diff --git a/coderd/audit/generate.sh b/coderd/audit/generate.sh new file mode 100755 index 0000000000000..d6763c7b9780c --- /dev/null +++ b/coderd/audit/generate.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env bash + +# This script facilitates code generation for auditing types. It outputs code +# that can be copied and pasted into the audit.AuditableResources table. By +# default, every field is ignored. It is your responsiblity to go through each +# field and document why each field should or should not be audited. +# +# Usage: +# ./generate.sh ... + + +set -euo pipefail + +cd "$(dirname "$0")" && cd "$(git rev-parse --show-toplevel)" +go run ./scripts/auditgen ./coderd/database "$@" diff --git a/scripts/auditgen/main.go b/scripts/auditgen/main.go new file mode 100644 index 0000000000000..73ff662c5d7aa --- /dev/null +++ b/scripts/auditgen/main.go @@ -0,0 +1,118 @@ +package main + +import ( + "context" + "fmt" + "go/types" + "io" + "os" + "reflect" + "strings" + + "golang.org/x/tools/go/packages" + "golang.org/x/xerrors" + + "cdr.dev/slog" + "cdr.dev/slog/sloggers/sloghuman" +) + +func main() { + ctx := context.Background() + log := slog.Make(sloghuman.Sink(os.Stderr)) + code, err := GenerateFromDirectory(ctx, os.Args[1], os.Args[2:]...) + if err != nil { + log.Fatal(ctx, "generate", slog.Error(err)) + } + + _, _ = fmt.Print(code) +} + +// GenerateFromDirectory will return all the typescript code blocks for a directory +func GenerateFromDirectory(ctx context.Context, directory string, typeNames ...string) (string, error) { + g := Generator{} + err := g.parsePackage(ctx, directory) + if err != nil { + return "", xerrors.Errorf("parse package %q: %w", directory, err) + } + + str, err := g.generate(typeNames...) + if err != nil { + return "", xerrors.Errorf("parse package %q: %w", directory, err) + } + + return str, nil +} + +type Generator struct { + // Package we are scanning. + pkg *packages.Package +} + +// parsePackage takes a list of patterns such as a directory, and parses them. +func (g *Generator) parsePackage(ctx context.Context, patterns ...string) error { + cfg := &packages.Config{ + // Just accept the fact we need these flags for what we want. Feel free to add + // more, it'll just increase the time it takes to parse. + Mode: packages.NeedTypes | packages.NeedName | packages.NeedTypesInfo | + packages.NeedTypesSizes | packages.NeedSyntax, + Tests: false, + Context: ctx, + } + + pkgs, err := packages.Load(cfg, patterns...) + if err != nil { + return xerrors.Errorf("load package: %w", err) + } + + // Only support 1 package for now. We can expand it if we need later, we + // just need to hook up multiple packages in the generator. + if len(pkgs) != 1 { + return xerrors.Errorf("expected 1 package, found %d", len(pkgs)) + } + + g.pkg = pkgs[0] + return nil +} + +func (g *Generator) generate(typeNames ...string) (string, error) { + sb := strings.Builder{} + + _, _ = fmt.Fprint(&sb, "Copy the following code into the audit.AuditableResources table\n\n") + + for _, typName := range typeNames { + obj := g.pkg.Types.Scope().Lookup(typName) + if obj == nil || obj.Type() == nil { + return "", xerrors.Errorf("type doesn't exist %q", typName) + } + + switch obj := obj.(type) { + case *types.TypeName: + named, ok := obj.Type().(*types.Named) + if !ok { + panic("all typenames should be named types") + } + + switch typ := named.Underlying().(type) { + case *types.Struct: + g.writeStruct(&sb, typ, typName) + + default: + return "", xerrors.Errorf("invalid type %T", obj) + } + default: + return "", xerrors.Errorf("invalid type %T", obj) + } + } + + return sb.String(), nil +} + +func (*Generator) writeStruct(w io.Writer, st *types.Struct, name string) { + _, _ = fmt.Fprintf(w, "\t&database.%s{}: {\n", name) + + for i := 0; i < st.NumFields(); i++ { + _, _ = fmt.Fprintf(w, "\t\t\"%s\": ActionIgnore, // TODO: why\n", reflect.StructTag(st.Tag(i)).Get("json")) + } + + _, _ = fmt.Fprint(w, "\t},\n") +}