fix(lint): check error return values in signing package

- Check json.Encoder.Encode errors in test mock servers
- Explicitly ignore resp.Body.Close error in defer context

Co-authored-by: Ona <no-reply@ona.com>

Author: leodido

pkg/leeway/signing/attestation.go

@@ -497,7 +497,7 @@ func fetchGitHubOIDCToken(ctx context.Context, audience string) (string, error)
 	if err != nil {
 		return "", fmt.Errorf("failed to fetch token: %w", err)
 	}
-	defer resp.Body.Close()
+	defer func() { _ = resp.Body.Close() }()
 
 	// Check response status
 	if resp.StatusCode != http.StatusOK {

pkg/leeway/signing/attestation_test.go

@@ -1122,7 +1122,9 @@ func TestFetchGitHubOIDCToken(t *testing.T) {
 						t.Error("Missing or invalid Authorization header")
 					}
 					w.WriteHeader(http.StatusOK)
-					_ = json.NewEncoder(w).Encode(map[string]string{"value": "test-token-12345"})
+					if err := json.NewEncoder(w).Encode(map[string]string{"value": "test-token-12345"}); err != nil {
+						t.Errorf("Failed to encode response: %v", err)
+					}
 				}))
 			},
 			audience:    "sigstore",
@@ -1155,7 +1157,9 @@ func TestFetchGitHubOIDCToken(t *testing.T) {
 			mockServer: func(t *testing.T) *httptest.Server {
 				return httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 					w.WriteHeader(http.StatusOK)
-					_ = json.NewEncoder(w).Encode(map[string]string{"value": ""})
+					if err := json.NewEncoder(w).Encode(map[string]string{"value": ""}); err != nil {
+						t.Errorf("Failed to encode response: %v", err)
+					}
 				}))
 			},
 			audience:      "sigstore",