From e5b18202f326b9d43165dbb2ca7bf3b83ea0d141 Mon Sep 17 00:00:00 2001 From: sneak Date: Fri, 20 Jun 2025 08:47:32 -0700 Subject: [PATCH] Fix revive package stuttering errors - Rename SecretMetadata to Metadata in secret package - Rename SecretVersion to Version in secret package - Update NewSecretVersion to NewVersion function - Update all references across the codebase including: - vault package aliases - CLI usage - test files - method receivers and signatures --- TODO.md | 5 +++++ internal/cli/version.go | 2 +- internal/secret/metadata.go | 4 ++-- internal/secret/secret.go | 10 +++++----- internal/secret/version.go | 16 ++++++++-------- internal/secret/version_test.go | 14 +++++++------- internal/vault/integration_version_test.go | 8 ++++---- internal/vault/metadata.go | 2 +- internal/vault/secrets.go | 10 +++++----- internal/vault/secrets_version_test.go | 10 +++++----- 10 files changed, 43 insertions(+), 38 deletions(-) diff --git a/TODO.md b/TODO.md index ea81fd1..c53d963 100644 --- a/TODO.md +++ b/TODO.md @@ -6,6 +6,11 @@ prioritized from most critical (top) to least critical (bottom). ## Code Cleanups +* none of the integration tests should be searching for a binary or trying + to execute another process. the integration tests cannot make another + process or depend on a compiled file, they must do all of their testing in + the current (test) process. + * we shouldn't be passing around a statedir, it should be read from the environment or default. diff --git a/internal/cli/version.go b/internal/cli/version.go index 8b86a46..aab6cc8 100644 --- a/internal/cli/version.go +++ b/internal/cli/version.go @@ -114,7 +114,7 @@ func (cli *Instance) ListVersions(cmd *cobra.Command, secretName string) error { // Load and display each version's metadata for _, version := range versions { - sv := secret.NewSecretVersion(vlt, secretName, version) + sv := secret.NewVersion(vlt, secretName, version) // Load metadata if err := sv.LoadMetadata(ltIdentity); err != nil { diff --git a/internal/secret/metadata.go b/internal/secret/metadata.go index e005b47..0662798 100644 --- a/internal/secret/metadata.go +++ b/internal/secret/metadata.go @@ -20,8 +20,8 @@ type UnlockerMetadata struct { Flags []string `json:"flags,omitempty"` } -// SecretMetadata contains information about a secret -type SecretMetadata struct { +// Metadata contains information about a secret +type Metadata struct { CreatedAt time.Time `json:"createdAt"` UpdatedAt time.Time `json:"updatedAt"` } diff --git a/internal/secret/secret.go b/internal/secret/secret.go index 96d2170..7ff3842 100644 --- a/internal/secret/secret.go +++ b/internal/secret/secret.go @@ -28,7 +28,7 @@ type VaultInterface interface { type Secret struct { Name string Directory string - Metadata SecretMetadata + Metadata Metadata vault VaultInterface } @@ -54,7 +54,7 @@ func NewSecret(vault VaultInterface, name string) *Secret { Name: name, Directory: secretDir, vault: vault, - Metadata: SecretMetadata{ + Metadata: Metadata{ CreatedAt: time.Now(), UpdatedAt: time.Now(), }, @@ -109,7 +109,7 @@ func (s *Secret) GetValue(unlocker Unlocker) ([]byte, error) { } // Create version object - version := NewSecretVersion(s.vault, s.Name, currentVersion) + version := NewVersion(s.vault, s.Name, currentVersion) // Check if we have SB_SECRET_MNEMONIC environment variable for direct decryption if envMnemonic := os.Getenv(EnvMnemonic); envMnemonic != "" { @@ -216,7 +216,7 @@ func (s *Secret) LoadMetadata() error { Debug("LoadMetadata called but is deprecated in versioned model", "secret_name", s.Name) // For backward compatibility, we'll populate with basic info now := time.Now() - s.Metadata = SecretMetadata{ + s.Metadata = Metadata{ CreatedAt: now, UpdatedAt: now, } @@ -224,7 +224,7 @@ func (s *Secret) LoadMetadata() error { } // GetMetadata returns the secret metadata (deprecated) -func (s *Secret) GetMetadata() SecretMetadata { +func (s *Secret) GetMetadata() Metadata { Debug("GetMetadata called but is deprecated in versioned model", "secret_name", s.Name) return s.Metadata } diff --git a/internal/secret/version.go b/internal/secret/version.go index 133d812..474b216 100644 --- a/internal/secret/version.go +++ b/internal/secret/version.go @@ -23,8 +23,8 @@ type VersionMetadata struct { NotAfter *time.Time `json:"notAfter,omitempty"` // When this version expires (nil = current) } -// SecretVersion represents a version of a secret -type SecretVersion struct { +// Version represents a version of a secret +type Version struct { SecretName string Version string Directory string @@ -32,8 +32,8 @@ type SecretVersion struct { vault VaultInterface } -// NewSecretVersion creates a new SecretVersion instance -func NewSecretVersion(vault VaultInterface, secretName string, version string) *SecretVersion { +// NewVersion creates a new Version instance +func NewVersion(vault VaultInterface, secretName string, version string) *Version { DebugWith("Creating new secret version instance", slog.String("secret_name", secretName), slog.String("version", version), @@ -51,7 +51,7 @@ func NewSecretVersion(vault VaultInterface, secretName string, version string) * ) now := time.Now() - return &SecretVersion{ + return &Version{ SecretName: secretName, Version: version, Directory: versionDir, @@ -107,7 +107,7 @@ func GenerateVersionName(fs afero.Fs, secretDir string) (string, error) { } // Save saves the version metadata and value -func (sv *SecretVersion) Save(value []byte) error { +func (sv *Version) Save(value []byte) error { DebugWith("Saving secret version", slog.String("secret_name", sv.SecretName), slog.String("version", sv.Version), @@ -223,7 +223,7 @@ func (sv *SecretVersion) Save(value []byte) error { } // LoadMetadata loads and decrypts the version metadata -func (sv *SecretVersion) LoadMetadata(ltIdentity *age.X25519Identity) error { +func (sv *Version) LoadMetadata(ltIdentity *age.X25519Identity) error { DebugWith("Loading version metadata", slog.String("secret_name", sv.SecretName), slog.String("version", sv.Version), @@ -281,7 +281,7 @@ func (sv *SecretVersion) LoadMetadata(ltIdentity *age.X25519Identity) error { } // GetValue retrieves and decrypts the version value -func (sv *SecretVersion) GetValue(ltIdentity *age.X25519Identity) ([]byte, error) { +func (sv *Version) GetValue(ltIdentity *age.X25519Identity) ([]byte, error) { DebugWith("Getting version value", slog.String("secret_name", sv.SecretName), slog.String("version", sv.Version), diff --git a/internal/secret/version_test.go b/internal/secret/version_test.go index 5e4fcc8..4479c53 100644 --- a/internal/secret/version_test.go +++ b/internal/secret/version_test.go @@ -4,7 +4,7 @@ // // - TestGenerateVersionName: Tests version name generation with date and serial format // - TestGenerateVersionNameMaxSerial: Tests the 999 versions per day limit -// - TestNewSecretVersion: Tests secret version object creation +// - TestNewVersion: Tests secret version object creation // - TestSecretVersionSave: Tests saving a version with encryption // - TestSecretVersionLoadMetadata: Tests loading and decrypting version metadata // - TestSecretVersionGetValue: Tests retrieving and decrypting version values @@ -121,7 +121,7 @@ func TestGenerateVersionNameMaxSerial(t *testing.T) { assert.Contains(t, err.Error(), "exceeded maximum versions per day") } -func TestNewSecretVersion(t *testing.T) { +func TestNewVersion(t *testing.T) { fs := afero.NewMemMapFs() vault := &MockVersionVault{ Name: "test", @@ -129,7 +129,7 @@ func TestNewSecretVersion(t *testing.T) { stateDir: "/test", } - sv := NewSecretVersion(vault, "test/secret", "20231215.001") + sv := NewVersion(vault, "test/secret", "20231215.001") assert.Equal(t, "test/secret", sv.SecretName) assert.Equal(t, "20231215.001", sv.Version) @@ -161,7 +161,7 @@ func TestSecretVersionSave(t *testing.T) { require.NoError(t, err) // Create and save a version - sv := NewSecretVersion(vault, "test/secret", "20231215.001") + sv := NewVersion(vault, "test/secret", "20231215.001") testValue := []byte("test-secret-value") err = sv.Save(testValue) @@ -196,7 +196,7 @@ func TestSecretVersionLoadMetadata(t *testing.T) { require.NoError(t, err) // Create and save a version with custom metadata - sv := NewSecretVersion(vault, "test/secret", "20231215.001") + sv := NewVersion(vault, "test/secret", "20231215.001") now := time.Now() epochPlusOne := time.Unix(1, 0) sv.Metadata.NotBefore = &epochPlusOne @@ -206,7 +206,7 @@ func TestSecretVersionLoadMetadata(t *testing.T) { require.NoError(t, err) // Create new version object and load metadata - sv2 := NewSecretVersion(vault, "test/secret", "20231215.001") + sv2 := NewVersion(vault, "test/secret", "20231215.001") err = sv2.LoadMetadata(ltIdentity) require.NoError(t, err) @@ -239,7 +239,7 @@ func TestSecretVersionGetValue(t *testing.T) { require.NoError(t, err) // Create and save a version - sv := NewSecretVersion(vault, "test/secret", "20231215.001") + sv := NewVersion(vault, "test/secret", "20231215.001") originalValue := []byte("test-secret-value-12345") err = sv.Save(originalValue) diff --git a/internal/vault/integration_version_test.go b/internal/vault/integration_version_test.go index 9f47f64..2f235a8 100644 --- a/internal/vault/integration_version_test.go +++ b/internal/vault/integration_version_test.go @@ -84,7 +84,7 @@ func TestVersionIntegrationWorkflow(t *testing.T) { assert.Equal(t, versions[0], currentVersion) // Verify metadata - version := secret.NewSecretVersion(vault, secretName, versions[0]) + version := secret.NewVersion(vault, secretName, versions[0]) err = version.LoadMetadata(ltIdentity) require.NoError(t, err) assert.NotNil(t, version.Metadata.CreatedAt) @@ -120,13 +120,13 @@ func TestVersionIntegrationWorkflow(t *testing.T) { assert.Len(t, versions, 2) // Verify first version metadata was updated with notAfter - firstVersion := secret.NewSecretVersion(vault, secretName, firstVersionName) + firstVersion := secret.NewVersion(vault, secretName, firstVersionName) err = firstVersion.LoadMetadata(ltIdentity) require.NoError(t, err) assert.NotNil(t, firstVersion.Metadata.NotAfter) // Verify second version metadata - secondVersion := secret.NewSecretVersion(vault, secretName, versions[0]) + secondVersion := secret.NewVersion(vault, secretName, versions[0]) err = secondVersion.LoadMetadata(ltIdentity) require.NoError(t, err) assert.NotNil(t, secondVersion.Metadata.NotBefore) @@ -199,7 +199,7 @@ func TestVersionIntegrationWorkflow(t *testing.T) { // Verify the version metadata hasn't changed // (promoting shouldn't modify timestamps) - version := secret.NewSecretVersion(vault, secretName, oldestVersion) + version := secret.NewVersion(vault, secretName, oldestVersion) err = version.LoadMetadata(ltIdentity) require.NoError(t, err) assert.NotNil(t, version.Metadata.NotAfter) // should still have its old notAfter diff --git a/internal/vault/metadata.go b/internal/vault/metadata.go index 5ad5835..e4b3775 100644 --- a/internal/vault/metadata.go +++ b/internal/vault/metadata.go @@ -16,7 +16,7 @@ import ( type ( VaultMetadata = secret.VaultMetadata UnlockerMetadata = secret.UnlockerMetadata - SecretMetadata = secret.SecretMetadata + SecretMetadata = secret.Metadata Configuration = secret.Configuration ) diff --git a/internal/vault/secrets.go b/internal/vault/secrets.go index 17d1c28..fff38f7 100644 --- a/internal/vault/secrets.go +++ b/internal/vault/secrets.go @@ -136,7 +136,7 @@ func (v *Vault) AddSecret(name string, value []byte, force bool) error { // Handle existing secret case now := time.Now() - var previousVersion *secret.SecretVersion + var previousVersion *secret.Version if exists { if !force { @@ -147,7 +147,7 @@ func (v *Vault) AddSecret(name string, value []byte, force bool) error { // Get the current version to update its notAfter timestamp currentVersionName, err := secret.GetCurrentVersion(v.fs, secretDir) if err == nil && currentVersionName != "" { - previousVersion = secret.NewSecretVersion(v, name, currentVersionName) + previousVersion = secret.NewVersion(v, name, currentVersionName) // We'll need to load and update its metadata after we unlock the vault } } else { @@ -170,7 +170,7 @@ func (v *Vault) AddSecret(name string, value []byte, force bool) error { secret.Debug("Generated new version name", "version", versionName, "secret_name", name) // Create new version - newVersion := secret.NewSecretVersion(v, name, versionName) + newVersion := secret.NewVersion(v, name, versionName) // Set version timestamps if previousVersion == nil { @@ -226,7 +226,7 @@ func (v *Vault) AddSecret(name string, value []byte, force bool) error { } // updateVersionMetadata updates the metadata of an existing version -func updateVersionMetadata(fs afero.Fs, version *secret.SecretVersion, ltIdentity *age.X25519Identity) error { +func updateVersionMetadata(fs afero.Fs, version *secret.Version, ltIdentity *age.X25519Identity) error { // Read the version's encrypted private key encryptedPrivKeyPath := filepath.Join(version.Directory, "priv.age") encryptedPrivKey, err := afero.ReadFile(fs, encryptedPrivKeyPath) @@ -320,7 +320,7 @@ func (v *Vault) GetSecretVersion(name string, version string) ([]byte, error) { } // Create version object - secretVersion := secret.NewSecretVersion(v, name, version) + secretVersion := secret.NewVersion(v, name, version) // Check if version exists versionPath := filepath.Join(secretDir, "versions", version) diff --git a/internal/vault/secrets_version_test.go b/internal/vault/secrets_version_test.go index 9ca8f7a..0bf20b4 100644 --- a/internal/vault/secrets_version_test.go +++ b/internal/vault/secrets_version_test.go @@ -196,7 +196,7 @@ func TestVaultVersionTimestamps(t *testing.T) { require.NoError(t, err) require.Len(t, versions, 1) - firstVersion := secret.NewSecretVersion(vault, secretName, versions[0]) + firstVersion := secret.NewVersion(vault, secretName, versions[0]) err = firstVersion.LoadMetadata(ltIdentity) require.NoError(t, err) @@ -222,7 +222,7 @@ func TestVaultVersionTimestamps(t *testing.T) { require.Len(t, versions, 2) // Reload first version metadata (should have notAfter now) - firstVersion = secret.NewSecretVersion(vault, secretName, versions[1]) + firstVersion = secret.NewVersion(vault, secretName, versions[1]) err = firstVersion.LoadMetadata(ltIdentity) require.NoError(t, err) @@ -231,7 +231,7 @@ func TestVaultVersionTimestamps(t *testing.T) { assert.True(t, firstVersion.Metadata.NotAfter.Before(afterSecond.Add(time.Second))) // Check second version timestamps - secondVersion := secret.NewSecretVersion(vault, secretName, versions[0]) + secondVersion := secret.NewVersion(vault, secretName, versions[0]) err = secondVersion.LoadMetadata(ltIdentity) require.NoError(t, err) @@ -272,7 +272,7 @@ func TestUpdateVersionMetadata(t *testing.T) { // Create a version manually to test updateVersionMetadata secretName := "test/secret" versionName := "20231215.001" - version := secret.NewSecretVersion(vault, secretName, versionName) + version := secret.NewVersion(vault, secretName, versionName) // Set initial metadata now := time.Now() @@ -290,7 +290,7 @@ func TestUpdateVersionMetadata(t *testing.T) { require.NoError(t, err) // Load and verify - version2 := secret.NewSecretVersion(vault, secretName, versionName) + version2 := secret.NewVersion(vault, secretName, versionName) err = version2.LoadMetadata(ltIdentity) require.NoError(t, err)