chore(fmt): add golangci-lint

[kanstantsinbuklis-sap]

Description

Added linter running in CI step

What type of PR is this? (check all applicable)

• [+ ] 🔁 CI

Related Tickets & Documents

• Closes
  chore: integrate gofumpt #1055

Added tests?

• [+] 🙅 no, because they aren't needed

Added to documentation?

• [+] 🙅 no documentation needed

[MR2011]

@kanstantsinbuklis-sap the linter found a lot of issues. Can you fix them and then we merge it?

[Copilot]

Pull request overview

Adds golangci-lint to CI/Makefile tooling, and performs a broad set of refactors and feature changes across DB access patterns, caching, OpenFGA authorization event handling, and the GraphQL API/schema.

Changes:

• Add golangci-lint configuration plus a dedicated CI workflow and Makefile targets.
• Refactor pagination/cursor handling (move away from legacy PaginatedX/ID lists toward string cursors) and adjust handlers/tests accordingly.
• Introduce/expand OpenFGA authz integration via event handlers; add GraphQL request limiting (depth + rate/batch limiting) and remove Activity/Evidence GraphQL/API surface.

Reviewed changes

Copilot reviewed 145 out of 148 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
internal/database/mariadb/db.go	Simplifies boolean check for trace DB wrapper.
internal/database/mariadb/database.go	Improves resource closing/logging, adjusts error casing, refactors state filter, removes legacy cursor helper.
internal/database/mariadb/cursor.go	Adds encoder close error handling and new cursor builders (User/IssueVariant/IssueRepository/ServiceIssueVariant), remediation cursor field.
internal/database/mariadb/component_version_test.go	Removes ID-list tests, updates pagination to cursor-based, adds EndOfLife filter tests, ignores teardown error.
internal/database/mariadb/component_test.go	Removes ID-list tests, updates pagination to cursor-based, adds gosec nolints, adjusts ordering tests.
internal/database/mariadb/autopatch_test.go	Ignores teardown error; formats expected issue list struct literals.
internal/database/mariadb/autopatch.go	Adds ErrNoRows handling, safer Close() logging, minor loop simplifications.
internal/database/interface.go	Removes several “GetAll*Ids” methods and updates signatures to return result types/cursors and accept ordering.
internal/database/error.go	Introduces MariaDB duplicate entry error code constant.
internal/cache/valkey_cache.go	Switches CacheBase embedding to pointer.
internal/cache/in_memory_cache.go	Switches CacheBase embedding to pointer, uses pointer receivers for methods, removes flush helper.
internal/cache/cache_base.go	Uses increments, pointer receivers, switch for key hashing, normalizes error text.
internal/cache/cache.go	Normalizes error text casing, refactors DecodeKey to switch, tweaks wrapped error messages.
internal/app/user/user_handler_interface.go	Adds context parameter to ListUsers.
internal/app/user/user_handler_events.go	Adds OpenFGA tuple cleanup handler for user deletion.
internal/app/user/user_handler.go	Adds caching and OpenFGA authorization filtering to ListUsers, updates error handling/logging.
internal/app/support_group/support_group_handler_interface.go	Adds context parameters to several methods.
internal/app/shared/issueVariant.go	Updates to new GetServiceIssueVariants signature/results; normalizes error message casing.
internal/app/severity/severity_handler_test.go	Updates event registry signature; adapts mocks to new DB result types and ordered params.
internal/app/service/service_handler_interface.go	Adds context parameters to service operations.
internal/app/service/service_handler_events.go	Adds OpenFGA authz event handlers for create/delete/owner changes; updates OnServiceCreate signature.
internal/app/scanner_run/scanner_run_test.go	Updates event registry signature; asserts CreateScannerRun error handling.
internal/app/remediation/remediation_handler_test.go	Updates pagination struct to Paginated.
internal/app/remediation/remediation_handler.go	Switches to EnsurePaginated/cursor page info; populates RemediatedBy(+Id) from context.
internal/app/profiler/profiler.go	Checks file close error during cleanup.
internal/app/patch/patch_handler_test.go	Updates event registry signature and pagination struct.
internal/app/patch/patch_handler.go	Switches to EnsurePaginated/cursor page info.
internal/app/issue_variant/issue_variant_handler.go	Uses cursor list instead of ID list; adjusts cached types and error message.
internal/app/issue_repository/issue_repository_handler_test.go	Updates mocks to new DB result/cursor APIs; uses cursor encoding helpers.
internal/app/issue_repository/issue_repository_handler_events.go	Updates handler signature; improves wrong-event error handling.
internal/app/issue_repository/issue_repository_handler.go	Adds cache usage; switches page info to cursor list; updates error message.
internal/app/issue_match/issue_match_interface.go	Adds context params; removes evidence attach/detach methods.
internal/app/issue/issue_handler_test.go	Updates event registry signature and pagination struct; fixes handler import usage; adjusts assertions to new result shape.
internal/app/issue/issue_handler_events_test.go	Updates mocks for service issue variants results; adds authz param to handler call.
internal/app/issue/issue_handler_events.go	Updates handler signature to accept authz handle.
internal/app/issue/issue_handler.go	Switches to EnsurePaginated and cursor-based page info.
internal/app/interface.go	Removes Activity/Evidence handlers from app interface.
internal/app/heureka.go	Updates event registry construction to include authz; registers authz handlers; removes Activity/Evidence handlers.
internal/app/evidence/evidence_handler_interface.go	Deleted (Evidence API removed).
internal/app/evidence/evidence_handler_events.go	Deleted (Evidence events removed).
internal/app/evidence/evidence_handler.go	Deleted (Evidence handler removed).
internal/app/event/event_registry_test.go	Updates event registry signature and handler function signature to include authz.
internal/app/event/event_registry.go	Extends event handlers to receive authz; stores authz in registry.
internal/app/component_version/component_version_handler_interface.go	Adds context parameter to ListComponentVersions.
internal/app/component_version/component_version_handler_events.go	Adds OpenFGA authz handlers for create/update/delete component versions.
internal/app/component_version/component_version_handler.go	Adds authz-based filtering; switches pagination helpers; improves logging/errors; updates ListComponentVersions signature.
internal/app/component_instance/component_instance_handler_interface.go	Adds context parameter to ListComponentInstances.
internal/app/component_instance/component_instance_handler.go	Adds authz-based filtering; switches pagination helper usage; adds local error type.
internal/app/component/component_handler_interface.go	Adds context parameter to ListComponents.
internal/app/component/component_handler_events.go	Adds OpenFGA authz handlers for create/delete component.
internal/app/common/user_id.go	Normalizes error casing; adds helpers for unique user ID and resolving IDs.
internal/app/common/test_config_setup.go	Adds helper to build test config for auth/no-auth scenarios.
internal/app/common/pagination_helpers.go	Removes legacy PaginatedX/ID-based pagination helpers; unifies on cursor-based helpers.
internal/app/common/filter_helpers.go	Adds helper for intersecting accessible IDs with filters.
internal/app/activity/activity_handler_interface.go	Deleted (Activity API removed).
internal/app/activity/activity_handler_events.go	Deleted (Activity events removed).
internal/api/graphql/server.go	Adds GraphQL depth limit, batch limiter, and IP rate limiter middleware.
internal/api/graphql/middleware/ratelimit_test.go	Adds unit tests for IP rate limiter middleware.
internal/api/graphql/middleware/rate_limit.go	Adds per-IP rate limiter with cleanup goroutine and Gin middleware.
internal/api/graphql/middleware/batch_limit.go	Adds GraphQL operation “batch” limiter middleware.
internal/api/graphql/graph/schema/siem.graphqls	Adds SIEM alert input/type schema.
internal/api/graphql/graph/schema/service.graphqls	Removes activities field from Service type.
internal/api/graphql/graph/schema/remediation.graphqls	Adds expirationDate order field.
internal/api/graphql/graph/schema/query.graphqls	Removes Activities/Evidences queries.
internal/api/graphql/graph/schema/mutation.graphqls	Removes activity/evidence mutations; adds createSIEMAlert mutation.
internal/api/graphql/graph/schema/issue_match.graphqls	Removes evidences field from IssueMatch type.
internal/api/graphql/graph/schema/issue.graphqls	Removes activities field; removes activityCount metadata.
internal/api/graphql/graph/schema/image_version.graphqls	Adds endOfLife field and filter.
internal/api/graphql/graph/schema/evidence.graphqls	Deleted (Evidence schema removed).
internal/api/graphql/graph/schema/component_version.graphqls	Adds endOfLife field/input/filter.
internal/api/graphql/graph/schema/activity.graphqls	Deleted (Activity schema removed).
internal/api/graphql/graph/scalar/json.go	Handles io.Writer errors; improves Unmarshal ordering.
internal/api/graphql/graph/resolver/siem.go	Adds placeholder file for SIEM resolvers.
internal/api/graphql/graph/resolver/service.go	Removes Service.activities resolver.
internal/api/graphql/graph/resolver/query.go	Removes Activities/Evidences resolvers; replaces pointer helpers with ptr; adds staticcheck nolint for context key.
internal/api/graphql/graph/resolver/issue_match.go	Removes evidences resolver.
internal/api/graphql/graph/resolver/issue.go	Removes activities resolver.
internal/api/graphql/graph/resolver/evidence.go	Deleted (Evidence resolver removed).
internal/api/graphql/graph/resolver/activity.go	Deleted (Activity resolver removed).
internal/api/graphql/graph/queryCollection/siem_alert/create.graphql	Adds example SIEM alert mutation query.
internal/api/graphql/graph/queryCollection/service/directRelations.graphql	Removes activities relation query.
internal/api/graphql/graph/queryCollection/issueMatch/removeEvidence.graphql	Deleted (evidence relation removed).
internal/api/graphql/graph/queryCollection/issueMatch/directRelations.graphql	Removes evidences relation query.
internal/api/graphql/graph/queryCollection/issueMatch/addEvidence.graphql	Deleted (evidence relation removed).
internal/api/graphql/graph/queryCollection/issue/withObjectMetadata.graphql	Removes activityCount/activities selection.
internal/api/graphql/graph/queryCollection/issue/full.graphql	Removes activityCount selection.
internal/api/graphql/graph/queryCollection/issue/directRelations.graphql	Removes activityCount selection.
internal/api/graphql/graph/queryCollection/imageVersion/query.graphql	Requests image version endOfLife field.
internal/api/graphql/graph/queryCollection/evidence/update.graphql	Deleted (Evidence queries removed).
internal/api/graphql/graph/queryCollection/evidence/minimal.graphql	Deleted (Evidence queries removed).
internal/api/graphql/graph/queryCollection/evidence/directRelations.graphql	Deleted (Evidence queries removed).
internal/api/graphql/graph/queryCollection/evidence/delete.graphql	Deleted (Evidence queries removed).
internal/api/graphql/graph/queryCollection/evidence/create.graphql	Deleted (Evidence queries removed).
internal/api/graphql/graph/queryCollection/componentVersion/minimal.graphql	Adds endOfLife selection.
internal/api/graphql/graph/queryCollection/activity/withPageInfo.graphql	Deleted (Activity queries removed).
internal/api/graphql/graph/queryCollection/activity/update.graphql	Deleted (Activity queries removed).
internal/api/graphql/graph/queryCollection/activity/removeService.graphql	Deleted (Activity queries removed).
internal/api/graphql/graph/queryCollection/activity/removeIssue.graphql	Deleted (Activity queries removed).
internal/api/graphql/graph/queryCollection/activity/full.graphql	Deleted (Activity queries removed).
internal/api/graphql/graph/queryCollection/activity/directRelations.graphql	Deleted (Activity queries removed).
internal/api/graphql/graph/queryCollection/activity/delete.graphql	Deleted (Activity queries removed).
internal/api/graphql/graph/queryCollection/activity/create.graphql	Deleted (Activity queries removed).
internal/api/graphql/graph/queryCollection/activity/addService.graphql	Deleted (Activity queries removed).
internal/api/graphql/graph/queryCollection/activity/addIssue.graphql	Deleted (Activity queries removed).
internal/api/graphql/graph/model/models.go	Updates ordering mapping, issue/service aggregations mapping, adds endOfLife mapping, removes Activity/Evidence model helpers, updates state filter mapping.
internal/api/graphql/graph/model/common.go	Removes Activity/Evidence node names; normalizes error casing; introduces unknownType const.
internal/api/graphql/graph/baseResolver/vulnerability.go	Switches to Paginated.
internal/api/graphql/graph/baseResolver/user.go	Updates to context-aware app methods and cursor type; removes legacy cursor parsing.
internal/api/graphql/graph/baseResolver/support_group.go	Switches to Paginated and context-aware app methods.
internal/api/graphql/graph/baseResolver/service.go	Switches to Paginated, context-aware app methods; removes activity parent filtering.
internal/api/graphql/graph/baseResolver/scannerrun.go	Replaces pointer helper pkg; adjusts pagination After handling.
internal/api/graphql/graph/baseResolver/remediation.go	Switches to Paginated; replaces pointer helper pkg; simplifies parent routing.
internal/api/graphql/graph/baseResolver/patch.go	Switches to Paginated.
internal/api/graphql/graph/baseResolver/issue_variant.go	Switches to Paginated with string cursors; removes legacy cursor parsing.
internal/api/graphql/graph/baseResolver/issue_repository.go	Switches to Paginated with string cursors; removes legacy cursor parsing; uses result.Priority.
internal/api/graphql/graph/baseResolver/issue_match.go	Switches to Paginated; removes evidence parent filtering; replaces pointer helper pkg; uses context-aware app methods.
internal/api/graphql/graph/baseResolver/issue.go	Switches to Paginated; removes activity parent filtering; replaces pointer helper pkg.
internal/api/graphql/graph/baseResolver/image_version.go	Switches to Paginated; adds endOfLife filter; uses context-aware app methods; fixes ID accessor usage.
internal/api/graphql/graph/baseResolver/image.go	Switches to Paginated; uses context-aware app methods.
internal/api/graphql/graph/baseResolver/evidence.go	Deleted (Evidence base resolver removed).
internal/api/graphql/graph/baseResolver/custom_errors.go	Minor sanitization refactor to switch.
internal/api/graphql/graph/baseResolver/component_version.go	Switches to Paginated, adds endOfLife filter, uses context-aware app methods.
internal/api/graphql/graph/baseResolver/component_instance.go	Switches to Paginated, uses context-aware app methods; fixes debug logging formatting; replaces pointer helper pkg.
internal/api/graphql/graph/baseResolver/component.go	Switches to Paginated; uses context-aware app methods.
internal/api/graphql/graph/baseResolver/activity.go	Deleted (Activity base resolver removed).
internal/api/graphql/gqlgen.yml	Removes Activity/Evidence resolvers configuration.
internal/api/graphql/access/test/util.go	Adjusts gomega import nolints; removes invalid struct tag attribute.
internal/api/graphql/access/test/server.go	Replaces deprecated ioutil with io; adds gosec nolint for test server timeouts.
internal/api/graphql/access/middleware/middleware.go	Replaces deprecated ioutil with io; improves nil-pointer reflect check; adds ginkgo/gomega nolints.
internal/api/graphql/access/auth/util.go	Reorders embedded claims; normalizes error casing.
internal/api/graphql/access/auth/token.go	Uses claims.Subject; normalizes error casing.
internal/api/graphql/access/auth/oidc.go	Normalizes error casing.
internal/api/graphql/access/auth/noauth.go	Removes unused const; normalizes error casing.
docs/openfga_auth.md	Updates OpenFGA authz documentation and adds handler/permission details table.
cmd/heureka/main.go	Avoids extra newline; fixes Fatal formatting; marks unused var for lint.
README.md	Adds funding logo image.
Makefile	Adds lint targets and golangci-lint installer target.
Dockerfile.db	Removes schema copy into DB image.
Dockerfile	Changes Go builder image tag.
.vscode/settings.json	Adds delve config; adjusts formatting.
.vscode/launch.json	Adds debug config for running all Ginkgo tests.
.golangci.yml	Adds golangci-lint configuration.
.github/workflows/tests.yaml	Adds env vars for DB/OpenFGA; starts OpenFGA server via docker compose.
.github/workflows/release.yaml	Updates GitHub Actions versions for build/sign/push steps.
.github/workflows/helm-release.yaml	Updates docker/login-action version.
.github/workflows/graphql-inspector.yml	Updates create-github-app-token action version.
.github/workflows/golangci-lint.yaml	Adds CI workflow to run golangci-lint (plus codegen steps).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The encode-failure branch wraps err, but the error in this branch is encErr. As written, this can return a misleading (or nil) error. Wrap encErr instead so callers get the correct failure reason.

Suggested change

	return zero, fmt.Errorf("cache (encode): %w", err)
	return zero, fmt.Errorf("cache (encode): %w", encErr)

[Copilot]

rows.Close() is deferred twice in the same function, which will attempt to close the same rows twice and can generate spurious warnings or mask real close errors. Remove the second defer (or keep a single defer placed immediately after stmt.Query(...) succeeds).

[Copilot]

rows.Close() is deferred twice in the same function, which will attempt to close the same rows twice and can generate spurious warnings or mask real close errors. Remove the second defer (or keep a single defer placed immediately after stmt.Query(...) succeeds).

Suggested change

	listEntries = listBuilder(listEntries, row)
	}
	defer func() {
	if err := rows.Close(); err != nil {
	l.Warnf("error during closing rows: %s", err)

[Copilot]

The USE <db> exec result/error is intentionally ignored; if the USE fails, subsequent operations can behave unexpectedly and debugging becomes harder. Capture and handle the error (return it or log it) instead of discarding it.

Suggested change

	if _, err := db.Exec(fmt.Sprintf("USE %s", cfg.DBName)); err != nil {
	if _, err := db.Exec(fmt.Sprintf("USE %s", cfg.DBName)); err != nil {
	logrus.WithError(err).Errorf("failed to select database %q", cfg.DBName)
	_ = db.Close()
	return nil, fmt.Errorf("failed to select database %s: %w", cfg.DBName, err)
	}

[Copilot]

This is a self-referential initialization and won’t compile. It likely intended to reset prev to a sentinel value for descending order comparisons (as the removed code used "\U0010FFFF").

Suggested change

	prev := "\U0010FFFF"

[Copilot]

res is pre-sized to len(tags) and then appended to, resulting in len(tags) leading nil entries and a final length of 2*len(tags). Initialize with length 0 and capacity len(tags) (or assign by index) to return the expected slice.

Suggested change

	res := make([]*string, len(tags))
	res := make([]*string, 0, len(tags))

[Copilot]

The PR title/description indicates only adding golangci-lint in CI, but the diff includes substantial functional changes (OpenFGA authz event handlers, pagination/cursor refactors, GraphQL schema removals/additions, rate limiting, removal of Activity/Evidence APIs). Either the PR description/title should be updated to reflect the real scope, or the extra changes should be split into separate PRs for reviewability and safer rollout.