chore: fix old lint issues

.packit.yaml

@@ -10,46 +10,45 @@ files_to_sync:
     - .packit.yaml
 
 jobs:
-# For testing before merging PRs
-- job: copr_build
-  trigger: pull_request
-  targets:
-    - fedora-rawhide-x86_64
-    - fedora-43-x86_64
-    - fedora-42-x86_64
-    - centos-stream-9-x86_64
-    - centos-stream-10-x86_64
+    - job: copr_build
+      trigger: pull_request
+      targets:
+          - fedora-rawhide-x86_64
+          - fedora-43-x86_64
+          - fedora-42-x86_64
+          - centos-stream-9-x86_64
+          - centos-stream-10-x86_64
 
 # Running tests using testing farm https://packit.dev/docs/configuration/upstream/tests
-- job: tests
-  trigger: pull_request
-  targets:
-    - fedora-rawhide-x86_64
-    - fedora-43-x86_64
-    - fedora-42-x86_64
-    - centos-stream-9-x86_64
-    - centos-stream-10-x86_64
+    - job: tests
+      trigger: pull_request
+      targets:
+          - fedora-rawhide-x86_64
+          - fedora-43-x86_64
+          - fedora-42-x86_64
+          - centos-stream-9-x86_64
+          - centos-stream-10-x86_64
 
 # https://packit.dev/docs/fedora-releases-guide
 # Propose Downstream PRs once a Upstream release is out
-- job: propose_downstream
-  trigger: release
-  dist_git_branches:
-    - rawhide
-    - f43
-    - f42
+    - job: propose_downstream
+      trigger: release
+      dist_git_branches:
+          - rawhide
+          - f43
+          - f42
 
 # Automatically submit builds to Koji after PR is merged into dist-git
-- job: koji_build
-  trigger: commit
-  dist_git_branches:
-    - rawhide
-    - f43
-    - f42
+    - job: koji_build
+      trigger: commit
+      dist_git_branches:
+          - rawhide
+          - f43
+          - f42
 
 # Trigger Bodhi update for released Fedora versions
-- job: bodhi_update
-  trigger: commit
-  dist_git_branches:
-    - f43
-    - f42
+    - job: bodhi_update
+      trigger: commit
+      dist_git_branches:
+          - f43
+          - f42

.pre-commit-config.yaml

@@ -2,15 +2,15 @@
 # See https://pre-commit.com/hooks.html for more hooks
 default_stages: [pre-push]
 repos:
--   repo: https://github.com/pre-commit/pre-commit-hooks
+  - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: cef0300fd0fc4d2a87a85fa2093c6b283ea36f4b #v5.0.0
     hooks:
-    -   id: trailing-whitespace
-    -   id: end-of-file-fixer
-    -   id: check-yaml
-    -   id: check-added-large-files
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-yaml
+      - id: check-added-large-files
         exclude: "^internal/complytime/testdata/openscap/ssg-rhel-ds.xml$"
--   repo: https://github.com/dnephin/pre-commit-golang
+  - repo: https://github.com/dnephin/pre-commit-golang
     rev: fb24a639f7c938759fe56eeebbb7713b69d60494 #v0.5.1
     hooks:
       - id: go-fmt
@@ -19,11 +19,11 @@ repos:
       #- id: golangci-lint
       - id: go-unit-tests
 
--   repo: local
+  - repo: local
     hooks:
-        - id: check-spdx
-          name: Check and fix SPDX line in source files
-          entry: python ./scripts/check-and-fix-spdx.py
-          language: system
-          stages: [pre-commit]
-          files: \.(py|go|sh)$
+      - id: check-spdx
+        name: Check and fix SPDX line in source files
+        entry: python ./scripts/check-and-fix-spdx.py
+        language: system
+        stages: [pre-commit]
+        files: \.(py|go|sh)$

scripts/check-and-fix-spdx.py

@@ -31,6 +31,7 @@ def _check_spdx(lines: list[str]) -> bool:
     for line in lines[:3]:
         if SPDX_LINE in line:
             return True
+    return False
 
 
 def _write_file(file_path: Path, lines: list[str]) -> None:

scripts/quick_start/quick_start.sh

@@ -11,10 +11,7 @@
 
 set +e
 # Check if the scap-security-guide package is available in the enabled repositories
-dnf provides scap-security-guide
-
-# Check the exit status of the previous command
-if [ $? -ne 0 ]; then
+if ! dnf provides scap-security-guide; then
     echo "No working repository is available to install scap-security-guide."
 
     # Check if RHEL_APPS_REPO variable is set
@@ -39,18 +36,16 @@ dnf update -y
 dnf install git wget make scap-security-guide -y
 rm -rf /usr/bin/go
 go_mod="https://raw.githubusercontent.com/complytime/complyctl/main/go.mod"
-go_version=$(curl -s $go_mod | grep '^go' | awk '{print $2}')
-go_tar_file=go$go_version.linux-amd64.tar.gz
+go_version=$(curl -s "$go_mod" | grep '^go' | awk '{print $2}')
+go_tar_file="go${go_version}.linux-amd64.tar.gz"
 wget "https://go.dev/dl/$go_tar_file"
 tar -C /usr/local -xvzf "$go_tar_file"
 rm -rf "$go_tar_file"
-export PATH=$PATH:/usr/local/go/bin
-source ~/.bash_profile
-
+export PATH="$PATH:/usr/local/go/bin"
 # Install and build complyctl
 echo "Cloning the complyctl repository..."
-complyctlrepo="${REPO:-"https://github.com/complytime/complyctl"}"
-complyctlbranch="${BRANCH:-"main"}"
+complyctlrepo="${REPO:-https://github.com/complytime/complyctl}"
+complyctlbranch="${BRANCH:-main}"
 git clone -b "${complyctlbranch}" "${complyctlrepo}"
 cd complyctl && make build && cp ./bin/complyctl /usr/local/bin
 echo "complyctl installed successfully!"
@@ -66,7 +61,7 @@ cp docs/samples/sample-profile.json docs/samples/sample-catalog.json ~/.local/sh
 
 # Copy the binary plugin and manifest files
 cp -rp bin/openscap-plugin ~/.local/share/complytime/plugins
-checksum=$(sha256sum ~/.local/share/complytime/plugins/openscap-plugin| cut -d ' ' -f 1 )
+checksum=$(sha256sum ~/.local/share/complytime/plugins/openscap-plugin | cut -d ' ' -f 1)
 cat > ~/.local/share/complytime/plugins/c2p-openscap-manifest.json << EOF
 {
   "metadata": {

scripts/setup-github-workflows.py

@@ -15,6 +15,10 @@
 from urllib.parse import urljoin
 
 
+class RepoException(Exception):
+    """Raised when a git repository operation fails."""
+
+
 GITHUB_API = "https://api.github.com"
 GITHUB_USERNAME = os.getenv('USERNAME')
 # GitHub PAT is needed to run this script, and GitHub recommends that you use a
@@ -76,13 +80,14 @@ def copy_workflow_file(workflow_filename, dest_project_path):
     if os.path.exists(dest_file_path):
         print(f"{workflow_filename} already exists in {dest_project_path}.")
         return False
-    else:
-        try:
-            shutil.copy(src_file_path, dest_file_path)
-        except FileNotFoundError:
-            print(f"Error: Source file {src_file_path} not found.")
-        except Exception as e:
-            print(f"An error occurred while copying file {src_file_path}: {e}")
+    try:
+        shutil.copy(src_file_path, dest_file_path)
+    except FileNotFoundError:
+        print(f"Error: Source file {src_file_path} not found.")
+        return False
+    except Exception as e:
+        print(f"An error occurred while copying file {src_file_path}: {e}")
+        return False
     return True
 
 
@@ -124,7 +129,7 @@ def create_pull_request(workflow, owner, repo, workflow_branch):
     try:
         subprocess.check_call(cmd, shell=True)
     except subprocess.CalledProcessError as e:
-        raise RuntimeError(e)
+        raise RuntimeError(e) from e
     print("Done")
 
 
@@ -153,7 +158,7 @@ def check_workflows(repo_url):
                 try:
                     subprocess.check_call(cmd, shell=True)
                 except subprocess.CalledProcessError as e:
-                    raise RuntimeError(e)
+                    raise RuntimeError(e) from e
                 print("Done")
 
         # Otherwise, add the workflow file or enable with configuration
@@ -168,7 +173,7 @@ def check_workflows(repo_url):
                 try:
                     subprocess.check_call(cmd, shell=True)
                 except subprocess.CalledProcessError as e:
-                    raise RuntimeError(e)
+                    raise RuntimeError(e) from e
                 print("Done")
 
             else:
@@ -179,7 +184,7 @@ def check_workflows(repo_url):
                     try:
                         subprocess.check_call(cmd, cwd=dest_project_root, shell=True)
                     except subprocess.CalledProcessError as e:
-                        raise RuntimeError(e)
+                        raise RuntimeError(e) from e
 
                     dest_project_path = os.path.join(dest_project_root, repo)
                     print(f"Copying {workflow} workflow file to {dest_project_path}")

tests/build_init_env.sh

@@ -14,11 +14,11 @@
 URL="https://raw.githubusercontent.com/ComplianceAsCode/oscal-content/refs/heads/main/"
 WDIR=".local/share/complytime"
 
-product=$1
-catalog=$2
-profile=$3
+product="$1"
+catalog="$2"
+profile="$3"
 
-if [ $# -lt 3 ]; then
+if [ "$#" -lt 3 ]; then
     echo "Please provide the necessary inputs."
     exit 1
 fi
@@ -31,15 +31,15 @@ set +e
 complyctl list 2>/dev/null
 echo "The error is expected because there is no content, this will create needed directoris for further test."
 # Download OSCAL content
-wget $URL/profiles/$3/profile.json -O $HOME/$WDIR/controls/profile.json
-wget $URL/catalogs/$2/catalog.json -O $HOME/$WDIR/controls/catalog.json
-wget $URL/component-definitions/$1/$3/component-definition.json -O $HOME/$WDIR/bundles/component-definition.json
+wget "$URL/profiles/$profile/profile.json" -O "$HOME/$WDIR/controls/profile.json"
+wget "$URL/catalogs/$catalog/catalog.json" -O "$HOME/$WDIR/controls/catalog.json"
+wget "$URL/component-definitions/$product/$profile/component-definition.json" -O "$HOME/$WDIR/bundles/component-definition.json"
 # Update trestle path
-sed -i "s|trestle://catalogs/$2/catalog.json|trestle://controls/catalog.json|" $HOME/$WDIR/controls/profile.json
-sed -i "s|trestle://profiles/$3/profile.json|trestle://controls/profile.json|" $HOME/$WDIR/bundles/component-definition.json
+sed -i "s|trestle://catalogs/$catalog/catalog.json|trestle://controls/catalog.json|" "$HOME/$WDIR/controls/profile.json"
+sed -i "s|trestle://profiles/$profile/profile.json|trestle://controls/profile.json|" "$HOME/$WDIR/bundles/component-definition.json"
 # Setup plugin
-cp -rp bin/openscap-plugin $HOME/$WDIR/plugins
-checksum=$(sha256sum $HOME/$WDIR/plugins/openscap-plugin| cut -d " " -f 1 )
+cp -rp bin/openscap-plugin "$HOME/$WDIR/plugins"
+checksum=$(sha256sum "$HOME/$WDIR/plugins/openscap-plugin" | cut -d " " -f 1)
 jq --arg new_sum "$checksum" '.sha256 = $new_sum' "docs/samples/c2p-openscap-manifest.json" > "docs/samples/c2p-openscap-manifest.json.tmp"
-mv docs/samples/c2p-openscap-manifest.json.tmp $HOME/$WDIR/plugins/c2p-openscap-manifest.json
+mv docs/samples/c2p-openscap-manifest.json.tmp "$HOME/$WDIR/plugins/c2p-openscap-manifest.json"
 echo "Build and init finished."