.Logger,
+) error {
 	log.Info().Msgf("syncing image %s:%s", repoName, reference)

 	err := sync.OneImage(*config.Extensions.Sync, storeController, repoName, reference, isArtifact, log)
@@ -27,14 +27,16 @@ func EnableExtensions(config *config.Config, log log.Logger, rootDir string) {

 // EnableSyncExtension ...
 func EnableSyncExtension(ctx context.Context, config *config.Config, wg *goSync.WaitGroup,
-	storeController storage.StoreController, log log.Logger) {
+	storeController storage.StoreController, log log.Logger,
+) {
 	log.Warn().Msg("skipping enabling sync extension because given zot binary doesn't support any extensions," +
 		"please build zot full binary for this feature")
 }

 // EnableScrubExtension ...
 func EnableScrubExtension(config *config.Config, storeController storage.StoreController,
-	log log.Logger) {
+	log log.Logger,
+) {
 	log.Warn().Msg("skipping enabling scrub extension because given zot binary doesn't support any extensions," +
 		"please build zot full binary for this feature")
 }
@@ -47,7 +49,8 @@ func SetupRoutes(conf *config.Config, router *mux.Router, storeController storag

 // SyncOneImage ...
 func SyncOneImage(config *config.Config, storeController storage.StoreController,
-	repoName, reference string, isArtifact bool, log log.Logger) error {
+	repoName, reference string, isArtifact bool, log log.Logger,
+) error {
 	log.Warn().Msg("skipping syncing on demand because given zot binary doesn't support any extensions," +
 		"please build zot full binary for this feature")

@@ -169,7 +169,7 @@ func IncDownloadCounter(ms MetricServer, repo string) {
 	})
 }

-func SetStorageUsage(ms MetricServer, rootDir string, repo string) {
+func SetStorageUsage(ms MetricServer, rootDir, repo string) {
 	ms.SendMetric(func() {
 		dir := path.Join(rootDir, repo)
 		repoSize, err := getDirSize(dir)
@@ -235,7 +235,7 @@ func GetHistograms() map[string][]string {

 // return true if a metric does not have any labels or if the label
 // values for searched metric corresponds to the one in the cached slice.
-func isMetricMatch(lValues []string, metricValues []string) bool {
+func isMetricMatch(lValues, metricValues []string) bool {
 	if len(lValues) == len(metricValues) {
 		for i, v := range metricValues {
 			if v != lValues[i] {
@@ -400,7 +400,7 @@ func (ms *metricServer) HistogramObserve(hv *HistogramValue) {
 }

 // nolint: goerr113
-func sanityChecks(name string, knownLabels []string, found bool, labelNames []string, labelValues []string) error {
+func sanityChecks(name string, knownLabels []string, found bool, labelNames, labelValues []string) error {
 	if !found {
 		return fmt.Errorf("metric %s: not found", name)
 	}
@@ -479,7 +479,7 @@ func IncUploadCounter(ms MetricServer, repo string) {
 	ms.SendMetric(uCounter)
 }

-func SetStorageUsage(ms MetricServer, rootDir string, repo string) {
+func SetStorageUsage(ms MetricServer, rootDir, repo string) {
 	dir := path.Join(rootDir, repo)

 	repoSize, err := getDirSize(dir)
@@ -38,7 +38,7 @@ type MetricsClient struct {
 }

 func newHTTPMetricsClient() *http.Client {
-	defaultTransport := http.DefaultTransport.(*http.Transport).Clone()
+	defaultTransport := http.DefaultTransport.(*http.Transport).Clone()      //nolint: forcetypeassert
 	defaultTransport.TLSClientConfig = &tls.Config{InsecureSkipVerify: true} //nolint: gosec

 	return &http.Client{
@@ -67,7 +67,7 @@ func GetRepo(image string) string {
 	return image
 }

-func GetFixedTags(allTags []TagInfo, infectedTags []TagInfo) []TagInfo {
+func GetFixedTags(allTags, infectedTags []TagInfo) []TagInfo {
 	sort.Slice(allTags, func(i, j int) bool {
 		return allTags[i].Timestamp.Before(allTags[j].Timestamp)
 	})
@@ -139,8 +139,9 @@ func (cveinfo CveInfo) GetTrivyContext(image string) *TrivyCtx {
 	return trivyCtx
 }

-func (cveinfo CveInfo) GetImageListForCVE(repo string, cvid string, imgStore storage.ImageStore,
-	trivyCtx *TrivyCtx) ([]*string, error) {
+func (cveinfo CveInfo) GetImageListForCVE(repo, cvid string, imgStore storage.ImageStore,
+	trivyCtx *TrivyCtx,
+) ([]*string, error) {
 	tags := make([]*string, 0)

 	tagList, err := imgStore.GetImageTags(repo)
@@ -315,7 +315,7 @@ func generateTestData() error { // nolint: gocyclo
 	return nil
 }

-func makeTestFile(fileName string, content string) error {
+func makeTestFile(fileName, content string) error {
 	if err := ioutil.WriteFile(fileName, []byte(content), 0o600); err != nil {
 		panic(err)
 	}
@@ -426,15 +426,15 @@ func TestCVESearch(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, 401)
-		var e api.Error
-		err = json.Unmarshal(resp.Body(), &e)
+		var apiErr api.Error
+		err = json.Unmarshal(resp.Body(), &apiErr)
 		So(err, ShouldBeNil)

 		resp, err = resty.R().Get(baseURL + "/query/")
 		So(err, ShouldBeNil)
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, 401)
-		err = json.Unmarshal(resp.Body(), &e)
+		err = json.Unmarshal(resp.Body(), &apiErr)
 		So(err, ShouldBeNil)

 		// with creds, should get expected status code
@@ -23,7 +23,7 @@ func NewDigestInfo(storeController storage.StoreController, log log.Logger) *Dig
 }

 // FilterImagesByDigest returns a list of image tags in a repository matching a specific divest.
-func (digestinfo DigestInfo) GetImageTagsByDigest(repo string, digest string) ([]*string, error) {
+func (digestinfo DigestInfo) GetImageTagsByDigest(repo, digest string) ([]*string, error) {
 	uniqueTags := []*string{}

 	manifests, err := digestinfo.LayoutUtils.GetImageManifests(repo)
@@ -9,7 +9,7 @@ import (
 	"strings"

 	godigest "github.com/opencontainers/go-digest"
-	"zotregistry.io/zot/pkg/log"
+	"zotregistry.io/zot/pkg/log" // nolint: gci

 	"zotregistry.io/zot/pkg/extensions/search/common"
 	cveinfo "zotregistry.io/zot/pkg/extensions/search/cve"
@@ -247,7 +247,8 @@ func (r *queryResolver) ImageListForCve(ctx context.Context, cvid string) ([]*Im
 }

 func (r *queryResolver) getImageListForCVE(repoList []string, cvid string, imgStore storage.ImageStore,
-	trivyCtx *cveinfo.TrivyCtx) ([]*ImgResultForCve, error) {
+	trivyCtx *cveinfo.TrivyCtx,
+) ([]*ImgResultForCve, error) {
 	cveResult := []*ImgResultForCve{}

 	for _, repo := range repoList {
@@ -270,7 +271,7 @@ func (r *queryResolver) getImageListForCVE(repoList []string, cvid string, imgSt
 	return cveResult, nil
 }

-func (r *queryResolver) ImageListWithCVEFixed(ctx context.Context, cvid string, image string) (*ImgResultForFixedCve, error) { // nolint: lll
+func (r *queryResolver) ImageListWithCVEFixed(ctx context.Context, cvid, image string) (*ImgResultForFixedCve, error) { // nolint: lll
 	imgResultForFixedCVE := &ImgResultForFixedCve{}

 	r.log.Info().Str("image", image).Msg("extracting list of tags available in image")
@@ -396,7 +397,8 @@ func (r *queryResolver) ImageListForDigest(ctx context.Context, digestID string)
 }

 func (r *queryResolver) getImageListForDigest(repoList []string,
-	digest string) ([]*ImgResultForDigest, error) {
+	digest string,
+) ([]*ImgResultForDigest, error) {
 	imgResultForDigest := []*ImgResultForDigest{}

 	var errResult error
@@ -44,7 +44,7 @@ func (di *demandedImages) loadOrStoreChan(key string, value chan error) (chan er
 	return errChannel, found
 }

-func (di *demandedImages) loadOrStoreStr(key string, value string) (string, bool) {
+func (di *demandedImages) loadOrStoreStr(key, value string) (string, bool) {
 	val, found := di.syncedMap.LoadOrStore(key, value)
 	str, _ := val.(string)

@@ -56,7 +56,8 @@ func (di *demandedImages) delete(key string) {
 }

 func OneImage(cfg Config, storeController storage.StoreController,
-	repo, tag string, isArtifact bool, log log.Logger) error {
+	repo, tag string, isArtifact bool, log log.Logger,
+) error {
 	// guard against multiple parallel requests
 	demandedImage := fmt.Sprintf("%s:%s", repo, tag)
 	// loadOrStore image-based channel
@@ -88,7 +89,8 @@ func OneImage(cfg Config, storeController storage.StoreController,
 }

 func syncOneImage(imageChannel chan error, cfg Config, storeController storage.StoreController,
-	localRepo, tag string, isArtifact bool, log log.Logger) {
+	localRepo, tag string, isArtifact bool, log log.Logger,
+) {
 	var credentialsFile CredentialsFile

 	if cfg.CredentialsFile != "" {
@@ -267,7 +269,8 @@ func syncOneImage(imageChannel chan error, cfg Config, storeController storage.S
 }

 func syncRun(regCfg RegistryConfig, localRepo, remoteRepo, tag string, utils syncContextUtils,
-	log log.Logger) (bool, error) {
+	log log.Logger,
+) (bool, error) {
 	upstreamImageRef, err := getImageRef(utils.upstreamAddr, remoteRepo, tag)
 	if err != nil {
 		log.Error().Err(err).Msgf("error creating docker reference for repository %s/%s:%s",
@@ -20,8 +20,9 @@ import (
 )

 func getCosignManifest(client *resty.Client, regURL url.URL, repo, digest string,
-	log log.Logger) (*ispec.Manifest, error) {
-	var m ispec.Manifest
+	log log.Logger,
+) (*ispec.Manifest, error) {
+	var cosignManifest ispec.Manifest

 	cosignTag := getCosignTagFromImageDigest(digest)

@@ -51,7 +52,7 @@ func getCosignManifest(client *resty.Client, regURL url.URL, repo, digest string
 		return nil, zerr.ErrSyncSignature
 	}

-	err = json.Unmarshal(resp.Body(), &m)
+	err = json.Unmarshal(resp.Body(), &cosignManifest)
 	if err != nil {
 		log.Error().Err(err).Str("url", getCosignManifestURL.String()).
 			Msgf("couldn't unmarshal cosign manifest %s", cosignTag)
@@ -59,7 +60,7 @@ func getCosignManifest(client *resty.Client, regURL url.URL, repo, digest string
 		return nil, err
 	}

-	return &m, nil
+	return &cosignManifest, nil
 }

 func getNotaryRefs(client *resty.Client, regURL url.URL, repo, digest string, log log.Logger) (ReferenceList, error) {
@@ -195,7 +196,8 @@ func syncCosignSignature(client *resty.Client, imageStore storage.ImageStore,
 }

 func syncNotarySignature(client *resty.Client, imageStore storage.ImageStore,
-	regURL url.URL, localRepo, remoteRepo, digest string, referrers ReferenceList, log log.Logger) error {
+	regURL url.URL, localRepo, remoteRepo, digest string, referrers ReferenceList, log log.Logger,
+) error {
 	if len(referrers.References) == 0 {
 		return nil
 	}
@@ -217,16 +219,16 @@ func syncNotarySignature(client *resty.Client, imageStore storage.ImageStore,
 		}

 		// read manifest
-		var m artifactspec.Manifest
+		var artifactManifest artifactspec.Manifest

-		err = json.Unmarshal(resp.Body(), &m)
+		err = json.Unmarshal(resp.Body(), &artifactManifest)
 		if err != nil {
 			log.Error().Err(err).Msgf("couldn't unmarshal notary manifest: %s", getRefManifestURL.String())

 			return err
 		}

-		for _, blob := range m.Blobs {
+		for _, blob := range artifactManifest.Blobs {
 			getBlobURL := regURL
 			getBlobURL.Path = path.Join(getBlobURL.Path, "v2", remoteRepo, "blobs", blob.Digest.String())
 			getBlobURL.RawQuery = getBlobURL.Query().Encode()
@@ -270,7 +272,8 @@ func syncNotarySignature(client *resty.Client, imageStore storage.ImageStore,
 }

 func canSkipNotarySignature(repo, tag, digest string, refs ReferenceList, imageStore storage.ImageStore,
-	log log.Logger) (bool, error) {
+	log log.Logger,
+) (bool, error) {
 	// check notary signature already synced
 	if len(refs.References) > 0 {
 		localRefs, err := imageStore.GetReferrers(repo, digest, notreg.ArtifactTypeNotation)
@@ -297,7 +300,8 @@ func canSkipNotarySignature(repo, tag, digest string, refs ReferenceList, imageS
 }

 func canSkipCosignSignature(repo, tag, digest string, cosignManifest *ispec.Manifest, imageStore storage.ImageStore,
-	log log.Logger) (bool, error) {
+	log log.Logger,
+) (bool, error) {
 	// check cosign signature already synced
 	if cosignManifest != nil {
 		var localCosignManifest ispec.Manifest
@@ -75,7 +75,7 @@ type Tags struct {

 // getUpstreamCatalog gets all repos from a registry.
 func getUpstreamCatalog(client *resty.Client, upstreamURL string, log log.Logger) (catalog, error) {
-	var c catalog
+	var catalog catalog

 	registryCatalogURL := fmt.Sprintf("%s%s", upstreamURL, "/v2/_catalog")

@@ -83,24 +83,24 @@ func getUpstreamCatalog(client *resty.Client, upstreamURL string, log log.Logger
 	if err != nil {
 		log.Err(err).Msgf("couldn't query %s", registryCatalogURL)

-		return c, err
+		return catalog, err
 	}

 	if resp.IsError() {
 		log.Error().Msgf("couldn't query %s, status code: %d, body: %s", registryCatalogURL,
 			resp.StatusCode(), resp.Body())

-		return c, zerr.ErrSyncMissingCatalog
+		return catalog, zerr.ErrSyncMissingCatalog
 	}

-	err = json.Unmarshal(resp.Body(), &c)
+	err = json.Unmarshal(resp.Body(), &catalog)
 	if err != nil {
 		log.Err(err).Str("body", string(resp.Body())).Msg("couldn't unmarshal registry's catalog")

-		return c, err
+		return catalog, err
 	}

-	return c, nil
+	return catalog, nil
 }

 // getImageTags lists all tags in a repository.
@@ -189,7 +189,8 @@ func filterImagesBySemver(upstreamReferences *[]types.ImageReference, content Co

 // imagesToCopyFromRepos lists all images given a registry name and its repos.
 func imagesToCopyFromUpstream(ctx context.Context, registryName string, repos []string,
-	upstreamCtx *types.SystemContext, content Content, log log.Logger) ([]types.ImageReference, error) {
+	upstreamCtx *types.SystemContext, content Content, log log.Logger,
+) ([]types.ImageReference, error) {
 	var upstreamReferences []types.ImageReference

 	for _, repoName := range repos {
@@ -286,7 +287,8 @@ func getUpstreamContext(regCfg *RegistryConfig, credentials Credentials) *types.
 func syncRegistry(ctx context.Context, regCfg RegistryConfig, upstreamURL string,
 	storeController storage.StoreController, localCtx *types.SystemContext,
 	policyCtx *signature.PolicyContext, credentials Credentials,
-	retryOptions *retry.RetryOptions, log log.Logger) error {
+	retryOptions *retry.RetryOptions, log log.Logger,
+) error {
 	log.Info().Msgf("syncing registry: %s", upstreamURL)

 	var err error
@@ -532,7 +534,8 @@ func getLocalContexts(log log.Logger) (*types.SystemContext, *signature.PolicyCo
 }

 func Run(ctx context.Context, cfg Config, storeController storage.StoreController,
-	wtgrp *goSync.WaitGroup, logger log.Logger) error {
+	wtgrp *goSync.WaitGroup, logger log.Logger,
+) error {
 	var credentialsFile CredentialsFile

 	var err error
@@ -1324,13 +1324,13 @@ func TestNoImagesByRegex(t *testing.T) {
 		So(resp, ShouldNotBeEmpty)
 		So(resp.StatusCode(), ShouldEqual, 200)

-		var c catalog
-		err = json.Unmarshal(resp.Body(), &c)
+		var catalog catalog
+		err = json.Unmarshal(resp.Body(), &catalog)
 		if err != nil {
 			panic(err)
 		}

-		So(c.Repositories, ShouldResemble, []string{})
+		So(catalog.Repositories, ShouldResemble, []string{})
 	})
 }

@@ -2215,17 +2215,17 @@ func TestPeriodicallySignaturesErr(t *testing.T) {
 			So(err, ShouldBeNil)

 			// read manifest
-			var nm artifactspec.Manifest
+			var artifactManifest artifactspec.Manifest
 			for _, ref := range referrers.References {
 				refPath := path.Join(srcDir, repoName, "blobs", string(ref.Digest.Algorithm()), ref.Digest.Hex())
 				body, err := ioutil.ReadFile(refPath)
 				So(err, ShouldBeNil)

-				err = json.Unmarshal(body, &nm)
+				err = json.Unmarshal(body, &artifactManifest)
 				So(err, ShouldBeNil)

 				// triggers perm denied on sig blobs
-				for _, blob := range nm.Blobs {
+				for _, blob := range artifactManifest.Blobs {
 					blobPath := path.Join(srcDir, repoName, "blobs", string(blob.Digest.Algorithm()), blob.Digest.Hex())
 					err := os.Chmod(blobPath, 0o000)
 					So(err, ShouldBeNil)
@@ -2383,17 +2383,17 @@ func TestSignatures(t *testing.T) {
 		err = os.RemoveAll(path.Join(destDir, repoName))
 		So(err, ShouldBeNil)

-		var nm artifactspec.Manifest
+		var artifactManifest artifactspec.Manifest
 		for _, ref := range referrers.References {
 			refPath := path.Join(srcDir, repoName, "blobs", string(ref.Digest.Algorithm()), ref.Digest.Hex())
 			body, err := ioutil.ReadFile(refPath)
 			So(err, ShouldBeNil)

-			err = json.Unmarshal(body, &nm)
+			err = json.Unmarshal(body, &artifactManifest)
 			So(err, ShouldBeNil)

 			// triggers perm denied on notary sig blobs on downstream
-			for _, blob := range nm.Blobs {
+			for _, blob := range artifactManifest.Blobs {
 				blobPath := path.Join(destDir, repoName, "blobs", string(blob.Digest.Algorithm()), blob.Digest.Hex())
 				err := os.MkdirAll(blobPath, 0o755)
 				So(err, ShouldBeNil)
@@ -2426,7 +2426,7 @@ func TestSignatures(t *testing.T) {
 		So(resp.StatusCode(), ShouldEqual, 200)

 		// triggers perm denied on sig blobs
-		for _, blob := range nm.Blobs {
+		for _, blob := range artifactManifest.Blobs {
 			blobPath := path.Join(srcDir, repoName, "blobs", string(blob.Digest.Algorithm()), blob.Digest.Hex())
 			err := os.Chmod(blobPath, 0o000)
 			So(err, ShouldBeNil)
@@ -2449,29 +2449,29 @@ func TestSignatures(t *testing.T) {
 		mResp, err := resty.R().Get(getCosignManifestURL)
 		So(err, ShouldBeNil)

-		var cm ispec.Manifest
+		var imageManifest ispec.Manifest

-		err = json.Unmarshal(mResp.Body(), &cm)
+		err = json.Unmarshal(mResp.Body(), &imageManifest)
 		So(err, ShouldBeNil)

 		downstreaamCosignManifest := ispec.Manifest{
-			MediaType: cm.MediaType,
+			MediaType: imageManifest.MediaType,
 			Config: ispec.Descriptor{
-				MediaType:   cm.Config.MediaType,
-				Size:        cm.Config.Size,
-				Digest:      cm.Config.Digest,
-				Annotations: cm.Config.Annotations,
+				MediaType:   imageManifest.Config.MediaType,
+				Size:        imageManifest.Config.Size,
+				Digest:      imageManifest.Config.Digest,
+				Annotations: imageManifest.Config.Annotations,
 			},
-			Layers:      cm.Layers,
-			Versioned:   cm.Versioned,
-			Annotations: cm.Annotations,
+			Layers:      imageManifest.Layers,
+			Versioned:   imageManifest.Versioned,
+			Annotations: imageManifest.Annotations,
 		}

 		buf, err := json.Marshal(downstreaamCosignManifest)
 		So(err, ShouldBeNil)
 		cosignManifestDigest := godigest.FromBytes(buf)

-		for _, blob := range cm.Layers {
+		for _, blob := range imageManifest.Layers {
 			blobPath := path.Join(srcDir, repoName, "blobs", string(blob.Digest.Algorithm()), blob.Digest.Hex())
 			err := os.Chmod(blobPath, 0o000)
 			So(err, ShouldBeNil)
@@ -2490,7 +2490,7 @@ func TestSignatures(t *testing.T) {
 		err = os.RemoveAll(path.Join(destDir, repoName))
 		So(err, ShouldBeNil)

-		for _, blob := range cm.Layers {
+		for _, blob := range imageManifest.Layers {
 			srcBlobPath := path.Join(srcDir, repoName, "blobs", string(blob.Digest.Algorithm()), blob.Digest.Hex())
 			err := os.Chmod(srcBlobPath, 0o755)
 			So(err, ShouldBeNil)
@@ -2507,7 +2507,7 @@ func TestSignatures(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(resp.StatusCode(), ShouldEqual, 200)

-		for _, blob := range cm.Layers {
+		for _, blob := range imageManifest.Layers {
 			destBlobPath := path.Join(destDir, repoName, "blobs", string(blob.Digest.Algorithm()), blob.Digest.Hex())
 			err = os.Chmod(destBlobPath, 0o755)
 			So(err, ShouldBeNil)
@@ -2516,8 +2516,8 @@ func TestSignatures(t *testing.T) {
 		}

 		// trigger error on upstream config blob
-		srcConfigBlobPath := path.Join(srcDir, repoName, "blobs", string(cm.Config.Digest.Algorithm()),
-			cm.Config.Digest.Hex())
+		srcConfigBlobPath := path.Join(srcDir, repoName, "blobs", string(imageManifest.Config.Digest.Algorithm()),
+			imageManifest.Config.Digest.Hex())
 		err = os.Chmod(srcConfigBlobPath, 0o000)
 		So(err, ShouldBeNil)

@@ -2538,8 +2538,8 @@ func TestSignatures(t *testing.T) {
 		err = os.RemoveAll(path.Join(destDir, repoName))
 		So(err, ShouldBeNil)

-		destConfigBlobPath := path.Join(destDir, repoName, "blobs", string(cm.Config.Digest.Algorithm()),
-			cm.Config.Digest.Hex())
+		destConfigBlobPath := path.Join(destDir, repoName, "blobs", string(imageManifest.Config.Digest.Algorithm()),
+			imageManifest.Config.Digest.Hex())

 		err = os.MkdirAll(destConfigBlobPath, 0o755)
 		So(err, ShouldBeNil)
@@ -3062,15 +3062,15 @@ func TestSignaturesOnDemand(t *testing.T) {
 		mResp, err := resty.R().Get(getCosignManifestURL)
 		So(err, ShouldBeNil)

-		var cm ispec.Manifest
+		var imageManifest ispec.Manifest

-		err = json.Unmarshal(mResp.Body(), &cm)
+		err = json.Unmarshal(mResp.Body(), &imageManifest)
 		So(err, ShouldBeNil)

 		// trigger errors on cosign blobs
 		// trigger error on cosign config blob
-		srcConfigBlobPath := path.Join(srcDir, repoName, "blobs", string(cm.Config.Digest.Algorithm()),
-			cm.Config.Digest.Hex())
+		srcConfigBlobPath := path.Join(srcDir, repoName, "blobs", string(imageManifest.Config.Digest.Algorithm()),
+			imageManifest.Config.Digest.Hex())
 		err = os.Chmod(srcConfigBlobPath, 0o000)
 		So(err, ShouldBeNil)

@@ -3084,8 +3084,8 @@ func TestSignaturesOnDemand(t *testing.T) {
 		So(resp.StatusCode(), ShouldEqual, 200)

 		// trigger error on cosign layer blob
-		srcSignatureBlobPath := path.Join(srcDir, repoName, "blobs", string(cm.Layers[0].Digest.Algorithm()),
-			cm.Layers[0].Digest.Hex())
+		srcSignatureBlobPath := path.Join(srcDir, repoName, "blobs", string(imageManifest.Layers[0].Digest.Algorithm()),
+			imageManifest.Layers[0].Digest.Hex())

 		err = os.Chmod(srcConfigBlobPath, 0o755)
 		So(err, ShouldBeNil)
@@ -206,7 +206,8 @@ func getFileCredentials(filepath string) (CredentialsFile, error) {
 }

 func getHTTPClient(regCfg *RegistryConfig, upstreamURL string, credentials Credentials,
-	log log.Logger) (*resty.Client, *url.URL, error) {
+	log log.Logger,
+) (*resty.Client, *url.URL, error) {
 	client := resty.New()

 	if !common.Contains(regCfg.URLs, upstreamURL) {
@@ -262,7 +263,8 @@ func getHTTPClient(regCfg *RegistryConfig, upstreamURL string, credentials Crede
 }

 func pushSyncedLocalImage(localRepo, tag, localCachePath string,
-	imageStore storage.ImageStore, log log.Logger) error {
+	imageStore storage.ImageStore, log log.Logger,
+) error {
 	log.Info().Msgf("pushing synced local image %s/%s:%s to local registry", localCachePath, localRepo, tag)

 	metrics := monitoring.NewMetricsServer(false, log)