remove declaringEmptySlices lint rule

misc/lint/rules.go

@@ -4,16 +4,6 @@ package gorules
 
 import "github.com/quasilyte/go-ruleguard/dsl"
 
-// cf. https://github.com/golang/go/wiki/CodeReviewComments#declaring-empty-slices
-func declareEmptySlices(m dsl.Matcher) {
-	m.Match(
-		`$name := []$t{}`,
-		`$name := make([]$t, 0)`,
-	).
-		Suggest(`var $name []$t`).
-		Report(`replace '$$' with 'var $name []$t'`)
-}
-
 // cf. https://github.com/uber-go/guide/blob/master/style.md#initializing-maps
 func initializeMaps(m dsl.Matcher) {
 	m.Match(`map[$key]$value{}`).

pkg/apis/aquasecurity/v1alpha1/compliance_types.go

@@ -169,9 +169,9 @@ type ComplianceCheck struct {
 
 // ToComplianceSpec map data from crd compliance spec to trivy compliance spec
 func ToComplianceSpec(cSpec Compliance) spec.ComplianceSpec {
-	var specControls []defsecTypes.Control
+	specControls := make([]defsecTypes.Control, 0)
 	for _, control := range cSpec.Controls {
-		var sChecks []defsecTypes.SpecCheck
+		sChecks := make([]defsecTypes.SpecCheck, 0)
 		for _, scheck := range control.Checks {
 			sChecks = append(sChecks, defsecTypes.SpecCheck{ID: scheck.ID})
 		}
@@ -197,7 +197,7 @@ func ToComplianceSpec(cSpec Compliance) spec.ComplianceSpec {
 
 // FromSummaryReport map data from trivy summary report to crd summary report
 func FromSummaryReport(sr *report.SummaryReport) *SummaryReport {
-	var summaryControls []ControlCheckSummary
+	summaryControls := make([]ControlCheckSummary, 0)
 	for _, sr := range sr.SummaryControls {
 		summaryControls = append(summaryControls, ControlCheckSummary{
 			ID:        sr.ID,
@@ -215,9 +215,9 @@ func FromSummaryReport(sr *report.SummaryReport) *SummaryReport {
 
 // FromDetailReport map data from trivy summary report to crd summary report
 func FromDetailReport(sr *report.ComplianceReport) *ComplianceReport {
-	var controlResults []*ControlCheckResult
+	controlResults := make([]*ControlCheckResult, 0)
 	for _, sr := range sr.Results {
-		var checks []ComplianceCheck
+		checks := make([]ComplianceCheck, 0)
 		for _, r := range sr.Results {
 			for _, ms := range r.Misconfigurations {
 				checks = append(checks, ComplianceCheck{

pkg/compliance/io.go

@@ -96,7 +96,7 @@ func (w *cm) buildComplianceReport(spec v1alpha1.ReportSpec, complianceResults [
 
 // MisconfigReportToTrivyResults convert misconfig and infra assessment report Data to trivy results
 func misconfigReportToTrivyResults(cli client.Client, ctx context.Context) ([]ttypes.Results, error) {
-	var resultsArray []ttypes.Results
+	resultsArray := make([]ttypes.Results, 0)
 	// collect configaudit report data
 	caObjList := &v1alpha1.ConfigAuditReportList{}
 	err := cli.List(ctx, caObjList)

pkg/configauditreport/controller/helper.go

@@ -47,8 +47,10 @@ func evaluate(ctx context.Context, policies *policy.Policies, resource client.Ob
 	if err != nil {
 		return Misconfiguration{}, err
 	}
-	var infraChecks []v1alpha1.Check
-	var checks []v1alpha1.Check
+
+	infraChecks := make([]v1alpha1.Check, 0)
+	checks := make([]v1alpha1.Check, 0)
+
 	for _, result := range results {
 		if !policies.HasSeverity(result.Severity()) {
 			continue

pkg/configauditreport/controller/policyconfig.go

@@ -46,7 +46,7 @@ func (r *PolicyConfigController) SetupWithManager(mgr ctrl.Manager) error {
 
 	// Determine which Kubernetes workloads the controller will reconcile and add them to resources
 	targetWorkloads := r.Config.GetTargetWorkloads()
-	var workloadResources []kube.Resource
+	workloadResources := make([]kube.Resource, 0)
 	for _, tw := range targetWorkloads {
 		var resource kube.Resource
 		if err := resource.GetWorkloadResource(tw, &v1alpha1.ConfigAuditReport{}, r.ObjectResolver); err != nil {

pkg/configauditreport/controller/resource.go

@@ -371,7 +371,7 @@ func getCheck(result scan.Result, id string) v1alpha1.Check {
 
 func clusterRbacReportItems(crar *v1alpha1.ClusterRbacAssessmentReportList) func() []client.Object {
 	return func() []client.Object {
-		var objlist []client.Object
+		objlist := make([]client.Object, 0)
 		for idx := range crar.Items {
 			objlist = append(objlist, &crar.Items[idx])
 		}
@@ -381,7 +381,7 @@ func clusterRbacReportItems(crar *v1alpha1.ClusterRbacAssessmentReportList) func
 
 func rbacReportItems(rar *v1alpha1.RbacAssessmentReportList) func() []client.Object {
 	return func() []client.Object {
-		var objlist []client.Object
+		objlist := make([]client.Object, 0)
 		for idx := range rar.Items {
 			objlist = append(objlist, &rar.Items[idx])
 		}
@@ -391,7 +391,7 @@ func rbacReportItems(rar *v1alpha1.RbacAssessmentReportList) func() []client.Obj
 
 func infraReportItems(rar *v1alpha1.InfraAssessmentReportList) func() []client.Object {
 	return func() []client.Object {
-		var objlist []client.Object
+		objlist := make([]client.Object, 0)
 		for idx := range rar.Items {
 			objlist = append(objlist, &rar.Items[idx])
 		}
@@ -401,7 +401,7 @@ func infraReportItems(rar *v1alpha1.InfraAssessmentReportList) func() []client.O
 
 func clusterAuditConfigReportItems(ccar *v1alpha1.ClusterConfigAuditReportList) func() []client.Object {
 	return func() []client.Object {
-		var objlist []client.Object
+		objlist := make([]client.Object, 0)
 		for idx := range ccar.Items {
 			objlist = append(objlist, &ccar.Items[idx])
 		}
@@ -410,7 +410,7 @@ func clusterAuditConfigReportItems(ccar *v1alpha1.ClusterConfigAuditReportList)
 }
 func auditConfigReportItems(car *v1alpha1.ConfigAuditReportList) func() []client.Object {
 	return func() []client.Object {
-		var objlist []client.Object
+		objlist := make([]client.Object, 0)
 		for idx := range car.Items {
 			objlist = append(objlist, &car.Items[idx])
 		}

pkg/kube/resources.go

@@ -19,7 +19,7 @@ const KubeSystemNamespace = "kube-system"
 // to container images from the specified v1.PodSpec.
 func GetContainerImagesFromPodSpec(spec corev1.PodSpec, skipInitContainers bool) ContainerImages {
 	images := ContainerImages{}
-	var containers []corev1.Container
+	containers := make([]corev1.Container, 0)
 	containers = append(containers, spec.Containers...)
 	if !skipInitContainers {
 		containers = append(containers, spec.InitContainers...)

pkg/kube/secrets.go

@@ -95,7 +95,7 @@ func MapDockerRegistryServersToAuths(imagePullSecrets []corev1.Secret, multiSecr
 }
 
 func GetWildcardServers(auths map[string]docker.Auth) []string {
-	var wildcardServers []string
+	wildcardServers := make([]string, 0)
 	for server := range auths {
 		if strings.HasPrefix(server, "*.") {
 			wildcardServers = append(wildcardServers, server)
@@ -190,7 +190,7 @@ func (r *secretsReader) ListImagePullSecretsByPodSpec(ctx context.Context, spec
 }
 
 func (r *secretsReader) GetSecretsFromEnv(ctx context.Context, secretsInfo map[string]string) ([]corev1.Secret, error) {
-	var secretsFromEnv []corev1.Secret
+	secretsFromEnv := make([]corev1.Secret, 0)
 
 	for ns, secretNames := range secretsInfo {
 		secretNamesValues := strings.Split(secretNames, ",")

pkg/metrics/collector.go

@@ -534,7 +534,7 @@ func buildMetricDescriptors(config trivyoperator.ConfigData) metricDescriptors {
 }
 
 func getDynamicConfigLabels(config trivyoperator.ConfigData) []string {
-	var labels []string
+	labels := make([]string, 0)
 	resourceLabels := config.GetReportResourceLabels()
 	for _, label := range resourceLabels {
 		labels = append(labels, config.GetMetricsResourceLabelsPrefix()+sanitizeLabelName(label))

pkg/operator/cluster.go

@@ -121,8 +121,8 @@ func (r *ClusterController) reconcileClusterComponents(resourceKind kube.Kind) r
 		}
 		r.clusterCache.Store(key, val)
 
-		var components []bom.Component
-		var nodeInfo []bom.NodeInfo
+		components := make([]bom.Component, 0)
+		nodeInfo := make([]bom.NodeInfo, 0)
 		r.clusterCache.Range(func(_, value any) bool {
 			switch p := value.(type) {
 			case *bom.Component:

pkg/operator/ttl_report.go

@@ -38,7 +38,7 @@ type TTLReportReconciler struct {
 
 func (r *TTLReportReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	// watch reports for ttl
-	var ttlResources []kube.Resource
+	ttlResources := make([]kube.Resource, 0)
 	if r.Config.RbacAssessmentScannerEnabled {
 		ttlResources = append(ttlResources, kube.Resource{ForObject: &v1alpha1.RbacAssessmentReport{}})
 	}
@@ -165,7 +165,7 @@ type TTLSecretReconciler struct {
 
 func (r *TTLSecretReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	// watch reports for ttl
-	var secretTTLResources []kube.Resource
+	secretTTLResources := make([]kube.Resource, 0)
 	if r.Config.VulnerabilityScannerEnabled || r.Config.ExposedSecretScannerEnabled {
 		secretTTLResources = append(secretTTLResources, kube.Resource{ForObject: &corev1.Secret{}})
 	}

pkg/plugins/trivy/filesystem.go

@@ -142,7 +142,7 @@ func GetPodSpecForStandaloneFSMode(ctx trivyoperator.PluginContext, config Confi
 		VolumeMounts:    volumeMounts,
 	}
 
-	var containers []corev1.Container
+	containers := make([]corev1.Container, 0)
 
 	volumeMounts = append(volumeMounts, getScanResultVolumeMount())
 	volumes = append(volumes, getScanResultVolume())
@@ -344,7 +344,7 @@ func GetPodSpecForClientServerFSMode(ctx trivyoperator.PluginContext, config Con
 		VolumeMounts:    volumeMounts,
 	}
 
-	var containers []corev1.Container
+	containers := make([]corev1.Container, 0)
 
 	volumes := []corev1.Volume{
 		{

pkg/plugins/trivy/image.go

@@ -169,7 +169,7 @@ func GetPodSpecForStandaloneMode(ctx trivyoperator.PluginContext,
 		})
 	}
 
-	var containers []corev1.Container
+	containers := make([]corev1.Container, 0)
 
 	volumeMounts = append(volumeMounts, getScanResultVolumeMount())
 	volumes = append(volumes, getScanResultVolume())
@@ -371,7 +371,7 @@ func GetPodSpecForClientServerMode(ctx trivyoperator.PluginContext, config Confi
 		secrets = append(secrets, secret)
 	}
 
-	var containers []corev1.Container
+	containers := make([]corev1.Container, 0)
 
 	trivyConfigName := trivyoperator.GetPluginConfigMapName(Plugin)
 	// add tmp volume mount

pkg/plugins/trivy/jobspec.go

@@ -151,7 +151,7 @@ func getPkgList(ctx trivyoperator.PluginContext) string {
 }
 
 func getSecurityChecks(ctx trivyoperator.PluginContext) string {
-	var securityChecks []string
+	securityChecks := make([]string, 0)
 
 	c := ctx.GetTrivyOperatorConfig()
 	if c.VulnerabilityScannerEnabled() {

pkg/plugins/trivy/plugin.go

@@ -175,8 +175,8 @@ func (p *plugin) ParseReportData(ctx trivyoperator.PluginContext, imageRef strin
 			return vulnReport, secretReport, nil, err
 		}
 	}
-	var vulnerabilities []v1alpha1.Vulnerability
-	var secrets []v1alpha1.ExposedSecret
+	vulnerabilities := make([]v1alpha1.Vulnerability, 0)
+	secrets := make([]v1alpha1.ExposedSecret, 0)
 	for _, report := range reports.Results {
 		addFields := config.GetAdditionalVulnerabilityReportFields()
 		vulnerabilities = append(vulnerabilities, vulnerabilityreport.GetVulnerabilitiesFromScanResult(report, addFields)...)
@@ -189,7 +189,7 @@ func (p *plugin) ParseReportData(ctx trivyoperator.PluginContext, imageRef strin
 }
 
 func getExposedSecretsFromScanResult(report ty.Result) []v1alpha1.ExposedSecret {
-	var secrets []v1alpha1.ExposedSecret
+	secrets := make([]v1alpha1.ExposedSecret, 0)
 
 	for _, sr := range report.Secrets {
 		secrets = append(secrets, v1alpha1.ExposedSecret{

pkg/plugins/trivy/plugin_test.go

@@ -7021,7 +7021,7 @@ func TestGetContainers(t *testing.T) {
 			jobSpec, _, err := instance.GetScanJobSpec(pluginContext, workloadSpec, nil, nil, make(map[string]v1alpha1.SbomReportData))
 			require.NoError(t, err)
 
-			var containers []string
+			containers := make([]string, 0)
 
 			for _, c := range jobSpec.Containers {
 				containers = append(containers, c.Name)

pkg/policy/policy.go

@@ -137,7 +137,7 @@ func (p *Policies) loadPolicies(kind string) ([]string, error) {
 	for _, mod := range modByKind {
 		externalPolicies = append(externalPolicies, mod)
 	}
-	var policies []string
+	policies := make([]string, 0)
 	// read built-in policies
 	if p.cac.GetUseBuiltinRegoPolicies() {
 		policies, _, err = p.policyLoader.GetPoliciesAndBundlePath()

pkg/sbomreport/util.go

@@ -7,7 +7,7 @@ import (
 )
 
 func cycloneDxBomToReport(cbom cdx.BOM, version string) *v1alpha1.BOM {
-	var components []*v1alpha1.Component
+	components := make([]*v1alpha1.Component, 0)
 	for _, c := range *cbom.Components {
 		components = append(components, cycloneDxComponentToReportComponent(c))
 	}
@@ -61,7 +61,7 @@ func cycloneDxComponentToReportComponent(cComp cdx.Component) *v1alpha1.Componen
 }
 
 func cycloneDxHashesToReportHashes(hashes *[]cdx.Hash) []v1alpha1.Hash {
-	var reportHashes []v1alpha1.Hash
+	reportHashes := make([]v1alpha1.Hash, 0)
 	if hashes != nil {
 		for _, h := range *hashes {
 			reportHashes = append(reportHashes, v1alpha1.Hash{
@@ -74,7 +74,7 @@ func cycloneDxHashesToReportHashes(hashes *[]cdx.Hash) []v1alpha1.Hash {
 }
 
 func cycloneDxLicensesToReportLicenses(licenses *cdx.Licenses) []v1alpha1.LicenseChoice {
-	var reportLicenses []v1alpha1.LicenseChoice
+	reportLicenses := make([]v1alpha1.LicenseChoice, 0)
 	if licenses != nil {
 		for _, l := range *licenses {
 			var li v1alpha1.License
@@ -96,7 +96,7 @@ func cycloneDxLicensesToReportLicenses(licenses *cdx.Licenses) []v1alpha1.Licens
 }
 
 func cycloneDxPropertiesToReportProperties(properties *[]cdx.Property) []v1alpha1.Property {
-	var reportProperties []v1alpha1.Property
+	reportProperties := make([]v1alpha1.Property, 0)
 	if properties != nil {
 		for _, p := range *properties {
 			reportProperties = append(reportProperties, v1alpha1.Property{
@@ -109,7 +109,7 @@ func cycloneDxPropertiesToReportProperties(properties *[]cdx.Property) []v1alpha
 }
 
 func cycloneDxDependenciesToReportDependencies(dependencies *[]cdx.Dependency) *[]v1alpha1.Dependency {
-	var reportDependencies []v1alpha1.Dependency
+	reportDependencies := make([]v1alpha1.Dependency, 0)
 	for _, d := range *dependencies {
 		reportDependencies = append(reportDependencies, v1alpha1.Dependency{
 			Ref:          d.Ref,

pkg/trivyoperator/config.go

@@ -207,7 +207,7 @@ func (c ConfigData) GetScanJobTolerations() ([]corev1.Toleration, error) {
 }
 
 func (c ConfigData) ExcludeImages() []string {
-	var patterns []string
+	patterns := make([]string, 0)
 	if excludeImagesPattern, ok := c[keyScanJobExcludeImags]; ok {
 		for _, s := range strings.Split(excludeImagesPattern, ",") {
 			if strings.TrimSpace(s) == "" {
@@ -231,7 +231,7 @@ func (c ConfigData) GetNodeCollectorTolerations() ([]corev1.Toleration, error) {
 }
 
 func (c ConfigData) GetNodeCollectorImagePullsecret() []corev1.LocalObjectReference {
-	var imagePullSecrets []corev1.LocalObjectReference
+	imagePullSecrets := make([]corev1.LocalObjectReference, 0)
 	imagePullSecretValue := c[KeyNodeCollectorImagePullSecret]
 	if c[KeyNodeCollectorImagePullSecret] != "" {
 		imagePullSecrets = append(imagePullSecrets, corev1.LocalObjectReference{Name: imagePullSecretValue})

pkg/utils/util.go

@@ -9,7 +9,7 @@ import (
 // MapKinds map resource data
 func MapKinds(kinds []string) []string {
 	set := hashset.New()
-	var updatedKinds []string
+	updatedKinds := make([]string, 0)
 	for _, kind := range kinds {
 		if !kube.IsValidK8sKind(kind) {
 			continue

pkg/vulnerabilityreport/controller/scanjob.go

@@ -343,7 +343,7 @@ func (r *ScanJobController) completedContainers(ctx context.Context, scanJob *ba
 		}
 		return nil, err
 	}
-	var completedContainers []string
+	completedContainers := make([]string, 0)
 	for container, status := range statuses {
 		if status.ExitCode == 0 {
 			completedContainers = append(completedContainers, container)

pkg/vulnerabilityreport/controller/workload.go

@@ -403,7 +403,7 @@ func (r *WorkloadController) reuseSbomReport(ctx context.Context, owner client.O
 	if err != nil {
 		return err
 	}
-	var sbomReports []v1alpha1.SbomReport
+	sbomReports := make([]v1alpha1.SbomReport, 0)
 	for containerName, sbomReportData := range sbomReportDataMap {
 		sbomReportBuilder := sbomreport.NewReportBuilder(r.Client.Scheme()).
 			Controller(owner).

pkg/vulnerabilityreport/io.go

@@ -139,7 +139,7 @@ type AdditionalFields struct {
 }
 
 func GetVulnerabilitiesFromScanResult(report ty.Result, addFields AdditionalFields) []v1alpha1.Vulnerability {
-	var vulnerabilities []v1alpha1.Vulnerability
+	vulnerabilities := make([]v1alpha1.Vulnerability, 0)
 
 	for _, sr := range report.Vulnerabilities {
 		var pd, lmd string