feat: add DreadGOAD CLI core command set and AWS/Ansible integration#58
Merged
Conversation
…ation **Added:** - Introduced CLI command structure using Cobra, including root, config, doctor, inventory, lab, provision, ssm, and validate commands for orchestrating Active Directory lab environments - Implemented AWS integration for EC2 and SSM operations, including discovery, status, instance start/stop, PowerShell execution, and SSM session management - Added Ansible playbook runner with retry logic and error classification to improve provisioning robustness, including idle timeout and error-specific handling - Provided configuration management via Viper, supporting environment variables, config files, and CLI flags, with sensible defaults and project root detection - Developed inventory parser for INI-style Ansible inventories to facilitate host/group resolution and mapping to AWS resources - Implemented 'doctor' pre-flight checks for local dependencies, Ansible version, AWS credentials, and collection requirements - Added validation framework to verify GOAD vulnerability configurations via automated PowerShell checks and produce a JSON report - Included logging utility for structured output to console and file with debug support - Provided Go module dependencies (`go.mod`, `go.sum`) for reproducible builds **Changed:** - No changes to existing code (initial implementation) **Removed:** - No removals (all content is new)
…ory packages **Added:** - Introduced unit tests for error detection logic in `ansible/errors_test.go`, covering error type classification, pattern matching, and context extraction - Added tests for Ansible log parsing and failure extraction in `ansible/logparser_test.go`, including success/failure scenarios and host failure detection from recap output - Implemented unit tests for configuration path construction, environment variable generation, playbook lists, and project root detection in `config/config_test.go` - Created tests for inventory parsing, including host/group/var extraction, region detection, host lookup by name/instance ID, and file edge cases in `inventory/parser_test.go` - Included shell scripts `.hooks/go-no-replacement.sh`, `.hooks/go-vet.sh`, and `.hooks/run-go-tests.sh` to support Go testing and linting in pre-commit and CI - Added a new GitHub Actions workflow `tests.yaml` for running Go tests and publishing code coverage artifacts **Changed:** - Updated `.pre-commit-config.yaml` to integrate Go test, vet, lint, and formatting checks via `pre-commit-golang` and custom scripts - Enhanced `.github/workflows/pre-commit.yaml` to explicitly install and configure Go tools (shfmt, goimports, gocyclo, golangci-lint, go-critic) in CI, ensuring toolchain availability for linting and code checks **Added:** - Automated Go code quality and testing coverage enforcement in both developer workflow (via pre-commit hooks) and CI pipeline
feat: add ansible-core version check as pre-flight gate before provisioning **Added:** - Implemented `CheckAnsibleCoreVersion` to verify ansible-core is installed and within a compatible version range (<2.19), returning an error if not - Integrated ansible-core version check as a pre-flight step in the provision workflow to prevent incompatibility issues **Changed:** - Updated `.gitignore` to exclude the `dreadgoad` build artifact
dreadnode-renovate-bot
Bot
added
area/github
**Changed:** - Updated the `actions/upload-artifact` action to a newer commit SHA in the test workflow to incorporate latest upstream fixes and improvements for artifact uploading
…d go code **Changed:** - Shell scripts in `.hooks/` updated for consistent spacing around redirections and improved readability by adding spaces before `>` and `/dev/null` - Improved indentation and alignment in Go source files for better code clarity, including struct field alignment and composite literal formatting - Replaced if/else chains with `switch` statements for clearer multi-branch logic in Go validation checks - Updated Go test cases to align field formatting and improve consistency - Reformatted YAML in `.pre-commit-config.yaml` to remove deprecated `pre-commit-golang` repo and add equivalent Go hooks using custom shell commands for more control and maintainability - Fixed inconsistent indentation and alignment in map initializations and assignment statements in Go code
**Changed:**
- Consistently check and ignore errors for functions like `os.MkdirAll`, `os.Chdir`,
`viper.BindPFlag`, and similar cases to reduce linter noise and avoid unhandled errors
- Refactored inventory sync logic for better readability and error handling:
- Split logic into `backupInventory`, `updateEnvField`, `loadInstances`,
and `applyInstanceUpdates` helper functions
- Improved error reporting and eliminated redundant code
- Extracted host filtering logic in SSM command to a new `filterInstances` function
- Improved error handling for JSON marshaling and file writing in inventory mapping command
- Refactored Ansible runner idle timeout logic:
- Moved idle timeout monitoring into a separate `monitorIdleTimeout` function
- Ensure deferred file closing ignores errors
- Ignore errors in process killing for cleanup robustness
- Refactored inventory parser to extract line handling into `parseLine`, `parseHostDef`, and
`parseGroupMembership` methods for clarity and maintainability
- Updated inventory parser tests to use individual test functions for clarity and improved
error reporting
- Minor cleanup: removed unused regex variables and improved comment clarity in several files
**Removed:**
- Eliminated unused `fatalLineRe` and `instanceRe` regex variables from ansible logparser
and inventory parser for clarity
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Key Changes:
SSM, inventory, configuration, and lab management
error classification
routines for lab vulnerabilities
Added:
provision,ad-users) with Ansible playbook orchestration,retry logic, and log file management
lab status,lab start,lab stop) using AWS EC2inventory sync,show,mapping) with AWS integrationssm status,cleanup,connect,run)config show,init,set)doctor)validate) with PowerShell checks via SSMinternal/aws: abstraction for AWS EC2/SSM operations, instance discovery,SSM session management, and command execution
internal/ansible: playbook runner, error type classification, retrystrategies, and output parsing
internal/inventory: inventory file parser and utilitiesinternal/config: configuration loader, default settings, and project rootresolution
internal/doctor: system/environment check routinesinternal/logging: structured logger initialization and managementinternal/validate: GOAD vulnerability validation logic and reportinggo.mod,go.sum) for dependency management.gitignoreupdate to exclude built binary and artifactsChanged:
.pre-commit-config.yamlto include Go-specific hooks for formatting,linting, module verification, vetting, and running relevant unit tests
tooling for lint/test jobs
dreadgoad) and build artifacts are ignored in sourceRemoved:
automated via pre-commit and CI scripts
.gitignorereplaced by more explicitpatterns for new build outputs and artifacts