Documentation
¶
Index ¶
- Variables
- func ParseCheckSelection(skip string) (map[CheckName]bool, error)
- func RunConfigCheck(cfg *config.Config, scanDir string) ([]Finding, CheckResult, error)
- func RunToolCheck(dir string) ([]Finding, CheckResult, *toolcheck.Report, error)
- func ValidCheckName(name string) bool
- type CheckName
- type CheckResult
- type CheckStatus
- type Finding
- type Formatter
- type MiseToolConfig
- type Report
- type Runner
Constants ¶
This section is empty.
Variables ¶
var ErrMiseTomlNotFound = errors.New(".mise.toml not found")
ErrMiseTomlNotFound is returned when .mise.toml does not exist in the given directory.
var ErrUnknownCheck = errors.New("unknown check")
ErrUnknownCheck indicates an invalid check name was provided.
var ErrUnsupportedFormat = errors.New("unsupported format")
ErrUnsupportedFormat indicates an unsupported output format was requested.
Functions ¶
func ParseCheckSelection ¶
ParseCheckSelection parses the --skip flag value into a check map. Returns nil (run all) when skip is empty.
func RunConfigCheck ¶
RunConfigCheck detects version constraint drift in .tf files against .tfskel.yaml and checks .terraform-version files for version mismatches.
func RunToolCheck ¶
RunToolCheck detects missing or inactive required tools and compares installed versions against expected versions from .mise.toml.
Tool presence is checked globally via PATH (tools are system-wide), while expected version pins come from the project's .mise.toml in dir.
func ValidCheckName ¶
ValidCheckName returns true if the given name is a valid check.
Types ¶
type CheckName ¶
type CheckName string
CheckName identifies which validation check produced a finding.
CheckName constants for the validation checks.
type CheckResult ¶
type CheckResult struct {
Check CheckName `json:"check"`
Status CheckStatus `json:"status"`
Total int `json:"total"`
Passed int `json:"passed"`
Issues int `json:"issues"`
AffectedResources int `json:"affectedResources,omitempty"` // unique resources with findings (e.g. unique tools)
}
CheckResult holds the summary outcome for a single check.
type CheckStatus ¶
type CheckStatus string
CheckStatus represents the outcome of a single check.
const ( StatusPass CheckStatus = "pass" StatusFail CheckStatus = "fail" StatusError CheckStatus = "error" StatusSkipped CheckStatus = "skipped" )
CheckStatus constants for check outcomes.
type Finding ¶
type Finding struct {
Check CheckName `json:"check"`
Resource string `json:"resource"` // file path, tool name, or provider name
Component string `json:"component,omitempty"` // e.g. "terraform", "aws" for config check
Message string `json:"message"`
Expected string `json:"expected,omitempty"` // what config/mise.toml says
Actual string `json:"actual,omitempty"` // what was found
Detail string `json:"detail,omitempty"` // remediation hint
}
Finding represents a single diff between expected and actual state. All findings are equal — there is no severity hierarchy.
type Formatter ¶
type Formatter struct {
// contains filtered or unexported fields
}
Formatter handles output formatting for validation reports.
func NewFormatter ¶
NewFormatter creates a new formatter.
type MiseToolConfig ¶
MiseToolConfig holds the parsed [tools] section from a .mise.toml file.
func ParseMiseToml ¶
func ParseMiseToml(dir string) (*MiseToolConfig, error)
ParseMiseToml reads and parses .mise.toml from the given directory. Returns ErrMiseTomlNotFound if the file does not exist.
type Report ¶
type Report struct {
Checks []CheckResult `json:"checks"`
Findings []Finding `json:"findings"`
// Directory is the scan root (the working directory at invocation time).
// Distinct from ProjectRoot: when validate is invoked from a subdir of the
// project, Directory is that subdir while ProjectRoot is filepath.Dir(configPath).
// The table header renders both lines when they differ.
Directory string `json:"directory,omitempty"`
// ProjectRoot is the absolute path to the project root, defined as the
// directory that contains the loaded .tfskel.yaml.
ProjectRoot string `json:"projectRoot,omitempty"`
// ConfigPath is the absolute path to the loaded tfskel config file.
ConfigPath string `json:"configPath,omitempty"`
// Environments are the environment names defined in config (sorted).
Environments []string `json:"environments,omitempty"`
// Regions are the AWS regions defined in config.
Regions []string `json:"regions,omitempty"`
// ToolReport holds the raw toolcheck report for detailed table rendering.
// Excluded from JSON/CSV output — only used by the table formatter.
ToolReport *toolcheck.Report `json:"-"`
}
Report is the top-level validation result.
func (*Report) ExitCode ¶
ExitCode returns the appropriate exit code for CI/CD. 0 = all pass, 1 = findings detected, 2 = execution errors.
func (*Report) IssueCount ¶
IssueCount returns the total number of findings across all checks.
type Runner ¶
type Runner struct {
// contains filtered or unexported fields
}
Runner orchestrates validation checks.
func NewRunner ¶
func NewRunner(cfg *config.Config, dir string, checks map[CheckName]bool, configPath string) *Runner
NewRunner creates a runner that will execute the specified checks.
cfg must be non-nil when Runner.Run is called; it dereferences Provider.AWS fields guaranteed by config.Validate.
configPath is the absolute path to the loaded .tfskel.yaml; the caller (cmd/validate.go) resolves it via filepath.Abs before passing it in.
Source Files