make arg unused

Signed-off-by: Asra Ali <asraa@google.com>

cmd/cosign/cli/verify/verify_blob.go

@@ -364,7 +364,7 @@ func verifyBlob(ctx context.Context, co *cosign.CheckOpts,
 		fallthrough
 	// We are provided a log entry, possibly from above, or search.
 	case e != nil:
-		if err := cosign.VerifyTLogEntry(ctx, e); err != nil {
+		if err := cosign.VerifyTLogEntry(ctx, nil, e); err != nil {
 			return err
 		}
 
@@ -488,7 +488,7 @@ func verifyRekorBundle(ctx context.Context, bundle *bundle.RekorBundle,
 		return nil, err
 	}
 
-	publicKeys, err := cosign.GetRekorPubs(ctx)
+	publicKeys, err := cosign.GetRekorPubs(ctx, nil)
 	if err != nil {
 		return nil, fmt.Errorf("retrieving rekor public key: %w", err)
 	}

pkg/cosign/tlog.go

@@ -88,12 +88,10 @@ func intotoEntry(ctx context.Context, signature, pubKey []byte) (models.Proposed
 
 // GetRekorPubs retrieves trusted Rekor public keys from the embedded or cached
 // TUF root. If expired, makes a network call to retrieve the updated targets.
-// A Rekor client may optionally be provided in case using SIGSTORE_TRUST_REKOR_API_PUBLIC_KEY
-// (see below).
 // There are two Env variable that can be used to override this behaviour:
 // SIGSTORE_REKOR_PUBLIC_KEY - If specified, location of the file that contains
 // the Rekor Public Key on local filesystem
-func GetRekorPubs(ctx context.Context) (map[string]RekorPubKey, error) {
+func GetRekorPubs(ctx context.Context, _ *client.Rekor) (map[string]RekorPubKey, error) {
 	publicKeys := make(map[string]RekorPubKey)
 	altRekorPub := env.Getenv(env.VariableSigstoreRekorPublicKey)
 
@@ -176,7 +174,7 @@ func doUpload(ctx context.Context, rekorClient *client.Rekor, pe models.Proposed
 			if err != nil {
 				return nil, err
 			}
-			return e, VerifyTLogEntry(ctx, e)
+			return e, VerifyTLogEntry(ctx, nil, e)
 		}
 		return nil, err
 	}
@@ -405,7 +403,8 @@ func FindTLogEntriesByPayload(ctx context.Context, rekorClient *client.Rekor, pa
 }
 
 // VerityTLogEntry verifies a TLog entry.
-func VerifyTLogEntry(ctx context.Context, e *models.LogEntryAnon) error {
+// The argument *client.Rekor is unused and may be nil.
+func VerifyTLogEntry(ctx context.Context, _ *client.Rekor, e *models.LogEntryAnon) error {
 	if e.Verification == nil || e.Verification.InclusionProof == nil {
 		return errors.New("inclusion proof not provided")
 	}
@@ -437,7 +436,7 @@ func VerifyTLogEntry(ctx context.Context, e *models.LogEntryAnon) error {
 		LogID:          *e.LogID,
 	}
 
-	rekorPubKeys, err := GetRekorPubs(ctx)
+	rekorPubKeys, err := GetRekorPubs(ctx, nil)
 	if err != nil {
 		return fmt.Errorf("unable to fetch Rekor public keys: %w", err)
 	}

pkg/cosign/tlog_test.go

@@ -20,7 +20,7 @@ import (
 )
 
 func TestGetRekorPubKeys(t *testing.T) {
-	keys, err := GetRekorPubs(context.Background())
+	keys, err := GetRekorPubs(context.Background(), nil)
 	if err != nil {
 		t.Errorf("Unexpected error calling GetRekorPubs, expected nil: %v", err)
 	}

pkg/cosign/verify.go

@@ -447,7 +447,7 @@ func tlogValidateEntry(ctx context.Context, client *client.Rekor, sig oci.Signat
 	entryVerificationErrs := make([]string, 0)
 	for _, e := range tlogEntries {
 		entry := e
-		if err := VerifyTLogEntry(ctx, &entry); err != nil {
+		if err := VerifyTLogEntry(ctx, nil, &entry); err != nil {
 			entryVerificationErrs = append(entryVerificationErrs, err.Error())
 			continue
 		}
@@ -885,7 +885,7 @@ func VerifyBundle(ctx context.Context, sig oci.Signature, rekorClient *client.Re
 		return false, err
 	}
 
-	publicKeys, err := GetRekorPubs(ctx)
+	publicKeys, err := GetRekorPubs(ctx, nil)
 	if err != nil {
 		return false, fmt.Errorf("retrieving rekor public key: %w", err)
 	}