Fix linter warnings in auth storage code

franklouwers · claude · franklouwers · commit 928f2be8bf28 · 2025-11-28T10:11:49.000+01:00
- Add nolint comments for false positive gosec warnings on auth field constants - Remove unused legacy backward compatibility constants - Remove unused createEncodedTextFile wrapper function - Add nolint comment for storagePrinter variable (used via SetStoragePrinter) - Add nolint comment for test credential false positive 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
diff --git a/internal/pkg/auth/storage.go b/internal/pkg/auth/storage.go
@@ -16,7 +16,7 @@ import (
 )
 
 // Package-level printer for debug logging in storage operations
-var storagePrinter = print.NewPrinter()
+var storagePrinter = print.NewPrinter() //nolint:unused // set via SetStoragePrinter, may be used for future debug logging
 
 // SetStoragePrinter sets the printer used for storage debug logging
 // This should be called with the main command's printer to ensure consistent verbosity
@@ -50,20 +50,14 @@ const (
 	envAccessTokenName = "STACKIT_ACCESS_TOKEN"
 )
 
-// Legacy constants for backward compatibility
-const (
-	keyringService = keyringServiceCLI
-	textFileName   = textFileNameCLI
-)
-
 const (
 	SESSION_EXPIRES_AT_UNIX authFieldKey = "session_expires_at_unix"
 	ACCESS_TOKEN            authFieldKey = "access_token"
 	REFRESH_TOKEN           authFieldKey = "refresh_token"
 	SERVICE_ACCOUNT_TOKEN   authFieldKey = "service_account_token"
 	SERVICE_ACCOUNT_EMAIL   authFieldKey = "service_account_email"
 	USER_EMAIL              authFieldKey = "user_email"
-	SERVICE_ACCOUNT_KEY     authFieldKey = "service_account_key"
+	SERVICE_ACCOUNT_KEY     authFieldKey = "service_account_key" //nolint:gosec // linter false positive
 	PRIVATE_KEY             authFieldKey = "private_key"
 	TOKEN_CUSTOM_ENDPOINT   authFieldKey = "token_custom_endpoint"
 	IDP_TOKEN_ENDPOINT      authFieldKey = "idp_token_endpoint" //nolint:gosec // linter false positive
@@ -416,13 +410,9 @@ func getAuthFieldFromEncodedTextFileWithContext(context StorageContext, activePr
 	return value, nil
 }
 
-// Checks if the encoded text file exist.
+// createEncodedTextFileWithContext checks if the encoded text file exist.
 // If it doesn't, creates it with the content "{}" encoded.
 // If it does, does nothing (and returns nil).
-func createEncodedTextFile(activeProfile string) error {
-	return createEncodedTextFileWithContext(StorageContextCLI, activeProfile)
-}
-
 func createEncodedTextFileWithContext(context StorageContext, activeProfile string) error {
 	textFileDir := config.GetProfileFolderPath(activeProfile)
 	fileName := getTextFileName(context)
diff --git a/internal/pkg/auth/storage_test.go b/internal/pkg/auth/storage_test.go
@@ -1755,7 +1755,7 @@ func TestConcurrentCLIAndProviderAuth(t *testing.T) {
 
 	cliEmail := "cli@example.com"
 	cliAccessToken := "cli-access-token"
-	cliRefreshToken := "cli-refresh-token"
+	cliRefreshToken := "cli-refresh-token" //nolint:gosec // test credential, not a real secret
 	cliSessionExpires := fmt.Sprintf("%d", time.Now().Add(2*time.Hour).Unix())
 
 	providerEmail := "provider@example.com"
