refactor: simplify code across multiple files

- docker.go: simplify imageTag to direct return, remove redundant else
  after return in getImageIdFromDockerDaemonJsonMessages
- ecr.go: use slices.Contains in IsFindingIgnored and
  AreSeverityLevelsValid, simplify GetECRClient to direct return,
  extract newUnsupportedImageFinding helper to reduce duplication
- helpers.go: use map[string]struct{} instead of map[string]bool in
  dedupList for idiomatic set semantics, simplify variable names
- junit.go: simplify time.Duration(1) * time.Second to time.Second

Co-authored-by: Cursor <cursoragent@cursor.com>

Author: Andrey9kin

docker.go

@@ -63,13 +63,7 @@ func imagePush(client *dockerClient.Client, authConfig dockerRegistry.AuthConfig
 }
 
 func imageTag(client *dockerClient.Client, imageId string, newImageId string) error {
-
-	err := client.ImageTag(context.Background(), imageId, newImageId)
-	if err != nil {
-		return err
-	}
-
-	return nil
+	return client.ImageTag(context.Background(), imageId, newImageId)
 }
 
 func getImageIdFromDockerDaemonJsonMessages(message bytes.Buffer) (ImageId, error) {
@@ -90,10 +84,9 @@ func getImageIdFromDockerDaemonJsonMessages(message bytes.Buffer) (ImageId, erro
 			var r dockerTypes.PushResult
 			if err := json.Unmarshal(*jsonMessage.Aux, &r); err != nil {
 				return result, err
-			} else {
-				result.tag = r.Tag
-				result.digest = r.Digest
 			}
+			result.tag = r.Tag
+			result.digest = r.Digest
 		}
 	}
 	return result, nil

ecr.go

@@ -24,6 +24,7 @@ import (
 	"errors"
 	"fmt"
 	"os"
+	"slices"
 	"strings"
 	"time"
 
@@ -37,7 +38,6 @@ import (
 )
 
 func GetFindingSeverityLevelsAsList() []string {
-	// TODO: is there a better way?
 	return []string{
 		string(types.FindingSeverityCritical),
 		string(types.FindingSeverityHigh),
@@ -83,29 +83,19 @@ func GetIgnoredFindings(findings []types.ImageScanFinding, severityLevelsToIgnor
 }
 
 func IsFindingIgnored(finding types.ImageScanFinding, severityLevelsToIgnore []string, cveToIgnore []string) (bool, string) {
-	for _, severityLevel := range severityLevelsToIgnore {
-		if string(finding.Severity) == severityLevel {
-			return true, "Ignored severyity level"
-		}
+	if slices.Contains(severityLevelsToIgnore, string(finding.Severity)) {
+		return true, "Ignored severyity level"
 	}
-	for _, cve := range cveToIgnore {
-		if finding.Name != nil && string(*finding.Name) == cve {
-			return true, "Ignored individual CVE"
-		}
+	if finding.Name != nil && slices.Contains(cveToIgnore, *finding.Name) {
+		return true, "Ignored individual CVE"
 	}
 	return false, ""
 }
 
-// TODO: is there a better way?
 func AreSeverityLevelsValid(levels string) (bool, error) {
+	validLevels := GetFindingSeverityLevelsAsList()
 	for _, level := range strings.Fields(levels) {
-		isValid := false
-		for _, validLevel := range GetFindingSeverityLevelsAsList() {
-			if level == validLevel {
-				isValid = true
-			}
-		}
-		if !isValid {
+		if !slices.Contains(validLevels, level) {
 			return false, fmt.Errorf("%s is not a valid finding severity level. Valid levels are: %s", level, GetFindingSeverityLevelsAsString())
 		}
 	}
@@ -117,10 +107,7 @@ func GetECRClient() (*ecr.Client, error) {
 	if err != nil {
 		return nil, err
 	}
-
-	client := ecr.NewFromConfig(cfg)
-
-	return client, nil
+	return ecr.NewFromConfig(cfg), nil
 }
 
 func getAuthorizationToken(client *ecr.Client) ([]types.AuthorizationData, error) {
@@ -173,6 +160,14 @@ func GetECRRepo(registryName string) (reference.Named, error) {
 	return reg, nil
 }
 
+func newUnsupportedImageFinding(description string) []types.ImageScanFinding {
+	return []types.ImageScanFinding{{
+		Name:        aws.String("ECR_ERROR_UNSUPPORTED_IMAGE"),
+		Description: aws.String(description),
+		Severity:    types.FindingSeverityInformational,
+	}}
+}
+
 func GetImageScanResults(client *ecr.Client, imageId ImageId, ecrRepoName string, timeout time.Duration) ([]types.ImageScanFinding, error) {
 	input := ecr.DescribeImageScanFindingsInput{
 		ImageId: &types.ImageIdentifier{
@@ -210,11 +205,7 @@ func GetImageScanResults(client *ecr.Client, imageId ImageId, ecrRepoName string
 				continue
 			}
 			// Exhausted retries - treat as unsupported image
-			findings = []types.ImageScanFinding{{
-				Name:        aws.String("ECR_ERROR_UNSUPPORTED_IMAGE"),
-				Description: aws.String("Image scan does not exist - image is not supported for scanning"),
-				Severity:    types.FindingSeverityInformational}}
-			return findings, nil
+			return newUnsupportedImageFinding("Image scan does not exist - image is not supported for scanning"), nil
 		}
 		// For non-ScanNotFound errors, fall through to legacy error handling
 		break
@@ -232,11 +223,7 @@ func GetImageScanResults(client *ecr.Client, imageId ImageId, ecrRepoName string
 		if failedOutput.ImageScanStatus.Status == types.ScanStatusFailed &&
 			failedOutput.ImageScanStatus.Description != nil &&
 			strings.Contains(*failedOutput.ImageScanStatus.Description, "UnsupportedImageError") {
-			findings = []types.ImageScanFinding{{
-				Name:        aws.String("ECR_ERROR_UNSUPPORTED_IMAGE"),
-				Description: failedOutput.ImageScanStatus.Description,
-				Severity:    types.FindingSeverityInformational}}
-			return findings, nil
+			return newUnsupportedImageFinding(*failedOutput.ImageScanStatus.Description), nil
 		}
 
 		return nil, waiterErr

helpers.go

@@ -18,17 +18,13 @@ limitations under the License.
 package main
 
 func dedupList(inList []string) []string {
-	// Use look up table to avoid iterating over the list
-	// again and again
-	lookUpTable := make(map[string]bool)
-	outList := []string{}
+	seen := make(map[string]struct{})
+	result := []string{}
 	for _, item := range inList {
-		// if the item is in the look up table then we should
-		// have it in the list
-		if _, value := lookUpTable[item]; !value {
-			lookUpTable[item] = true
-			outList = append(outList, item)
+		if _, exists := seen[item]; !exists {
+			seen[item] = struct{}{}
+			result = append(result, item)
 		}
 	}
-	return outList
+	return result
 }

junit.go

@@ -50,7 +50,7 @@ func WriteJunitReport(findings []types.ImageScanFinding, output io.Writer) error
 		}
 		test := parser.Test{
 			Name:     severity,
-			Duration: time.Duration(1) * time.Second,
+			Duration: time.Second,
 			Result:   result,
 			Output:   output,
 		}