refactor(notation): merge notationoptions with options strut

Signed-off-by: Jason <jagoodse@microsoft.com>

Author: JasonTheDeveloper

internal/oci/notation.go

@@ -23,28 +23,19 @@ import (
 	oauth "oras.land/oras-go/v2/registry/remote/auth"
 )
 
-// notationOptions is a struct that holds options for notation verifier
-type notationOptions struct {
-	PublicCertificate []byte
-	TrustStore        *trustpolicy.Document
-	Keychain          authn.Keychain
-	ROpt              []remote.Option
-	Insecure          bool
-}
-
 // NotationOptions is a function that configures the options applied to a notation verifier
-type NotationOptions func(opts *notationOptions)
+type NotationOptions func(opts *options)
 
 // WithInsecureRegistry sets notation to verify against insecure registry.
 func WithInsecureRegistry(insecure bool) NotationOptions {
-	return func(opts *notationOptions) {
+	return func(opts *options) {
 		opts.Insecure = insecure
 	}
 }
 
 // WithTrustStore sets the trust store configuration.
 func WithTrustStore(trustStore *trustpolicy.Document) NotationOptions {
-	return func(opts *notationOptions) {
+	return func(opts *options) {
 		opts.TrustStore = trustStore
 	}
 }
@@ -55,23 +46,23 @@ func WithTrustStore(trustStore *trustpolicy.Document) NotationOptions {
 // The function returns a NotationOptions function option that sets the public certificate
 // in the notation options.
 func WithNotaryPublicCertificate(data []byte) NotationOptions {
-	return func(opts *notationOptions) {
-		opts.PublicCertificate = data
+	return func(opts *options) {
+		opts.PublicKey = data
 	}
 }
 
 // WithNotaryRemoteOptions is a functional option for overriding the default
 // remote options used by the verifier
 func WithNotaryRemoteOptions(opts ...remote.Option) NotationOptions {
-	return func(o *notationOptions) {
+	return func(o *options) {
 		o.ROpt = opts
 	}
 }
 
 // WithNotaryKeychain is a functional option for overriding the default
 // remote options used by the verifier
 func WithNotaryKeychain(key authn.Keychain) NotationOptions {
-	return func(o *notationOptions) {
+	return func(o *options) {
 		o.Keychain = key
 	}
 }
@@ -106,13 +97,13 @@ func (s trustStore) GetCertificates(ctx context.Context, storeType truststore.Ty
 
 // NewNotaryVerifier initializes a new NotaryVerifier
 func NewNotaryVerifier(opts ...NotationOptions) (*NotaryVerifier, error) {
-	o := notationOptions{}
+	o := options{}
 	for _, opt := range opts {
 		opt(&o)
 	}
 
 	store := &trustStore{
-		cert: o.PublicCertificate,
+		cert: o.PublicKey,
 	}
 
 	verifier, err := verifier.New(o.TrustStore, store, nil)

internal/oci/notation_test.go

@@ -10,30 +10,30 @@ import (
 	"github.com/notaryproject/notation-go/verifier/trustpolicy"
 )
 
-func TestNotaryOptions(t *testing.T) {
+func TestOptionsForNotary(t *testing.T) {
 	testCases := []struct {
 		name string
 		opts []NotationOptions
-		want *notationOptions
+		want *options
 	}{
 		{
 			name: "no options",
-			want: &notationOptions{},
+			want: &options{},
 		},
 		{
 			name: "signature option",
 			opts: []NotationOptions{WithNotaryPublicCertificate([]byte("foo"))},
-			want: &notationOptions{
-				PublicCertificate: []byte("foo"),
-				ROpt:              nil,
+			want: &options{
+				PublicKey: []byte("foo"),
+				ROpt:      nil,
 			},
 		},
 		{
 			name: "keychain option",
 			opts: []NotationOptions{WithNotaryRemoteOptions(remote.WithAuthFromKeychain(authn.DefaultKeychain))},
-			want: &notationOptions{
-				PublicCertificate: nil,
-				ROpt:              []remote.Option{remote.WithAuthFromKeychain(authn.DefaultKeychain)},
+			want: &options{
+				PublicKey: nil,
+				ROpt:      []remote.Option{remote.WithAuthFromKeychain(authn.DefaultKeychain)},
 			},
 		},
 		{
@@ -42,8 +42,8 @@ func TestNotaryOptions(t *testing.T) {
 				remote.WithAuth(&authn.Basic{Username: "foo", Password: "bar"}),
 				remote.WithAuthFromKeychain(authn.DefaultKeychain),
 			)},
-			want: &notationOptions{
-				PublicCertificate: nil,
+			want: &options{
+				PublicKey: nil,
 				ROpt: []remote.Option{
 					remote.WithAuth(&authn.Basic{Username: "foo", Password: "bar"}),
 					remote.WithAuthFromKeychain(authn.DefaultKeychain),
@@ -57,8 +57,8 @@ func TestNotaryOptions(t *testing.T) {
 				remote.WithAuthFromKeychain(authn.DefaultKeychain),
 				remote.WithTransport(http.DefaultTransport),
 			)},
-			want: &notationOptions{
-				PublicCertificate: nil,
+			want: &options{
+				PublicKey: nil,
 				ROpt: []remote.Option{
 					remote.WithAuth(&authn.Basic{Username: "foo", Password: "bar"}),
 					remote.WithAuthFromKeychain(authn.DefaultKeychain),
@@ -69,62 +69,62 @@ func TestNotaryOptions(t *testing.T) {
 		{
 			name: "truststore, empty document",
 			opts: []NotationOptions{WithTrustStore(&trustpolicy.Document{})},
-			want: &notationOptions{
-				PublicCertificate: nil,
-				ROpt:              nil,
-				TrustStore:        &trustpolicy.Document{},
+			want: &options{
+				PublicKey:  nil,
+				ROpt:       nil,
+				TrustStore: &trustpolicy.Document{},
 			},
 		},
 		{
 			name: "truststore, dummy document",
 			opts: []NotationOptions{WithTrustStore(dummyPolicyDocument())},
-			want: &notationOptions{
-				PublicCertificate: nil,
-				ROpt:              nil,
-				TrustStore:        dummyPolicyDocument(),
+			want: &options{
+				PublicKey:  nil,
+				ROpt:       nil,
+				TrustStore: dummyPolicyDocument(),
 			},
 		},
 		{
 			name: "insecure, false",
 			opts: []NotationOptions{WithInsecureRegistry(false)},
-			want: &notationOptions{
-				PublicCertificate: nil,
-				ROpt:              nil,
-				TrustStore:        nil,
-				Insecure:          false,
+			want: &options{
+				PublicKey:  nil,
+				ROpt:       nil,
+				TrustStore: nil,
+				Insecure:   false,
 			},
 		},
 		{
 			name: "insecure, true",
 			opts: []NotationOptions{WithInsecureRegistry(true)},
-			want: &notationOptions{
-				PublicCertificate: nil,
-				ROpt:              nil,
-				TrustStore:        nil,
-				Insecure:          true,
+			want: &options{
+				PublicKey:  nil,
+				ROpt:       nil,
+				TrustStore: nil,
+				Insecure:   true,
 			},
 		},
 		{
 			name: "insecure, default",
 			opts: []NotationOptions{},
-			want: &notationOptions{
-				PublicCertificate: nil,
-				ROpt:              nil,
-				TrustStore:        nil,
-				Insecure:          false,
+			want: &options{
+				PublicKey:  nil,
+				ROpt:       nil,
+				TrustStore: nil,
+				Insecure:   false,
 			},
 		},
 	}
 
 	// Run the test cases
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			o := notationOptions{}
+			o := options{}
 			for _, opt := range tc.opts {
 				opt(&o)
 			}
-			if !reflect.DeepEqual(o.PublicCertificate, tc.want.PublicCertificate) {
-				t.Errorf("got %#v, want %#v", &o.PublicCertificate, tc.want.PublicCertificate)
+			if !reflect.DeepEqual(o.PublicKey, tc.want.PublicKey) {
+				t.Errorf("got %#v, want %#v", &o.PublicKey, tc.want.PublicKey)
 			}
 
 			if !reflect.DeepEqual(o.TrustStore, tc.want.TrustStore) {

internal/oci/verifier.go

@@ -21,8 +21,10 @@ import (
 	"crypto"
 	"fmt"
 
+	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
 	"github.com/google/go-containerregistry/pkg/v1/remote"
+	"github.com/notaryproject/notation-go/verifier/trustpolicy"
 	"github.com/sigstore/cosign/v2/cmd/cosign/cli/fulcio"
 	coptions "github.com/sigstore/cosign/v2/cmd/cosign/cli/options"
 	"github.com/sigstore/cosign/v2/cmd/cosign/cli/rekor"
@@ -43,6 +45,9 @@ type options struct {
 	PublicKey  []byte
 	ROpt       []remote.Option
 	Identities []cosign.Identity
+	TrustStore *trustpolicy.Document
+	Keychain   authn.Keychain
+	Insecure   bool
 }
 
 // Options is a function that configures the options applied to a Verifier.