Check value for cosign clean --type flag (#2574)

sigstore · Dec 23, 2022 · 44d58de · 44d58de
1 parent 5282e31
commit 44d58de
Show file tree

Hide file tree

Showing 3 changed files with 57 additions and 16 deletions.
diff --git a/cmd/cosign/cli/clean.go b/cmd/cosign/cli/clean.go
@@ -50,7 +50,7 @@ func Clean() *cobra.Command {
 	return cmd
 }
 
-func CleanCmd(ctx context.Context, regOpts options.RegistryOptions, cleanType, imageRef string, force bool) error {
+func CleanCmd(ctx context.Context, regOpts options.RegistryOptions, cleanType options.CleanType, imageRef string, force bool) error {
 	ok, err := cosign.ConfirmPrompt(prompt(cleanType), force)
 	if err != nil {
 		return err
@@ -82,14 +82,16 @@ func CleanCmd(ctx context.Context, regOpts options.RegistryOptions, cleanType, i
 
 	var cleanTags []name.Tag
 	switch cleanType {
-	case "signature":
+	case options.CleanTypeSignature:
 		cleanTags = []name.Tag{sigRef}
-	case "sbom":
+	case options.CleanTypeSbom:
 		cleanTags = []name.Tag{sbomRef}
-	case "attestation":
+	case options.CleanTypeAttestation:
 		cleanTags = []name.Tag{attRef}
-	case "all":
+	case options.CleanTypeAll:
 		cleanTags = []name.Tag{sigRef, attRef, sbomRef}
+	default:
+		panic("invalid CleanType value")
 	}
 
 	for _, t := range cleanTags {
@@ -110,16 +112,16 @@ func CleanCmd(ctx context.Context, regOpts options.RegistryOptions, cleanType, i
 	return nil
 }
 
-func prompt(cleanType string) string {
+func prompt(cleanType options.CleanType) string {
 	switch cleanType {
-	case "signature":
+	case options.CleanTypeSignature:
 		return "WARNING: this will remove all signatures from the image"
-	case "sbom":
+	case options.CleanTypeSbom:
 		return "WARNING: this will remove all SBOMs from the image"
-	case "attestation":
+	case options.CleanTypeAttestation:
 		return "WARNING: this will remove all attestations from the image"
-	case "all":
+	case options.CleanTypeAll:
 		return "WARNING: this will remove all signatures, SBOMs and attestations from the image"
 	}
-	return ""
+	panic("invalid CleanType value")
 }
diff --git a/cmd/cosign/cli/options/clean.go b/cmd/cosign/cli/options/clean.go
@@ -14,19 +14,58 @@
 
 package options
 
-import "github.com/spf13/cobra"
+import (
+	"errors"
+
+	"github.com/spf13/cobra"
+)
+
+type CleanType string
+
+const (
+	CleanTypeSignature   CleanType = "signature"
+	CleanTypeAttestation CleanType = "attestation"
+	CleanTypeSbom        CleanType = "sbom"
+	CleanTypeAll         CleanType = "all"
+)
+
+func defaultCleanType() CleanType {
+	return CleanTypeAll
+}
+
+// cleanType implements github.com/spf13/pflag.Value.
+func (c *CleanType) String() string {
+	return string(*c)
+}
+
+// cleanType implements github.com/spf13/pflag.Value.
+func (c *CleanType) Set(v string) error {
+	switch v {
+	case "signature", "attestation", "sbom", "all":
+		*c = CleanType(v)
+		return nil
+	default:
+		return errors.New(`must be one of "signature", "attestation", "sbom", or "all"`)
+	}
+}
+
+// cleanType implements github.com/spf13/pflag.Value.
+func (c *CleanType) Type() string {
+	return "CLEAN_TYPE"
+}
 
 type CleanOptions struct {
 	Registry  RegistryOptions
-	CleanType string
+	CleanType CleanType
 	Force     bool
 }
 
 var _ Interface = (*CleanOptions)(nil)
 
 func (c *CleanOptions) AddFlags(cmd *cobra.Command) {
 	c.Registry.AddFlags(cmd)
-	cmd.Flags().StringVarP(&c.CleanType, "type", "", "all", "a type of clean: <signature|attestation|sbom|all> (default: all)")
-	// TODO: Rename to --skip-confirmation for consistency?
+	c.CleanType = defaultCleanType()
+	cmd.Flags().Var(&c.CleanType, "type", "a type of clean: <signature|attestation|sbom|all>")
+	// TODO(#2044): Rename to --skip-confirmation for consistency?
 	cmd.Flags().BoolVarP(&c.Force, "force", "f", false, "do not prompt for confirmation")
 }
diff --git a/doc/cosign_clean.md b/doc/cosign_clean.md