Skip to content

Populate transform stage metadata, resource inventory, whiteout and ignored-patches reports #300

Description

@stillalearner

Title

feat(audit): populate transform stage metadata, resource inventory, whiteout and ignored-patches reports

Output: what changes

Today — path helpers exist for .crane-metadata.json, whiteouts.json, and ignored-patches.json but the files are never written. IgnoredOps is hardcoded to [] despite the runner returning data.

After this issue — every transform stage produces four audit files:

transform/10_KubernetesPlugin/
├── .crane-metadata.json           # stage context: plugins, counts, duration
├── reports/
│   ├── resource-inventory.json    # per-resource outcome (patched/whited-out/unchanged)
│   └── ignored-patches.json       # patch conflicts and their resolution
└── whiteouts/
    └── whiteouts.json             # which resources were excluded

Example .crane-metadata.json:

{
  "schemaVersion": "v1",
  "stageName": "10_KubernetesPlugin",
  "timestamp": "2026-04-18T14:33:15Z",
  "duration": "3.2s",
  "plugins": [{"name": "KubernetesTransformPlugin", "version": "v0.0.1"}],
  "summary": {
    "totalResources": 47,
    "patched": 32,
    "whitedOut": 8,
    "unchanged": 7,
    "ignoredPatchConflicts": 3
  }
}

Example resource-inventory.json:

{
  "schemaVersion": "v1",
  "resources": [
    {
      "kind": "Deployment", "namespace": "my-app", "name": "frontend",
      "outcome": "patched", "patchCount": 5, "pluginName": "KubernetesTransformPlugin"
    },
    {
      "kind": "Endpoints", "namespace": "my-app", "name": "frontend",
      "outcome": "whited-out", "pluginName": "KubernetesTransformPlugin"
    }
  ]
}

Description

Context

The codebase already has PathOpts methods for these file paths and IgnoredOperation/TransformArtifact structs with the data — but the CLI never writes the files and hardcodes IgnoredOps: []. This issue connects existing plumbing.

User outcome

  • Auditors can trace every resource's journey through the transform stage.
  • Support engineers can answer "why was this resource whited out?" or "which patches were dropped?" from files, not guesswork.

Scope

  • Fix IgnoredOps TODO (orchestrator.go:86,215): parse response.IgnoredPatches instead of hardcoding [].
  • Write .crane-metadata.json in WriteStage() with stage name, plugins, counts, duration.
  • Write resource-inventory.json per stage from TransformArtifact data.
  • Write whiteouts.json from whited-out artifacts.
  • Write ignored-patches.json from parsed IgnoredOps.

Acceptance criteria

  • IgnoredOps is populated from response.IgnoredPatches — no longer hardcoded [].
  • .crane-metadata.json written per stage with plugin list and summary counts.
  • resource-inventory.json written per stage with per-resource outcome.
  • whiteouts.json written per stage listing whited-out resources.
  • ignored-patches.json written per stage with conflict details (if any conflicts exist).
  • All files use existing PathOpts path helpers.
  • go test ./... passes.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    Status
    Todo

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions