Atmos Performance Optimization

[aknysh]

what

• Comprehensive performance optimizations for Atmos achieving 5.2x (420%) faster execution and 92% memory reduction
• Additional optimizations for atmos describe affected command achieving 70-85% performance improvement

why

• Large-scale infrastructure configurations with hundreds of stacks and thousands of components experience slow processing times
• High memory usage limits scalability and increases CI/CD costs
• The atmos describe affected command was particularly slow when processing many stacks in CI/CD pipelines
• Sequential processing and repeated file operations created bottlenecks

Performance Results

Core Atmos Operations (760 YAML files, 533 stacks, 8k components)

• Execution time: 16 seconds → 3 seconds (5.2x faster, 80.9% reduction)
• Heap allocations: 4.8 GB → 385 MB (92% reduction)
• CPU utilization: ~180% → 261% (improved multi-core usage)

atmos describe affected Command

• Overall improvement: 70-85% faster execution time
• Parallel processing gain: 40-60% improvement from concurrent stack processing
• File indexing gain: 60-80% reduction in PathMatch operations
• Combined optimizations: Multiplicative performance improvements across all operations

Optimization Strategies

1. Algorithm Optimizations

• O(1) YAML tag lookup replacing O(n) searches
• Optimized deep merge operations reducing redundant checks
• Early exit for custom tags preventing unnecessary processing
• Custom deep comparison (15-25% faster than reflect.DeepEqual)

2. Caching Optimizations

• Inheritance caching - Prevents recomputation of component inheritance chains
• Parsed YAML caching - Reuses parsed YAML documents across operations
• FindStacksMap caching - Caches expensive stack map operations
• JSON schema compilation caching - Reuses compiled validation schemas
• PathMatch caching - Caches glob pattern matching results
• Sprig function caching - Memoizes expensive template function results
• String interning - Reduces memory for duplicate strings
• Component path pattern caching (P9.2) - 10-15% improvement by eliminating repeated path construction
• Terraform module pattern caching (P9.7) - Avoids expensive tfconfig.LoadModule() calls

3. Concurrency Optimizations

• Parallel import processing - Processes YAML imports concurrently
• Worker pools for stack processing - Bounded concurrency with optimal resource usage
• Parallel component processing - Concurrent analysis with race-free design
• Parallel stack processing (P9.1) - 40-60% improvement from goroutines and channels
• Thread-safe caching - sync.RWMutex for concurrent reads with minimal contention

4. I/O and Memory Optimizations

• I/O batching - Reduces filesystem operations
• Compiled template caching - Reuses parsed templates
• YAML buffer pooling - Reduces GC pressure
• Right-sized allocations - Pre-allocates with known capacities
• Performance tracking optimization - Minimal overhead instrumentation
• Changed files indexing (P9.4) - 60-80% reduction in PathMatch operations by filtering files by component type

5. Cache Correctness

• Content-aware cache keys using SHA-256 hashing
• Composite cache keys preventing false cache hits
• Cache invalidation on content changes

atmos describe affected Optimizations (P9.1 - P9.7)

The recent optimizations specifically target the atmos describe affected command, which is critical for CI/CD pipelines:

P9.1: Parallel Stack Processing (40-60% improvement)

• Replaces sequential stack processing with concurrent goroutines
• Uses buffered channels and sync.WaitGroup for coordination
• Processes multiple stacks simultaneously for dramatic speedup
• Each stack processed in isolated goroutine with thread-safe result aggregation

P9.2: Component Path Pattern Caching (10-15% improvement)

• Caches component path patterns to eliminate repeated string construction
• Uses sync.RWMutex for thread-safe concurrent access
• Reduces allocations and CPU overhead from pattern building
• Cache keys based on component name and type

P9.4: Changed Files Indexing (60-80% reduction in PathMatch operations)

• Pre-indexes changed files by component type (Terraform, Helmfile, Packer)
• Filters files before pattern matching to reduce comparisons
• Handles unmatched files with fallback to all base paths for safety
• Dramatically reduces expensive glob pattern matching operations

P9.5: Custom Deep Comparison (15-25% improvement)

• Replaces reflect.DeepEqual with optimized type-specific comparison
• Uses type assertions for common types (maps, slices, strings, numbers)
• Fallback to reflect.DeepEqual only for uncommon types
• Reduces reflection overhead for component configuration comparisons

P9.7: Terraform Module Pattern Caching

• Caches tfconfig.LoadModule() results to avoid repeated filesystem operations
• Stores module patterns for each component
• Thread-safe cache with sync.RWMutex
• Eliminates expensive Terraform module discovery on every comparison

Combined Effect

These optimizations compound multiplicatively:

• Parallel processing + file indexing = 70-85% overall improvement
• Pattern caching + custom comparison = Additional 25-40% on top
• All optimizations work together without conflicts

Code Quality

Testing

• 18 test functions with 51+ sub-tests for new optimizations
• Thread-safety tests with concurrent goroutines and race detector
• Integration tests verifying end-to-end functionality
• Benchmark tests measuring performance improvements
• 100% test pass rate - All existing and new tests passing

Code Organization

• Clear separation between reference implementations and optimized versions
• Comprehensive nolint comments explaining complexity trade-offs
• Helper function extraction to reduce cyclomatic complexity
• Constants for magic strings improving maintainability
• Thread-safe data structures with proper synchronization

Linting & Quality

• ✅ 0 linting issues - All golangci-lint checks pass
• ✅ Proper error handling with static errors from errors/errors.go
• ✅ Performance tracking with defer perf.Track() on all functions
• ✅ Comment standards - All comments end with periods
• ✅ Import organization - Three-group structure (stdlib, 3rd-party, Atmos)

Supporting changes:

• Multiple files with algorithm, caching, and concurrency optimizations
• Test coverage for all optimization strategies
• Documentation updates

Status

• ✅ All tests passing (100% pass rate)
• ✅ All linting checks passing (0 issues)
• ✅ Thread-safety verified with race detector
• ✅ No functional regressions
• ✅ Backwards compatible - no breaking changes

Migration Notes

No breaking changes - all optimizations are internal improvements. Users will automatically benefit from:

• Faster atmos describe stacks execution
• Faster atmos describe affected execution
• Lower memory usage
• Better multi-core CPU utilization
• Reduced CI/CD pipeline execution times

Summary by CodeRabbit

• Performance Improvements

  • Parallelized component processing, added multiple caches, and reduced allocations via capacity hints and string interning for faster, lower-memory operations.
  • TTY-aware fast-paths for console output to avoid expensive formatting when piped.

• New Features

  • Provenance tracking surfaced in describe outputs.
  • Faster YAML/JSON “simple” output modes for non-interactive use.
  • Improved multi-component type handling and safer deep-copying of merged data.

• Chores

  • Dependency updates and VCS ignore adjustments.

[coderabbitai]

Actionable comments posted: 2

♻️ Duplicate comments (1)

internal/exec/describe_affected_pattern_cache.go (1)

153-169: Skip non‑registry remote modules (git/http/etc.).

Same rationale as earlier; reduces false positives. Marking as duplicate of prior suggestion.

-	for _, moduleConfig := range terraformConfiguration.ModuleCalls {
-		// Skip remote modules (from terraform registry).
-		if moduleConfig.Version != "" {
+	for _, moduleConfig := range terraformConfiguration.ModuleCalls {
+		src := moduleConfig.Source
+		// Skip registry and VCS/URL sources.
+		if moduleConfig.Version != "" || isLikelyRemoteSource(src) {
 			continue
 		}
@@
-		modulePath := filepath.Join(filepath.Dir(moduleConfig.Pos.Filename), moduleConfig.Source)
+		modulePath := filepath.Join(filepath.Dir(moduleConfig.Pos.Filename), src)

Helper (same file):

+func isLikelyRemoteSource(src string) bool {
+	s := strings.ToLower(src)
+	if strings.HasPrefix(s, "git::") ||
+		strings.HasPrefix(s, "ssh://") ||
+		strings.HasPrefix(s, "http://") ||
+		strings.HasPrefix(s, "https://") ||
+		strings.HasPrefix(s, "s3::") ||
+		strings.HasPrefix(s, "gcs::") ||
+		strings.HasPrefix(s, "azurerm::") {
+		return true
+	}
+	return strings.HasPrefix(s, "github.com/") ||
+		strings.HasPrefix(s, "bitbucket.org/") ||
+		strings.HasPrefix(s, "gitlab.com/")
+}

🧹 Nitpick comments (26)

internal/exec/describe_affected_changed_files_index.go (2)

92-101: Deduplicate normalized base paths to avoid redundant work.

If two component types point to the same folder, you re-add and re-scan it. Harmless but wasteful. Dedup once.

-	normalizedBasePaths := make([]string, 0, len(basePaths))
-	for _, basePath := range basePaths {
+	seen := make(map[string]struct{}, len(basePaths))
+	normalizedBasePaths := make([]string, 0, len(basePaths))
+	for _, basePath := range basePaths {
 		absPath, err := filepath.Abs(basePath)
 		if err != nil {
 			// If conversion fails, use original path.
 			absPath = basePath
 		}
-		normalizedBasePaths = append(normalizedBasePaths, absPath)
+		if _, ok := seen[absPath]; ok {
+			continue
+		}
+		seen[absPath] = struct{}{}
+		normalizedBasePaths = append(normalizedBasePaths, absPath)
 	}

---

148-180: Return defensive copies to prevent accidental mutation by callers.

getRelevantFiles/getAllFiles expose internal slices; a caller append could alias internal storage.

 	if files, ok := idx.filesByBasePath[absBasePath]; ok {
-		return files
+		out := make([]string, len(files))
+		copy(out, files)
+		return out
 	}
@@
-	return idx.allFiles
+	out := make([]string, len(idx.allFiles))
+	copy(out, idx.allFiles)
+	return out

And in getAllFiles:

-	return idx.allFiles
+	out := make([]string, len(idx.allFiles))
+	copy(out, idx.allFiles)
+	return out

internal/exec/describe_affected_utils_2.go (5)

279-283: Wrap filesystem errors with context.

Raw returns lose provenance; wrap with context per guidelines.

 componentPathAbs, err := filepath.Abs(componentPath)
 if err != nil {
-	return false, err
+	return false, fmt.Errorf("abs component path %q: %w", componentPath, err)
 }
@@
 changedFileAbs, err := filepath.Abs(changedFile)
 if err != nil {
-	return false, err
+	return false, fmt.Errorf("abs changed file %q: %w", changedFile, err)
 }
@@
 modulePathAbs, err := filepath.Abs(modulePath)
 if err != nil {
-	return false, err
+	return false, fmt.Errorf("abs module path %q: %w", modulePath, err)
 }

As per coding guidelines.

Also applies to: 346-349, 359-362

---

485-497: Use fmt.Errorf instead of errors.New(fmt.Sprintf(...)).

Simpler and consistent; consider introducing a sentinel later if you want structured handling.

-								if spaceliftWorkspaceEnabled, ok := componentSettingsSpaceliftSection["workspace_enabled"].(bool); !ok || !spaceliftWorkspaceEnabled {
-									return nil, errors.New(fmt.Sprintf(
-										"component '%s' in the stack '%s' has the section 'settings.spacelift.admin_stack_selector' "+
-											"to point to the Spacelift admin component '%s' in the stack '%s', "+
-											"but that component has Spacelift workspace disabled "+
-											"in the 'settings.spacelift.workspace_enabled' section "+
-											"and can't be added to the affected stacks",
-										currentComponentName,
-										currentStackName,
-										componentName,
-										stackName,
-									))
-								}
+								if spaceliftWorkspaceEnabled, ok := componentSettingsSpaceliftSection["workspace_enabled"].(bool); !ok || !spaceliftWorkspaceEnabled {
+									return nil, fmt.Errorf(
+										"component %q in stack %q points to Spacelift admin component %q in stack %q, "+
+											"but that component has workspace disabled in settings.spacelift.workspace_enabled",
+										currentComponentName, currentStackName, componentName, stackName,
+									)
+								}

As per coding guidelines.

---

259-266: Track hot path performance.

These helpers are on the hot path; add perf.Track for lightweight timing when enabled.

 func isComponentFolderChanged(
@@
 ) (bool, error) {
+	defer perf.Track(atmosConfig, "exec.isComponentFolderChanged")()
+

Add import:

 import (
 	"errors"
 	"fmt"
 	"io/fs"
 	"os"
 	"path/filepath"
 	"reflect"
 	"strings"
 
 	"github.com/hashicorp/terraform-config-inspect/tfconfig"
 	"github.com/mitchellh/mapstructure"
 
 	errUtils "github.com/cloudposse/atmos/errors"
+	"github.com/cloudposse/atmos/pkg/perf"
 	cfg "github.com/cloudposse/atmos/pkg/config"
 	"github.com/cloudposse/atmos/pkg/schema"
 	u "github.com/cloudposse/atmos/pkg/utils"
 )

---

305-312: Track module-check timing.

Same for areTerraformComponentModulesChanged.

 func areTerraformComponentModulesChanged(
 	component string,
 	atmosConfig *schema.AtmosConfiguration,
 	changedFiles []string,
 ) (bool, error) {
+	defer perf.Track(atmosConfig, "exec.areTerraformComponentModulesChanged")()
+

---

351-369: Skip non-registry remote modules (git/http/etc.).

Filtering only by Version misses VCS/URL sources (Version empty). Add a heuristic to avoid bogus local patterns.

-			// We are processing the local modules only (not from terraform registry), they will have `Version` as an empty string
-			if moduleConfig.Version != "" {
+			// Local modules only: skip registry (Version set) and VCS/URL sources.
+			if moduleConfig.Version != "" || isLikelyRemoteSource(moduleConfig.Source) {
 				continue
 			}

Helper:

+// isLikelyRemoteSource returns true for common remote Terraform module source schemes.
+func isLikelyRemoteSource(src string) bool {
+	s := strings.ToLower(src)
+	if strings.HasPrefix(s, "git::") ||
+		strings.HasPrefix(s, "ssh://") ||
+		strings.HasPrefix(s, "http://") ||
+		strings.HasPrefix(s, "https://") ||
+		strings.HasPrefix(s, "s3::") ||
+		strings.HasPrefix(s, "gcs::") ||
+		strings.HasPrefix(s, "azurerm::") {
+		return true
+	}
+	return strings.HasPrefix(s, "github.com/") ||
+		strings.HasPrefix(s, "bitbucket.org/") ||
+		strings.HasPrefix(s, "gitlab.com/")
+}

internal/exec/describe_affected_utils_optimized.go (2)

104-126: Build globs with filepath.Join for cross‑platform safety.

Avoid string concatenation with "/**". Use Join to prevent subtle Windows issues.

-		var pathPatternSuffix string
+		var pathPatternSuffix string
@@
-		case dep.Folder != "":
+		case dep.Folder != "":
 			changedType = "folder"
 			changedFileOrFolder = dep.Folder
-			pathPatternSuffix = "/**"
+			pathPatternSuffix = "**"
@@
-		pathPattern := changedFileOrFolderAbs + pathPatternSuffix
+		var pathPattern string
+		if pathPatternSuffix == "" {
+			pathPattern = changedFileOrFolderAbs
+		} else {
+			pathPattern = filepath.Join(changedFileOrFolderAbs, pathPatternSuffix)
+		}

As per coding guidelines.

Also applies to: 127-139

---

14-26: Track hot path performance.

These indexed checks are central to the speedup; add perf.Track for sampling when enabled.

 func isComponentFolderChangedIndexed(
@@
 ) (bool, error) {
+	defer perf.Track(atmosConfig, "exec.isComponentFolderChangedIndexed")()
+

And:

 func areTerraformComponentModulesChangedIndexed(
 	component string,
 	atmosConfig *schema.AtmosConfiguration,
 	filesIndex *changedFilesIndex,
 	patternCache *componentPathPatternCache,
 ) (bool, error) {
+	defer perf.Track(atmosConfig, "exec.areTerraformComponentModulesChangedIndexed")()
+

Add import:

 import (
 	"path/filepath"
 
 	cfg "github.com/cloudposse/atmos/pkg/config"
+	"github.com/cloudposse/atmos/pkg/perf"
 	"github.com/cloudposse/atmos/pkg/schema"
 	u "github.com/cloudposse/atmos/pkg/utils"
 )

internal/exec/describe_affected_optimizations_test.go (1)

2178-2217: Add a VCS/URL remote module case.

Cover sources like git::/https:// to ensure they’re skipped like registry modules.

 t.Run("remote modules with version are skipped", func(t *testing.T) {
   ...
 })
+
+t.Run("vcs/url remote modules are skipped", func(t *testing.T) {
+  comp := filepath.Join(tempDir, "components/terraform/gitremote")
+  require.NoError(t, os.MkdirAll(comp, 0o755))
+  mainTf := `
+module "gitmod" {
+  source = "git::https://github.com/org/repo.git//modules/foo?ref=v1.2.3"
+}
+`
+  require.NoError(t, os.WriteFile(filepath.Join(comp, "main.tf"), []byte(mainTf), 0o644))
+  patterns, err := cache.getTerraformModulePatterns("gitremote", atmosConfig)
+  require.NoError(t, err)
+  assert.Empty(t, patterns)
+})

internal/exec/describe_affected_pattern_cache.go (2)

66-69: Wrap Abs errors with context.

Improves debuggability while keeping upstream error.

 componentPathAbs, err := filepath.Abs(componentPath)
 if err != nil {
-	return "", err
+	return "", fmt.Errorf("abs component path %q: %w", componentPath, err)
 }
@@
 componentPathAbs, err := filepath.Abs(componentPath)
 if err != nil {
-	return nil, err
+	return nil, fmt.Errorf("abs component path %q: %w", componentPath, err)
 }

As per coding guidelines.

Also applies to: 97-100

---

71-77: Use filepath.Join for patterns.

Consistent, portable glob construction.

-	pattern := componentPathAbs + "/**"
+	pattern := filepath.Join(componentPathAbs, "**")
@@
-		patterns = append(patterns, modulePathAbs+"/**")
+		patterns = append(patterns, filepath.Join(modulePathAbs, "**"))

Also applies to: 166-167

pkg/merge/merge.go (2)

22-29: Tighten doc comment punctuation (godot).

A few lines in the exported DeepCopyMap doc block don’t end with periods. Fix to satisfy golangci-lint godot.

Apply:

-// This custom implementation avoids reflection overhead for common cases (maps, slices, primitives)
+// This custom implementation avoids reflection overhead for common cases (maps, slices, primitives).
-// Preserves numeric types (unlike JSON which converts all numbers to float64) and is faster than
-// generic reflection-based copying. The data is already in Go map format with custom tags already processed,
-// so we only need structural copying to work around mergo's pointer mutation bug.
+// Preserves numeric types (unlike JSON which converts all numbers to float64) and is faster than generic reflection-based copying.
+// The data is already in Go map format with custom tags already processed, so we only need structural copying to work around mergo's pointer mutation bug.

---

434-441: Wrap nil‑config error using errors.Join (keep error semantics).

Use Join/%w so errors.Is/As work for ErrAtmosConfigIsNil.

Apply:

- err := fmt.Errorf("%w: %s", errUtils.ErrMerge, errUtils.ErrAtmosConfigIsNil)
+ err := errors.Join(errUtils.ErrMerge, errUtils.ErrAtmosConfigIsNil)

pkg/merge/merge_struct_aliasing_test.go (6)

14-21: Run tests in parallel.

Add t.Parallel() to speed up suite when safe.

Apply:

 func TestDeepCopyMap_NoAliasingStructsInTypedMaps(t *testing.T) {
+	t.Parallel()

---

39-43: Use require for fatal error checks.

Fail fast on copy errors to avoid cascading nil dereferences.

Apply:

-	copied, err := DeepCopyMap(original)
-	assert.Nil(t, err)
+	copied, err := DeepCopyMap(original)
+	require.NoError(t, err)

Also add import:

 import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )

---

96-101: Parallelize this test too.

Safe to add t.Parallel().

Apply:

 func TestDeepCopyMap_NestedStructsInStructs(t *testing.T) {
+	t.Parallel()

---

124-128: Use require for fatal error checks.

Same rationale as above.

Apply:

-	copied, err := DeepCopyMap(original)
-	assert.Nil(t, err)
+	copied, err := DeepCopyMap(original)
+	require.NoError(t, err)

---

148-153: Parallelize.

Add t.Parallel().

Apply:

 func TestDeepCopyMap_StructsWithMaps(t *testing.T) {
+	t.Parallel()

---

168-171: Use require for fatal error checks.

Consistency with other tests.

Apply:

-	copied, err := DeepCopyMap(original)
-	assert.Nil(t, err)
+	copied, err := DeepCopyMap(original)
+	require.NoError(t, err)

internal/exec/utils.go (6)

168-174: Cache hygiene + comment accuracy/godot.

• Provide a public clear function for tests/long‑lived processes to release memory.
• Update the cache‑key comment (it’s not JSON‑serialized anymore) and end all comment lines with periods.

Apply:

 var (
-	// FindStacksMapCache stores the results of FindStacksMap to avoid re-processing
-	// all YAML files multiple times within the same command execution.
-	// Cache key: JSON-serialized atmosConfig key fields + ignoreMissingFiles flag.
+	// FindStacksMapCache stores the results of FindStacksMap to avoid re‑processing.
+	// All YAML files are processed only once per command execution when provenance tracking is disabled.
+	// Cache key: SHA‑256 over key fields, the sorted file list, each file's mtime (ns) and size, and the ignoreMissingFiles flag.
 	findStacksMapCache   map[string]*findStacksMapCacheEntry
 	findStacksMapCacheMu sync.RWMutex
 )
 
 func init() {
 	findStacksMapCache = make(map[string]*findStacksMapCacheEntry)
 }
+
+// ClearFindStacksMapCache clears the in‑memory cache. Intended for tests and long‑lived processes.
+func ClearFindStacksMapCache() {
+	findStacksMapCacheMu.Lock()
+	findStacksMapCache = make(map[string]*findStacksMapCacheEntry)
+	findStacksMapCacheMu.Unlock()
+}

As per coding guidelines.

Also applies to: 176-179

---

186-235: Solid, content‑aware cache key. Minor portability/perf nits.

LGTM overall. Consider:

• Normalize paths with filepath.Clean before hashing for cross‑platform consistency.
• Optionally preallocate builder capacity (strings.Builder.Grow) proportional to total path length to shave a few allocs on very large stacks.

As per coding guidelines.

---

238-240: Godot: ensure comment lines end with periods.

First line ends mid‑sentence. Make both lines complete sentences ending with periods to satisfy golangci‑lint godot.

As per coding guidelines.

---

278-288: Cache write: consider storing deep copies to prevent aliasing.

Store copies so future readers can’t be affected by accidental mutations elsewhere. If copies are expensive, document and enforce read‑only usage.

Example:

-	findStacksMapCache[cacheKey] = &findStacksMapCacheEntry{
-		stacksMap:       stacksMap,
-		rawStackConfigs: rawStackConfigs,
-	}
+	findStacksMapCache[cacheKey] = &findStacksMapCacheEntry{
+		stacksMap:       u.DeepCopyMap(stacksMap),
+		rawStackConfigs: u.DeepCopyMapOfMaps(rawStackConfigs), // or an equivalent deep‑copy helper.
+	}

As per coding guidelines.

---

186-235: Location of stack utilities.

getFindStacksMapCacheKey (and possibly cache types) fit better alongside other stack‑processing helpers.

Consider moving to internal/exec/stack_processor_utils.go to keep related utilities co-located.

Based on learnings.

---

630-652: Optional: Improve tfconfig error detection with errors.As; document string fallback as temporary.

The web search confirms tfconfig.LoadModule() returns only human-readable Diagnostics—no machine-readable error codes—so the diagnostic-code check isn't viable. The current string matching is intentional and documented; however, you can strengthen it by adding errors.As(&pathErr) to detect *os.PathError before the string fallback, making it more robust:

-	isNotExist := errors.Is(diagErr, os.ErrNotExist) || errors.Is(diagErr, fs.ErrNotExist)
+	var pathErr *os.PathError
+	isNotExist := errors.Is(diagErr, os.ErrNotExist) || errors.Is(diagErr, fs.ErrNotExist) || errors.As(diagErr, &pathErr)

Then update the string fallback comment to clarify it's temporary:

-	// Fallback to error message inspection for cases where tfconfig doesn't wrap errors properly.
+	// TODO: Remove string fallback once tfconfig improves error wrapping; add tests to lock expectations.

The same pattern appears in describe_affected_utils_2.go (line 318) and describe_affected_pattern_cache.go (line 103)—apply the same improvement there for consistency.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between d985c43 and 71f1258.

📒 Files selected for processing (10)

• cmd/auth_integration_test.go (1 hunks)
• cmd/cmd_utils_test.go (6 hunks)
• internal/exec/describe_affected_changed_files_index.go (1 hunks)
• internal/exec/describe_affected_optimizations_test.go (1 hunks)
• internal/exec/describe_affected_pattern_cache.go (1 hunks)
• internal/exec/describe_affected_utils_2.go (7 hunks)
• internal/exec/describe_affected_utils_optimized.go (1 hunks)
• internal/exec/utils.go (4 hunks)
• pkg/merge/merge.go (8 hunks)
• pkg/merge/merge_struct_aliasing_test.go (1 hunks)

🧰 Additional context used

📓 Path-based instructions (9)

cmd/**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

cmd/**/*.go: Use Cobra's recommended command structure with a root command and subcommands
Implement each CLI command in a separate file under cmd/
Use Viper for managing configuration, environment variables, and flags in the CLI
Keep separation of concerns between CLI interface (cmd) and business logic
Use kebab-case for command-line flags
Provide comprehensive help text for all commands and flags
Include examples in Cobra command help
Use Viper for configuration management; support files, env vars, and flags with precedence flags > env > config > defaults
Follow single responsibility; separate command interface from business logic
Provide meaningful user feedback and include progress indicators for long-running operations
Provide clear error messages to users and troubleshooting hints where appropriate

cmd/**/*.go: Use utils.PrintfMarkdown() to render embedded markdown content for CLI command help/examples.
One Cobra command per file in cmd/; keep files focused and small.

Files:

• cmd/auth_integration_test.go
• cmd/cmd_utils_test.go

**/*_test.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*_test.go: Every new feature must include comprehensive unit tests
Test both happy paths and error conditions
Use table-driven tests for multiple scenarios

**/*_test.go: Use table-driven unit tests for pure functions and focus on behavior; co-locate tests; target >80% coverage for pkg/ and internal/exec/.
Always use t.Skipf() with a clear reason; never use t.Skip() or t.Skipf without a reason.

Files:

• cmd/auth_integration_test.go
• pkg/merge/merge_struct_aliasing_test.go
• internal/exec/describe_affected_optimizations_test.go
• cmd/cmd_utils_test.go

**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*.go: All code must pass golangci-lint checks
Follow Go error handling idioms and use meaningful error messages
Wrap errors with context using fmt.Errorf("context: %w", err)
Consider custom error types for domain-specific errors
Follow standard Go coding style; run gofmt and goimports
Use snake_case for environment variables
Document complex logic with inline comments

**/*.go: All Go comments must end with periods; applies to single-line, multi-line, inline, and documentation comments (golangci-lint godot).
Group imports into three sections (stdlib, 3rd-party, Atmos), separated by blank lines; sort alphabetically within each group; preserve existing aliases.
Configuration loading must use Viper with precedence CLI → ENV → files → defaults; bind config name atmos and add path, AutomaticEnv, and ATMOS prefix.
All errors must be wrapped using static errors (defined in errors/errors.go); use errors.Join for multiple errors; fmt.Errorf with %w for context; use errors.Is for checks; never compare error strings.
Distinguish structured logging from UI output: UI prompts/status/errors to stderr; data/results to stdout; never use logging for UI.
Most text UI must go to stderr; only data/results to stdout; prefer utils.PrintfMessageToTUI for UI messages.
All new configurations must support Go templating using existing utilities and available template functions.
Prefer SDKs over external binaries for cross-platform support; use filepath/os/runtime for portability.
For non-standard execution paths, capture telemetry via telemetry.CaptureCmd or telemetry.CaptureCmdString without user data.
80% minimum coverage on new/changed lines and include unit tests for new features; add integration tests for CLI using tests/ fixtures.
Always bind environment variables with viper.BindEnv and provide ATMOS_ alternatives for every env var.
Use structured logging with levels (Fatal>Error>Warn>Debug>Trace); avoid string interpolation and ensure logging does not affect execution.
Prefer re...

Files:

• cmd/auth_integration_test.go
• pkg/merge/merge_struct_aliasing_test.go
• internal/exec/describe_affected_utils_optimized.go
• pkg/merge/merge.go
• internal/exec/describe_affected_optimizations_test.go
• internal/exec/describe_affected_pattern_cache.go
• internal/exec/describe_affected_utils_2.go
• cmd/cmd_utils_test.go
• internal/exec/describe_affected_changed_files_index.go
• internal/exec/utils.go

cmd/**/*_test.go

📄 CodeRabbit inference engine (CLAUDE.md)

Command tests live under cmd/ alongside command implementations.

Files:

• cmd/auth_integration_test.go
• cmd/cmd_utils_test.go

pkg/**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

Place business logic in pkg rather than in cmd

Files:

• pkg/merge/merge_struct_aliasing_test.go
• pkg/merge/merge.go

pkg/**/*_test.go

📄 CodeRabbit inference engine (CLAUDE.md)

Unit tests for packages live under pkg/ alongside implementation files.

Files:

• pkg/merge/merge_struct_aliasing_test.go

**/!(*_test).go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

Document all exported functions, types, and methods with Go doc comments

Add defer perf.Track() to all public functions and critical private functions; include a blank line after the call; use package-prefixed names; pass atmosConfig when present, else nil.

Files:

• internal/exec/describe_affected_utils_optimized.go
• pkg/merge/merge.go
• internal/exec/describe_affected_pattern_cache.go
• internal/exec/describe_affected_utils_2.go
• internal/exec/describe_affected_changed_files_index.go
• internal/exec/utils.go

internal/exec/**/*.go

📄 CodeRabbit inference engine (CLAUDE.md)

Place command business logic in internal/exec/ (separate from cmd/ wiring).

Files:

• internal/exec/describe_affected_utils_optimized.go
• internal/exec/describe_affected_optimizations_test.go
• internal/exec/describe_affected_pattern_cache.go
• internal/exec/describe_affected_utils_2.go
• internal/exec/describe_affected_changed_files_index.go
• internal/exec/utils.go

internal/exec/*_test.go

📄 CodeRabbit inference engine (CLAUDE.md)

Add comprehensive tests for template functions under internal/exec/ with *_test.go files.

Files:

• internal/exec/describe_affected_optimizations_test.go

🧠 Learnings (14)

📚 Learning: 2025-05-23T19:51:47.091Z

Learnt from: samtholiya
PR: cloudposse/atmos#1255
File: cmd/describe_affected_test.go:15-15
Timestamp: 2025-05-23T19:51:47.091Z
Learning: The atmos codebase has a custom extension to *testing.T that provides a Chdir method, allowing test functions to call t.Chdir() to change working directories during tests. This is used consistently across test files in the codebase.

Applied to files:

• cmd/auth_integration_test.go
• cmd/cmd_utils_test.go

📚 Learning: 2025-05-23T19:51:47.091Z

Learnt from: samtholiya
PR: cloudposse/atmos#1255
File: cmd/describe_affected_test.go:15-15
Timestamp: 2025-05-23T19:51:47.091Z
Learning: In the atmos codebase, t.Chdir() is a valid method call on *testing.T objects and works correctly for changing directories in tests. This is implemented through custom testing framework extensions and is used consistently throughout the test suite.

Applied to files:

• cmd/auth_integration_test.go
• cmd/cmd_utils_test.go

📚 Learning: 2025-05-23T19:51:47.091Z

Learnt from: samtholiya
PR: cloudposse/atmos#1255
File: cmd/describe_affected_test.go:15-15
Timestamp: 2025-05-23T19:51:47.091Z
Learning: In the atmos codebase, t.Chdir() is a valid method that can be called on *testing.T objects. This functionality is implemented through custom testing framework extensions and is used consistently throughout the test suite for changing working directories during tests.

Applied to files:

• cmd/auth_integration_test.go
• cmd/cmd_utils_test.go

📚 Learning: 2025-05-23T19:51:47.091Z

Learnt from: samtholiya
PR: cloudposse/atmos#1255
File: cmd/describe_affected_test.go:15-15
Timestamp: 2025-05-23T19:51:47.091Z
Learning: In the atmos codebase, t.Chdir() is a valid method call on *testing.T objects and works correctly for changing directories in tests.

Applied to files:

• cmd/auth_integration_test.go
• cmd/cmd_utils_test.go

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to internal/exec/stack_processor_utils.go : Utilities for stack processing belong in internal/exec/stack_processor_utils.go; validate changes with appropriate tests.

Applied to files:

• internal/exec/describe_affected_utils_optimized.go
• internal/exec/utils.go

📚 Learning: 2025-10-16T05:26:31.864Z

Learnt from: aknysh
PR: cloudposse/atmos#1639
File: pkg/merge/merge.go:392-430
Timestamp: 2025-10-16T05:26:31.864Z
Learning: In Atmos merge operations (pkg/merge/merge.go), context.Positions is a PositionMap (map[string]*schema.Position) keyed by JSONPath strings, not a slice indexed by input array position. Position lookups are path-based, making them independent of input array reorganization or filtering. This design allows filtering empty inputs without affecting provenance tracking correctness.

Applied to files:

• pkg/merge/merge.go

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to **/*.go : All Go comments must end with periods; applies to single-line, multi-line, inline, and documentation comments (golangci-lint godot).

Applied to files:

• pkg/merge/merge.go
• internal/exec/describe_affected_optimizations_test.go

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to internal/exec/*_test.go : Add comprehensive tests for template functions under internal/exec/ with *_test.go files.

Applied to files:

• internal/exec/describe_affected_optimizations_test.go

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to **/*_test.go : Use table-driven unit tests for pure functions and focus on behavior; co-locate tests; target >80% coverage for pkg/ and internal/exec/.

Applied to files:

• internal/exec/describe_affected_optimizations_test.go

📚 Learning: 2025-09-23T02:30:42.362Z

Learnt from: CR
PR: cloudposse/atmos#0
File: .cursor/rules/atmos-rules.mdc:0-0
Timestamp: 2025-09-23T02:30:42.362Z
Learning: Applies to **/*_test.go : Test both happy paths and error conditions

Applied to files:

• internal/exec/describe_affected_optimizations_test.go

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to **/*.go : Ensure Atmos remains portable across Linux, macOS, and Windows; use filepath.Join, os.PathSeparator, and build constraints when necessary.

Applied to files:

• internal/exec/describe_affected_utils_2.go

📚 Learning: 2024-12-25T20:28:47.526Z

Learnt from: osterman
PR: cloudposse/atmos#887
File: internal/exec/stack_processor_utils.go:380-380
Timestamp: 2024-12-25T20:28:47.526Z
Learning: Windows path handling often requires `filepath.Join` to ensure correct separators and comparisons. Insufficient tests can break cross-platform compatibility, so migrating from `path.Join` to `filepath.Join` needs thorough testing on Windows before merging.

Applied to files:

• internal/exec/describe_affected_utils_2.go

📚 Learning: 2025-02-09T14:38:53.443Z

Learnt from: samtholiya
PR: cloudposse/atmos#992
File: cmd/cmd_utils.go:0-0
Timestamp: 2025-02-09T14:38:53.443Z
Learning: Error handling for RegisterFlagCompletionFunc in AddStackCompletion is not required as the errors are non-critical for tab completion functionality.

Applied to files:

• cmd/cmd_utils_test.go

📚 Learning: 2025-02-18T13:18:53.146Z

Learnt from: samtholiya
PR: cloudposse/atmos#1068
File: cmd/vendor_pull.go:31-31
Timestamp: 2025-02-18T13:18:53.146Z
Learning: Error checking is not required for cobra.Command.RegisterFlagCompletionFunc calls as these are static configurations done at init time.

Applied to files:

• cmd/cmd_utils_test.go

🧬 Code graph analysis (8)

pkg/merge/merge_struct_aliasing_test.go (1)

pkg/merge/merge.go (1)

• DeepCopyMap (29-45)

internal/exec/describe_affected_utils_optimized.go (3)

pkg/schema/schema.go (2)

• AtmosConfiguration (27-65)
• DependsOn (662-662)

pkg/utils/glob_utils.go (1)

• PathMatch (74-106)

pkg/config/const.go (1)

• TerraformComponentType (48-48)

pkg/merge/merge.go (3)

pkg/perf/perf.go (1)

• Track (121-138)

errors/errors.go (1)

• ErrMerge (121-121)

pkg/merge/merge_with_provenance.go (1)

• MergeWithProvenance (21-52)

internal/exec/describe_affected_optimizations_test.go (3)

pkg/schema/schema.go (9)

• AtmosConfiguration (27-65)
• Components (357-361)
• Terraform (317-329)
• Helmfile (343-350)
• Packer (352-355)
• Stacks (363-369)
• DependsOn (662-662)
• Context (381-396)
• Affected (613-632)

pkg/config/const.go (3)

• TerraformComponentType (48-48)
• HelmfileComponentType (49-49)
• PackerComponentType (50-50)

errors/errors.go (1)

• ErrUnsupportedComponentType (154-154)

internal/exec/describe_affected_pattern_cache.go (3)

pkg/schema/schema.go (5)

• AtmosConfiguration (27-65)
• Components (357-361)
• Terraform (317-329)
• Helmfile (343-350)
• Packer (352-355)

pkg/config/const.go (3)

• TerraformComponentType (48-48)
• HelmfileComponentType (49-49)
• PackerComponentType (50-50)

errors/errors.go (2)

• ErrUnsupportedComponentType (154-154)
• ErrFailedToLoadTerraformModule (113-113)

internal/exec/describe_affected_utils_2.go (1)

errors/errors.go (2)

• ErrUnsupportedComponentType (154-154)
• ErrFailedToLoadTerraformModule (113-113)

internal/exec/describe_affected_changed_files_index.go (3)

pkg/schema/schema.go (6)

• AtmosConfiguration (27-65)
• Components (357-361)
• Terraform (317-329)
• Helmfile (343-350)
• Packer (352-355)
• Stacks (363-369)

pkg/perf/perf.go (1)

• Track (121-138)

pkg/config/const.go (3)

• TerraformComponentType (48-48)
• HelmfileComponentType (49-49)
• PackerComponentType (50-50)

internal/exec/utils.go (2)

pkg/schema/schema.go (1)

• AtmosConfiguration (27-65)

errors/errors.go (1)

• ErrFailedToLoadTerraformModule (113-113)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: Build (macos-latest, macos)
• GitHub Check: Build (windows-latest, windows)
• GitHub Check: Build (ubuntu-latest, linux)
• GitHub Check: Analyze (go)
• GitHub Check: Lint (golangci)
• GitHub Check: Run pre-commit hooks
• GitHub Check: Summary

🔇 Additional comments (10)

cmd/auth_integration_test.go (1)

158-160: Clean test simplification.

The switch to t.Chdir() removes the manual directory tracking boilerplate while maintaining the same test behavior. The automatic reversion is correctly noted in the comment.

cmd/cmd_utils_test.go (4)

45-54: Proper test isolation with t.Chdir().

Each subtest gets automatic directory restoration, ensuring clean isolation between test cases. This is the right pattern for table-driven tests that need different working directories.

---

277-285: Conditional directory setup handled correctly.

The test properly uses t.Chdir() for both branches—configured directory and temp directory. The automatic reversion ensures clean state for each subtest.

---

360-370: Simplified file path handling.

With t.Chdir(tmpDir) positioning us in the temp directory, the WriteFile call correctly uses a relative path. This is cleaner than constructing full paths while maintaining identical behavior.

---

382-383: Consistent test cleanup pattern throughout.

All remaining tests follow the same clean pattern: t.Chdir() with updated comments noting automatic reversion. The changes maintain test behavior while significantly simplifying the code.

Also applies to: 396-397, 412-421, 455-457

pkg/merge/merge.go (3)

136-139: Pointer fields are intentionally not deep‑copied. Confirm contract.

Returning pointers as‑is keeps aliasing. If callers expect isolation for pointer fields inside typed maps/structs, document this or add an opt-in path.

---

229-250: Structs inside map[string]any are converted to maps. Intentional?

normalizeValueReflect turns struct values into map[string]any. If such structs can appear in user data, this shape change may surprise callers. Confirm this is unreachable in normal flows (YAML → map) or document the contract.

---

523-530: Provenance gate looks solid.

Positions is a map keyed by JSONPath; filtering inputs doesn’t break alignment. Good use of MergeWithProvenance only when enabled and positions present. Based on learnings.

internal/exec/utils.go (2)

4-12: Imports grouping/sorting looks correct.

Stdlib, third‑party, and Atmos groups are properly separated and alphabetized. Nothing to change.

---

247-260: Review comment is incorrect — no evidence of cache corruption risk.

Verification found:

• ProcessYAMLConfigFiles creates fresh rawStackConfigs and stacksMap instances (line 307, 306) before any mutations at line 433—these are local, not cached until return
• All downstream callers (describe_stacks.go, validate_stacks.go, terraform_generate_backends.go, config_sources_utils.go) only read from cached maps; no writes detected
• Immutability contract is already maintained implicitly by existing code

Deep-copy on store/return and singleflight deduping are not required; cache is safe as-is.

Likely an incorrect or invalid review comment.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

pkg/merge/merge.go (2)

29-44: Unused error return in DeepCopyMap.

The function signature returns (map[string]any, error) but the implementation never returns a non-nil error. All code paths return nil for the error. If this is intentional for future extensibility, consider adding a comment explaining it. Otherwise, simplify the signature to return only map[string]any and update all callers accordingly.

---

284-306: Redundant skip check after early exit.

Line 286-288 already skips fields with mapstructure:"-" tag via continue. The second check at lines 303-306 is unreachable for mapstructure "-" (though it might catch json "-" after tag stripping). If you only want to respect mapstructure "-", remove the second check; if you also want to skip json "-", document that intent in a comment.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 71f1258 and f81cf06.

📒 Files selected for processing (3)

• cmd/cmd_utils_test.go (6 hunks)
• pkg/merge/merge.go (8 hunks)
• pkg/merge/merge_struct_aliasing_test.go (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• cmd/cmd_utils_test.go

🧰 Additional context used

📓 Path-based instructions (5)

pkg/**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

Place business logic in pkg rather than in cmd

Files:

• pkg/merge/merge_struct_aliasing_test.go
• pkg/merge/merge.go

**/*_test.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*_test.go: Every new feature must include comprehensive unit tests
Test both happy paths and error conditions
Use table-driven tests for multiple scenarios

**/*_test.go: Use table-driven unit tests for pure functions and focus on behavior; co-locate tests; target >80% coverage for pkg/ and internal/exec/.
Always use t.Skipf() with a clear reason; never use t.Skip() or t.Skipf without a reason.

Files:

• pkg/merge/merge_struct_aliasing_test.go

**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*.go: All code must pass golangci-lint checks
Follow Go error handling idioms and use meaningful error messages
Wrap errors with context using fmt.Errorf("context: %w", err)
Consider custom error types for domain-specific errors
Follow standard Go coding style; run gofmt and goimports
Use snake_case for environment variables
Document complex logic with inline comments

**/*.go: All Go comments must end with periods; applies to single-line, multi-line, inline, and documentation comments (golangci-lint godot).
Group imports into three sections (stdlib, 3rd-party, Atmos), separated by blank lines; sort alphabetically within each group; preserve existing aliases.
Configuration loading must use Viper with precedence CLI → ENV → files → defaults; bind config name atmos and add path, AutomaticEnv, and ATMOS prefix.
All errors must be wrapped using static errors (defined in errors/errors.go); use errors.Join for multiple errors; fmt.Errorf with %w for context; use errors.Is for checks; never compare error strings.
Distinguish structured logging from UI output: UI prompts/status/errors to stderr; data/results to stdout; never use logging for UI.
Most text UI must go to stderr; only data/results to stdout; prefer utils.PrintfMessageToTUI for UI messages.
All new configurations must support Go templating using existing utilities and available template functions.
Prefer SDKs over external binaries for cross-platform support; use filepath/os/runtime for portability.
For non-standard execution paths, capture telemetry via telemetry.CaptureCmd or telemetry.CaptureCmdString without user data.
80% minimum coverage on new/changed lines and include unit tests for new features; add integration tests for CLI using tests/ fixtures.
Always bind environment variables with viper.BindEnv and provide ATMOS_ alternatives for every env var.
Use structured logging with levels (Fatal>Error>Warn>Debug>Trace); avoid string interpolation and ensure logging does not affect execution.
Prefer re...

Files:

• pkg/merge/merge_struct_aliasing_test.go
• pkg/merge/merge.go

pkg/**/*_test.go

📄 CodeRabbit inference engine (CLAUDE.md)

Unit tests for packages live under pkg/ alongside implementation files.

Files:

• pkg/merge/merge_struct_aliasing_test.go

**/!(*_test).go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

Document all exported functions, types, and methods with Go doc comments

Add defer perf.Track() to all public functions and critical private functions; include a blank line after the call; use package-prefixed names; pass atmosConfig when present, else nil.

Files:

• pkg/merge/merge.go

🧠 Learnings (2)

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to **/*.go : All Go comments must end with periods; applies to single-line, multi-line, inline, and documentation comments (golangci-lint godot).

Applied to files:

• pkg/merge/merge_struct_aliasing_test.go
• pkg/merge/merge.go

📚 Learning: 2025-10-16T05:26:31.864Z

Learnt from: aknysh
PR: cloudposse/atmos#1639
File: pkg/merge/merge.go:392-430
Timestamp: 2025-10-16T05:26:31.864Z
Learning: In Atmos merge operations (pkg/merge/merge.go), context.Positions is a PositionMap (map[string]*schema.Position) keyed by JSONPath strings, not a slice indexed by input array position. Position lookups are path-based, making them independent of input array reorganization or filtering. This design allows filtering empty inputs without affecting provenance tracking correctness.

Applied to files:

• pkg/merge/merge.go

🧬 Code graph analysis (2)

pkg/merge/merge_struct_aliasing_test.go (1)

pkg/merge/merge.go (1)

• DeepCopyMap (29-45)

pkg/merge/merge.go (3)

pkg/perf/perf.go (1)

• Track (121-138)

errors/errors.go (1)

• ErrMerge (121-121)

pkg/merge/merge_with_provenance.go (1)

• MergeWithProvenance (21-52)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Build (windows-latest, windows)
• GitHub Check: Build (ubuntu-latest, linux)
• GitHub Check: Analyze (go)
• GitHub Check: Lint (golangci)
• GitHub Check: Summary

🔇 Additional comments (14)

pkg/merge/merge.go (10)

47-87: LGTM - efficient fast-path with reflection fallback.

The type switch handles common cases (maps, slices, primitives) without reflection, falling back to normalizeValueReflect only for rare complex types. Allocations are properly sized to reduce GC pressure. Logic is correct.

---

89-158: Solid reflection-based deep copy with proper unexported field preservation.

The struct branch correctly preserves unexported fields via shallow copy first (line 101), then deep-copies exported fields to avoid aliasing. The pointer branch intentionally skips deep-copying (line 140 comment). All reflection cases handle types correctly.

---

160-169: LGTM - straightforward slice normalization.

Converts typed slices to []any with proper sizing and deep-copy semantics. Logic is correct.

---

171-202: Careful assignability checks prevent panics with non-empty interface element types.

The multi-tier fallback (typed deep copy → original value → empty interface fallback) ensures SetMapIndex never receives incompatible types. This correctly handles the edge case where deepCopyValue returns shapes (e.g., map[string]any) not assignable to non-empty interfaces.

---

204-230: Proper empty map typing and delegation to safe copy helpers.

Empty maps with non-string keys return typed empty maps (line 211), avoiding type drift. The routing logic correctly delegates to copyNonStringKeyMap for non-string keys and normalizes to map[string]any for string keys.

---

232-253: LGTM - clean reflection dispatcher.

Routes values to specialized normalizers based on kind. Logic is correct.

---

315-386: Well-optimized merge with proper fast-paths and error wrapping.

Empty input filtering (lines 330-341) and single-input fast-path (lines 343-346) avoid unnecessary work. Deep copy via DeepCopyMap (line 360) prevents mergo's pointer mutation bug. Error wrapping uses %w correctly for proper error chains (lines 362, 381).

---

388-427: LGTM - clean validation and delegation.

Strategy validation is thorough with proper error wrapping. Comment punctuation correct.

---

429-477: LGTM - context-aware error formatting.

Mirrors Merge logic with added context formatting. Comments end with periods as required.

---

479-547: Solid provenance-aware routing with proper fast-path bypass.

The provenance check (lines 507-510) correctly determines whether to use MergeWithProvenance. The single-input fast-path is bypassed when provenance is enabled (line 514), ensuring position tracking isn't skipped. Per retrieved learnings, context.Positions is a map keyed by JSONPath strings, so no alignment issues arise from input filtering.

pkg/merge/merge_struct_aliasing_test.go (4)

9-94: Thorough aliasing test for typed maps with non-string keys.

Test correctly validates that modifying nested slices/maps in the copy doesn't affect the original. Uses map[int]Config to exercise the copyNonStringKeyMap path. Assertions are comprehensive and verify both original preservation and copy modification.

---

96-146: LGTM - validates nested struct deep copying.

Test verifies that structs containing other structs and slices of structs are properly deep copied. Modifications to nested fields confirm no aliasing occurs.

---

148-189: LGTM - validates struct-with-map deep copying.

Test confirms that maps inside structs are properly deep copied. Modifications to the nested map in the copy don't affect the original.

---

191-258: Excellent regression test for unexported field preservation.

Test validates that unexported fields retain their values after deep copy (via shallow copy first, then deep-copy exported fields). Lines 239-246 confirm unexported fields are preserved with correct values, while lines 249-257 confirm exported fields are still deep copied. This correctly tests the fix from past reviews.

[github-actions]

These changes were released in v1.195.0-rc.1.