diff --git a/pkg/cli/audit_cross_run.go b/pkg/cli/audit_cross_run.go index da9cd23a380..3780ff6f3f8 100644 --- a/pkg/cli/audit_cross_run.go +++ b/pkg/cli/audit_cross_run.go @@ -229,7 +229,7 @@ func buildCrossRunAuditReport(inputs []crossRunInput) *CrossRunAuditReport { agg.totalBlocked += stats.Blocked agg.perRun = append(agg.perRun, DomainRunStatus{ RunID: in.RunID, - Status: domainStatus(stats), + Status: classifyFirewallDomainStatus(stats), Allowed: stats.Allowed, Blocked: stats.Blocked, }) @@ -354,7 +354,7 @@ func buildCrossRunAuditReport(inputs []crossRunInput) *CrossRunAuditReport { SeenInRuns: len(agg.perRun), TotalAllowed: agg.totalAllowed, TotalBlocked: agg.totalBlocked, - OverallStatus: domainStatus(DomainRequestStats{Allowed: agg.totalAllowed, Blocked: agg.totalBlocked}), + OverallStatus: classifyFirewallDomainStatus(DomainRequestStats{Allowed: agg.totalAllowed, Blocked: agg.totalBlocked}), PerRunStatus: fullPerRun, } report.DomainInventory = append(report.DomainInventory, entry) diff --git a/pkg/cli/audit_cross_run_render.go b/pkg/cli/audit_cross_run_render.go index 00b3866edb7..715ce4b0ce8 100644 --- a/pkg/cli/audit_cross_run_render.go +++ b/pkg/cli/audit_cross_run_render.go @@ -131,7 +131,7 @@ func renderCrossRunReportMarkdown(report *CrossRunAuditReport) { fmt.Printf("| Domain | Status | Seen In | Allowed | Blocked |\n") fmt.Printf("|--------|--------|---------|---------|--------|\n") for _, entry := range report.DomainInventory { - icon := statusEmoji(entry.OverallStatus) + icon := firewallStatusEmoji(entry.OverallStatus) fmt.Printf("| `%s` | %s %s | %d/%d runs | %d | %d |\n", entry.Domain, icon, entry.OverallStatus, entry.SeenInRuns, report.RunsAnalyzed, entry.TotalAllowed, entry.TotalBlocked) @@ -289,7 +289,7 @@ func renderCrossRunReportPretty(report *CrossRunAuditReport) { if len(report.DomainInventory) > 0 { fmt.Fprintln(os.Stderr, console.FormatInfoMessage(fmt.Sprintf("Domain Inventory (%d domains)", len(report.DomainInventory)))) for _, entry := range report.DomainInventory { - icon := statusEmoji(entry.OverallStatus) + icon := firewallStatusEmoji(entry.OverallStatus) fmt.Fprintf(os.Stderr, " %s %-45s %s seen=%d/%d allowed=%d blocked=%d\n", icon, entry.Domain, entry.OverallStatus, entry.SeenInRuns, report.RunsAnalyzed, entry.TotalAllowed, entry.TotalBlocked) diff --git a/pkg/cli/audit_diff.go b/pkg/cli/audit_diff.go index 26e0db2f933..b65919a55c5 100644 --- a/pkg/cli/audit_diff.go +++ b/pkg/cli/audit_diff.go @@ -109,7 +109,7 @@ func computeFirewallDiff(run1ID, run2ID int64, run1, run2 *FirewallAnalysis) *Fi Status: "new", Run2Allowed: stats2.Allowed, Run2Blocked: stats2.Blocked, - Run2Status: domainStatus(stats2), + Run2Status: classifyFirewallDomainStatus(stats2), } // Anomaly: new denied domain if stats2.Blocked > 0 { @@ -125,13 +125,13 @@ func computeFirewallDiff(run1ID, run2ID int64, run1, run2 *FirewallAnalysis) *Fi Status: "removed", Run1Allowed: stats1.Allowed, Run1Blocked: stats1.Blocked, - Run1Status: domainStatus(stats1), + Run1Status: classifyFirewallDomainStatus(stats1), } diff.RemovedDomains = append(diff.RemovedDomains, entry) } else { // Domain exists in both runs - check for changes - status1 := domainStatus(stats1) - status2 := domainStatus(stats2) + status1 := classifyFirewallDomainStatus(stats1) + status2 := classifyFirewallDomainStatus(stats2) if status1 != status2 { // Status changed @@ -198,8 +198,8 @@ func computeFirewallDiff(run1ID, run2ID int64, run1, run2 *FirewallAnalysis) *Fi return diff } -// domainStatus returns "allowed", "denied", or "mixed" based on request stats -func domainStatus(stats DomainRequestStats) string { +// classifyFirewallDomainStatus returns "allowed", "denied", or "mixed" based on request stats +func classifyFirewallDomainStatus(stats DomainRequestStats) string { if stats.Allowed > 0 && stats.Blocked == 0 { return "allowed" } diff --git a/pkg/cli/audit_diff_render.go b/pkg/cli/audit_diff_render.go index 58d1bfe0402..778a3ed43d7 100644 --- a/pkg/cli/audit_diff_render.go +++ b/pkg/cli/audit_diff_render.go @@ -149,7 +149,7 @@ func renderFirewallDiffMarkdownSection(diff *FirewallDiff) { fmt.Printf("**New domains (%d)**\n", len(diff.NewDomains)) for _, entry := range diff.NewDomains { total := entry.Run2Allowed + entry.Run2Blocked - statusIcon := statusEmoji(entry.Run2Status) + statusIcon := firewallStatusEmoji(entry.Run2Status) anomalyTag := "" if entry.IsAnomaly { anomalyTag = " ⚠️" @@ -171,8 +171,8 @@ func renderFirewallDiffMarkdownSection(diff *FirewallDiff) { if len(diff.StatusChanges) > 0 { fmt.Printf("**Status changes (%d)**\n", len(diff.StatusChanges)) for _, entry := range diff.StatusChanges { - icon1 := statusEmoji(entry.Run1Status) - icon2 := statusEmoji(entry.Run2Status) + icon1 := firewallStatusEmoji(entry.Run1Status) + icon2 := firewallStatusEmoji(entry.Run2Status) anomalyTag := "" if entry.IsAnomaly { anomalyTag = " ⚠️" @@ -324,7 +324,7 @@ func renderFirewallDiffPrettySection(diff *FirewallDiff) { } config.Rows = append(config.Rows, []string{ entry.Domain, - statusEmoji(entry.Run2Status) + " " + entry.Run2Status, + firewallStatusEmoji(entry.Run2Status) + " " + entry.Run2Status, strconv.Itoa(total), anomalyNote, }) @@ -342,7 +342,7 @@ func renderFirewallDiffPrettySection(diff *FirewallDiff) { total := entry.Run1Allowed + entry.Run1Blocked config.Rows = append(config.Rows, []string{ entry.Domain, - statusEmoji(entry.Run1Status) + " " + entry.Run1Status, + firewallStatusEmoji(entry.Run1Status) + " " + entry.Run1Status, strconv.Itoa(total), }) } @@ -362,8 +362,8 @@ func renderFirewallDiffPrettySection(diff *FirewallDiff) { } config.Rows = append(config.Rows, []string{ entry.Domain, - statusEmoji(entry.Run1Status) + " " + entry.Run1Status, - statusEmoji(entry.Run2Status) + " " + entry.Run2Status, + firewallStatusEmoji(entry.Run1Status) + " " + entry.Run1Status, + firewallStatusEmoji(entry.Run2Status) + " " + entry.Run2Status, anomalyNote, }) } @@ -583,8 +583,8 @@ func renderTokenUsageDiffPrettySection(run1ID, run2ID int64, diff *TokenUsageDif } } -// statusEmoji returns the status emoji for a domain status -func statusEmoji(status string) string { +// firewallStatusEmoji returns the status emoji for a domain status +func firewallStatusEmoji(status string) string { switch status { case "allowed": return "✅" diff --git a/pkg/cli/audit_diff_test.go b/pkg/cli/audit_diff_test.go index 23f82c2d1e3..abe840d0d79 100644 --- a/pkg/cli/audit_diff_test.go +++ b/pkg/cli/audit_diff_test.go @@ -243,7 +243,7 @@ func TestDomainStatus(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - result := domainStatus(tt.stats) + result := classifyFirewallDomainStatus(tt.stats) assert.Equal(t, tt.expected, result, "Domain status should match") }) } @@ -297,11 +297,11 @@ func TestFirewallDiffJSONSerialization(t *testing.T) { } func TestStatusEmoji(t *testing.T) { - assert.Equal(t, "✅", statusEmoji("allowed"), "Allowed should show checkmark") - assert.Equal(t, "❌", statusEmoji("denied"), "Denied should show X") - assert.Equal(t, "⚠️", statusEmoji("mixed"), "Mixed should show warning") - assert.Equal(t, "❓", statusEmoji("unknown"), "Unknown should show question mark") - assert.Equal(t, "❓", statusEmoji(""), "Empty should show question mark") + assert.Equal(t, "✅", firewallStatusEmoji("allowed"), "Allowed should show checkmark") + assert.Equal(t, "❌", firewallStatusEmoji("denied"), "Denied should show X") + assert.Equal(t, "⚠️", firewallStatusEmoji("mixed"), "Mixed should show warning") + assert.Equal(t, "❓", firewallStatusEmoji("unknown"), "Unknown should show question mark") + assert.Equal(t, "❓", firewallStatusEmoji(""), "Empty should show question mark") } func TestIsEmptyDiff(t *testing.T) {