refactor(credentials): extract pure credential-mutation planning (477.4)#504
Merged
Conversation
… initcmd (477.4) Move plan states/entries, transition classification, staged-key validation, per-store write grouping, the all-profiles active-ref scan, and stale-key calculation into internal/credentials (planning.go). The 'id|source|backend' string map key is replaced by the comparable credentials.StoreIdentity struct via ResolvedSecretsStore.Identity(). Planner and multi-store/shared-ref tests relocated first and pass against the moved logic; initcmd keeps both application paths, preflight, bundle writes, config-save sequencing, key deletion, and rendering. Zero tests deleted (427 -> 432); stale-key policy, overwrite semantics, and error wording unchanged.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Refs #477 — step 4 of 5 of the approved Candidate 1 from the design record.
Extracts the pure credential-mutation planning out of
initcmd(where the whole transition model lived) intointernal/credentials, which already owns store resolution and key validation.Moved (old → new)
initCredentialPlanState→credentials.PlanState;initCredentialPlanEntry→credentials.PlanEntryplanInitCredentials*→credentials.Plan/PlanWithConfigValidatePlannedWriteKeys,MissingRequiredPlannedKeys,ClassifyPlanEntryWriteGroup/GroupWritesByStoreReviewerCredentialCleanupGroup/GroupStaleReviewerCredentialCleanupsByStoreStaleReviewerCredentialKeys"id|source|backend"string map key is gone:credentials.StoreIdentity{ID, Source, Backend}is the comparable key, fromResolvedSecretsStore.Identity().Migration discipline (per the design record)
Planner and multi-store/shared-ref tests were relocated first and proven against the moved logic, then callers switched. Zero tests deleted — 427 → 432 (new coverage for same-name/different-store grouping, multiple cleanup stores, and identity collisions); the original multi-store I/O tests remain in
initcmd.Stayed in initcmd
Both application paths, store opening, no-overwrite preflight, bundle writes, config-save sequencing, key deletion, error mapping, rendering, hints — preserving the write → save → cleanup ordering.
credentialcmduntouched. Stale-key policy, overwrite semantics, and error wording unchanged.Verification
Seven config-show goldens byte-identical and unmodified.
go build,go vet, fullgo test ./...green unsandboxed (60 packages), repo-widegolangci-lint0 issues, architecture harness pass. +768/−584 (net +25 production, +159 tests).Remaining for #477: step 5 (init apply-tail dedup).