feat(cli): Confirm and execute pruning of legacy objects#3458
Conversation
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request enables the 'migrate prune namespaced-policy' command to execute deletions of legacy policy objects. It introduces a robust execution pipeline that integrates with the existing prune planner, provides interactive safety checks, and ensures that destructive operations are confirmed by the user. The changes include new execution handlers, improved source ID validation, and detailed summary rendering for prune operations. Highlights
New Features🧠 You can now enable Memory (public preview) to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console. Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. The legacy objects must fade away, To clear the path for a brighter day. With plans in place and caution shown, The pruned policy is finally sown. Footnotes
|
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Repository UI Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (2)
📝 WalkthroughWalkthroughImplements namespaced-policy pruning end-to-end: extends prune plan items with source/execution methods, expands the executor handler with Delete* methods and a missing-source error, implements ExecutePrune with scope dispatch and failure recording, adds interactive backup confirmation, and wires a hidden CLI prune command with summary output. ChangesNamespaced Policy Prune Workflow
Sequence Diagram(s)sequenceDiagram
participant CLI as Command
participant Planner as Planner
participant Reviewer as InteractiveReview
participant Prompter as BackupPrompter
participant Executor as Executor
participant Out as SummaryOutput
CLI->>Planner: BuildPrunePlan(scope)
Planner-->>CLI: PrunePlan
alt interactive review
CLI->>Reviewer: Review(PrunePlan)
Reviewer-->>CLI: continue|abort
opt abort
CLI->>Out: WritePruneSummary(aborted)
end
end
alt commit
CLI->>Prompter: ConfirmNamespacedPolicyPruneBackup
Prompter-->>CLI: confirmed|abort
CLI->>Executor: ExecutePrune(PrunePlan)
Executor-->>CLI: result|error
end
CLI->>Out: WritePruneSummary(result)
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Possibly related PRs
Suggested labels
Suggested reviewers
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Code Review
This pull request implements the migrate prune namespaced-policy command, providing the logic for planning, interactive review, and execution of policy pruning. It extends the Executor with an ExecutePrune method and adds corresponding deletion capabilities to the ExecutorHandler interface. The review feedback recommends using cmd.OutOrStdout() instead of os.Stdout to improve testability and adhere to CLI standards. There is also a suggestion to consider continuing the prune process after an error occurs to provide a more comprehensive report of failures rather than stopping immediately.
Benchmark results, click to expandBenchmark authorization.GetDecisions Results:
Benchmark authorization.v2.GetMultiResourceDecision Results:
Benchmark Statistics
Bulk Benchmark Results
TDF3 Benchmark Results:
|
|
@coderabbitai review |
✅ Actions performedReview triggered.
|
Benchmark results, click to expandBenchmark authorization.GetDecisions Results:
Benchmark authorization.v2.GetMultiResourceDecision Results:
Benchmark Statistics
Bulk Benchmark Results
TDF3 Benchmark Results:
|
|
🤖 I have created a release *beep* *boop* --- ## [0.32.0](opentdf/platform@otdfctl/v0.31.0...otdfctl/v0.32.0) (2026-05-19) ### Features * **cli:** Add better unit testing. ([opentdf#3378](opentdf#3378)) ([3ad33dc](opentdf@3ad33dc)) * **cli:** Add interactive review for prune plans ([opentdf#3421](opentdf#3421)) ([c11680b](opentdf@c11680b)) * **cli:** Add prune confirmation. ([opentdf#3469](opentdf#3469)) ([c6d47ec](opentdf@c6d47ec)) * **cli:** Add prune planner. ([opentdf#3411](opentdf#3411)) ([3e294e6](opentdf@3e294e6)) * **cli:** Add prune summary information ([opentdf#3456](opentdf#3456)) ([c900c53](opentdf@c900c53)) * **cli:** add sensitive flag annotation to DocFlag ([opentdf#3457](opentdf#3457)) ([98f48d2](opentdf@98f48d2)) * **cli:** Confirm and execute pruning of legacy objects ([opentdf#3458](opentdf#3458)) ([24c09dd](opentdf@24c09dd)) * **cli:** Print report on failure ([opentdf#3365](opentdf#3365)) ([05a4473](opentdf@05a4473)) * **cli:** Sort parameters. ([opentdf#3478](opentdf#3478)) ([73ad878](opentdf@73ad878)) * **policy:** Add FQN to RegisteredResourceValues ([opentdf#3446](opentdf#3446)) ([3199583](opentdf@3199583)) * **policy:** Add resource mapping group FQNs ([opentdf#3447](opentdf#3447)) ([6a0b3c6](opentdf@6a0b3c6)) ### Bug Fixes * **cli:** Prune was not classifying multi-namespaced RRs properly. ([opentdf#3488](opentdf#3488)) ([eae8645](opentdf@eae8645)) * **cli:** support json profile output ([opentdf#3448](opentdf#3448)) ([61f194c](opentdf@61f194c)) * **deps:** bump github.com/opentdf/platform/lib/identifier from 0.3.0 to 0.4.0 in /otdfctl ([opentdf#3367](opentdf#3367)) ([aa23179](opentdf@aa23179)) * **deps:** bump github.com/opentdf/platform/protocol/go from 0.27.0 to 0.28.0 in /otdfctl ([opentdf#3419](opentdf#3419)) ([c80374f](opentdf@c80374f)) * **deps:** bump github.com/opentdf/platform/sdk from 0.16.0 to 0.17.0 in /otdfctl ([opentdf#3397](opentdf#3397)) ([bb9fcd6](opentdf@bb9fcd6)) * **deps:** bump go.opentelemetry.io/otel from 1.40.0 to 1.41.0 in /otdfctl ([opentdf#3400](opentdf#3400)) ([5631c37](opentdf@5631c37)) * **deps:** bump module protocol/go to v0.30.0 throughout ([opentdf#3459](opentdf#3459)) ([8eaa502](opentdf@8eaa502)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: opentdf-automation[bot] <149537512+opentdf-automation[bot]@users.noreply.github.com> Co-authored-by: Chris Reed <87077975+c-r33d@users.noreply.github.com>
Summary
Adds execution support for migrate prune namespaced-policy so commit mode can delete legacy/global policy objects after prune planning and optional interactive review.
Changes
Summary by CodeRabbit
New Features
Behavior Changes
Tests