Refactor package structure (#226)

* refactor: move code to controller package * refactor: split packages
suzuki-shunsuke · Nov 17, 2023 · ef100db · ef100db
1 parent e19ed22
commit ef100db
Show file tree

Hide file tree

Showing 28 changed files with 453 additions and 450 deletions.
diff --git a/pkg/cli/deny_read_all_policy_internal_test.go b/pkg/cli/deny_read_all_policy_internal_test.go
diff --git a/pkg/cli/deny_write_all_policy_internal_test.go b/pkg/cli/deny_write_all_policy_internal_test.go
diff --git a/pkg/cli/job_permissions_policy_internal_test.go b/pkg/cli/job_permissions_policy_internal_test.go
diff --git a/pkg/cli/run.go b/pkg/cli/run.go
@@ -1,13 +1,10 @@
 package cli
 
 import (
-	"context"
-	"errors"
 	"os"
 
-	"github.com/sirupsen/logrus"
+	"github.com/suzuki-shunsuke/ghalint/pkg/controller"
 	"github.com/suzuki-shunsuke/ghalint/pkg/log"
-	"github.com/suzuki-shunsuke/logrus-error/logerr"
 	"github.com/urfave/cli/v2"
 )
 
@@ -18,70 +15,7 @@ func (r *Runner) Run(ctx *cli.Context) error {
 		log.SetColor(color, logE)
 	}
 
-	return r.run(ctx.Context, logE)
-}
-
-func (r *Runner) run(ctx context.Context, logE *logrus.Entry) error {
-	cfg := &Config{}
-	if cfgFilePath := findConfig(r.fs); cfgFilePath != "" {
-		if err := readConfig(r.fs, cfg, cfgFilePath); err != nil {
-			logE.WithError(err).Error("read a configuration file")
-			return err
-		}
-	}
-	if err := validateConfig(cfg); err != nil {
-		logE.WithError(err).Error("validate a configuration file")
-		return err
-	}
-	filePaths, err := listWorkflows(r.fs)
-	if err != nil {
-		logE.Error(err)
-		return err
-	}
-	policies := []Policy{
-		&JobPermissionsPolicy{},
-		NewWorkflowSecretsPolicy(),
-		NewJobSecretsPolicy(),
-		&DenyReadAllPermissionPolicy{},
-		&DenyWriteAllPermissionPolicy{},
-		&DenyInheritSecretsPolicy{},
-		&DenyJobContainerLatestImagePolicy{},
-		NewActionRefShouldBeSHA1Policy(),
-	}
-	failed := false
-	for _, filePath := range filePaths {
-		logE := logE.WithField("workflow_file_path", filePath)
-		if r.validateWorkflow(ctx, logE, cfg, policies, filePath) {
-			failed = true
-		}
-	}
-	if failed {
-		return errors.New("some workflow files are invalid")
-	}
-	return nil
-}
-
-func (r *Runner) validateWorkflow(ctx context.Context, logE *logrus.Entry, cfg *Config, policies []Policy, filePath string) bool {
-	wf := &Workflow{
-		FilePath: filePath,
-	}
-	if err := readWorkflow(r.fs, filePath, wf); err != nil {
-		logerr.WithError(logE, err).Error("read a workflow file")
-		return true
-	}
-
-	failed := false
-	for _, policy := range policies {
-		logE := logE.WithField("policy_name", policy.Name())
-		if err := policy.Apply(ctx, logE, cfg, wf); err != nil {
-			failed = true
-			continue
-		}
-	}
-	return failed
-}
+	ctrl := controller.New(r.fs)
 
-type Policy interface {
-	Name() string
-	Apply(ctx context.Context, logE *logrus.Entry, cfg *Config, wf *Workflow) error
+	return ctrl.Run(ctx.Context, logE) //nolint:wrapcheck
 }
diff --git a/pkg/cli/config.go → pkg/config/config.go b/pkg/cli/config.go → pkg/config/config.go
@@ -1,4 +1,4 @@
-package cli
+package config
 
 import (
 	"errors"
@@ -19,7 +19,7 @@ type Exclude struct {
 	ActionName       string `yaml:"action_name"`
 }
 
-func findConfig(fs afero.Fs) string {
+func Find(fs afero.Fs) string {
 	for _, filePath := range []string{"ghalint.yaml", ".ghalint.yaml", "ghalint.yml", ".ghalint.yml"} {
 		if _, err := fs.Stat(filePath); err == nil {
 			return filePath
@@ -28,7 +28,7 @@ func findConfig(fs afero.Fs) string {
 	return ""
 }
 
-func readConfig(fs afero.Fs, cfg *Config, filePath string) error {
+func Read(fs afero.Fs, cfg *Config, filePath string) error {
 	f, err := fs.Open(filePath)
 	if err != nil {
 		return fmt.Errorf("open a configuration file: %w", err)
@@ -40,7 +40,7 @@ func readConfig(fs afero.Fs, cfg *Config, filePath string) error {
 	return nil
 }
 
-func validateConfig(cfg *Config) error {
+func Validate(cfg *Config) error {
 	for _, exclude := range cfg.Excludes {
 		if exclude.PolicyName == "" {
 			return errors.New(`policy_name is required`)