Refactor to use google/wire instead of fx

.github/workflows/build.yaml

@@ -17,7 +17,11 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v2
         with:
-          go-version: '1.22.5'
+          go-version: '1.23'
+      - name: Install Wire
+        run: |
+          go install github.com/google/wire/cmd/wire@latest
+          echo "$HOME/go/bin" >> "$GITHUB_PATH"
       - name: Build
         run: make build && make git-porcelain
 

.github/workflows/grype.yaml

@@ -3,32 +3,28 @@ name: Docker Image Scan
 on:
   pull_request:
     branches: [ main ]
-    paths:
-      - 'Dockerfile'
-      - 'docker-compose*.yml'
-      - '.docker/**'
 
 jobs:
   scan:
     name: Build and Scan
     runs-on: ubuntu-latest
-    environment: security
     concurrency:
       group: ${{ github.workflow }}-${{ github.ref }}
       cancel-in-progress: true
 
     steps:
-    - name: Notify on failure
-      if: failure()
-      uses: actions/github-script@v6
-      with:
-        script: |
-          github.rest.issues.createComment({
-            issue_number: context.issue.number,
-            owner: context.repo.owner,
-            repo: context.repo.repo,
-            body: '❌ Container security scan failed. Please check the workflow logs.'
-          })
+      - name: Notify on failure
+        if: failure()
+        uses: actions/github-script@v6
+        with:
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: '❌ Container security scan failed. Please check the workflow logs.'
+            })
+
       - name: Checkout code
         uses: actions/checkout@v3
 
@@ -53,5 +49,4 @@ jobs:
         uses: github/codeql-action/upload-sarif@v2
         if: success() || failure()
         with:
-          sarif_file: results.sarif
-
+          sarif_file: results.sarif

Makefile

@@ -1,27 +1,21 @@
-# Default target
 .DEFAULT_GOAL := all
 
-# Build target
-build:
+build: wire
 	go build -o bin/minefield main.go
 
-# Test target
 test:
 	go test -v -coverprofile=coverage.out ./...
 
 test-e2e: docker-up
 	e2e=true go test -v -coverprofile=coverage.out ./...
 
-# Clean target
 clean:
 	rm -rf bin
 
-# Clean Redis data
 clean-redis:
 	docker compose exec -T redis redis-cli ping || docker compose up -d redis
 	docker compose exec -T redis redis-cli FLUSHALL
 
-# Docker targets
 docker-up: docker-down
 	docker compose up -d
 
@@ -40,6 +34,12 @@ go-mod-tidy:
 git-porcelain: 
 	git status --porcelain
 
-all: build test docker-build go-mod-tidy git-porcelain
+check-wire:
+	@command -v wire >/dev/null 2>&1 || { echo >&2 "wire is not installed. Please install wire. go install github.com/google/wire/cmd/wire@latest"; exit 1; }
 
-.PHONY: test test-e2e build clean clean-redis docker-up docker-down docker-logs docker-build all buf-generate install-buf
+wire: check-wire
+	cd cmd/server && wire || { echo "Wire generation failed in cmd/server"; exit 1; }
+
+all: wire build test docker-build go-mod-tidy git-porcelain
+
+.PHONY: test test-e2e build clean clean-redis docker-up docker-down docker-logs docker-build all wire

api/v1/service_test.go

@@ -73,7 +73,7 @@ func TestGetNodesByGlob(t *testing.T) {
 func TestQueriesIngestAndCache(t *testing.T) {
 	s := setupService()
 
-	result, err := ingest.LoadDataFromPath(s.storage, "../../testdata/osv-sboms/google_agi.sbom.json")
+	result, err := ingest.LoadDataFromPath("../../testdata/osv-sboms/google_agi.sbom.json")
 	require.NoError(t, err)
 	for _, data := range result {
 		sbomReq := connect.NewRequest(&service.IngestSBOMRequest{

cmd/ingest/ingest.go

@@ -4,7 +4,6 @@ import (
 	"github.com/bitbomdev/minefield/cmd/ingest/osv"
 	"github.com/bitbomdev/minefield/cmd/ingest/sbom"
 	"github.com/bitbomdev/minefield/cmd/ingest/scorecard"
-	"github.com/bitbomdev/minefield/pkg/graph"
 	"github.com/spf13/cobra"
 )
 
@@ -13,16 +12,16 @@ type options struct{}
 func (o *options) AddFlags(_ *cobra.Command) {
 }
 
-func New(storage graph.Storage) *cobra.Command {
+func New() *cobra.Command {
 	cmd := &cobra.Command{
 		Use:               "ingest",
 		Short:             "ingest metadata into the graph",
 		SilenceUsage:      true,
 		DisableAutoGenTag: true,
 	}
 
-	cmd.AddCommand(osv.New(storage))
-	cmd.AddCommand(sbom.New(storage))
-	cmd.AddCommand(scorecard.New(storage))
+	cmd.AddCommand(osv.New())
+	cmd.AddCommand(sbom.New())
+	cmd.AddCommand(scorecard.New())
 	return cmd
 }

cmd/ingest/ingest_test.go

@@ -0,0 +1,33 @@
+package ingest
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestNewCommand(t *testing.T) {
+	cmd := New()
+	assert.NotNil(t, cmd, "Ingest command should not be nil")
+
+	assert.Equal(t, "ingest", cmd.Use, "Command 'Use' should be 'ingest'")
+	assert.Equal(t, "ingest metadata into the graph", cmd.Short, "Command 'Short' description should match")
+
+	subcommands := cmd.Commands()
+	subcommandUses := []string{}
+	for _, subcmd := range subcommands {
+		subcommandUses = append(subcommandUses, subcmd.Use)
+	}
+
+	expectedSubcommands := []string{
+		"osv [path to vulnerability file/dir]",
+		"sbom [path to sbom file/dir]",
+		"scorecard [path to scorecard file/dir]",
+	}
+	assert.ElementsMatch(t, expectedSubcommands, subcommandUses, "Subcommands should match expected list")
+}
+
+func TestWireDependencyResolution(t *testing.T) {
+	cmd := New()
+	assert.NotNil(t, cmd, "Ingest command should initialize without error")
+}

cmd/ingest/osv/osv.go

@@ -8,15 +8,13 @@
 	"connectrpc.com/connect"
 	apiv1 "github.com/bitbomdev/minefield/gen/api/v1"
 	"github.com/bitbomdev/minefield/gen/api/v1/apiv1connect"
-	"github.com/bitbomdev/minefield/pkg/graph"
 	"github.com/bitbomdev/minefield/pkg/tools"
 	"github.com/bitbomdev/minefield/pkg/tools/ingest"
 	"github.com/spf13/cobra"
 )
 
 type options struct {
-	storage graph.Storage
-	addr  string // Address of the minefield server
+	addr string // Address of the minefield server
 
 	ingestServiceClient apiv1connect.IngestServiceClient
 }
@@ -37,8 +35,8 @@
 	}
 	vulnsPath := args[0]
 	// Ingest vulnerabilities
-	result, err := ingest.LoadDataFromPath(o.storage, vulnsPath)
+	result, err := ingest.LoadDataFromPath(vulnsPath)
 	if err != nil {
 		return fmt.Errorf("failed to load vulnerabilities: %w", err)
 	}
 	for index, data := range result {
@@ -56,10 +54,8 @@
 	return nil
 }
 
-func New(storage graph.Storage) *cobra.Command {
-	o := &options{
-		storage: storage,
-	}
+func New() *cobra.Command {
+	o := &options{}
 	cmd := &cobra.Command{
 		Use:               "osv [path to vulnerability file/dir]",
 		Short:             "Graph vulnerability data into the graph, and connect it to existing library nodes",

cmd/ingest/osv/osv_test.go

@@ -0,0 +1,50 @@
+package osv
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/spf13/pflag"
+)
+
+func TestNew(t *testing.T) {
+	tests := []struct {
+		name          string
+		wantUse       string
+		wantShort     string
+		wantFlagCount int
+	}{
+		{
+			name:          "creates command with correct configuration",
+			wantUse:       "osv [path to vulnerability file/dir]",
+			wantShort:     "Graph vulnerability data into the graph, and connect it to existing library nodes",
+			wantFlagCount: 1, // Should have the "addr" flag
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			cmd := New()
+
+			// Test basic command properties
+			assert.Equal(t, tt.wantUse, cmd.Use)
+			assert.Equal(t, tt.wantShort, cmd.Short)
+			assert.True(t, cmd.DisableAutoGenTag)
+			assert.NotNil(t, cmd.RunE)
+
+			// Test flags
+			flags := cmd.Flags()
+
+			// Count the number of defined flags
+			flagCount := 0
+			flags.VisitAll(func(*pflag.Flag) { flagCount++ })
+			assert.Equal(t, tt.wantFlagCount, flagCount)
+
+			// Test addr flag specifically
+			addrFlag := flags.Lookup("addr")
+			assert.NotNil(t, addrFlag)
+			assert.Equal(t, "string", addrFlag.Value.Type())
+			assert.Equal(t, DefaultAddr, addrFlag.DefValue)
+		})
+	}
+}

cmd/ingest/sbom/sbom.go

@@ -8,15 +8,13 @@ import (
 	"connectrpc.com/connect"
 	apiv1 "github.com/bitbomdev/minefield/gen/api/v1"
 	"github.com/bitbomdev/minefield/gen/api/v1/apiv1connect"
-	"github.com/bitbomdev/minefield/pkg/graph"
 	"github.com/bitbomdev/minefield/pkg/tools"
 	"github.com/bitbomdev/minefield/pkg/tools/ingest"
 	"github.com/spf13/cobra"
 )
 
 type options struct {
-	storage graph.Storage
-	addr    string // Address of the minefield server
+	addr string // Address of the minefield server
 
 	ingestServiceClient apiv1connect.IngestServiceClient
 }
@@ -38,7 +36,7 @@ func (o *options) Run(_ *cobra.Command, args []string) error {
 	}
 	sbomPath := args[0]
 	// Ingest SBOM
-	result, err := ingest.LoadDataFromPath(o.storage, sbomPath)
+	result, err := ingest.LoadDataFromPath(sbomPath)
 	if err != nil {
 		return fmt.Errorf("failed to ingest SBOM: %w", err)
 	}
@@ -59,10 +57,8 @@ func (o *options) Run(_ *cobra.Command, args []string) error {
 	return nil
 }
 
-func New(storage graph.Storage) *cobra.Command {
-	o := &options{
-		storage: storage,
-	}
+func New() *cobra.Command {
+	o := &options{}
 	cmd := &cobra.Command{
 		Use:               "sbom [path to sbom file/dir]",
 		Short:             "Ingest an sbom into the graph ",

cmd/ingest/sbom/sbom_test.go

@@ -0,0 +1,29 @@
+package sbom
+
+import (
+	"testing"
+)
+
+func TestNew(t *testing.T) {
+	cmd := New()
+
+	if cmd.Use != "sbom [path to sbom file/dir]" {
+		t.Errorf("expected Use to be 'sbom [path to sbom file/dir]', got %s", cmd.Use)
+	}
+
+	if cmd.Short != "Ingest an sbom into the graph " {
+		t.Errorf("expected Short to be 'Ingest an sbom into the graph ', got %s", cmd.Short)
+	}
+
+	if cmd.Args == nil || cmd.Args(nil, []string{"arg1"}) != nil {
+		t.Errorf("expected Args to be cobra.ExactArgs(1)")
+	}
+
+	if cmd.DisableAutoGenTag != true {
+		t.Errorf("expected DisableAutoGenTag to be true")
+	}
+
+	if cmd.RunE == nil {
+		t.Errorf("expected RunE to be set")
+	}
+}

cmd/ingest/scorecard/scorecard.go

@@ -6,17 +6,15 @@
 	"net/http"
 
 	"connectrpc.com/connect"
-	"github.com/bitbomdev/minefield/gen/api/v1"
+	apiv1 "github.com/bitbomdev/minefield/gen/api/v1"
 	"github.com/bitbomdev/minefield/gen/api/v1/apiv1connect"
-	"github.com/bitbomdev/minefield/pkg/graph"
 	"github.com/bitbomdev/minefield/pkg/tools"
 	"github.com/bitbomdev/minefield/pkg/tools/ingest"
 	"github.com/spf13/cobra"
 )
 
 type options struct {
-	storage graph.Storage
-	addr  string // Address of the minefield server
+	addr string // Address of the minefield server
 
 	ingestServiceClient apiv1connect.IngestServiceClient
 }
@@ -38,7 +36,7 @@
 	}
 	scorecardPath := args[0]
 
-	result, err := ingest.LoadDataFromPath(o.storage, scorecardPath)
+	result, err := ingest.LoadDataFromPath(scorecardPath)
 	if err != nil {
 		return fmt.Errorf("failed to ingest SBOM: %w", err)
 	}
@@ -59,10 +57,8 @@
 	return nil
 }
 
-func New(storage graph.Storage) *cobra.Command {
-	o := &options{
-		storage: storage,
-	}
+func New() *cobra.Command {
+	o := &options{}
 	cmd := &cobra.Command{
 		Use:               "scorecard [path to scorecard file/dir]",
 		Short:             "Graph scorecard data into the graph, and connect it to existing library nodes",