feat(git): implement git audit module#6
Merged
Merged
Conversation
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Implements git command executor wrapper using os/exec with timeout support, helper methods for branch listing, commit dates, and repo statistics. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add CheckRepoSize() using git count-objects -vH to detect repos exceeding size threshold (default 500MB). Returns MEDIUM severity finding if threshold exceeded. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add CheckStaleBranches() to list all branches and detect those not updated in configured days (default 90). Returns LOW severity finding for each stale branch. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add CheckLargeFiles() to scan tracked files and detect those exceeding size threshold (default 50MB). Returns MEDIUM severity finding for each large file found. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add unit tests for convertToMB function covering all size units (B, KB, MB, GB, TB, MiB, GiB) and threshold comparison logic. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add unit tests for branch age calculation, name parsing, threshold comparison, file size parsing, and regex pattern matching. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add Runner struct with RunAll() method that orchestrates all three git checks: repo-size, stale-branches, large-files. Follows AWS runner pattern with closure-based check list and error aggregation. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Implement audit git command with --repo flag. Uses git runner to execute checks for repo size, stale branches, and large files. Follows same pattern as AWS and Docker audit commands. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add unit tests for runner execution, results aggregation, and severity level validation. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Implements the complete git audit module for
devopsctl.internal/git/client.go): lightweight wrapper for executing git commands safelyinternal/git/size.go): detects repos exceeding configured size thresholdsinternal/git/branches.go): flags branches with no recent commitsinternal/git/files.go): identifies files exceeding size limitsinternal/git/runner.go): orchestrates all git checks and returns[]CheckResultinternal/cli/audit.go):devopsctl audit gitcommand wired to runnerinternal/git/*_test.go): coverage for size check, stale branch detection, large file scanner, runner, and error handlingTest plan
go build ./...passesgo test ./...passes (all git package tests green)go vet ./...produces no warningsdevopsctl audit gitcommand runs without error🤖 Generated with Claude Code