Fix rendering and parsing

[RoseSecurity]

What and Why

• Add tests for multiple Terraform providers and resources
• Update documentation
• Add new run command
• Add TUI title for program
• Fix parsing and rendering

Summary by CodeRabbit

Release Notes

• New Features

  • Introduced a new command terramaid run for generating Mermaid diagrams from Terraform configurations.
  • Added a new job test_multi in the GitHub Actions workflow for multi-configuration testing.
  • New output variable ubuntu_ami added to retrieve the Ubuntu AWS AMI ID.
  • Added two new variables for Cloudsmith organization and consent store name in Terraform configuration.

• Documentation

  • Updated README.md with refined command usage and installation instructions.
  • Added new documentation for the terramaid run command, detailing its options and usage.
  • Modified GitHub and GitLab integration documentation to reflect updated command structures.
  • Introduced a new versions.tf file specifying required Terraform version and providers.

• Bug Fixes

  • Improved version comparison logic in the versionCmd for better semantic versioning checks.

• Chores

  • Updated Dockerfile to use Terraform version 1.10.0.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

The pull request introduces multiple changes, including the addition of a new GitHub Actions job named test_multi for testing across various configurations. The README.md file is updated to reflect changes in command usage for the terramaid tool. New command implementations are introduced in cmd/run.go, and significant restructuring occurs in cmd/root.go and cmd/docs.go. Additionally, Terraform configuration files are created or modified to define new resources, variables, and outputs. The go.mod file is updated with new dependencies, and documentation is enhanced for clarity.

Changes

File Path	Change Summary
.github/workflows/test.yml	Added a new job test_multi to run tests on multiple configurations.
README.md	Updated command usage for terramaid and Docker commands; clarified installation instructions.
cmd/docs.go	Refactored docsCmd function to a variable declaration for cobra.Command.
cmd/root.go	Restructured command-line interface; removed options struct and simplified command execution flow.
cmd/run.go	Introduced run command for generating Mermaid diagrams from Terraform configurations.
cmd/version.go	Simplified versionCmd implementation and improved version comparison logic.
docs/GitHub_Actions_Integration.md	Updated command in GitHub Actions workflow to terramaid run.
docs/GitLab_Pipelines_Integration.md	Modified YAML configuration for GitLab pipeline to include run in Docker command.
docs/terramaid_run.md	New documentation for terramaid run command, detailing options and syntax.
go.mod	Added new direct and indirect dependencies.
internal/flowchart.go	Restructured functions related to graph processing; integrated logic into GenerateMermaidFlowchart.
internal/tui/utils/utils.go	Added PrintStyledText function for printing styled text in the terminal.
main.go	Removed error handling for cmd.Execute().
test/multi/main.tf	Introduced new Terraform resources and data sources for Cloudsmith and AWS.
test/multi/outputs.tf	Added output variable ubuntu_ami to retrieve AWS AMI ID.
test/multi/variables.tf	Added variables for cloudsmith_org and consent_store_name.
test/multi/versions.tf	Created new file specifying required Terraform version and providers.
Dockerfile	Updated Terraform version from 1.9.2 to 1.10.0.

Poem

🐇 In the meadow where changes bloom,
New jobs and commands dispel the gloom.
With Terraform's might and diagrams bright,
Our tool takes flight, oh what a sight!
Commands refined, clarity found,
In the world of code, joy abounds! 🌼

Warning

Rate limit exceeded

@RoseSecurity has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 17 minutes and 33 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 018e9ce and 4b5c57c.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 15

🧹 Outside diff range and nitpick comments (22)

main.go (1)

3-3: Add missing imports

If you apply the suggested error handling fix, you'll need to add the os package to imports.

import (
	"github.com/RoseSecurity/terramaid/cmd"
+	"os"
)

test/multi/outputs.tf (1)

1-4: Consider enhancing the output for testing purposes

Since this is part of a test configuration, consider adding additional metadata to make testing more robust.

 output "ubuntu_ami" {
   value       = data.aws_ami.ubuntu.id
-  description = "Ubuntu AWS AMI ID"
+  description = "Ubuntu AWS AMI ID used for testing"
+  sensitive   = false
 }

This change:

• Clarifies that this output is for testing purposes
• Explicitly sets sensitive = false to ensure the value is visible in test outputs

test/multi/variables.tf (1)

1-5: Enhance variable description and validate default value

The variable structure is correct, but consider the following improvements:

1. Expand the description to clarify the purpose and expected format of the organization name
2. Consider whether a default value of "test" is appropriate, as it might lead to unintended resource creation if not overridden

 variable "cloudsmith_org" {
   type        = string
-  description = "Cloudsmith test org"
+  description = "The organization name in Cloudsmith to be used for testing. Must be a valid Cloudsmith organization identifier."
   default     = "test"
 }

internal/tui/utils/utils.go (1)

10-11: Enhance function documentation

The current documentation doesn't describe the function's behavior when color is not supported or potential error conditions.

-// PrintStyledText prints a styled text to the terminal
+// PrintStyledText prints a styled text to the terminal using ASCII art.
+// If the terminal doesn't support colors, it silently returns without printing.
+// Returns an error if text styling fails.

cmd/docs.go (1)

15-15: Consider making the documentation output path configurable.

The documentation output path is currently hardcoded to "./docs". Consider making this configurable through a flag or environment variable to provide more flexibility.

Here's a suggested implementation:

var docsCmd = &cobra.Command{
	Use:          "docs",
	Short:        "Generate documentation for the CLI",
	SilenceUsage: true,
	Hidden:       true,
+	Flags: func() *pflag.FlagSet {
+		flags := pflag.NewFlagSet("docs", pflag.ExitOnError)
+		flags.String("output-dir", "./docs", "Directory where documentation will be generated")
+		return flags
+	}(),
	RunE: func(cmd *cobra.Command, args []string) error {
-		err := doc.GenMarkdownTree(cmd.Root(), "./docs")
+		outputDir, _ := cmd.Flags().GetString("output-dir")
+		err := doc.GenMarkdownTree(cmd.Root(), outputDir)
		if err != nil {
			return err
		}
		return nil
	},
}

docs/terramaid_run.md (3)

5-7: Add language specification to the code block.

For better syntax highlighting and documentation consistency, specify the language for the code block.

-```
+```bash
 terramaid run [flags]

<details>
<summary>🧰 Tools</summary>

<details>
<summary>🪛 Markdownlint (0.35.0)</summary>

5-5: null
Fenced code blocks should have a language specified

(MD040, fenced-code-language)

</details>

</details>

---

`11-20`: **Add language specification and document valid values.**

1. Specify the language for the code block for better syntax highlighting.
2. Consider documenting the valid values for the following options:
   - `--chart-type`: List supported Mermaid chart types
   - `--direction`: List valid diagram directions (TD, LR, etc.)

```diff
-```
+```bash
  -c, --chart-type string      Specify the type of Mermaid chart to generate (env: TERRAMAID_CHART_TYPE) (default "flowchart")

🧰 Tools

🪛 Markdownlint (0.35.0)

11-11: null
Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

24-24: Replace hard tab with spaces.

For consistency and better compatibility, replace the hard tab with spaces.

-* [terramaid](terramaid.md)	 - A utility for generating Mermaid diagrams from Terraform configurations
+* [terramaid](terramaid.md)     - A utility for generating Mermaid diagrams from Terraform configurations

🧰 Tools

🪛 Markdownlint (0.35.0)

24-24: Column: 28
Hard tabs

(MD010, no-hard-tabs)

test/multi/main.tf (1)

5-10: Consider parameterizing repository configuration

The repository configuration contains hardcoded values for description, name, and slug. Consider making these configurable through variables for better reusability and flexibility.

 resource "cloudsmith_repository" "my_repository" {
-  description = "A certifiably-awesome private package repository"
-  name        = "My Repository"
+  description = var.repository_description
+  name        = var.repository_name
   namespace   = data.cloudsmith_organization.my_organization.slug_perm
-  slug        = "test-repo"
+  slug        = var.repository_slug
 }

.github/workflows/test.yml (2)

Line range hint 1-61: Consider refactoring to reduce duplication

All jobs (test_aws, test_gcp, test_az, test_multi) share identical structure and steps. This leads to maintenance overhead and potential inconsistencies.

Consider these improvements:

1. Use a reusable workflow to define the common job structure
2. Implement a test matrix for different providers
3. Add job dependencies if tests need to run in specific order

Here's a suggested refactor:

name: "Test Terramaid Outputs"

on:
  pull_request:
  push:
    branches:
      - main

jobs:
-  test_aws:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      # ... (other steps)
-  test_gcp:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      # ... (other steps)
-  test_az:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      # ... (other steps)
-  test_multi:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      # ... (other steps)
+  test:
+    strategy:
+      matrix:
+        provider: [aws, gcp, az, multi]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: hashicorp/setup-terraform@v3
+      - uses: actions/setup-go@v5
+        with:
+          go-version-file: "go.mod"
+          cache: true
+      - run: |
+          make build
+          build/terramaid -w test/${{ matrix.provider }}
+          cat Terramaid.md

---

56-57: Consider enabling Go module caching

Setting cache: false for Go modules can significantly impact CI performance by requiring fresh downloads for each run.

        with:
          go-version-file: "go.mod"
-          cache: false
+          cache: true

cmd/version.go (2)

22-37: Improve error handling and logging

While the command structure is good, consider logging the error when version check fails to help with debugging.

 		latestReleaseTag, err := latestRelease()
-		if err == nil && latestReleaseTag != "" {
+		if err != nil {
+			fmt.Fprintf(cmd.ErrOrStderr(), "Warning: Unable to check for updates: %v\n", err)
+		} else if latestReleaseTag != "" {

---

33-34: Enhance update notification with installation instructions

The update notification could be more helpful by including instructions on how to update.

 			if semver.Compare(latestRelease, currentRelease) > 0 {
-				updateTerramaid(latestRelease)
+				updateTerramaid(latestRelease, "To update, visit: https://github.com/RoseSecurity/Terramaid#installation")

README.md (2)

Line range hint 115-144: Fix inconsistencies in command documentation and flag typo.

There are several issues in the help command output:

1. The usage section shows terramaid [flags] but should be terramaid run [flags] based on the new command structure.
2. The run command is missing from the "Available Commands" section despite being the primary command.
3. There's a typo in the working directory flag: --working-wir should be --working-dir.

Please update the help output to reflect the correct command structure and fix the typo:

 Usage:
-  terramaid [flags]
+  terramaid run [flags]
   terramaid [command]

 Available Commands:
   completion  Generate the autocompletion script for the specified shell
+  run         Generate Mermaid diagrams from Terraform configurations
   help        Help about any command
   version     Print the CLI version

 Flags:
   -r, --direction string       Specify the direction of the flowchart (env: TERRAMAID_DIRECTION) (default "TD")
   -h, --help                   help for terramaid
   -o, --output string          Output file for Mermaid diagram (env: TERRAMAID_OUTPUT) (default "Terramaid.md")
   -s, --subgraph-name string   Specify the subgraph name of the flowchart (env: TERRAMAID_SUBGRAPH_NAME) (default "Terraform")
   -b, --tf-binary string       Path to Terraform binary (env: TERRAMAID_TF_BINARY)
   -d, --tf-dir string          Path to Terraform directory (env: TERRAMAID_TF_DIR) (default ".")
   -p, --tf-plan string         Path to Terraform plan file (env: TERRAMAID_TF_PLAN)
-  -w, --working-wir string     Working directory for Terraform (env: TERRAMAID_WORKING_DIR) (default ".")
+  -w, --working-dir string     Working directory for Terraform (env: TERRAMAID_WORKING_DIR) (default ".")

---

Line range hint 152-161: Update contributing guidelines with testing requirements.

Since the project now includes tests for multiple Terraform providers, consider updating the contributing guidelines to include testing requirements and guidelines for contributors.

Add a section about testing requirements after step 3:

 1. **Fork** the repo on GitHub
 2. **Clone** the project to your own machine
 3. **Commit** changes to your own branch
+4. **Test** your changes with multiple Terraform providers
+   - Run existing tests: `make test`
+   - Add new tests for new features
 4. **Push** your work back up to your fork
 5. Submit a **Pull Request** so that we can review your changes

cmd/root.go (3)

6-7: Ensure consistent import aliasing and organization

The imports are aliased (tuiUtils and u) for brevity, which is good for readability. However, ensure that the aliasing is consistent throughout the codebase and consider organizing imports into standard library packages, third-party packages, and local packages.

---

34-34: Clarify the purpose of DisableAutoGenTag

The comment mentions disabling an auto-generated string for clean documentation. Ensure that this setting aligns with the desired documentation output and consider providing more context if necessary.

---

37-39: Enhance error messages for better user experience

In the Execute() function, if rootCmd.Execute() returns an error, the application exits using u.LogErrorAndExit(err). To improve user experience, consider providing more informative error messages or suggestions for resolving common errors.

For example:

 func Execute() {
 	if err := rootCmd.Execute(); err != nil {
-		u.LogErrorAndExit(err)
+		u.LogError("Execution failed: ", err)
+		fmt.Println("Use 'terramaid --help' for more information.")
+		os.Exit(1)
 	}
 }

This approach offers the user guidance on how to proceed after an error occurs.

internal/flowchart.go (3)

15-25: Refactor to eliminate code duplication in CleanID function

The CleanID function performs similar strings.ReplaceAll operations in both the if and else branches to replace "." and "/" characters. Consider moving these replacements outside the if statement to avoid duplication and improve maintainability.

Refactored code:

func CleanID(id string) string {
	id = labelCleaner.ReplaceAllString(id, "")
	if strings.HasPrefix(id, "provider[") {
		id = strings.ReplaceAll(id, "provider[", "provider_")
		id = strings.ReplaceAll(id, "]", "")
	}
	id = strings.ReplaceAll(id, ".", "_")
	id = strings.ReplaceAll(id, "/", "_")
	return id
}

---

85-101: Refactor edge processing to eliminate code duplication

The logic for adding nodes in the edge processing loop is duplicated for fromID and toID. Consider refactoring this code into a helper function to improve readability and maintainability.

Example refactoring:

func addNodeIfNotExists(nodeID string, label string) {
	if _, exists := addedNodes[nodeID]; !exists {
		if label != "" {
			sb.WriteString(fmt.Sprintf("        %s[\"%s\"]\n", nodeID, label))
		} else {
			sb.WriteString(fmt.Sprintf("        %s[\"%s\"]\n", nodeID, nodeID))
		}
		addedNodes[nodeID] = label
	}
}

// Then in the loop:
addNodeIfNotExists(fromID, fromLabel)
addNodeIfNotExists(toID, toLabel)

---

39-101: Consider adding unit tests for GenerateMermaidFlowchart function

To ensure the correctness and robustness of the GenerateMermaidFlowchart function, consider adding unit tests that cover various scenarios, including different graph structures, directions, subgraphs, and edge cases.

Would you like assistance in creating unit tests for this function?

cmd/run.go (1)

41-44: Simplify error messages by using %q instead of escaped quotes

In your error messages, you can use the %q verb in fmt.Errorf to automatically add quotes around strings. This improves readability and avoids manual escaping.

Apply this diff to simplify the error messages:

 func generateDiagrams(opts *options) error {
 	// After reordering validation checks
 	if opts.WorkingDir != "" {
 		exists, err := utils.TerraformFilesExist(opts.WorkingDir)
 		if err != nil {
-			return fmt.Errorf("error checking Terraform files in directory \"%s\": %v", opts.WorkingDir, err)
+			return fmt.Errorf("error checking Terraform files in directory %q: %v", opts.WorkingDir, err)
 		}
 		if !exists {
-			return fmt.Errorf("Terraform files do not exist in directory \"%s\"", opts.WorkingDir)
+			return fmt.Errorf("Terraform files do not exist in directory %q", opts.WorkingDir)
 		}
 	}

 	// Validation of working directory existence
 	if opts.WorkingDir != "" && !utils.DirExists(opts.WorkingDir) {
-		return fmt.Errorf("terraform directory \"%s\" does not exist", opts.WorkingDir)
+		return fmt.Errorf("Terraform directory %q does not exist", opts.WorkingDir)
 	}

Also applies to: 50-50

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between cd4c999 and 05d2b19.

⛔ Files ignored due to path filters (2)

• docs/img/terramaid_vhs_demo.gif is excluded by !**/*.gif
• go.sum is excluded by !**/*.sum

📒 Files selected for processing (17)

• .github/workflows/test.yml (1 hunks)
• README.md (2 hunks)
• cmd/docs.go (1 hunks)
• cmd/root.go (1 hunks)
• cmd/run.go (1 hunks)
• cmd/version.go (1 hunks)
• docs/GitHub_Actions_Integration.md (1 hunks)
• docs/GitLab_Pipelines_Integration.md (1 hunks)
• docs/terramaid_run.md (1 hunks)
• go.mod (1 hunks)
• internal/flowchart.go (1 hunks)
• internal/tui/utils/utils.go (1 hunks)
• main.go (1 hunks)
• test/multi/main.tf (1 hunks)
• test/multi/outputs.tf (1 hunks)
• test/multi/variables.tf (1 hunks)
• test/multi/versions.tf (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• test/multi/versions.tf

🧰 Additional context used

🪛 Markdownlint (0.35.0)

docs/terramaid_run.md

24-24: Column: 28
Hard tabs

(MD010, no-hard-tabs)

---

5-5: null
Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

11-11: null
Fenced code blocks should have a language specified

(MD040, fenced-code-language)

🪛 checkov (3.2.312)

test/multi/main.tf

[HIGH] 28-35: Ensure Instance Metadata Service Version 1 is not enabled

(CKV_AWS_79)

🔇 Additional comments (14)

main.go (1)

6-6: ⚠️ Potential issue

Critical: Restore error handling in main()

The removal of error handling from main() could lead to silent failures. The main function should catch and properly handle fatal errors from cmd.Execute().

Apply this diff to restore error handling:

func main() {
-	cmd.Execute()
+	if err := cmd.Execute(); err != nil {
+		os.Exit(1)
+	}
}

Let's verify the error handling in the cmd package:

test/multi/outputs.tf (1)

1-4: Verify the referenced data source exists

The output looks well-structured, but we should verify that data.aws_ami.ubuntu is properly defined in the test configuration.

✅ Verification successful

Let me verify the data source definition by checking its implementation.

---

Data source reference is properly defined and configured

The data.aws_ami.ubuntu data source is correctly defined in test/multi/main.tf with proper filters for Ubuntu 22.04 LTS AMI, making the output reference valid and well-structured.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check if the referenced data source exists in the test configuration
# Expected: Find the data source definition in main.tf or other configuration files

# Search for the AWS AMI data source definition
rg -t tf 'data\s+"aws_ami"\s+"ubuntu"' test/multi/

Length of output: 97

---

Script:

#!/bin/bash
# Get the complete data source definition to ensure it's properly configured
rg -t tf -A 10 'data\s+"aws_ami"\s+"ubuntu"' test/multi/

Length of output: 491

test/multi/variables.tf (2)

7-11: Document GCP-specific requirements and naming constraints

The variable is well-structured, but the documentation could be enhanced to include GCP-specific requirements.

 variable "consent_store_name" {
   type        = string
-  description = "Consent store name for GCP"
+  description = "Name for the GCP Healthcare consent store. Must be between 1-100 characters, containing only letters, numbers, underscores, and hyphens."
   default     = "my-consent-store"
 }

Let's verify if there are any other consent store resources defined in the codebase to ensure consistent naming patterns:

✅ Verification successful

Documentation enhancement suggestion is valid but can be more specific

The variable is used in a single consent store resource in test/multi/main.tf, and there are no other instances or conflicting naming patterns in the codebase. The suggested documentation improvement is appropriate but can be more precise about GCP Healthcare API's specific requirements.

 variable "consent_store_name" {
   type        = string
-  description = "Consent store name for GCP"
+  description = "Name for the GCP Healthcare consent store. Must be unique within the dataset and match the pattern [a-zA-Z0-9_-]{1,100}. Used as identifier in google_healthcare_consent_store resource."
   default     = "my-consent-store"
 }

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for other consent store resource definitions
rg -t tf "google_healthcare_consent_store" -A 5

Length of output: 267

---

Script:

#!/bin/bash
# Let's check if there are any other files that reference consent store naming patterns or requirements
rg -t tf "consent.*store.*name" -g '!test/multi/variables.tf'

# Also check for any documentation files that might contain naming guidelines
fd README.md | xargs cat

Length of output: 6000

---

1-12: Consider adding usage examples in comments

Since these variables are part of a multi-provider test setup, it would be helpful to add comments showing example usage and how these variables interact with the test workflow.

Add a comment block at the top of the file explaining:

• The purpose of these variables in the test suite
• Example values for different test scenarios
• How to override these values in the test workflow

+# Test configuration variables for multi-provider testing
+# Usage:
+# terraform plan -var="cloudsmith_org=my-test-org" -var="consent_store_name=test-consent-store"
+
 variable "cloudsmith_org" {

Let's check how these variables are used in the test workflow:

✅ Verification successful

Documentation suggestion can be refined based on actual usage

The variables are actively used in a multi-provider test configuration that includes AWS, GCP, and Cloudsmith resources. Based on the actual usage:

• cloudsmith_org is used to configure a Cloudsmith organization and repository
• consent_store_name is used to name a GCP Healthcare consent store

Let's refine the documentation suggestion:

+# Multi-provider test configuration variables
+#
+# This file defines variables for testing integration with multiple cloud providers:
+# - Cloudsmith: Organization and repository setup
+# - GCP: Healthcare consent store configuration
+#
+# Example usage:
+# terraform plan \
+#   -var="cloudsmith_org=my-org" \         # Used for Cloudsmith repository namespace
+#   -var="consent_store_name=test-consent"  # Used for GCP Healthcare consent store name
+
 variable "cloudsmith_org" {

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for variable usage in GitHub Actions workflow
rg -t yaml "cloudsmith_org|consent_store_name" .github/workflows/

Length of output: 67

---

Script:

#!/bin/bash
# Let's check how these variables are used in the test files
rg -l "cloudsmith_org|consent_store_name" test/

Length of output: 92

---

Script:

#!/bin/bash
# Let's also check the actual test configurations
find test/multi/ -type f -name "*.tf" -exec cat {} \;

Length of output: 1734

---

Script:

#!/bin/bash
# Check if there are any test documentation files
fd -e md . test/

Length of output: 18

internal/tui/utils/utils.go (2)

3-8: Verify dependency management for new packages

The new dependencies figurine and supportscolor need to be properly versioned in go.mod.

✅ Verification successful

Dependencies are properly managed and secure

The dependencies are correctly versioned in go.mod:

• github.com/arsham/figurine v1.3.0
• github.com/jwalton/go-supportscolor v1.2.0

No security vulnerabilities were found for these packages.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check if dependencies are properly managed and their versions
# Expected: Dependencies should be listed in go.mod with specific versions

# Check go.mod for the new dependencies
echo "Checking go.mod for dependencies..."
rg -A 1 "github.com/(arsham/figurine|jwalton/go-supportscolor)" go.mod

# Check for potential security advisories
gh api graphql -f query='
{
  securityVulnerabilities(first: 5, ecosystem: GO, package: "github.com/arsham/figurine") {
    nodes {
      advisory {
        summary
        severity
        publishedAt
      }
    }
  }
}'

Length of output: 607

---

14-14: Verify font file availability

The hardcoded font "ANSI Regular.flf" needs to be available at runtime.

cmd/docs.go (1)

9-21: LGTM! The command implementation is clean and follows best practices.

The implementation:

• Uses proper error handling
• Has clear documentation
• Is appropriately hidden as an internal command
• Follows the cobra command pattern correctly

docs/terramaid_run.md (1)

1-25: Documentation looks comprehensive and well-structured!

The documentation effectively covers:

• Command purpose and syntax
• All available options with their environment variables
• Default values and configuration flexibility

🧰 Tools

🪛 Markdownlint (0.35.0)

24-24: Column: 28
Hard tabs

(MD010, no-hard-tabs)

---

5-5: null
Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

11-11: null
Fenced code blocks should have a language specified

(MD040, fenced-code-language)

test/multi/main.tf (1)

12-26: LGTM: Well-configured AMI data source

The AMI configuration is secure, using specific filters and the official Canonical owner ID.

go.mod (1)

6-16: Verify the new direct dependencies align with minimum version requirements

The new dependencies added (figurine, go-supportscolor, markdown) support the PR objectives for improved rendering and TUI. However, we should verify they meet the minimum version requirements for security and compatibility.

✅ Verification successful

Let me generate additional scripts to check the version compatibility and dependencies more thoroughly.

---

Dependencies are using stable versions with no security concerns

The verification shows:

• All new dependencies are using stable versions:
  • github.com/arsham/figurine v1.3.0
  • github.com/jwalton/go-supportscolor v1.2.0
  • github.com/nao1215/markdown v0.6.0
• No security vulnerabilities were found in the GitHub Advisory Database
• All packages have corresponding entries in go.sum, indicating proper version resolution
• No replace directives that could affect version requirements

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for latest versions and security advisories for new dependencies

# Check latest versions on pkg.go.dev
for pkg in "github.com/arsham/figurine" "github.com/jwalton/go-supportscolor" "github.com/nao1215/markdown" "golang.org/x/mod"; do
    echo "Checking $pkg..."
    curl -s "https://pkg.go.dev/$pkg" | grep -A 1 "Latest version"
done

# Check for known vulnerabilities using GitHub Advisory Database
for pkg in "arsham/figurine" "jwalton/go-supportscolor" "nao1215/markdown"; do
    echo "Checking security advisories for $pkg..."
    gh api graphql -f query='{
        securityVulnerabilities(first:5, ecosystem:GO, package:"github.com/'$pkg'") {
            nodes {
                advisory {
                    summary
                    severity
                    publishedAt
                }
                vulnerableVersionRange
                firstPatchedVersion {
                    identifier
                }
            }
        }
    }'
done

Length of output: 3256

---

Script:

#!/bin/bash
# Check go.mod and go.sum for version information and dependencies

# Show direct dependencies and their versions
echo "Direct dependencies from go.mod:"
cat go.mod | grep -A 20 "require ("

# Check if go.sum exists and show entries for new packages
echo -e "\nChecking versions in go.sum for new packages:"
for pkg in "github.com/arsham/figurine" "github.com/jwalton/go-supportscolor" "github.com/nao1215/markdown"; do
    echo -e "\n$pkg versions:"
    grep "^$pkg" go.sum || echo "No entry found in go.sum"
done

# Check for any replace directives
echo -e "\nChecking for replace directives:"
grep "^replace" go.mod || echo "No replace directives found"

# Check minimum Go version
echo -e "\nGo version requirement:"
grep "^go " go.mod

Length of output: 3241

cmd/version.go (1)

12-12: LGTM! Good choice using the standard semver package

The addition of golang.org/x/mod/semver is appropriate for semantic version comparison.

docs/GitHub_Actions_Integration.md (1)

53-53: Verify integration with the new command structure.

Let's ensure the new run command works correctly in the CI environment and produces the expected Mermaid diagrams.

✅ Verification successful

Based on the results, I can generate the final response as we have sufficient information about the command's integration across the codebase.

The terramaid run command is properly integrated and documented across the codebase

The command is consistently documented and implemented across multiple integration contexts:

• Detailed documentation in docs/terramaid_run.md with command flags and options
• Integration examples in both GitHub Actions (docs/GitHub_Actions_Integration.md) and GitLab Pipelines (docs/GitLab_Pipelines_Integration.md)
• Docker-based usage documented in README.md with proper volume mounting
• Consistent command structure across all implementations (terramaid run [flags])

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the existence and functionality of the new run command

# Check if the run command is documented in the codebase
echo "Checking for run command documentation..."
rg -l "terramaid run" --type md

# Look for any error handling or validation around the run command
echo "Checking for error handling patterns..."
rg "terramaid run" -C 3

Length of output: 2047

cmd/root.go (1)

29-31: Verify that subcommands are properly defined and imported

The rootCmd adds runCmd, docsCmd, and versionCmd as subcommands. Ensure that these subcommands are defined and properly imported so they function correctly.

Run the following script to verify the definitions of the subcommands:

✅ Verification successful

All subcommands are properly defined in their respective files

The verification confirms that all three commands are correctly defined as Cobra commands in their respective files:

• runCmd in cmd/run.go
• docsCmd in cmd/docs.go
• versionCmd in cmd/version.go

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check if runCmd, docsCmd, and versionCmd are defined in the codebase.

# Expectation: Definitions of the commands should be found.

fd --type f --extension go --exclude vendor | xargs grep -E 'var (runCmd|docsCmd|versionCmd) = &cobra.Command'

Length of output: 242

cmd/run.go (1)

91-108: Well-structured initialization and flag binding

The init() function effectively parses environment variables with a prefix and binds command-line flags to the opts struct. This approach provides flexibility for users to configure the command through both environment variables and CLI flags.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (1)

.github/workflows/test.yml (1)

58-60: Consider enhancing error handling and job coordination.

The current implementation could benefit from:

1. Explicit error handling for the build and test commands
2. Job dependencies or conditions if tests need to run in a specific order

Consider updating the run block with error handling:

      - run: |
          make build
+         if [ $? -ne 0 ]; then
+           echo "Build failed"
+           exit 1
+         fi
          build/terramaid run -w test/multi
+         if [ $? -ne 0 ]; then
+           echo "Tests failed"
+           exit 1
+         fi
          cat Terramaid.md

If job ordering is important, consider adding:

    needs: [test_aws, test_gcp, test_az]

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 05d2b19 and 018e9ce.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (2)

• .github/workflows/test.yml (3 hunks)
• go.mod (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• go.mod

🔇 Additional comments (2)

.github/workflows/test.yml (2)

21-21: LGTM! Command updates are consistent across all jobs.

The addition of the run subcommand is uniformly applied across all test jobs, maintaining consistency in the workflow.

Also applies to: 34-34, 47-47

---

49-60: LGTM! New test job follows established pattern.

The test_multi job maintains consistency with existing jobs in terms of setup steps and execution pattern.