jordan/rdev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34e12ff3d5
rdev/internal/service/project_service_commands.go
jordan 53862c773b fix: resolve systemic debt in worker and skeleton templates 
Worker template fixes:
- Replace panic() with logger.Error() + os.Exit(1) for config errors
- Remove double-timeout application (context + middleware)
- Add error message truncation to prevent log bloat
- Use named constants for shutdown grace period and stale check interval

Skeleton pkg/auth fixes:
- Fix error wrapping to use %w consistently in jwt.go
- Add GetUserOrError() as safe alternative to MustGetUser() panic

Skeleton pkg/queue fixes:
- Check RowsAffected() errors instead of ignoring them
- Add input validation to EnqueueWithOptions (require job type, cap retries)
- Add log truncation for error messages
- Fix inaccurate doc comment claiming exponential backoff

Worker timeout consolidation:
- Add internal/worker/timeouts.go with named constants
- Migrate all workers to use timeout constants

Cleanup:
- Remove obsolete slack-preparation-thoughts.md files

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-04 23:44:55 -07:00

178 lines
5.1 KiB
Go
Raw Blame History

// Package service provides business logic / use cases for the application.
// This file contains shell and git command execution functionality.
package service
import (
"context"
"encoding/json"
"fmt"
"time"
"github.com/google/uuid"
"github.com/orchard9/rdev/internal/domain"
"github.com/orchard9/rdev/internal/logging"
"github.com/orchard9/rdev/internal/sanitize"
)
// ExecuteShellRequest contains parameters for running a shell command.
type ExecuteShellRequest struct {
ProjectID domain.ProjectID
Command string
StreamID string
Audit *AuditContext // Optional audit context
}
// ExecuteShellResult contains the result of queuing a shell command.
type ExecuteShellResult struct {
CommandID domain.CommandID
StreamURL string
}
// ExecuteShell runs a shell command in the project's pod.
func (s *ProjectService) ExecuteShell(ctx context.Context, req ExecuteShellRequest) (*ExecuteShellResult, error) {
// Validate project exists
project, err := s.projects.Get(ctx, req.ProjectID)
if err != nil {
return nil, err
}
// Validate command
if req.Command == "" {
return nil, fmt.Errorf("%w: command is required", domain.ErrInvalidCommand)
}
if err := sanitize.ShellCommand(req.Command); err != nil {
return nil, fmt.Errorf("%w: %w", domain.ErrCommandSanitization, err)
}
// Validate stream ID
if err := sanitize.StreamID(req.StreamID); err != nil {
return nil, fmt.Errorf("%w: %w", domain.ErrInvalidCommand, err)
}
// Generate command ID
cmdNum := s.cmdID.Add(1)
cmdID := domain.CommandID(fmt.Sprintf("cmd-%s-%03d", req.ProjectID, cmdNum))
if req.StreamID != "" {
cmdID = domain.CommandID(req.StreamID)
}
// Create command
cmd := &domain.Command{
ID: cmdID,
ProjectID: req.ProjectID,
Type: domain.CommandTypeShell,
Args: []string{req.Command},
StartedAt: time.Now(),
}
// Log audit start if audit logger is configured
if s.auditLogger != nil && req.Audit != nil {
log := logging.FromContext(ctx).WithService("ProjectService")
argsJSON, _ := json.Marshal(cmd.Args)
auditEntry := &domain.AuditLogEntry{
ID: uuid.New().String(),
APIKeyID: req.Audit.APIKeyID,
CommandID: string(cmdID),
ProjectID: string(req.ProjectID),
CommandType: domain.CommandTypeShell,
Args: string(argsJSON),
ClientIP: req.Audit.ClientIP,
UserAgent: req.Audit.UserAgent,
StartedAt: cmd.StartedAt,
Status: domain.AuditStatusRunning,
}
if err := s.auditLogger.LogCommandStart(ctx, auditEntry); err != nil {
log.Warn("failed to log audit start", "command_id", cmdID, logging.FieldError, err)
}
}
// Execute in background
go s.executeCommand(project.PodName, cmd)
return &ExecuteShellResult{
CommandID: cmdID,
StreamURL: fmt.Sprintf("/projects/%s/events?stream_id=%s", req.ProjectID, cmdID),
}, nil
}
// ExecuteGitRequest contains parameters for running a git command.
type ExecuteGitRequest struct {
ProjectID domain.ProjectID
Args []string
StreamID string
Audit *AuditContext // Optional audit context
}
// ExecuteGitResult contains the result of queuing a git command.
type ExecuteGitResult struct {
CommandID domain.CommandID
StreamURL string
}
// ExecuteGit runs a git command in the project's pod.
func (s *ProjectService) ExecuteGit(ctx context.Context, req ExecuteGitRequest) (*ExecuteGitResult, error) {
// Validate project exists
project, err := s.projects.Get(ctx, req.ProjectID)
if err != nil {
return nil, err
}
// Validate args
if len(req.Args) == 0 {
return nil, fmt.Errorf("%w: args is required", domain.ErrInvalidCommand)
}
if err := sanitize.GitArgs(req.Args); err != nil {
return nil, fmt.Errorf("%w: %w", domain.ErrCommandSanitization, err)
}
// Validate stream ID
if err := sanitize.StreamID(req.StreamID); err != nil {
return nil, fmt.Errorf("%w: %w", domain.ErrInvalidCommand, err)
}
// Generate command ID
cmdNum := s.cmdID.Add(1)
cmdID := domain.CommandID(fmt.Sprintf("cmd-%s-%03d", req.ProjectID, cmdNum))
if req.StreamID != "" {
cmdID = domain.CommandID(req.StreamID)
}
// Create command
cmd := &domain.Command{
ID: cmdID,
ProjectID: req.ProjectID,
Type: domain.CommandTypeGit,
Args: req.Args,
StartedAt: time.Now(),
}
// Log audit start if audit logger is configured
if s.auditLogger != nil && req.Audit != nil {
log := logging.FromContext(ctx).WithService("ProjectService")
argsJSON, _ := json.Marshal(cmd.Args)
auditEntry := &domain.AuditLogEntry{
ID: uuid.New().String(),
APIKeyID: req.Audit.APIKeyID,
CommandID: string(cmdID),
ProjectID: string(req.ProjectID),
CommandType: domain.CommandTypeGit,
Args: string(argsJSON),
ClientIP: req.Audit.ClientIP,
UserAgent: req.Audit.UserAgent,
StartedAt: cmd.StartedAt,
Status: domain.AuditStatusRunning,
}
if err := s.auditLogger.LogCommandStart(ctx, auditEntry); err != nil {
log.Warn("failed to log audit start", "command_id", cmdID, logging.FieldError, err)
}
}
// Execute in background
go s.executeCommand(project.PodName, cmd)
return &ExecuteGitResult{
CommandID: cmdID,
StreamURL: fmt.Sprintf("/projects/%s/events?stream_id=%s", req.ProjectID, cmdID),
}, nil
}
Reference in New Issue View Git Blame Copy Permalink