Title
feat(audit): populate transform stage metadata, resource inventory, whiteout and ignored-patches reports
Output: what changes
Today — path helpers exist for .crane-metadata.json, whiteouts.json, and ignored-patches.json but the files are never written. IgnoredOps is hardcoded to [] despite the runner returning data.
After this issue — every transform stage produces four audit files:
transform/10_KubernetesPlugin/
├── .crane-metadata.json # stage context: plugins, counts, duration
├── reports/
│ ├── resource-inventory.json # per-resource outcome (patched/whited-out/unchanged)
│ └── ignored-patches.json # patch conflicts and their resolution
└── whiteouts/
└── whiteouts.json # which resources were excluded
Example .crane-metadata.json:
{
"schemaVersion": "v1",
"stageName": "10_KubernetesPlugin",
"timestamp": "2026-04-18T14:33:15Z",
"duration": "3.2s",
"plugins": [{"name": "KubernetesTransformPlugin", "version": "v0.0.1"}],
"summary": {
"totalResources": 47,
"patched": 32,
"whitedOut": 8,
"unchanged": 7,
"ignoredPatchConflicts": 3
}
}
Example resource-inventory.json:
{
"schemaVersion": "v1",
"resources": [
{
"kind": "Deployment", "namespace": "my-app", "name": "frontend",
"outcome": "patched", "patchCount": 5, "pluginName": "KubernetesTransformPlugin"
},
{
"kind": "Endpoints", "namespace": "my-app", "name": "frontend",
"outcome": "whited-out", "pluginName": "KubernetesTransformPlugin"
}
]
}
Description
Context
The codebase already has PathOpts methods for these file paths and IgnoredOperation/TransformArtifact structs with the data — but the CLI never writes the files and hardcodes IgnoredOps: []. This issue connects existing plumbing.
User outcome
- Auditors can trace every resource's journey through the transform stage.
- Support engineers can answer "why was this resource whited out?" or "which patches were dropped?" from files, not guesswork.
Scope
- Fix
IgnoredOps TODO (orchestrator.go:86,215): parse response.IgnoredPatches instead of hardcoding [].
- Write
.crane-metadata.json in WriteStage() with stage name, plugins, counts, duration.
- Write
resource-inventory.json per stage from TransformArtifact data.
- Write
whiteouts.json from whited-out artifacts.
- Write
ignored-patches.json from parsed IgnoredOps.
Acceptance criteria
Title
feat(audit): populate transform stage metadata, resource inventory, whiteout and ignored-patches reportsOutput: what changes
Today — path helpers exist for
.crane-metadata.json,whiteouts.json, andignored-patches.jsonbut the files are never written.IgnoredOpsis hardcoded to[]despite the runner returning data.After this issue — every transform stage produces four audit files:
Example
.crane-metadata.json:{ "schemaVersion": "v1", "stageName": "10_KubernetesPlugin", "timestamp": "2026-04-18T14:33:15Z", "duration": "3.2s", "plugins": [{"name": "KubernetesTransformPlugin", "version": "v0.0.1"}], "summary": { "totalResources": 47, "patched": 32, "whitedOut": 8, "unchanged": 7, "ignoredPatchConflicts": 3 } }Example
resource-inventory.json:{ "schemaVersion": "v1", "resources": [ { "kind": "Deployment", "namespace": "my-app", "name": "frontend", "outcome": "patched", "patchCount": 5, "pluginName": "KubernetesTransformPlugin" }, { "kind": "Endpoints", "namespace": "my-app", "name": "frontend", "outcome": "whited-out", "pluginName": "KubernetesTransformPlugin" } ] }Description
Context
The codebase already has
PathOptsmethods for these file paths andIgnoredOperation/TransformArtifactstructs with the data — but the CLI never writes the files and hardcodesIgnoredOps: []. This issue connects existing plumbing.User outcome
Scope
IgnoredOpsTODO (orchestrator.go:86,215): parseresponse.IgnoredPatchesinstead of hardcoding[]..crane-metadata.jsoninWriteStage()with stage name, plugins, counts, duration.resource-inventory.jsonper stage fromTransformArtifactdata.whiteouts.jsonfrom whited-out artifacts.ignored-patches.jsonfrom parsedIgnoredOps.Acceptance criteria
IgnoredOpsis populated fromresponse.IgnoredPatches— no longer hardcoded[]..crane-metadata.jsonwritten per stage with plugin list and summary counts.resource-inventory.jsonwritten per stage with per-resource outcome.whiteouts.jsonwritten per stage listing whited-out resources.ignored-patches.jsonwritten per stage with conflict details (if any conflicts exist).PathOptspath helpers.go test ./...passes.