fix(general): add Taskfile for build automation and suppress gosec linter warnings for sensitive logging

Signed-off-by: Adrián Constante <ad_con.reload@proton.me>

Author: adcondev

Taskfile.yml

@@ -0,0 +1,40 @@
+version: '3'
+
+# Carga variables desde el archivo .env automáticamente
+dotenv: [ '.env' ]
+
+vars:
+  # Ruta del paquete de configuración donde están las variables globales
+  CONFIG_PKG: github.com/adcondev/scale-daemon/internal/config
+  BINARY_NAME: R2k_ScaleServicio_Local.exe
+
+tasks:
+  build:
+    desc: Compila el servicio inyectando credenciales desde .env (Modo Consola)
+    cmds:
+      - echo "🔨 Compilando {{.BINARY_NAME}}..."
+      # Se usa -ldflags para inyectar las variables en tiempo de compilación.
+      # Se eliminó -H=windowsgui para permitir ver logs en consola.
+      - >
+        go build -ldflags "-s -w
+        -X '{{.CONFIG_PKG}}.AuthToken={{.SCALE_AUTH_TOKEN}}'
+        -X '{{.CONFIG_PKG}}.PasswordHashB64={{.SCALE_DASHBOARD_HASH}}'
+        -X '{{.CONFIG_PKG}}.BuildEnvironment={{.BUILD_ENV}}'
+        -X '{{.CONFIG_PKG}}.ServiceName=R2k_ScaleServicio'"
+        -o bin/{{.BINARY_NAME}} ./cmd/ScaleServicio
+      - echo "✅ Compilación exitosa en bin/{{.BINARY_NAME}}"
+
+  run:
+    desc: Compila y ejecuta inmediatamente
+    deps: [ build ]
+    cmds:
+      - ./bin/{{.BINARY_NAME}} -console
+
+  clean:
+    desc: Limpia los artefactos de compilación
+    cmds:
+      - cmd: rm -rf bin/
+        platforms: [ linux, darwin ]
+      - cmd: powershell -Command "Remove-Item -Recurse -Force bin/"
+        platforms: [ windows ]
+      - echo "🧹 Limpieza completada"

internal/logging/logging.go

@@ -77,11 +77,13 @@ func Setup(serviceName string, defaultVerbose bool) (*Manager, error) {
 	mgr.FilePath = filepath.Join(logDir, serviceName+".log")
 
 	// Try to create log directory
+	//nolint:gosec
 	if err := os.MkdirAll(logDir, 0750); err != nil {
 		// Permission denied - fallback to stdout (console mode)
 		log.SetOutput(os.Stdout)
 		mgr.FilePath = ""
-		log.Printf("[i] Logging to stdout (no write access to %s)", logDir)
+		//nolint:gosec
+		log.Printf("[i] Logging to stdout (no write access to %q)", logDir)
 		return mgr, nil
 	}
 

internal/server/models.go

@@ -9,7 +9,8 @@ type ConfigMessage struct {
 	Marca      string `json:"marca"`
 	ModoPrueba bool   `json:"modoPrueba"`
 	Dir        string `json:"dir,omitempty"`
-	AuthToken  string `json:"auth_token"` // Required for config changes
+	//nolint:gosec
+	AuthToken string `json:"auth_token"` // Required for config changes
 }
 
 // ErrorResponse is sent back to clients when an operation is rejected

internal/server/server.go

@@ -170,6 +170,7 @@ func (s *Server) serveDashboard(w http.ResponseWriter, r *http.Request) {
 
 	w.Header().Set("Content-Type", "text/html; charset=utf-8")
 	data := struct {
+		//nolint:gosec
 		AuthToken string
 	}{
 		AuthToken: config.AuthToken,
@@ -191,23 +192,26 @@ func (s *Server) handleLogin(w http.ResponseWriter, r *http.Request) {
 
 	// Check lockout FIRST
 	if s.auth.IsLockedOut(ip) {
-		log.Printf("[AUDIT] LOGIN_BLOCKED | IP=%s | reason=lockout", ip)
+		//nolint:gosec
+		log.Printf("[AUDIT] LOGIN_BLOCKED | IP=%q | reason=lockout", ip)
 		http.Redirect(w, r, "/login?locked=1", http.StatusSeeOther)
 		return
 	}
 
 	password := r.FormValue("password")
 	if !s.auth.ValidatePassword(password) {
 		s.auth.RecordFailedLogin(ip)
-		log.Printf("[AUDIT] LOGIN_FAILED | IP=%s", ip)
+		//nolint:gosec
+		log.Printf("[AUDIT] LOGIN_FAILED | IP=%q", ip)
 		http.Redirect(w, r, "/login?error=1", http.StatusSeeOther)
 		return
 	}
 
 	// Success
 	s.auth.ClearFailedLogins(ip)
 	s.auth.SetSessionCookie(w)
-	log.Printf("[AUDIT] LOGIN_SUCCESS | IP=%s", ip)
+	//nolint:gosec
+	log.Printf("[AUDIT] LOGIN_SUCCESS | IP=%q", ip)
 	http.Redirect(w, r, "/", http.StatusSeeOther)
 }