chore: stabilize lint and verify builds
This commit is contained in:
138
docs/plan.md
138
docs/plan.md
@@ -1,30 +1,29 @@
|
||||
# Implementation Plan: p3-17-media-processing-s3
|
||||
# Implementation Plan: full-lint-remediation
|
||||
|
||||
**Branch**: `[p3-17-media-processing-s3]` | **Date**: 2026-02-04 | **Spec**: `docs/todo_list.md#17`
|
||||
**Input**: P3-17 “媒体处理管线适配对象存储(S3/MinIO)” + user request to extract a cover from `fixtures/demo.mp4` via ffmpeg.
|
||||
**Branch**: `[chore/full-lint-remediation]` | **Date**: 2026-02-05 | **Spec**: `N/A`
|
||||
**Input**: Full repo lint remediation covering backend and frontend lint/build steps.
|
||||
|
||||
## Summary
|
||||
|
||||
Adapt the media processing worker to support S3/MinIO storage by downloading source media to a temp directory, running ffmpeg to generate a cover image, uploading derived assets via the storage provider, and preserving the existing local filesystem path. Include fixture-based verification using `fixtures/demo.mp4`.
|
||||
Remediate all existing lint failures across the backend and frontend by systematically addressing security warnings, de-duplication, complexity, formatting, naming/style violations, and frontend lint/build issues, while preserving behavior and following project constraints.
|
||||
|
||||
## Technical Context
|
||||
|
||||
**Language/Version**: Go 1.x (project standard)
|
||||
**Primary Dependencies**: River (jobs), MinIO SDK (S3 compatible), Fiber
|
||||
**Storage**: PostgreSQL + local filesystem / S3-compatible storage
|
||||
**Testing**: `go test` (service/job tests), ffmpeg CLI for fixture validation
|
||||
**Target Platform**: Linux server
|
||||
**Project Type**: Web application (backend + frontend, backend-only changes)
|
||||
**Performance Goals**: N/A (processing path only)
|
||||
**Constraints**: Preserve local storage behavior; do not edit generated files; follow `backend/llm.txt`; ensure temp files are cleaned
|
||||
**Scale/Scope**: Media processing worker + storage provider only
|
||||
**Language/Version**: Go 1.x
|
||||
**Primary Dependencies**: Fiber, GORM-Gen, River, golangci-lint
|
||||
**Storage**: PostgreSQL
|
||||
**Testing**: `make lint` in `backend/`, `go test ./...`, `npm -C frontend/superadmin run lint`, `npm -C frontend/superadmin run build`, `npm -C frontend/portal run lint`, `npm -C frontend/portal run build`
|
||||
**Target Platform**: Linux server
|
||||
**Project Type**: Web application (backend + frontend)
|
||||
**Performance Goals**: N/A
|
||||
**Constraints**: Follow `backend/llm.txt`; do not edit generated files; avoid behavior changes while refactoring
|
||||
**Scale/Scope**: Backend lint errors plus frontend lint/build issues in portal/superadmin
|
||||
|
||||
## Constitution Check
|
||||
|
||||
- Follow `backend/llm.txt` conventions and Chinese comments for business logic.
|
||||
- Follow `backend/llm.txt` (controller thin, services handle DB, Chinese comments for business logic).
|
||||
- Do not edit generated files (`*.gen.go`, `backend/docs/docs.go`).
|
||||
- Keep controller thin; changes limited to jobs/services/providers.
|
||||
- Preserve local provider behavior; add S3 path without regression.
|
||||
- Fix lint issues without behavior changes or API surface drift.
|
||||
|
||||
## Project Structure
|
||||
|
||||
@@ -32,76 +31,85 @@ Adapt the media processing worker to support S3/MinIO storage by downloading sou
|
||||
|
||||
```text
|
||||
docs/
|
||||
└── plan.md # This plan
|
||||
└── plan.md
|
||||
```
|
||||
|
||||
### Source Code (repository root)
|
||||
|
||||
```text
|
||||
backend/
|
||||
├── app/
|
||||
│ ├── jobs/
|
||||
│ │ ├── media_process_job.go
|
||||
│ │ └── args/media_asset_process.go
|
||||
│ └── services/
|
||||
│ └── common.go
|
||||
└── providers/
|
||||
└── storage/provider.go
|
||||
├── app/services/super.go
|
||||
├── app/services/creator_report.go
|
||||
├── app/services/content.go
|
||||
├── app/services/creator.go
|
||||
├── app/services/coupon.go
|
||||
├── app/services/common.go
|
||||
├── app/commands/seed/seed.go
|
||||
├── app/commands/storage_migrate/migrate.go
|
||||
├── app/jobs/media_process_job.go
|
||||
├── providers/http/swagger/config.go
|
||||
├── providers/http/swagger/template.go
|
||||
├── providers/http/engine.go
|
||||
├── providers/jwt/jwt.go
|
||||
├── providers/postgres/config.go
|
||||
└── providers/postgres/postgres.go
|
||||
|
||||
fixtures/
|
||||
└── demo.mp4
|
||||
frontend/
|
||||
├── superadmin/
|
||||
│ ├── src/
|
||||
│ └── package.json
|
||||
└── portal/
|
||||
├── src/
|
||||
└── package.json
|
||||
```
|
||||
|
||||
**Structure Decision**: Web application backend; scope limited to media processing worker and storage provider integration.
|
||||
**Structure Decision**: Web application; full repo lint remediation (backend + frontend).
|
||||
|
||||
|
||||
## Plan Phases
|
||||
|
||||
1. **Design & plumbing**: Define temp file conventions and storage download API for S3/local.
|
||||
2. **Implementation**: Add S3 processing flow to worker and cover asset registration; keep local path intact.
|
||||
3. **Verification**: Add tests (or integration checks) and run fixture-based ffmpeg validation.
|
||||
1. **Security & correctness**: Address gosec issues (weak crypto, weak random, unsafe conversions) and errcheck/errorlint/wrapcheck failures.
|
||||
2. **De-duplication & complexity**: Reduce dupl/gocognit/gocyclo/funlen by extracting helpers and simplifying large service methods (especially `services/super.go`).
|
||||
3. **Style & formatting**: Resolve revive naming issues, line-length (lll), prealloc, nilerr, and other style violations.
|
||||
4. **Frontend lint/build**: Resolve frontend lint/build issues for portal/superadmin.
|
||||
5. **Verification**: Run backend and frontend lint/build/test commands until clean.
|
||||
|
||||
## Tasks
|
||||
|
||||
1. **Define storage download interface**
|
||||
- Add a storage provider helper to download an object to a local temp file (local: copy from `LocalPath/objectKey` without rename; S3: `FGetObject`).
|
||||
- Ensure helper never mutates/deletes the source object, creates parent dirs for destination, and overwrites the destination if it already exists.
|
||||
- Ensure API is used by jobs without leaking provider-specific logic.
|
||||
|
||||
2. **Adapt `MediaProcessWorker` for S3/MinIO**
|
||||
- For non-local providers, download the source object into a temp directory.
|
||||
- Run ffmpeg to extract a cover image from the temp file.
|
||||
- Upload the cover via `storage.PutObject` and register the derived media asset.
|
||||
- Ensure temp directories/files are cleaned on success or failure.
|
||||
|
||||
3. **Update cover asset registration**
|
||||
- For non-local providers, avoid filesystem rename; upload via storage provider and keep object key conventions.
|
||||
- Use `storage.PutObject(ctx, objectKey, coverTempPath, "image/jpeg")`, then cleanup temp files/dirs.
|
||||
- Keep local path move behavior unchanged.
|
||||
|
||||
4. **Add tests / verification hooks**
|
||||
- Add a job/service test for S3 path (gated by MinIO env if needed).
|
||||
- Keep/extend local path test to ensure no regression.
|
||||
- Validate `fixtures/demo.mp4` can produce a cover with ffmpeg.
|
||||
1. Capture baseline lint outputs (save `cd backend && make lint` output; run `npm -C frontend/superadmin run lint` / `npm -C frontend/portal run lint`) and group errors by category/file; establish remediation order (security → complexity → style).
|
||||
2. Fix gosec issues: choose between (a) keep MD5 for non-security hashing with explicit `//nolint:gosec` justification, or (b) migrate to SHA-256 with any required backfill; switch weak random to crypto/rand where required; guard integer conversions.
|
||||
3. Fix errcheck/errorlint/wrapcheck issues in providers and error handling.
|
||||
4. Remove duplicated blocks (dupl) by extracting shared helper functions in `services/super.go` and `services/creator_report.go`.
|
||||
5. Reduce high cognitive/cyclomatic complexity by helper extraction only; keep inputs/outputs and query semantics unchanged.
|
||||
6. Address revive naming and lll formatting (split long lines, rename variables/types as needed).
|
||||
7. Run backend verification (`cd backend && make lint`, `go test ./...`).
|
||||
8. Run frontend lint/build (`npm -C frontend/superadmin run lint`, `npm -C frontend/superadmin run build`, `npm -C frontend/portal run lint`, `npm -C frontend/portal run build`). Review ESLint `--fix` diffs carefully.
|
||||
9. Re-run all lint/build/test commands until clean.
|
||||
|
||||
## Dependencies
|
||||
|
||||
- Task 1 must complete before Task 2 (worker needs download API).
|
||||
- Task 2 must complete before Task 3 (cover registration requires new flow).
|
||||
- Task 4 depends on Task 2 & 3 (tests rely on updated pipeline).
|
||||
- Security fixes precede refactors to ensure safe baselines.
|
||||
- De-duplication/complexity refactors should precede style fixes to avoid rework.
|
||||
- Backend verification depends on remediation tasks; frontend verification depends on frontend lint/build tasks.
|
||||
|
||||
## Acceptance Criteria
|
||||
|
||||
- **Local path unchanged**: `MediaProcessWorker` still generates a cover image for local provider when ffmpeg is available.
|
||||
- **S3/MinIO path works**: For `Storage.Type = s3`, the worker downloads source media, generates cover via ffmpeg, uploads cover to bucket, and creates a derived `media_assets` record with correct object key.
|
||||
- **Fixture validation**: `ffmpeg -y -i fixtures/demo.mp4 -ss 00:00:00.000 -vframes 1 /tmp/demo_cover.jpg` succeeds locally and produces a non-empty file.
|
||||
- **S3/MinIO test config**: tests load Storage config with `Type=s3`, `Endpoint`, `AccessKey`, `SecretKey`, `Bucket`, `PathStyle` (true for MinIO).
|
||||
- **Automated checks** (to be added in this phase):
|
||||
- `go test ./backend/app/jobs -run TestMediaProcessWorkerS3 -count=1` passes (with S3/MinIO config loaded).
|
||||
- `go test ./backend/app/jobs -run TestMediaProcessWorkerLocal -count=1` passes.
|
||||
- Backend lint passes with no errors (`cd backend && make lint`).
|
||||
- Frontend lint/build passes (`npm -C frontend/superadmin run lint`, `npm -C frontend/superadmin run build`, `npm -C frontend/portal run lint`, `npm -C frontend/portal run build`).
|
||||
- `go test ./...` passes (or failures are documented as pre-existing and approved).
|
||||
- No generated files modified manually.
|
||||
- No functional/API behavior changes observed during lint fixes.
|
||||
|
||||
## Risks
|
||||
|
||||
- **ffmpeg not installed**: Worker should detect and log; processing should fail gracefully.
|
||||
- **Temp storage pressure**: Large media downloads may exceed disk; ensure cleanup on all paths.
|
||||
- **S3 connectivity/transient errors**: Add retry or error propagation to avoid silent failures.
|
||||
- **Access policies**: Misconfigured bucket policies may prevent download/upload; surface clear errors.
|
||||
- Large refactors in `services/super.go` may inadvertently change behavior; must keep refactors minimal and covered by tests.
|
||||
- Security fixes may require signature changes (e.g., hash algorithm changes); need careful review for backward compatibility.
|
||||
- Volume of lint violations may require staged remediation; ensure each stage keeps lint green where possible.
|
||||
|
||||
## Complexity Tracking
|
||||
|
||||
> **Fill ONLY if Constitution Check has violations that must be justified**
|
||||
|
||||
| Violation | Why Needed | Simpler Alternative Rejected Because |
|
||||
|-----------|------------|-------------------------------------|
|
||||
| N/A | N/A | N/A |
|
||||
|
||||
Reference in New Issue
Block a user