Refactor client and server structure with configuration improvements#149
Merged
Refactor client and server structure with configuration improvements#149
Conversation
Remove legacy client config manager and split client into internal and pkg modules. Update go.work to include internal packages and client/pkg/config. Clean up imports, whitespace and tidy go.mod/go.sum dependencies.
Refactor client code for improved structure and performance
Update go.work to reference new internal paths and add server/internal/config go.mod Refactor config package: use sharedconfig.Shared for SharedConfig and add a Config struct to hold flagTTL
Convert flag status from string to int across models, database schema, queries, protocols and tests Add a ConfigManager singleton for server configuration and inject it into Runner, handlers and related components Update sqlc config and internal package paths, add controllers module, and misc refactors (slice append optimization, import tweaks)
Refactor server configuration and internal module structure
For testing use `just setup-tests` and the command: `./bin/ckc exploit run -e main -n CookieService -t 10 --debug` (remember to copy the exploits @example_total.py inside ~/.config/cookiefarm/exploits/main.py)
part the token is taken from the config instance
- Setup now accepts *ExploitArgs and returns error - Callers pass &exploitArgs and handle error - Use normalizedPath when constructing ExploitPath
- Serve assets from server/public in PrepareStatic and fix the stray slash in the JS route - Add logger and models imports to templates.go - Reformat layouts/main.html for consistent indentation and updated classes - Refactor dashboard.html markup to a cleaner structure - Update flags_rows.html to show the code and inline action buttons
Make sure the behavior of the client is intended + some fix at exploiter and server templating
akiidjk
added
Clean Code
Return an error if exploit name is empty in template.Create with the message "exploit name cannot be empty". Replace logger.Fatal with logger.Error in the config loader to avoid exiting the process. Add test-related indirect dependencies to client/internal/websockets go.mod.
Add extensive table-driven and category-partition tests covering many areas of the client: - internal/api: HTTP helpers and high-level API calls (Login, GetConfig, SubmitBatchDirect, SubmitFlag) - internal/exploit: parser paths and buildSuccessFlag field mapping - internal/submitter: batching and channel lifecycle behaviour - internal/template: template create/remove and path handling - internal/websockets: CircuitBreaker lifecycle and concurrency - pkg/config: ConfigManager getters/setters, file I/O, and concurrency - pkg/process: process start/wait/kill and stdout handling
Close HTTP response bodies in tests to avoid leaks Replace repetitive cases with table-driven tests and helper asserts Consolidate config string-field tests and service/port mappings Minor cleanups: use errors.New, remove redundant shadowing, rename tests
Build server binary and plugins during the build stage using go build (buildmode=plugin) and remove the just dependency. Add .dockerignore to exclude generated plugin .so files. Copy repo files into the image, adjust UI views path, include run.sh, set ownership/executable bits and expose 8080. Add env_file: .env to docker-compose and default PASSWORD in run.sh; simplify runtime argument handling.
Add a robust CLI launcher that resolves platform-specific binaries, supports a user cache, optional remote downloading, atomic writes, and verbose diagnostics via COOKIEFARM_* env vars. Also bump version to 1.2.11 and update pyproject metadata (license and homepage).
Too long RUN instruction should be split into multiple linesdocker:S7020
Enhance behavior with example flag IDs, context, and logging
necessary for when the image is taken from docker hub
Provide install.sh interactive installer using gum Prompts for server settings, writes .env and config.yml, and can clone and build CookieFarm or download the docker-compose and start containers. Includes colorized output, robust error handling, and automatic fetching/installation of the gum binary.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request refactors and reorganizes the CookieFarm client command-line interface, focusing on improving code structure, configuration management, and exploit command handling. It also introduces minor linter configuration changes. The most important changes are summarized below:
CLI Command Refactoring and Structure:
ConfigCmd,ExploitCmd) with builder functions (buildConfigCmd,buildExploitCmd), improving encapsulation and modularity. Command initialization and flag definitions are now encapsulated within these functions. [1] [2]cookiefarm/client/cmd/config.gotoargs.goand updated variable names for CLI flags to use lower-case, more consistent naming.Configuration Management Improvements:
config.GetInstance()) instead ofconfig.GetConfigManager(), simplifying access and state management. Updated all relevant command handlers (reset,update,login,logout,show) to use the new instance method. [1] [2]LoginHandlerlogic to write the session token and update shared configuration after a successful login, ensuring session state is properly persisted.Exploit Command Handling:
exploit.ExploitArgsstruct, and separated the setup and execution logic for better clarity and maintainability. Submission of flags is now handled via the newsubmitterpackage.templatepackage instead ofexploit.Create, reflecting improved separation of concerns.API and Linter Configuration:
cookiefarm/client/api/api.gofile, cleaning up obsolete code.dupllinter in.golangci.ymlto detect code duplication, promoting code quality.These changes collectively improve code organization, maintainability, and reliability of the CookieFarm client CLI.
ADDITIONAL FIX AND ADDONS
This pull request introduces several significant updates across the build, release, configuration, and Dockerization processes for the CookieFarm project. The most notable changes include a major refactor of the client configuration command handling, improved Docker build logic, enhanced release safety, and updates to the build and linting toolchain. These changes collectively improve maintainability, security, and developer experience.
Client CLI & Configuration Refactor:
config) has been refactored for clarity and maintainability. The file was renamed fromconfig.gotoargs.go, and the configuration management now uses a singleton pattern (GetInstance()), simplifying state management. Command flag handling is more consistent, and the login flow now writes the session token and shared config to disk after successful authentication. [1] [2] [3] [4]Dockerization & Build Improvements:
Dockerfilefor the server has been streamlined: unnecessary build dependencies were removed, the build process now directly compiles the server and plugins, and file paths were updated for improved structure. The runtime stage ensures correct permissions and ownership, and the entrypoint script is now properly included and executable..dockerignorenow excludes all plugin.sofiles inpkg/plugins/, reducing build context size.Release & Build Pipeline Updates:
.github/release.shnow ensures git tags are unique before proceeding and pushes tags explicitly, preventing accidental overwrites..goreleaser.yamlwas renamed and updated: it now usesgo work syncinstead ofgo mod tidy, corrects the client build path, updates archive naming, and improves the Discord release message format. [1] [2] [3]Linting and Toolchain Updates:
v2.11.4in the GitHub Actions workflow, and thedupllinter is enabled with a threshold of 100 in.golangci.yml, improving code quality checks. [1] [2]Other Notable Cleanups:
client/api/api.gofile was removed, reflecting a shift in how the client interacts with the server API.BACKEND_URLvariable was removed for clarity.References: