refactor(cli): deepen the command layer — retention sweep + relocate policy prompt#141
Merged
Conversation
…dule The purge-* and clean-* commands each re-typed the same shape — a Result struct, ToText/ToJSON, and a Run* with validate → log → track → output — diverging only in noun, metric label, and one usecase method. Their ToJSON was byte-identical across all six. Introduce RunRetentionSweep + SweepSpec, a single deep module that owns the sweep machinery. Each command supplies a SweepSpec (verb, subject, metric labels, dry-run support, and a Sweep closure adapting its usecase method). The differently-named usecase methods (PurgeDeleted, CleanupExpired, DeleteOlderThan, PurgeExpiredAndRevoked) are adapted by closure, so no shared interface is needed. - audit-log cleanup now flows through metrics.Track like every other sweep (previously untracked — drift, now fixed). - auth-token purge keeps its no-dry-run notice via SupportsDryRun=false. - user-facing output is preserved via per-spec verb/subject strings. The six per-command test files collapse into one table-driven test on RunRetentionSweep. Records the concept in CONTEXT.md. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…al/ui The interactive policy-prompt functions (PromptForPolicies, PromptForPoliciesUpdate, ParseCapabilities) lived in internal/ui — an infrastructure package doing terminal I/O and importing auth/domain, yet used only by the create-client and update-client CLI commands. Relocate them to cmd/app/commands (package commands) beside their only callers and delete the now-empty internal/ui package. Pure move: same logic, same tests, same behaviour. The seam now lives where the behaviour does, and the infra→domain import direction is gone. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…ric fix Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Two deepenings in the CLI command layer, each turning shallow/misplaced modules into deep, well-located ones. Informed by an architecture review; both follow the project's existing deepening campaign (#136–#139).
1. Collapse six retention-sweep commands into one deep module
purge-secrets,purge-transit-keys,purge-tokenization-keys,clean-expired-tokens,clean-audit-logs, andpurge-auth-tokenseach re-typed the same shape (aResultstruct,ToText/ToJSON, and aRun*doing validate → log → track → output), diverging only in noun, metric label, and one usecase method. TheirToJSONwas byte-identical.RunRetentionSweep+SweepSpecown the machinery once; each command supplies aSweepSpecwith aSweepclosure adapting its differently-named usecase method (PurgeDeleted,CleanupExpired,DeleteOlderThan,PurgeExpiredAndRevoked).metrics.Tracklike every other sweep (it was previously untracked — drift).SupportsDryRun=false.CONTEXT.md.2. Relocate the policy-prompt module out of
internal/uiThe interactive policy-prompt helpers lived in an infrastructure package that did terminal I/O and imported
auth/domain, yet were used only by the client CLI commands. Moved tocmd/app/commandsbeside their only callers; deleted the now-emptyinternal/ui. Pure move — same logic, same tests; the infra→domain import direction is gone.Net effect
Validation
make test— race-enabled, all packages PASSmake lint— golangci-lint 0 issues, govulncheck no vulnerabilitiesgo build ./...— clean🤖 Generated with Claude Code