feat(cli): configure anon-rules in branchd.json

Author: rafbgarcia

internal/cli/client/client.go

@@ -269,3 +269,57 @@ func (c *Client) UpdateServer(serverIP string) error {
 	return nil
 }
 
+// AnonRule represents an anonymization rule
+type AnonRule struct {
+	Table    string `json:"table"`
+	Column   string `json:"column"`
+	Template string `json:"template"`
+}
+
+// UpdateAnonRulesRequest represents the bulk update request
+type UpdateAnonRulesRequest struct {
+	Rules []AnonRule `json:"rules"`
+}
+
+// UpdateAnonRules bulk replaces all anonymization rules
+func (c *Client) UpdateAnonRules(serverIP string, rules []AnonRule) error {
+	token, err := auth.LoadToken(serverIP)
+	if err != nil {
+		return err
+	}
+
+	reqBody := UpdateAnonRulesRequest{
+		Rules: rules,
+	}
+
+	jsonData, err := json.Marshal(reqBody)
+	if err != nil {
+		return fmt.Errorf("failed to marshal request: %w", err)
+	}
+
+	req, err := http.NewRequest(
+		"PUT",
+		fmt.Sprintf("%s/api/anon-rules", c.baseURL),
+		bytes.NewBuffer(jsonData),
+	)
+	if err != nil {
+		return fmt.Errorf("failed to create request: %w", err)
+	}
+
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", token))
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return fmt.Errorf("failed to send request: %w", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		body, _ := io.ReadAll(resp.Body)
+		return fmt.Errorf("failed to update anon rules (status %d): %s", resp.StatusCode, string(body))
+	}
+
+	return nil
+}
+

internal/cli/commands/update_anon_rules.go

@@ -0,0 +1,71 @@
+package commands
+
+import (
+	"fmt"
+
+	"github.com/branchd-dev/branchd/internal/cli/client"
+	"github.com/branchd-dev/branchd/internal/cli/config"
+	"github.com/spf13/cobra"
+)
+
+// NewUpdateAnonRulesCmd creates the update-anon-rules command
+func NewUpdateAnonRulesCmd() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "update-anon-rules",
+		Short: "Update anonymization rules on all servers",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return runUpdateAnonRules()
+		},
+	}
+
+	return cmd
+}
+
+func runUpdateAnonRules() error {
+	// Load config from current directory
+	cfg, err := config.LoadFromCurrentDir()
+	if err != nil {
+		return fmt.Errorf("failed to load config: %w\nRun 'branchd init' to create a configuration file", err)
+	}
+
+	// Check if anonRules are defined
+	if cfg.AnonRules == nil {
+		return fmt.Errorf("no anonRules defined in branchd.json")
+	}
+
+	if len(cfg.Servers) == 0 {
+		return fmt.Errorf("no servers configured. Run 'branchd init' to add a server")
+	}
+
+	// Convert config rules to client rules
+	var rules []client.AnonRule
+	for _, rule := range cfg.AnonRules {
+		rules = append(rules, client.AnonRule{
+			Table:    rule.Table,
+			Column:   rule.Column,
+			Template: rule.Template,
+		})
+	}
+
+	// Update all servers
+	for _, server := range cfg.Servers {
+		if server.IP == "" {
+			continue
+		}
+
+		fmt.Printf("Updating server '%s' (%s)... ", server.Alias, server.IP)
+
+		// Create API client
+		apiClient := client.New(server.IP)
+
+		// Update rules on server
+		if err := apiClient.UpdateAnonRules(server.IP, rules); err != nil {
+			fmt.Printf("Failed to update server '%s': %v\n", server.Alias, err)
+			continue
+		}
+
+		fmt.Printf("Done\n")
+	}
+
+	return nil
+}

internal/cli/config/config.go

@@ -15,9 +15,17 @@ type Server struct {
 	Alias string `json:"alias"`
 }
 
+// AnonRule represents an anonymization rule
+type AnonRule struct {
+	Table    string `json:"table"`
+	Column   string `json:"column"`
+	Template string `json:"template"`
+}
+
 // Config represents the CLI configuration file
 type Config struct {
-	Servers []Server `json:"servers"`
+	Servers   []Server   `json:"servers"`
+	AnonRules []AnonRule `json:"anonRules,omitempty"`
 }
 
 // DefaultConfig returns a default configuration with example servers

internal/cli/root.go

@@ -47,6 +47,7 @@ func init() {
 	rootCmd.AddCommand(commands.NewSelectServerCmd())
 	rootCmd.AddCommand(commands.NewUpdateCmd(version))
 	rootCmd.AddCommand(commands.NewUpdateServerCmd())
+	rootCmd.AddCommand(commands.NewUpdateAnonRulesCmd())
 }
 
 // Execute runs the root command

internal/server/anon_rules_handlers.go

@@ -15,6 +15,10 @@ type CreateAnonRuleRequest struct {
 	Template string `json:"template" binding:"required"`
 }
 
+type UpdateAnonRulesRequest struct {
+	Rules []CreateAnonRuleRequest `json:"rules" binding:"required"`
+}
+
 // @Router /api/anon-rules [get]
 // @Success 200 {object} []models.AnonRule
 func (s *Server) listAnonRules(c *gin.Context) {
@@ -93,3 +97,61 @@ func (s *Server) deleteAnonRule(c *gin.Context) {
 
 	c.Status(http.StatusNoContent)
 }
+
+// @Router /api/anon-rules [put]
+// @Param request body UpdateAnonRulesRequest true "Update anon rules request"
+// @Success 200 {object} []models.AnonRule
+func (s *Server) updateAnonRules(c *gin.Context) {
+	var req UpdateAnonRulesRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		s.logger.Warn().Err(err).Msg("Invalid request body")
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid request body", "details": err.Error()})
+		return
+	}
+
+	// Use transaction to ensure atomicity (delete all + insert all)
+	err := s.db.Transaction(func(tx *gorm.DB) error {
+		// Delete all existing rules
+		if err := tx.Where("1=1").Delete(&models.AnonRule{}).Error; err != nil {
+			return err
+		}
+
+		// Insert new rules
+		var newRules []models.AnonRule
+		for _, rule := range req.Rules {
+			newRules = append(newRules, models.AnonRule{
+				Table:    rule.Table,
+				Column:   rule.Column,
+				Template: rule.Template,
+			})
+		}
+
+		if len(newRules) > 0 {
+			if err := tx.Create(&newRules).Error; err != nil {
+				return err
+			}
+		}
+
+		return nil
+	})
+
+	if err != nil {
+		s.logger.Error().Err(err).Msg("Failed to update anon rules")
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to update anonymization rules"})
+		return
+	}
+
+	// Load and return the new rules
+	var rules []models.AnonRule
+	if err := s.db.Order("created_at DESC").Find(&rules).Error; err != nil {
+		s.logger.Error().Err(err).Msg("Failed to load anon rules")
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Internal server error"})
+		return
+	}
+
+	s.logger.Info().
+		Int("count", len(rules)).
+		Msg("Updated anonymization rules")
+
+	c.JSON(http.StatusOK, rules)
+}

internal/server/server.go

@@ -265,6 +265,7 @@ func (s *Server) setupRouter() {
 		// Anonymization rules (global)
 		api.GET("/anon-rules", s.listAnonRules)
 		api.POST("/anon-rules", s.createAnonRule)
+		api.PUT("/anon-rules", s.updateAnonRules)
 		api.DELETE("/anon-rules/:id", s.deleteAnonRule)
 
 		// Branches

web/src/lib/openapi.ts

@@ -146,6 +146,10 @@ export interface InternalServerSystemInfoResponse {
   vm?: InternalServerVMMetrics;
 }
 
+export interface InternalServerUpdateAnonRulesRequest {
+  rules: InternalServerCreateAnonRuleRequest[];
+}
+
 export interface InternalServerUpdateConfigRequest {
   connectionString?: string;
   domain?: string;
@@ -433,6 +437,18 @@ export class Api<
         ...params,
       }),
 
+    anonRulesUpdate: (
+      request: InternalServerUpdateAnonRulesRequest,
+      params: RequestParams = {},
+    ) =>
+      this.request<GithubComBranchdDevBranchdInternalModelsAnonRule[], any>({
+        path: `/api/anon-rules`,
+        method: "PUT",
+        body: request,
+        type: ContentType.Json,
+        ...params,
+      }),
+
     anonRulesCreate: (
       request: InternalServerCreateAnonRuleRequest,
       params: RequestParams = {},