Documentation
¶
Overview ¶
Package config carries the layered-config primitives shared across cli-guard consumers: path helpers, repo-slug derivation, the Audit
Path defaults and per-repo audit derivation. Globals live under ~/.coily so they outlive any individual repo. Locals live under
Index ¶
- Constants
- func DefaultAuditPath() (string, error)
- func ExpandHome(p string) string
- func GlobalConfigPath() (string, error)
- func GlobalDir() (string, error)
- func LocalConfigPath() (string, error)
- func OverlayFile[T any](dst *T, path string) error
- func RepoAuditSlug() string
- func ResetRepoSlugCacheForTest()
- func SanitizeSlug(s string) string
- func SessionDir(sessionID string) (string, error)
- func SessionProfilePath(sessionID string) (string, error)
- type Audit
Constants ¶
const AuditSubdir = "audit"
AuditSubdir is the subdirectory under the global dir where per-repo audit logs live. One JSONL file per repo slug.
const GlobalDirName = ".coily"
GlobalDirName is the single directory under $HOME that holds every coily global - configs and the per-repo audit subtree.
const LocalDirName = ".coily"
LocalDirName is the per-repo overlay directory. Lives at the root of the checkout. Holds the local config overlay and the per-repo command
const SessionProfileFile = "profile"
SessionProfileFile is the basename of the per-session sentinel file containing the active lockdown profile name. Plain text, one line.
const SessionsSubdir = "sessions"
SessionsSubdir is the subdirectory under AuditSubdir where per-session state lives. One directory per CLAUDE_CODE_SESSION_ID. Currently holds
const UnrootedAuditName = "_unrooted"
UnrootedAuditName is the slug used when coily is invoked outside any git repo (or inside one with no origin remote). All such invocations land in
Variables ¶
This section is empty.
Functions ¶
func DefaultAuditPath ¶
DefaultAuditPath returns ~/.coily/audit/<slug>.jsonl, where slug is derived from the current git repo's origin remote. Falls back to
func ExpandHome ¶
ExpandHome turns a leading "~/" or "~" into the user's home directory. Returns the input unchanged if it doesn't start with "~" or if $HOME
func GlobalConfigPath ¶
GlobalConfigPath returns ~/.coily/config.yaml.
func GlobalDir ¶
GlobalDir returns ~/.coily, expanded against $HOME. Returns an error only if $HOME cannot be resolved.
func LocalConfigPath ¶
LocalConfigPath returns ./.coily/config.yaml relative to the current working directory. The file may or may not exist.
func OverlayFile ¶
OverlayFile reads path (if it exists) and yaml-unmarshals onto dst. Missing file is not an error: the consumer's prior layer keeps its
func RepoAuditSlug ¶
func RepoAuditSlug() string
RepoAuditSlug returns the audit slug for the current working directory. Format: "<owner>-<repo>" lowercased and reduced to [a-z0-9-]. Returns
func ResetRepoSlugCacheForTest ¶
func ResetRepoSlugCacheForTest()
ResetRepoSlugCacheForTest clears the cache. Test-only.
func SanitizeSlug ¶
SanitizeSlug normalizes input to lowercase, replaces every non-[a-z0-9-] run with a single dash, and trims leading and trailing dashes. Exported
func SessionDir ¶
SessionDir returns ~/.coily/audit/sessions/<sessionID>. Caller is responsible for MkdirAll. Returns an error if sessionID is empty or
func SessionProfilePath ¶
SessionProfilePath returns the per-session profile sentinel file path for sessionID. Errors propagate from SessionDir.
Types ¶
type Audit ¶
type Audit struct {
LogPath string `yaml:"log_path"`
MaxSizeMB int `yaml:"max_size_mb"`
MaxBackups int `yaml:"max_backups"`
MaxAgeDays int `yaml:"max_age_days"`
Compress bool `yaml:"compress"`
}
Audit controls where the JSONL audit log lives and how lumberjack rotates it. LogPath defaults to ~/.coily/audit/<slug>.jsonl when left
Source Files