refactor: generate layer4 types from cue schema

This change updates layer4 to rely on generated types.

This change also removes the Changes and CorruptedState types.

Signed-off-by: Travis Truman <[email protected]>

Author: trumant

.github/workflows/ci.yml

@@ -44,7 +44,7 @@ jobs:
 
       - name: Quality Gate - Test coverage shall be above threshold
         env:
-          TESTCOVERAGE_THRESHOLD: 72
+          TESTCOVERAGE_THRESHOLD: 71
         run: |
           echo "Quality Gate: checking test coverage is above threshold ..."
           echo "Threshold             : $TESTCOVERAGE_THRESHOLD %"

Makefile

@@ -39,10 +39,13 @@ cuegen:
 	@mv cue_types_gen.go layer2/generated_types.go
 	@cue exp gengotypes ./schemas/layer-3.cue
 	@mv cue_types_gen.go layer3/generated_types.go
+	@cue exp gengotypes ./schemas/layer-4.cue
+	@mv cue_types_gen.go layer4/generated_types.go
 	@go build -o utils/types_tagger utils/types_tagger.go
 	@utils/types_tagger layer1/generated_types.go
 	@utils/types_tagger layer2/generated_types.go
 	@utils/types_tagger layer3/generated_types.go
+	@utils/types_tagger layer4/generated_types.go
 	@rm utils/types_tagger
 
 dirtycheck:

layer4/assessment_log.go

@@ -9,40 +9,9 @@ import (
 	"time"
 )
 
-// AssessmentLog is a struct that contains the results of a single step within a ControlEvaluation.
-type AssessmentLog struct {
-	// RequirementID is the unique identifier for the requirement being tested
-	RequirementId string `yaml:"requirement-id"`
-	// ProcedureId uniquely identifies the assessment procedure associated with the log
-	ProcedureId string `json:"procedure-id,omitempty"`
-	// Applicability is a slice of identifier strings to determine when this test is applicable
-	Applicability []string `yaml:"applicability"`
-	// Description is a human-readable description of the test
-	Description string `yaml:"description"`
-	// Result is true if the test passed
-	Result Result `yaml:"result"`
-	// Message is the human-readable result of the test
-	Message string `yaml:"message"`
-	// Steps is a slice of steps that were executed during the test
-	Steps []AssessmentStep `yaml:"steps"`
-	// StepsExecuted is the number of steps that were executed during the test
-	StepsExecuted int `yaml:"steps-executed,omitempty"`
-	// Start is the time the assessment run began.
-	Start string `yaml:"start"`
-	// End is the time the assessment run finished.
-	// This is omitted if the assessment was interrupted or did not complete.
-	End string `yaml:"end,omitempty"`
-	// Value is the object that was returned during the test
-	Value interface{} `yaml:"value,omitempty"`
-	// Changes is a slice of changes that were made during the test
-	Changes map[string]*Change `yaml:"changes,omitempty"`
-	// Recommendation is a string to aid users in remediation, such as the text from a layer 2 assessment requirement
-	Recommendation string `yaml:"recommendation,omitempty"`
-}
-
 // AssessmentStep is a function type that inspects the provided targetData and returns a Result with a message.
 // The message may be an error string or other descriptive text.
-type AssessmentStep func(payload interface{}, c map[string]*Change) (Result, string)
+type AssessmentStep func(payload interface{}) (Result, string)
 
 func (as AssessmentStep) String() string {
 	// Get the function pointer correctly
@@ -81,71 +50,34 @@ func (a *AssessmentLog) AddStep(step AssessmentStep) {
 
 func (a *AssessmentLog) runStep(targetData interface{}, step AssessmentStep) Result {
 	a.StepsExecuted++
-	result, message := step(targetData, a.Changes)
+	result, message := step(targetData)
 	a.Result = UpdateAggregateResult(a.Result, result)
 	a.Message = message
 	return result
 }
 
 // Run will execute all steps, halting if any step does not return layer4.Passed.
-func (a *AssessmentLog) Run(targetData interface{}, changesAllowed bool) Result {
+func (a *AssessmentLog) Run(targetData interface{}) Result {
+	a.Result = NotRun
 	if a.Result != NotRun {
 		return a.Result
 	}
 
-	a.Start = time.Now().Format(time.RFC3339)
+	a.Start = Datetime(time.Now().Format(time.RFC3339))
 	err := a.precheck()
 	if err != nil {
 		a.Result = Unknown
 		return a.Result
 	}
-	for _, change := range a.Changes {
-		if changesAllowed {
-			change.Allow()
-		}
-	}
 	for _, step := range a.Steps {
 		if a.runStep(targetData, step) == Failed {
 			return Failed
 		}
 	}
-	a.End = time.Now().Format(time.RFC3339)
+	a.End = Datetime(time.Now().Format(time.RFC3339))
 	return a.Result
 }
 
-// NewChange creates a new Change object and adds it to the AssessmentLog.
-func (a *AssessmentLog) NewChange(
-	changeName,
-	targetName,
-	description string,
-	targetObject interface{},
-	applyFunc ApplyFunc,
-	revertFunc RevertFunc,
-) *Change {
-	change := NewChange(targetName, description, targetObject, applyFunc, revertFunc)
-	if a.Changes == nil {
-		a.Changes = make(map[string]*Change)
-	}
-	a.Changes[changeName] = &change
-	return &change
-}
-
-// RevertChanges reverts all changes made by the assessment.
-// It will not revert changes that have not been applied.
-func (a *AssessmentLog) RevertChanges() (corrupted bool) {
-	for _, change := range a.Changes {
-		if !corrupted && (change.Applied || change.Error != nil) {
-			if !change.Reverted {
-				change.Revert(nil)
-			}
-			if change.Error != nil || !change.Reverted {
-				corrupted = true // do not break loop here; continue attempting to revert all changes
-			}
-		}
-	}
-	return
-}
-
 // precheck verifies that the assessment has all the required fields.
 // It returns an error if the assessment is not valid.
 func (a *AssessmentLog) precheck() error {

layer4/assessment_log_test.go

@@ -115,119 +115,17 @@ func TestRun(t *testing.T) {
 	for _, data := range getAssessmentsTestData() {
 		t.Run(data.testName, func(t *testing.T) {
 			a := data.assessment // copy the assessment to prevent duplicate executions in the next test
-			result := a.Run(nil, true)
+			result := a.Run(nil)
 			if result != a.Result {
 				t.Errorf("expected match between Run return value (%s) and assessment Result value (%s)", result, data.expectedResult)
 			}
-			if a.StepsExecuted != data.numberOfStepsToRun {
+			if a.StepsExecuted != int64(data.numberOfStepsToRun) {
 				t.Errorf("expected to run %d tests, got %d", data.numberOfStepsToRun, a.StepsExecuted)
 			}
 		})
 	}
 }
 
-func TestRunB(t *testing.T) {
-	for _, data := range getAssessmentsTestData() {
-		t.Run(data.testName+"-no-changes", func(t *testing.T) {
-			data.assessment.Run(nil, false)
-			if data.assessment.StepsExecuted != data.numberOfStepsToRun {
-				t.Errorf("expected to run %d tests, got %d", data.numberOfStepsToRun, data.assessment.StepsExecuted)
-			}
-			for _, change := range data.assessment.Changes {
-				if change.Allowed {
-					t.Errorf("expected all changes to be disallowed, but found an allowed change")
-					return
-				}
-				if change.Applied || change.Reverted {
-					t.Errorf("expected no changes to be applied, but found applied=%t, reverted=%t", change.Applied, change.Reverted)
-					return
-				}
-			}
-		})
-	}
-}
-
-// TestNewChange ensures that NewChange creates a new Change object and adds it to the AssessmentLog
-func TestNewChange(t *testing.T) {
-	anyOldAssessment := AssessmentLog{}
-	testName := "Add-a-new-change"
-	t.Run(testName, func(t *testing.T) {
-		if len(anyOldAssessment.Changes) != 0 {
-			t.Errorf("Expected empty assessment object to start with 0 Change objects, got %d", len(anyOldAssessment.Changes))
-		}
-		change := anyOldAssessment.NewChange(testName, "targetName", "description", nil, goodApplyFunc, goodRevertFunc)
-		if len(anyOldAssessment.Changes) != 1 {
-			t.Errorf("Expected assessment object to have 1 Change object, got %d", len(anyOldAssessment.Changes))
-		}
-		if change == nil {
-			t.Error("expected a change object to be returned by NewChange, got nil")
-		}
-		if change != anyOldAssessment.Changes[testName] {
-			t.Errorf("Found different change object in assessment object than the one returned by NewChange")
-		}
-
-	})
-}
-
-// TestRevertChanges ensures that RevertChanges attempts to revert all changes in the AssessmentLog
-func TestRevertChanges(t *testing.T) {
-	revertChangesTestData := []struct {
-		testName   string
-		assessment AssessmentLog
-		corrupted  bool
-	}{
-		{
-			testName:   "No changes",
-			assessment: AssessmentLog{},
-			corrupted:  false,
-		},
-		{
-			testName:   "Change already applied and reverted",
-			assessment: AssessmentLog{Changes: map[string]*Change{"test": goodRevertedChangePtr()}},
-			corrupted:  false,
-		},
-		{
-			testName:   "Change without apply function",
-			assessment: AssessmentLog{Changes: map[string]*Change{"test": noApplyChangePtr()}},
-			corrupted:  true,
-		},
-		{
-			testName:   "Change with error from apply function",
-			assessment: AssessmentLog{Changes: map[string]*Change{"test": badApplyChangePtr()}},
-			corrupted:  true,
-		},
-		{
-			testName:   "Change with error from revert function",
-			assessment: AssessmentLog{Changes: map[string]*Change{"test": badRevertChangePtr()}},
-			corrupted:  true,
-		},
-		{
-			testName:   "Change previously applied and needs reverted",
-			assessment: AssessmentLog{Changes: map[string]*Change{"test": goodNotRevertedChangePtr()}},
-			corrupted:  false,
-		},
-		{
-			testName:   "Two changes already applied, with one already reverted",
-			assessment: passingAssessment(),
-			corrupted:  false,
-		},
-	}
-	for _, data := range revertChangesTestData {
-		t.Run(data.testName, func(t *testing.T) {
-			for _, change := range data.assessment.Changes {
-				if !change.Allowed {
-					return
-				}
-				change.Apply("target_name", "target_object", "change_input")
-			}
-			corrupted := data.assessment.RevertChanges()
-			if corrupted != data.corrupted {
-				t.Errorf("expected corruption to be %t, got %t", data.corrupted, corrupted)
-			}
-		})
-	}
-}
-
 func TestNewAssessment(t *testing.T) {
 	newAssessmentsTestData := []struct {
 		testName      string