petru/coder-server
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

feat: add lint check for API key scope enum completeness (#19862)

Browse Source 
Added a script/linter to ensure all `policy.RBACPermissions` entries are part of the `api_key_scope` enumerated in the `coderd/database/dump.sql` file.

Fixes #19846
This commit is contained in:
Thomas Kosiewski
2025-09-24 18:06:16 +02:00
committed by GitHub
parent 42dd544d90
commit acc0890dce
3 changed files with 166 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Makefile
+6 -1
View File
@@ -561,7 +561,7 @@ endif
# Note: we don't run zizmor in the lint target because it takes a while. CI
# runs it explicitly.
lint: lint/shellcheck lint/go lint/ts lint/examples lint/helm lint/site-icons lint/markdown lint/actions/actionlint
lint: lint/shellcheck lint/go lint/ts lint/examples lint/helm lint/site-icons lint/markdown lint/actions/actionlint lint/check-scopes
.PHONY: lint
lint/site-icons:
@@ -614,6 +614,11 @@ lint/actions/zizmor:
.
.PHONY: lint/actions/zizmor
# Verify api_key_scope enum contains all RBAC <resource>:<action> values.
lint/check-scopes: coderd/database/dump.sql
go run ./scripts/check-scopes
.PHONY: lint/check-scopes
# All files generated by the database should be added here, and this can be used
# as a target for jobs that need to run after the database is generated.
DB_GEN_FILES := \