feat: simplify plugin structure via SDK v1.9.0 (#171)

* updated to use the latest SDK version

Signed-off-by: Eddie Knight <knight@linux.com>

* go mod tody now that sdk v1.8.0 is released

Signed-off-by: Eddie Knight <knight@linux.com>

* removed now-redundant function

Signed-off-by: Eddie Knight <knight@linux.com>

* fixed tests

Signed-off-by: Eddie Knight <knight@linux.com>

* Extract embed.FS catalog reader logic to SDK v1.9.0

Signed-off-by: Eddie Knight <knight@linux.com>

* go mod tidy

Signed-off-by: Eddie Knight <knight@linux.com>

---------

Signed-off-by: Eddie Knight <knight@linux.com>

Author: eddie-knight

.gitignore

@@ -10,4 +10,7 @@ config.yml
 output
 
 # go test coverage output
-coverage.out
+coverage.out
+
+# A safe space for keeping local development notes
+TODO.md

data/baseline/reader.go

@@ -2,11 +2,9 @@ package baseline
 
 import (
 	"embed"
-	"fmt"
-	"path"
 
-	"github.com/goccy/go-yaml"
 	"github.com/ossf/gemara/layer2"
+	"github.com/privateerproj/privateer-sdk/pluginkit"
 )
 
 // We have tight control over the catalog right now while it is local, but
@@ -16,78 +14,6 @@ const dataDir string = "catalog"
 //go:embed catalog
 var files embed.FS
 
-func GetAssessmentRequirements() (map[string]*layer2.AssessmentRequirement, error) {
-	requirements := make(map[string]*layer2.AssessmentRequirement)
-	catalog, err := loadCatalog()
-	if err != nil {
-		return nil, err
-	}
-	for _, family := range catalog.ControlFamilies {
-		for _, control := range family.Controls {
-			for _, requirement := range control.AssessmentRequirements {
-				requirements[requirement.Id] = &requirement
-			}
-		}
-	}
-
-	if len(requirements) == 0 {
-		return nil, fmt.Errorf("GetAssessmentRequirements: 0 requirements found")
-	}
-
-	return requirements, nil
-}
-
-// ReadAllYAMLFiles reads all YAML files in the data directory and returns the complete catalog data
-func loadCatalog() (catalog layer2.Catalog, err error) {
-	dir, err := files.ReadDir(dataDir)
-	// Check if files are in the right place
-	if err != nil {
-		return catalog, fmt.Errorf("data directory does not exist: %s", dataDir)
-	}
-
-	catalog = layer2.Catalog{
-		ControlFamilies: []layer2.ControlFamily{},
-	}
-
-	// Process each YAML file
-	for _, file := range dir {
-		filePath := path.Join(dataDir, file.Name())
-		controlFamily, err := readYAMLFile(filePath)
-		if err != nil {
-			return catalog, fmt.Errorf("failed to read file %s: %w", filePath, err)
-		}
-
-		catalog.ControlFamilies = append(catalog.ControlFamilies, *controlFamily)
-	}
-
-	return catalog, nil
-}
-
-// ReadYAMLFile reads a single YAML file and returns the control family data
-func readYAMLFile(filePath string) (*layer2.ControlFamily, error) {
-	data, err := files.ReadFile(filePath)
-	if err != nil {
-		return nil, fmt.Errorf("failed to read file: %w", err)
-	}
-
-	var yamlData layer2.Catalog
-	if err := yaml.Unmarshal(data, &yamlData); err != nil {
-		return nil, fmt.Errorf("failed to unmarshal YAML: %w", err)
-	}
-
-	if len(yamlData.ControlFamilies) == 0 {
-		return nil, fmt.Errorf("no control families found in file: %s", filePath)
-	}
-
-	// Assuming one control family per file as per the current structure
-	familyData := yamlData.ControlFamilies[0]
-
-	controlFamily := &layer2.ControlFamily{
-		Id:          familyData.Id, // Use the ID from the YAML data
-		Title:       familyData.Title,
-		Description: familyData.Description,
-		Controls:    familyData.Controls,
-	}
-
-	return controlFamily, nil
+func GetBaselineCatalog() (layer2.Catalog, error) {
+	return pluginkit.GetPluginCatalog(dataDir, files)
 }

data/baseline/reader_test.go

@@ -238,7 +238,7 @@ func (r *RestData) loadSecurityInsights() {
 func (r *RestData) getRepoContents() {
 	_, content, _, err := r.ghClient.Repositories.GetContents(context.Background(), r.owner, r.repo, "", nil)
 	if err != nil {
-		r.Config.Logger.Error(fmt.Sprintf("failed to retrieve contents top level contents: %s", err.Error()))
+		r.Config.Logger.Error(fmt.Sprintf("failed to retrieve top-level repo contents via GitHub API: %s", err.Error()))
 		return
 	}
 	r.contents.Content = content
@@ -247,7 +247,7 @@ func (r *RestData) getRepoContents() {
 		return
 	}
 	r.contents.SubContent = make(map[string]RepoContent)
-	r.Config.Logger.Trace(fmt.Sprintf("retrieved %d top-level contents", len(r.contents.Content)))
+	r.Config.Logger.Trace(fmt.Sprintf("found %d top-level objects from GitHub API", len(r.contents.Content)))
 }
 
 func (c *RepoContent) GetSubdirContentByPath(r *RestData, path string) (RepoContent, error) {