impguard - protect your project structure

Impguard
protect your
project structure
Warsaw, November 2020
Oleg Kovalov

View Slide

• Gopher for ~5 years
• Open source contributor
• Engineer at GoGoApps
Hi, i’m Oleg
olegk.dev
@oleg_kovalov
@cristaloleg

View Slide

At GoGoApps we’re...

View Slide

• (re)building a product for a big company™

View Slide

• with a lot of microservices
• and a complicated business logic

View Slide

• with a care on our code and architecture
• CI, linters, code reviews, everything as it should be

View Slide

• ...and everything is fine!

View Slide

But there is one thing is running in my mind for a long time…
• ...and everything is fine!

View Slide

Define me a problem first

View Slide

• linters give you suggestions on code level
• mighty golangci-lint is The Beast

View Slide

• but let’s look level above

View Slide

• but let’s look level above
• how your packages are organized?

View Slide

Setup, goals, solution

View Slide

• you’ve a monorepo
• or just a bunch of repos

View Slide

• and you want to keep them similar
• same folder structure
• same filenames
• same imports
• same something

View Slide

• and you want to keep them similar
• same folder structure
• same filenames
• same imports
• same something
• custom tooling solves this!

View Slide

Example

View Slide

Let’s talk about imports

View Slide

• core idea of (re)using others code
• staying on the shoulders of giants as Newton said

View Slide

• reducing repeating work
• it’s simpler to integrate something than build from scratch
• ^^^ citation needed

View Slide

• reducing repeating work
• it’s simpler to integrate something than build from scratch
• ^^^ citation needed
• but nothing is free
• others code needs to be verified and used carefully
• you can rely on any code and use it everywhere
• but that might be a ticking bomb (LeftPad-like problem)

View Slide

When in doubts - see golang/go

View Slide

• Go doesn’t allow import cycles - that’s cool
• simpler compilation routine and code organization

View Slide

• But that’s not enough
• compiling that you don’t really need is time and cpu wasteful
• See: compiler bomb

View Slide

• But that’s not enough
• compiling that you don’t really need is time and cpu wasteful
• See: compiler bomb
• Stdlib has a test for imports
https://github.com/golang/go/blob/release-branch.go1.14/src/go/build/deps_test.go
https://github.com/golang/go/blob/release-branch.go1.15/src/go/build/deps_test.go

View Slide

View Slide

What does it mean?

View Slide

What does it mean?
• in other words you’ve a rigid code structure
• you cannot import something without an explicit change

View Slide

What does it mean?
• this can be a solution for some rare changed code
• but not for feature rich and fast moving packages

View Slide

What does it mean?
• this can be a solution for some rare changed code
• but not for feature rich and fast moving packages
• what we can do?
• check Github!

View Slide

What do we’ve right now?

View Slide

• `$ go mod why`
• out of the box solution

View Slide

• `$ go mod why`
• https://github.com/OpenPeeDeeP/depguard
• allow/block list for deps (presented in golangci-lint)

View Slide

• `$ go mod why`
• https://github.com/tailscale/depaware
• know what is imported by whom (via golden file)

View Slide

• `$ go mod why`
• https://github.com/divan/depscheck
• helps to find (and copy-paste) small dependencies

View Slide

• `$ go mod why`
• https://github.com/divan/depscheck
• helps to find (and copy-paste) small dependencies
• … (sorry, I cannot copy-paste all the Github ):

View Slide

go mod why

View Slide

go mod why
> go mod why github.com/go-ole/go-ole
# github.com/go-ole/go-ole
tailscale.com/wgengine/router
github.com/go-ole/go-ole

View Slide

go mod why
> go mod why github.com/go-ole/go-ole
# github.com/go-ole/go-ole
tailscale.com/wgengine/router
github.com/go-ole/go-ole
> go mod why github.com/RoaringBitmap/roaring
# github.com/RoaringBitmap/roaring
code.gitea.io/gitea/modules/indexer/code
github.com/blevesearch/bleve
github.com/blevesearch/bleve/index/scorch
github.com/RoaringBitmap/roaring

View Slide

tailscale/depaware

View Slide

divan/depscheck

View Slide

What is not ok? (only for me?)

View Slide

• solving author’s problem
• let’s look at a broader problem

View Slide

• not extensible
• golden file or nothing
• allow/block list

View Slide

• not extensible
• golden file or nothing
• allow/block list
• already feature complete
• boooooooo, we need a room for the improvements!

View Slide

Welcome impguard

View Slide

Welcome impguard
• read as „import guard”

View Slide

Welcome impguard
• helps to verify
• what is imported
• what files are presented
• what rules are passed

View Slide

Welcome impguard
• helps to verify
• community driven!
• have an idea? - make an issue or ping me!

View Slide

Welcome impguard
• helps to verify
• also no relations to „imperial guard” found

View Slide

Welcome impguard
• helps to verify
• also no relations to „imperial guard” found yet?…

View Slide

How does it work?

View Slide

How does it work?
• go list -json all | impguard project.yaml

View Slide

How does it work?
• go list -json all
• returns a loooooot of things

View Slide

How does it work?
• |
• simple Unix magic

View Slide

How does it work?
• |
• impguard project.yaml
• checks results based on config file

View Slide

How does it work?
• |
• impguard project.yaml
• checks results based on config file
• simple, isn’t ?

View Slide

go list gitea
❯ time go list -json all > 1.txt
go list -json all > 1.txt
3.07s user 2.63s system 376% cpu 1.516
total
❯ du -sh 1.txt
4.0M 1.txt

View Slide

Show me examples!

View Slide

Show me examples!
"*":
- name: must have doc.go
checks:
type: has_file
pattern: doc.go

View Slide

Show me examples!
"*":
- name: must have doc.go
checks:
type: has_file
pattern: doc.go
- name: explicit runtime is forbidden
checks:
type: has_import
pattern: runtime
exclude: github.com/company/runtimeutil

View Slide

Show me more examples!
github.com/company:
- name: don't use bad UUID libs
checks:
type: no_import
patterns:
- github.com/oh-please-no/uuid
- github.com/this-too-please/go-uuid

View Slide

Show me more examples!
github.com/company:
- name: don't use bad UUID libs
checks:
type: no_import
patterns:
- github.com/oh-please-no/uuid
- github.com/this-too-please/go-uuid
- name: no vendors, just modules
checks:
type: no_dir
pattern: vendor

View Slide

Show me some more examples!
github.com/company/project/cmd/*:
- name: no subpackages for cmd
checks:
- type: no_folders
pattern: "*"
- type: has_file
patterns:
- Dockerfile
- main.go
- README.md

View Slide

Show me some more examples!
github.com/company/project/cmd/*:
- name: no subpackages for cmd
checks:
- type: no_folders
pattern: "*"
- type: has_file
patterns:
- Dockerfile
- main.go
- README.md
github.com/company/project/services/*:
- name: services should be independent
checks:
- type: no_import
pattern: github.com/company/project/services/*

View Slide

Where is the code Lebowski?

View Slide

• good question

View Slide

• good question
• will be available
• https://github.com/cristaloleg/impguard

View Slide

• good question
• feel free to share your ideas!

View Slide

• good question
• feel free to share your ideas!
• no, really

View Slide

Thanks

View Slide

Thanks
• Yegor Myskin

View Slide

Thanks
• Yegor Myskin
• Iskander (Alex) Sharipov
• Bohdan Storozhuk
• Alexey Palazhchenko

View Slide

Thanks
• Yegor Myskin
• Sylwia Barbachowska
• Roman Bystrytskyi

View Slide

Thanks
• Yegor Myskin
• Sylwia Barbachowska
• Roman Bystrytskyi
• you and Golang Poland <3

View Slide

Also see
• https://github.com/go-critic/go-critic
• https://github.com/quasilyte/go-ruleguard
• https://github.com/cristalhq

View Slide

ruleguard

View Slide

ruleguard
// +build ignore
package gorules
import "github.com/quasilyte/go-ruleguard/dsl/fluent"

View Slide

ruleguard
// +build ignore
package gorules
func _(m fluent.Matcher) {
m.Match(`$x || $x`,
`$x && $x`).

View Slide

ruleguard
// +build ignore
package gorules
m.Match(`$x || $x`,
`$x && $x`).
Where(m["x"].Pure).
Report(`suspicious identical LHS and RHS`)

View Slide

ruleguard
// +build ignore
package gorules
m.Match(`$x || $x`,
`$x && $x`).
Where(m["x"].Pure).
Report(`suspicious identical LHS and RHS`)
m.Match(`!($x != $y)`).Suggest(`$x == $y`)
m.Match(`!($x == $y)`).Suggest(`$x != $y`)
}

View Slide

Thank you
Questions?
@oleg_kovalov
@cristaloleg

View Slide

impguard - protect your project structure

impguard - protect your project structure

Oleg Kovalov

More Decks by Oleg Kovalov

Other Decks in Programming

Featured

Transcript