refactor: improve secrets and retry lint

Author: haasonsaas

cmd/inventory/main.go

@@ -24,7 +24,7 @@ func main() {
 
 	// Load database configuration from secrets
 	dbConfig := secretHelper.LoadDatabaseConfig()
-	dsn, err := secretHelper.BuildDSN(dbConfig)
+	dsn, err := secrets.BuildDSN(dbConfig)
 	if err != nil {
 		log.Fatalf("inventory dsn: %v", err)
 	}

cmd/migrate/main.go

@@ -26,7 +26,7 @@ func main() {
 
 	// Load database configuration
 	dbConfig := secretHelper.LoadDatabaseConfig()
-	databaseURL, err := secretHelper.BuildDSN(dbConfig)
+	databaseURL, err := secrets.BuildDSN(dbConfig)
 	if err != nil {
 		log.Fatalf("migrate dsn: %v", err)
 	}

pkg/retry/retry.go

@@ -17,16 +17,30 @@ type Config struct {
 	MaxAttempts     int
 }
 
+const (
+	defaultMultiplier      = 1.5
+	defaultInitialInterval = 500 * time.Millisecond
+	defaultMaxInterval     = 30 * time.Second
+	minMultiplier          = 0.1
+	minInterval            = 10 * time.Millisecond
+)
+
 func (c *Config) backoff() backoff.BackOff {
 	bo := backoff.NewExponentialBackOff()
-	if c.InitialInterval > 0 {
+	if c.InitialInterval >= minInterval {
 		bo.InitialInterval = c.InitialInterval
+	} else {
+		bo.InitialInterval = defaultInitialInterval
 	}
-	if c.MaxInterval > 0 {
+	if c.MaxInterval >= minInterval {
 		bo.MaxInterval = c.MaxInterval
+	} else {
+		bo.MaxInterval = defaultMaxInterval
 	}
-	if c.Multiplier > 0 {
+	if c.Multiplier >= minMultiplier {
 		bo.Multiplier = c.Multiplier
+	} else {
+		bo.Multiplier = defaultMultiplier
 	}
 	if c.MaxElapsedTime > 0 {
 		bo.MaxElapsedTime = c.MaxElapsedTime

pkg/secrets/azure.go

@@ -73,7 +73,7 @@ func createAzureCredential(cfg Config) (azcore.TokenCredential, error) {
 
 // GetSecret retrieves a secret from Azure Key Vault
 func (m *AzureManager) GetSecret(ctx context.Context, key string) (string, error) {
-	secretName := m.normalizeSecretName(key)
+	secretName := normalizeSecretName(key)
 
 	// Get the latest version of the secret
 	resp, err := m.client.GetSecret(ctx, secretName, emptyString, nil)
@@ -105,7 +105,7 @@ func (m *AzureManager) GetSecrets(ctx context.Context, keys []string) (map[strin
 
 // SetSecret stores a secret in Azure Key Vault
 func (m *AzureManager) SetSecret(ctx context.Context, key, value string) error {
-	secretName := m.normalizeSecretName(key)
+	secretName := normalizeSecretName(key)
 
 	parameters := azsecrets.SetSecretParameters{
 		Value: &value,
@@ -121,7 +121,7 @@ func (m *AzureManager) SetSecret(ctx context.Context, key, value string) error {
 
 // normalizeSecretName ensures the secret name follows Azure Key Vault naming rules
 // Secret names can only contain alphanumeric characters and dashes
-func (m *AzureManager) normalizeSecretName(name string) string {
+func normalizeSecretName(name string) string {
 	// Replace invalid characters with dashes
 	normalized := strings.Map(func(r rune) rune {
 		if (r >= 'a' && r <= 'z') || (r >= 'A' && r <= 'Z') || (r >= '0' && r <= '9') || r == dashRune {

pkg/secrets/helper.go

@@ -129,7 +129,7 @@ func (h *Helper) LoadAPIKeys() map[string]string {
 }
 
 // BuildDSN builds a database connection string from secret values
-func (h *Helper) BuildDSN(dbConfig map[string]string) (string, error) {
+func BuildDSN(dbConfig map[string]string) (string, error) {
 	password, ok := dbConfig["POSTGRES_PASSWORD"]
 	if !ok || password == "" {
 		return "", fmt.Errorf("POSTGRES_PASSWORD is required")

pkg/secrets/vault.go

@@ -169,7 +169,7 @@ func (m *VaultManager) GetSecrets(ctx context.Context, keys []string) (map[strin
 }
 
 // SetSecret stores a secret in Vault
-func (m *VaultManager) SetSecret(ctx context.Context, key, value string) error {
+func (m *VaultManager) SetSecret(_ context.Context, key, value string) error {
 	secretPath := m.buildSecretPath(key)
 
 	data := map[string]interface{}{