mark principal and issuer class under pkg/identity as deprecated (#1980)

* mark principal and issuer class under pkg/identity as deprecated

Signed-off-by: Sujal Gupta <[email protected]>

* fix deprecation warnings

Signed-off-by: Sujal Gupta <[email protected]>

* ignore lint errors

Signed-off-by: Sujal Gupta <[email protected]>

---------

Signed-off-by: Sujal Gupta <[email protected]>

Author: heysujal

pkg/challenges/challenges.go

@@ -67,15 +67,15 @@ func PrincipalFromIDToken(ctx context.Context, tok *oidc.IDToken) (identity.Prin
 	var err error
 	switch iss.Type {
 	case config.IssuerTypeBuildkiteJob:
-		principal, err = buildkite.JobPrincipalFromIDToken(ctx, tok)
+		principal, err = buildkite.JobPrincipalFromIDToken(ctx, tok) // nolint
 	case config.IssuerTypeGitLabPipeline:
-		principal, err = gitlabcom.JobPrincipalFromIDToken(ctx, tok)
+		principal, err = gitlabcom.JobPrincipalFromIDToken(ctx, tok) // nolint
 	case config.IssuerTypeEmail:
 		principal, err = email.PrincipalFromIDToken(ctx, tok)
 	case config.IssuerTypeSpiffe:
 		principal, err = spiffe.PrincipalFromIDToken(ctx, tok)
 	case config.IssuerTypeGithubWorkflow:
-		principal, err = github.WorkflowPrincipalFromIDToken(ctx, tok)
+		principal, err = github.WorkflowPrincipalFromIDToken(ctx, tok) // nolint
 	case config.IssuerTypeKubernetes:
 		principal, err = kubernetes.PrincipalFromIDToken(ctx, tok)
 	case config.IssuerTypeURI:

pkg/identity/buildkite/issuer.go

@@ -22,10 +22,12 @@ import (
 	"github.com/sigstore/fulcio/pkg/identity/base"
 )
 
+// Deprecated: Use ciprovider.ciProviderIssuer instead
 type buildkiteIssuer struct {
 	identity.Issuer
 }
 
+// Deprecated: Use ciprovider.Issuer instead
 func Issuer(issuerURL string) identity.Issuer {
 	return &buildkiteIssuer{base.Issuer(issuerURL)}
 }

pkg/identity/buildkite/principal.go

@@ -26,6 +26,7 @@ import (
 	"github.com/sigstore/fulcio/pkg/identity"
 )
 
+// Deprecated: Use ciprovider.ciPrincipal instead
 type jobPrincipal struct {
 	// Subject matches the 'sub' claim from the OIDC ID token this is what is
 	// signed as proof of possession for Buildkite job identities
@@ -40,6 +41,7 @@ type jobPrincipal struct {
 	url string
 }
 
+// Deprecated: Use ciprovider.WorkflowPrincipalFromIDToken instead
 func JobPrincipalFromIDToken(_ context.Context, token *oidc.IDToken) (identity.Principal, error) {
 	var claims struct {
 		OrganizationSlug string `json:"organization_slug"`

pkg/identity/codefresh/issuer.go

@@ -23,10 +23,12 @@ import (
 	"github.com/sigstore/fulcio/pkg/identity/base"
 )
 
+// Deprecated: Use ciprovider.ciProviderIssuer instead
 type codefreshIssuer struct {
 	identity.Issuer
 }
 
+// Deprecated: Use ciprovider.Issuer instead
 func Issuer(issuerURL string) identity.Issuer {
 	return &codefreshIssuer{base.Issuer(issuerURL)}
 }

pkg/identity/codefresh/principal.go

@@ -30,6 +30,7 @@ const (
 	DefaultPlatformURL string = "https://g.codefresh.io"
 )
 
+// Deprecated: Use ciprovider.ciPrincipal instead
 type workflowPrincipal struct {
 	// Subject matches the 'sub' claim from the OIDC ID token this is what is signed as proof of possession for Codefresh workflow identities
 	subject string
@@ -79,6 +80,7 @@ func (w workflowPrincipal) Name(_ context.Context) string {
 	return w.subject
 }
 
+// Deprecated: Use ciprovider.WorkflowPrincipalFromIDToken instead
 func WorkflowPrincipalFromIDToken(_ context.Context, token *oidc.IDToken) (identity.Principal, error) {
 	var claims struct {
 		AccountID         string `json:"account_id"`

pkg/identity/github/issuer.go

@@ -23,10 +23,12 @@ import (
 	"github.com/sigstore/fulcio/pkg/identity/base"
 )
 
+// Deprecated: Use ciprovider.ciProviderIssuer instead
 type githubIssuer struct {
 	identity.Issuer
 }
 
+// Deprecated: Use ciprovider.Issuer instead
 func Issuer(issuerURL string) identity.Issuer {
 	return &githubIssuer{base.Issuer(issuerURL)}
 }

pkg/identity/github/principal.go

@@ -25,6 +25,7 @@ import (
 	"github.com/sigstore/fulcio/pkg/identity"
 )
 
+// Deprecated: Use ciprovider.ciPrincipal instead
 type workflowPrincipal struct {
 	// Subject matches the 'sub' claim from the OIDC ID token this is what is
 	// signed as proof of possession for Github workflow identities
@@ -87,6 +88,7 @@ type workflowPrincipal struct {
 	runAttempt string
 }
 
+// Deprecated: Use ciprovider.WorkflowPrincipalFromIDToken instead
 func WorkflowPrincipalFromIDToken(_ context.Context, token *oidc.IDToken) (identity.Principal, error) {
 	var claims struct {
 		JobWorkflowRef       string `json:"job_workflow_ref"`

pkg/identity/gitlabcom/issuer.go

@@ -22,10 +22,12 @@ import (
 	"github.com/sigstore/fulcio/pkg/identity/base"
 )
 
+// Deprecated: Use ciprovider.ciProviderIssuer instead
 type gitlabIssuer struct {
 	identity.Issuer
 }
 
+// Deprecated: Use ciprovider.Issuer instead
 func Issuer(issuerURL string) identity.Issuer {
 	return &gitlabIssuer{base.Issuer(issuerURL)}
 }

pkg/identity/gitlabcom/principal.go

@@ -26,6 +26,7 @@ import (
 	"github.com/sigstore/fulcio/pkg/identity"
 )
 
+// Deprecated: Use ciprovider.ciPrincipal instead
 type jobPrincipal struct {
 	// Subject matches the 'sub' claim from the OIDC ID token this is what is
 	// signed as proof of possession for Buildkite job identities
@@ -82,6 +83,7 @@ type jobPrincipal struct {
 	projectVisibility string
 }
 
+// Deprecated: Use ciprovider.WorkflowPrincipalFromIDToken instead
 func JobPrincipalFromIDToken(_ context.Context, token *oidc.IDToken) (identity.Principal, error) {
 	var claims struct {
 		ProjectPath       string `json:"project_path"`

pkg/server/issuer_pool.go

@@ -57,15 +57,15 @@ func getIssuer(meta string, i config.OIDCIssuer) identity.Issuer {
 	case config.IssuerTypeEmail:
 		return email.Issuer(issuerURL)
 	case config.IssuerTypeGithubWorkflow:
-		return github.Issuer(issuerURL)
+		return github.Issuer(issuerURL) // nolint
 	case config.IssuerTypeCIProvider:
 		return ciprovider.Issuer(issuerURL)
 	case config.IssuerTypeGitLabPipeline:
-		return gitlabcom.Issuer(issuerURL)
+		return gitlabcom.Issuer(issuerURL) // nolint
 	case config.IssuerTypeBuildkiteJob:
-		return buildkite.Issuer(issuerURL)
+		return buildkite.Issuer(issuerURL) // nolint
 	case config.IssuerTypeCodefreshWorkflow:
-		return codefresh.Issuer(issuerURL)
+		return codefresh.Issuer(issuerURL) // nolint
 	case config.IssuerTypeChainguard:
 		return chainguard.Issuer(issuerURL)
 	case config.IssuerTypeKubernetes:

pkg/server/issuer_pool_test.go

@@ -92,7 +92,7 @@ func TestGetIssuer(t *testing.T) {
 				IssuerURL: "github.com",
 				Type:      "github-workflow",
 			},
-			expected: github.Issuer("github.com"),
+			expected: github.Issuer("github.com"), // nolint
 		}, {
 			description: "spiffe",
 			issuer: config.OIDCIssuer{