gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-07 19:41:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
certctl/internal/repository/postgres/network_scan.go
T
shankar0123 21aeed4f4e legal: addlicense headers + normalize legacy variants (Phase 0 RED-4) 
Phase 0 closure (Path B2, post-rewrite):

addlicense sweep — adds the canonical certctl LLC copyright + BUSL-1.1
SPDX header to every production Go file. Template:

  // Copyright 2026 certctl LLC. All rights reserved.
  // SPDX-License-Identifier: BUSL-1.1

Coverage: 338 / 338 production Go files (cmd/ + internal/, excluding
*_test.go and **/testdata/**). Pre-sweep coverage was 22 / 338 (6.5%);
post-sweep is 338 / 338 (100%).

Normalized 22 pre-existing legacy headers (`// Copyright (c) certctl`
+ `// SPDX-License-Identifier: BSL-1.1`) and 1 file using a
`Certctl Contributors` attribution. The legacy SPDX ID `BSL-1.1`
is non-standard; the official SPDX identifier for Business Source
License 1.1 is `BUSL-1.1` (capital U). All 338 files now share the
canonical form.

Generated via:
  addlicense -c "certctl LLC" -y 2026 \
    -f cowork/legal/copyright-header.tpl \
    -ignore '**/testdata/**' -ignore '**/*_test.go' \
    cmd/ internal/

Verification:
  find cmd internal -name '*.go' -not -name '*_test.go' \
    -not -path '*/testdata/*' \
    -exec grep -L '^// Copyright 2026 certctl LLC' {} \; | wc -l

  Returns: 0

gofmt clean. Header additions are comments only, no compile impact.

Closes: cowork/certctl-architecture-diligence-audit.html#fix-RED-4
2026-05-13 21:23:35 +00:00

186 lines
6.3 KiB
Go
Raw Permalink Blame History

// Copyright 2026 certctl LLC. All rights reserved.
// SPDX-License-Identifier: BUSL-1.1
package postgres
import (
"context"
"database/sql"
"fmt"
"github.com/certctl-io/certctl/internal/repository"
"time"
"github.com/certctl-io/certctl/internal/domain"
"github.com/lib/pq"
)
// NetworkScanRepository implements repository.NetworkScanRepository using PostgreSQL.
type NetworkScanRepository struct {
db *sql.DB
}
// NewNetworkScanRepository creates a new PostgreSQL-backed network scan repository.
func NewNetworkScanRepository(db *sql.DB) *NetworkScanRepository {
return &NetworkScanRepository{db: db}
}
// List returns all network scan targets.
func (r *NetworkScanRepository) List(ctx context.Context) ([]*domain.NetworkScanTarget, error) {
rows, err := r.db.QueryContext(ctx, `
SELECT id, name, cidrs, ports, enabled, scan_interval_hours, timeout_ms,
last_scan_at, last_scan_duration_ms, last_scan_certs_found,
created_at, updated_at
FROM network_scan_targets
ORDER BY created_at DESC`)
if err != nil {
return nil, fmt.Errorf("list network scan targets: %w", err)
}
defer rows.Close()
return r.scanRows(rows)
}
// ListEnabled returns only enabled scan targets.
func (r *NetworkScanRepository) ListEnabled(ctx context.Context) ([]*domain.NetworkScanTarget, error) {
rows, err := r.db.QueryContext(ctx, `
SELECT id, name, cidrs, ports, enabled, scan_interval_hours, timeout_ms,
last_scan_at, last_scan_duration_ms, last_scan_certs_found,
created_at, updated_at
FROM network_scan_targets
WHERE enabled = TRUE
ORDER BY created_at DESC`)
if err != nil {
return nil, fmt.Errorf("list enabled network scan targets: %w", err)
}
defer rows.Close()
return r.scanRows(rows)
}
// Get retrieves a network scan target by ID.
func (r *NetworkScanRepository) Get(ctx context.Context, id string) (*domain.NetworkScanTarget, error) {
target := &domain.NetworkScanTarget{}
var lastScanAt sql.NullTime
var lastScanDurationMs, lastScanCertsFound sql.NullInt64
err := r.db.QueryRowContext(ctx, `
SELECT id, name, cidrs, ports, enabled, scan_interval_hours, timeout_ms,
last_scan_at, last_scan_duration_ms, last_scan_certs_found,
created_at, updated_at
FROM network_scan_targets
WHERE id = $1`, id).Scan(
&target.ID, &target.Name, pq.Array(&target.CIDRs), pq.Array(&target.Ports),
&target.Enabled, &target.ScanIntervalHours, &target.TimeoutMs,
&lastScanAt, &lastScanDurationMs, &lastScanCertsFound,
&target.CreatedAt, &target.UpdatedAt,
)
if err == sql.ErrNoRows {
return nil, fmt.Errorf("network scan target not found: %w", repository.ErrNotFound)
}
if err != nil {
return nil, fmt.Errorf("get network scan target: %w", err)
}
if lastScanAt.Valid {
target.LastScanAt = &lastScanAt.Time
}
if lastScanDurationMs.Valid {
v := int(lastScanDurationMs.Int64)
target.LastScanDurationMs = &v
}
if lastScanCertsFound.Valid {
v := int(lastScanCertsFound.Int64)
target.LastScanCertsFound = &v
}
return target, nil
}
// Create stores a new network scan target.
func (r *NetworkScanRepository) Create(ctx context.Context, target *domain.NetworkScanTarget) error {
_, err := r.db.ExecContext(ctx, `
INSERT INTO network_scan_targets (id, name, cidrs, ports, enabled, scan_interval_hours, timeout_ms, created_at, updated_at)
VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)`,
target.ID, target.Name, pq.Array(target.CIDRs), pq.Array(target.Ports),
target.Enabled, target.ScanIntervalHours, target.TimeoutMs,
target.CreatedAt, target.UpdatedAt,
)
if err != nil {
return fmt.Errorf("create network scan target: %w", err)
}
return nil
}
// Update modifies an existing network scan target.
func (r *NetworkScanRepository) Update(ctx context.Context, target *domain.NetworkScanTarget) error {
result, err := r.db.ExecContext(ctx, `
UPDATE network_scan_targets
SET name = $1, cidrs = $2, ports = $3, enabled = $4, scan_interval_hours = $5, timeout_ms = $6, updated_at = $7
WHERE id = $8`,
target.Name, pq.Array(target.CIDRs), pq.Array(target.Ports),
target.Enabled, target.ScanIntervalHours, target.TimeoutMs,
time.Now(), target.ID,
)
if err != nil {
return fmt.Errorf("update network scan target: %w", err)
}
rows, _ := result.RowsAffected()
if rows == 0 {
return fmt.Errorf("network scan target not found: %w", repository.ErrNotFound)
}
return nil
}
// Delete removes a network scan target.
func (r *NetworkScanRepository) Delete(ctx context.Context, id string) error {
result, err := r.db.ExecContext(ctx, `DELETE FROM network_scan_targets WHERE id = $1`, id)
if err != nil {
return fmt.Errorf("delete network scan target: %w", err)
}
rows, _ := result.RowsAffected()
if rows == 0 {
return fmt.Errorf("network scan target not found: %w", repository.ErrNotFound)
}
return nil
}
// UpdateScanResults records the outcome of the last scan for a target.
func (r *NetworkScanRepository) UpdateScanResults(ctx context.Context, id string, scanAt time.Time, durationMs int, certsFound int) error {
_, err := r.db.ExecContext(ctx, `
UPDATE network_scan_targets
SET last_scan_at = $1, last_scan_duration_ms = $2, last_scan_certs_found = $3, updated_at = $4
WHERE id = $5`,
scanAt, durationMs, certsFound, time.Now(), id,
)
if err != nil {
return fmt.Errorf("update scan results: %w", err)
}
return nil
}
// scanRows scans multiple rows from a query result.
func (r *NetworkScanRepository) scanRows(rows *sql.Rows) ([]*domain.NetworkScanTarget, error) {
var targets []*domain.NetworkScanTarget
for rows.Next() {
target := &domain.NetworkScanTarget{}
var lastScanAt sql.NullTime
var lastScanDurationMs, lastScanCertsFound sql.NullInt64
if err := rows.Scan(
&target.ID, &target.Name, pq.Array(&target.CIDRs), pq.Array(&target.Ports),
&target.Enabled, &target.ScanIntervalHours, &target.TimeoutMs,
&lastScanAt, &lastScanDurationMs, &lastScanCertsFound,
&target.CreatedAt, &target.UpdatedAt,
); err != nil {
return nil, fmt.Errorf("scan network scan target row: %w", err)
}
if lastScanAt.Valid {
target.LastScanAt = &lastScanAt.Time
}
if lastScanDurationMs.Valid {
v := int(lastScanDurationMs.Int64)
target.LastScanDurationMs = &v
}
if lastScanCertsFound.Valid {
v := int(lastScanCertsFound.Int64)
target.LastScanCertsFound = &v
}
targets = append(targets, target)
}
return targets, rows.Err()
}
Reference in New Issue View Git Blame Copy Permalink