Fix linter issues

- Remove ctx field from Spoa struct (containedctx)
- Use context parameter instead of context.Background() (contextcheck)
- Add type assertion checks with ok for all type assertions (revive)
- Prefix unused ctx parameters with _ (unparam)
- Remove unused readKeyFromMessage function (unused)

Author: LaurenceJJones

MIGRATION_PLAN.md

@@ -0,0 +1,255 @@
+# Migration Plan: Switch to github.com/dropmorepackets/haproxy-go
+
+## Overview
+This document outlines the plan to migrate from `github.com/negasus/haproxy-spoe-go` to `github.com/dropmorepackets/haproxy-go` for improved performance (less allocations).
+
+## Current Implementation
+- **Package**: `github.com/negasus/haproxy-spoe-go`
+- **Version**: v1.0.7
+- **Key Components Used**:
+  - `agent.Agent` - SPOE agent/server
+  - `request.Request` - Incoming request handler
+  - `message.Message` - Individual message within request
+  - `action.ScopeTransaction` - Setting variables back to HAProxy
+
+## Target Implementation
+- **Package**: `github.com/dropmorepackets/haproxy-go`
+- **Version**: v0.0.7 (as used by coraza-spoa)
+- **Subpackages**:
+  - `github.com/dropmorepackets/haproxy-go/spop` - SPOE agent/server
+  - `github.com/dropmorepackets/haproxy-go/pkg/encoding` - Message encoding/decoding
+- **Reference**: Used by Coraza WAF (coraza-spoa repository)
+
+## Key Areas to Migrate
+
+### 1. Package Imports
+**Current:**
+```go
+import (
+    "github.com/negasus/haproxy-spoe-go/action"
+    "github.com/negasus/haproxy-spoe-go/agent"
+    "github.com/negasus/haproxy-spoe-go/message"
+    "github.com/negasus/haproxy-spoe-go/request"
+)
+```
+
+**Target:**
+```go
+import (
+    "github.com/dropmorepackets/haproxy-go/pkg/encoding"
+    "github.com/dropmorepackets/haproxy-go/spop"
+)
+```
+
+### 2. Agent/Server Initialization
+**Current:**
+```go
+s.Server = agent.New(handlerWrapper(s), s.logger)
+```
+
+**Target:**
+```go
+// Spoa struct needs to implement spop.Handler interface
+// No separate Server field needed - create agent on Serve()
+agent := spop.Agent{
+    Handler:     s,  // Spoa implements HandleSPOE method
+    BaseContext: ctx,
+}
+return agent.Serve(listener)
+```
+
+### 3. Handler Function Signature
+**Current:**
+```go
+func handlerWrapper(s *Spoa) func(req *request.Request) {
+    return func(req *request.Request) {
+        mes, err := req.Messages.GetByName(messageName)
+        // ...
+    }
+}
+```
+
+**Target:**
+```go
+// Spoa must implement spop.Handler interface
+func (s *Spoa) HandleSPOE(ctx context.Context, writer *encoding.ActionWriter, message *encoding.Message) {
+    messageName := string(message.NameBytes())
+    switch messageName {
+    case "crowdsec-http":
+        s.handleHTTPRequest(ctx, writer, message)
+    case "crowdsec-ip":
+        s.handleIPRequest(ctx, writer, message)
+    }
+}
+```
+
+### 4. Message Reading
+**Current:**
+```go
+func readKeyFromMessage[T string | net.IP | netip.Addr | bool | []byte](msg *message.Message, key string) (*T, error) {
+    value, ok := msg.KV.Get(key)
+    // ...
+}
+```
+
+**Target:**
+```go
+// Uses zero-allocation iterator pattern with pooling
+func readKeyFromMessage[T string | netip.Addr | bool | []byte](msg *encoding.Message, key string) (*T, error) {
+    k := encoding.AcquireKVEntry()
+    defer encoding.ReleaseKVEntry(k)
+    
+    for msg.KV.Next(k) {
+        if !k.NameEquals(key) {
+            continue
+        }
+        // Extract value based on type T
+        switch any(*new(T)).(type) {
+        case string:
+            val := string(k.ValueBytes())
+            return &val, nil
+        case netip.Addr:
+            val := k.ValueAddr()
+            return &val, nil
+        case bool:
+            val := k.ValueBool()
+            return &val, nil
+        case []byte:
+            // Need to copy bytes as they're borrowed
+            val := make([]byte, len(k.ValueBytes()))
+            copy(val, k.ValueBytes())
+            return &val, nil
+        }
+    }
+    return nil, ErrMessageKeyNotFound
+}
+```
+
+### 5. Setting Variables (Actions)
+**Current:**
+```go
+req.Actions.SetVar(action.ScopeTransaction, "remediation", rString)
+```
+
+**Target:**
+```go
+// Use ActionWriter methods with VarScopeTransaction
+writer.SetString(encoding.VarScopeTransaction, "remediation", rString)
+writer.SetInt64(encoding.VarScopeTransaction, "status", int64(status))
+writer.SetBool(encoding.VarScopeTransaction, "ssl", true)
+```
+
+### 6. Server Lifecycle
+**Current:**
+```go
+func (s *Spoa) Serve(ctx context.Context) error {
+    err := s.Server.Serve(listener)
+    // ...
+}
+
+func (s *Spoa) Shutdown(ctx context.Context) error {
+    s.ListenAddr.Close()
+    s.ListenSocket.Close()
+    // ...
+}
+```
+
+**Target:**
+```go
+func (s *Spoa) Serve(ctx context.Context) error {
+    // Store context for use in HandleSPOE
+    s.ctx = ctx
+    
+    // Create agent for each listener
+    agent := spop.Agent{
+        Handler:     s,
+        BaseContext: ctx,
+    }
+    
+    if s.ListenAddr != nil {
+        go agent.Serve(s.ListenAddr)
+    }
+    if s.ListenSocket != nil {
+        go agent.Serve(s.ListenSocket)
+    }
+    
+    <-ctx.Done()
+    return nil
+}
+
+func (s *Spoa) Shutdown(ctx context.Context) error {
+    // Close listeners - agent will handle graceful shutdown
+    if s.ListenAddr != nil {
+        s.ListenAddr.Close()
+    }
+    if s.ListenSocket != nil {
+        s.ListenSocket.Close()
+    }
+    return nil
+}
+```
+
+## Migration Steps
+
+1. **Research Phase**
+   - [ ] Review coraza-spoa repository for implementation examples
+   - [ ] Check dropmorepackets/haproxy-go documentation/API
+   - [ ] Identify all API differences
+
+2. **Dependency Update**
+   - [ ] Update go.mod to add new dependency
+   - [ ] Remove old dependency
+   - [ ] Run `go mod tidy`
+
+3. **Code Migration**
+   - [ ] Update imports
+   - [ ] Refactor Spoa struct fields
+   - [ ] Update New() function
+   - [ ] Update handlerWrapper()
+   - [ ] Update readKeyFromMessage()
+   - [ ] Update all SetVar() calls
+   - [ ] Update Serve() and Shutdown()
+
+4. **Testing**
+   - [ ] Unit tests
+   - [ ] Integration tests with HAProxy
+   - [ ] Performance benchmarking (allocation comparison)
+
+## Key API Differences Summary
+
+### Zero-Allocation Design
+- Uses `encoding.AcquireKVEntry()`/`ReleaseKVEntry()` for KV entry pooling
+- `k.ValueBytes()` returns borrowed slices - must copy if storing
+- Iterator pattern: `for message.KV.Next(k)` instead of map lookup
+
+### Handler Pattern
+- Implements `spop.Handler` interface with `HandleSPOE()` method
+- Receives `writer` and `message` directly (no `request.Request` wrapper)
+- Context passed separately
+
+### Value Extraction
+- `k.ValueBytes()` - returns []byte (borrowed)
+- `k.ValueInt()` - returns int64
+- `k.ValueAddr()` - returns netip.Addr
+- `k.ValueBool()` - returns bool
+- `k.NameBytes()` - returns []byte (borrowed)
+- `k.NameEquals(string)` - compares name efficiently
+
+### Setting Variables
+- `writer.SetString(scope, key, value)`
+- `writer.SetInt64(scope, key, value)`
+- `writer.SetBool(scope, key, value)`
+- Scope: `encoding.VarScopeTransaction`, `encoding.VarScopeSession`, etc.
+
+## Notes
+- The new package is promoted as having "less allocations" - uses pooling and zero-copy where possible
+- Coraza uses this package, so it's production-ready
+- Need to maintain backward compatibility with HAProxy configuration
+- All existing functionality must be preserved
+- KV entry pooling requires careful management - must release entries
+- Byte slices from `ValueBytes()` are borrowed - copy if storing long-term
+
+## References
+- [dropmorepackets/haproxy-go](https://github.com/dropmorepackets/haproxy-go)
+- [coraza-spoa](https://github.com/corazawaf/coraza-spoa) - Example implementation
+