Skip to content

chore(build): simplify makefile tool paths and regenerate kitchen-sink test data #2958

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
moshloop wants to merge 48 commits into
base: main
Choose a base branch
from
Open

chore(build): simplify makefile tool paths and regenerate kitchen-sink test data #2958

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
48 commits
Select commit Hold shift + click to select a range
5941007
test(auth): add comprehensive OIDC storage and token validation tests
moshloop Mar 20, 2026
e1e69bf
style(auth): apply gofmt formatting
moshloop Mar 20, 2026
eb65bfd
feat(auth): add OIDC support for Kratos auth mode
moshloop Mar 20, 2026
ab9a21b
fix(auth): address PR review comments from CodeRabbit and CodeQL
moshloop Mar 20, 2026
0cc044a
chore: pass context to oidc matcher and return err
adityathebe Mar 20, 2026
be05923
fix(oidc): mark auth request as done after successful login
adityathebe Mar 20, 2026
5dad17a
fix(oidc): prevent nil function panic when restricting token scopes
adityathebe Mar 20, 2026
ceec9e3
fix(auth): refine OIDC skip-auth path matching
adityathebe Mar 20, 2026
6800d87
fix(oidc): expose provider endpoints on discovery paths
adityathebe Mar 20, 2026
17c8355
fix: support /authorize prefix due to /authorize/callback
adityathebe Mar 20, 2026
d7ad4b3
feat(auth): add embedded oidc provider with styled login ui and token…
moshloop Mar 22, 2026
fc80676
fix(auth): normalize oidc issuer url to base public url
moshloop Mar 22, 2026
160e171
feat(auth): enhance oidc with styled login ui and token refresh support
moshloop Mar 22, 2026
300791d
fix(ci): bump golangci-lint to v2.11.4 and add tailwind download to b…
moshloop Mar 23, 2026
3e1cafa
fix: remove tailwind.min.js from tracked files (downloaded at build t…
moshloop Mar 23, 2026
0b1275d
fix(ci): move tailwind download rule before targets that depend on it
moshloop Mar 23, 2026
e1806b6
fix(ci): build binary before ci-test for OIDC e2e tests
moshloop Mar 23, 2026
4a84886
refactor: move oidc_e2e tests to tests/e2e/oidc, add chrome no-sandbox
moshloop Mar 23, 2026
85f5052
refactor: extract shared facet rendering backend into report package
moshloop Mar 30, 2026
e85e510
refactor(report): optimize report layouts and styling for better pdf …
moshloop Mar 31, 2026
c6e2baa
feat(db): add access and access logs query functions for ui
moshloop Mar 31, 2026
92e5bce
feat(api): add catalog get command for detailed config item inspection
moshloop Mar 31, 2026
4cdf95e
feat(api): add access and access logs sections to application views
moshloop Mar 31, 2026
7d0d623
feat(report): add catalog and RBAC matrix report components
moshloop Apr 5, 2026
681c32e
fix(api): remove premature defer stop calls and improve resource cleanup
moshloop Apr 5, 2026
b618a65
feat(report): show date range on catalog report cover page
moshloop Apr 6, 2026
b3a4a70
fix(report): use actual dates instead of 'now' in cover page date range
moshloop Apr 6, 2026
54ff450
refactor(report): extract shared CoverPage and CatalogList components
moshloop Apr 6, 2026
e403488
feat(api): add catalog and tree report commands with export support
moshloop Apr 7, 2026
4557a9c
refactor(api): clean up imports and simplify artifact handling
moshloop Apr 7, 2026
7ecce47
refactor(ui): extract kitchen sink pages into modular components
moshloop Apr 7, 2026
d065da7
feat(catalog_report): add settings, audit trail, and change categoriz…
moshloop Apr 7, 2026
d1cede8
refactor(ui): replace category mapping record type with structured in…
moshloop Apr 10, 2026
353b3fa
feat(report): add audit findings report and group membership visualiz…
moshloop Apr 10, 2026
7e56856
refactor(catalog)!: move catalog_report package to report/catalog wit…
moshloop Apr 10, 2026
ac38312
feat(api): detect and auto-heal misaligned backend server urls
moshloop Apr 10, 2026
94e0ed9
feat(api): add bearer token scope filtering for azure portal login
moshloop Apr 12, 2026
cbf79ae
chore(build): simplify makefile tool paths and regenerate kitchen-sin…
moshloop Apr 14, 2026
4ef8c54
chore(build): update dependencies and add audit finding schemas
moshloop Apr 14, 2026
77ff874
feat(api): Add MCP metadata field to ViewSpec for LLM tool registration
moshloop Apr 15, 2026
afdf2b8
ci: add gavel configuration for pre-build dependencies
moshloop Apr 15, 2026
d308c87
fix(report): Add nil check for CEL compilation issues and remove unus…
moshloop Apr 15, 2026
f1cc0d3
refactor(auth/oidc,db): refactor MFA filter logic and mount OAuth rou…
moshloop Apr 15, 2026
f6cdb9a
chore(deps): bump @flanksource/facet to 0.1.38
moshloop Apr 15, 2026
6333760
refactor(report): improve report rendering with conditional sections …
moshloop Apr 16, 2026
608dffa
refactor(auth): Replace custom StringList with pq.StringArray
moshloop Apr 16, 2026
5771d74
refactor(cmd,db): improve error handling and remove duplicate Makefil…
moshloop Apr 16, 2026
391db7d
fix(cmd,db,report): improve error handling and fix database queries
moshloop Apr 16, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .gavel.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
pre:
- run: make build
8 changes: 8 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,3 +48,11 @@ specs/
**/*.pem
**/*.key
auth/oidc/static/tailwind.min.js
**/*.pem
**/*.key
report/*.png
report/*.pdf
*.pdf
*.png
.playwright-mcp/
out.*
16 changes: 10 additions & 6 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,8 +58,9 @@ test:
--succinct --label-filter='!ignore_local'

.PHONY: ci-test
ci-test:
ginkgo -r -p --skip-package=tests/e2e --keep-going --junit-report junit-report.xml --github-output --output-dir test-reports --succinct
ci-test: $(TAILWIND_JS) $(LOCALBIN)
go build -o ./.bin/$(NAME) main.go
ginkgo -r --skip-package=tests/e2e --keep-going --junit-report junit-report.xml --github-output --output-dir test-reports --succinct

.PHONY: e2e
e2e: $(TAILWIND_JS)
Expand Down Expand Up @@ -149,7 +150,7 @@ build: static
go build -o ./.bin/$(NAME) -ldflags "-X \"main.version=$(VERSION_TAG) built at $(DATE)\"" main.go

.PHONY: dev
dev:
dev: static
# Disabling CGO because of slow build times in apple silicon (just experimenting)
CGO_ENABLED=0 go build -v -o ./.bin/$(NAME) -gcflags="all=-N -l" main.go
Comment on lines +153 to 155
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot Apr 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Add $(LOCALBIN) as a prerequisite for dev.

dev writes to ./.bin/$(NAME) but this target does not create that directory. On a clean checkout, go build -o will fail before the binary is written.

Proposed change 
-dev: static
+dev: static $(LOCALBIN)
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
dev: static
# Disabling CGO because of slow build times in apple silicon (just experimenting)
CGO_ENABLED=0 go build -v -o ./.bin/$(NAME) -gcflags="all=-N -l" main.go
dev: static $(LOCALBIN)
# Disabling CGO because of slow build times in apple silicon (just experimenting)
CGO_ENABLED=0 go build -v -o ./.bin/$(NAME) -gcflags="all=-N -l" main.go
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@Makefile` around lines 153 - 155, The dev Makefile target currently writes to
./.bin/$(NAME) but doesn't ensure the directory exists; update the dev target
rule to list $(LOCALBIN) as a prerequisite (i.e., change the target header from
"dev: static" to "dev: static $(LOCALBIN)"), and ensure there is a corresponding
$(LOCALBIN) target that creates the ./.bin directory (mkdir -p ./.bin) so go
build -o succeeds on clean checkouts; reference the dev target and the
$(LOCALBIN) prerequisite and the output path ./.bin/$(NAME) when making the
change.


Expand Down Expand Up @@ -188,22 +189,25 @@ ginkgo:

.PHONY: controller-gen
controller-gen: install-deps $(LOCALBIN)
$(LOCALBIN)/deps install controller-gen@$(CONTROLLER_TOOLS_VERSION) --bin-dir $(LOCALBIN)
deps install controller-gen@$(CONTROLLER_TOOLS_VERSION) --bin-dir $(LOCALBIN)

.PHONY: golangci-lint
golangci-lint: install-deps $(LOCALBIN)
$(LOCALBIN)/deps install golangci/golangci-lint@v$(GOLANGCI_LINT_VERSION) --bin-dir $(LOCALBIN)
deps install golangci/golangci-lint@v$(GOLANGCI_LINT_VERSION) --bin-dir $(LOCALBIN)

.PHONY: kustomize
kustomize: install-deps $(LOCALBIN)
$(LOCALBIN)/deps install kubernetes-sigs/kustomize@$(KUSTOMIZE_VERSION) --bin-dir $(LOCALBIN)
deps install kubernetes-sigs/kustomize@$(KUSTOMIZE_VERSION) --bin-dir $(LOCALBIN)

.PHONY: docs\:mcp
docs\:mcp: ## Generate MCP tools reference documentation
@mkdir -p docs
go run ./hack/gen-mcp-docs > docs/mcp-tools.md
@echo "Generated docs/mcp-tools.md"

report/kitchen-sink.json: report/build-kitchen-sink.ts report/testdata/kitchen-sink.yaml
cd report && ./node_modules/.bin/tsx build-kitchen-sink.ts
Comment on lines +208 to +209
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail
rg -n 'report/kitchen-sink\.json:|change-types\.schema\.json|schemaPath' Makefile report/build-kitchen-sink.ts

Repository: flanksource/mission-control

Length of output: 412

Add the schema JSON as an explicit prerequisite for kitchen-sink generation.

The Makefile rule at line 214 depends on report/build-kitchen-sink.ts and report/testdata/kitchen-sink.yaml, but the script also reads duty/schema/openapi/change-types.schema.json (defined at line 21 of build-kitchen-sink.ts and used at line 151). Without this schema as an explicit dependency, changes to the schema won't trigger rebuilds.

Proposed fix 
-report/kitchen-sink.json: report/build-kitchen-sink.ts report/testdata/kitchen-sink.yaml
+report/kitchen-sink.json: report/build-kitchen-sink.ts report/testdata/kitchen-sink.yaml duty/schema/openapi/change-types.schema.json
 	cd report && ./node_modules/.bin/tsx build-kitchen-sink.ts
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
report/kitchen-sink.json: report/build-kitchen-sink.ts report/testdata/kitchen-sink.yaml
cd report && ./node_modules/.bin/tsx build-kitchen-sink.ts
report/kitchen-sink.json: report/build-kitchen-sink.ts report/testdata/kitchen-sink.yaml duty/schema/openapi/change-types.schema.json
cd report && ./node_modules/.bin/tsx build-kitchen-sink.ts
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@Makefile` around lines 214 - 215, The Makefile rule for target
report/kitchen-sink.json is missing the schema file used by
report/build-kitchen-sink.ts; add duty/schema/openapi/change-types.schema.json
as an explicit prerequisite for the report/kitchen-sink.json rule so changes to
that schema will trigger rebuilds (update the rule that currently lists
report/build-kitchen-sink.ts and report/testdata/kitchen-sink.yaml to also
include duty/schema/openapi/change-types.schema.json).


.PHONY: lint
lint: golangci-lint
$(GOLANGCI_LINT) run ./...
50 changes: 40 additions & 10 deletions api/application.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,21 +8,24 @@ import (
)

const (
SectionTypeView = "view"
SectionTypeChanges = "changes"
SectionTypeConfigs = "configs"
SectionTypeView = "view"
SectionTypeChanges = "changes"
SectionTypeConfigs = "configs"
SectionTypeAccess = "access"
SectionTypeAccessLogs = "accessLogs"
)

// ApplicationSection is a typed section in an application response.
// The Type field is one of "view", "changes", or "configs".
// Only the field matching the type is populated.
type ApplicationSection struct {
Type string `json:"type"`
Title string `json:"title"`
Icon string `json:"icon,omitempty"`
View *ApplicationViewData `json:"view,omitempty"`
Changes []ApplicationChange `json:"changes,omitempty"`
Configs []ApplicationConfigItem `json:"configs,omitempty"`
Type string `json:"type"`
Title string `json:"title"`
Icon string `json:"icon,omitempty"`
View *ApplicationViewData `json:"view,omitempty"`
Changes []ApplicationChange `json:"changes,omitempty"`
Configs []ApplicationConfigItem `json:"configs,omitempty"`
Access []AccessItem `json:"access,omitempty"`
AccessLogs []AccessLogItem `json:"accessLogs,omitempty"`
}

// ApplicationViewData holds the data-only fields from a resolved ViewRef section.
Expand All @@ -47,6 +50,33 @@ type ApplicationConfigItem struct {
Labels map[string]string `json:"labels,omitempty"`
}

type AccessItem struct {
ConfigID string `json:"configId"`
ConfigName string `json:"configName"`
ConfigType string `json:"configType"`
UserID string `json:"userId"`
UserName string `json:"userName"`
Email string `json:"email"`
Role string `json:"role"`
UserType string `json:"userType"`
CreatedAt time.Time `json:"createdAt"`
LastSignedInAt *time.Time `json:"lastSignedInAt,omitempty"`
LastReviewedAt *time.Time `json:"lastReviewedAt,omitempty"`
IsStale bool `json:"isStale"`
}

type AccessLogItem struct {
ConfigID string `json:"configId"`
ConfigName string `json:"configName"`
ConfigType string `json:"configType"`
UserID string `json:"userId"`
UserName string `json:"userName"`
CreatedAt time.Time `json:"createdAt"`
MFA bool `json:"mfa"`
Count int `json:"count"`
Properties map[string]string `json:"properties,omitempty"`
}

// Application is the schema that UI uses.
type Application struct {
ApplicationDetail `json:",inline"`
Expand Down
Loading