chore(cli): Refactor file/function naming.

[c-r33d]

Summary

This PR refactors the otdfctl namespaced policy migration/prune flow to make the code layout and public API more explicit, removes unused migration run tracking, and exposes the migrate command tree in the CLI.

Key Changes

• Renamed generic migration files to migration-specific names such as migration_planner.go, migration_plan.go, and migration_finalize_plan.go.
• Renamed migration types and constructors for clarity:
  • Planner -> MigrationPlanner
  • NewPlanner(...) -> NewMigrationPlanner(...)
  • Plan -> MigrationPlan
• Split shared execution/review concepts into explicit migration and prune flows:
  • introduced MigrationExecutor and PruneExecutor
  • renamed execute.go to migration_execute.go
  • renamed Execute() to ExecuteMigration()
  • renamed validatePlan()-style migration validation to validateMigrationPlan()
• Moved migration-specific interactive commit confirmation logic out of interactive_commit.go into migration_commit_confirmation.go
  • ReviewNamespacedPolicyInteractiveCommit(...) -> ConfirmMigrationPlan(...)
• Kept shared interactive backup/prompt helpers in interactive_commit.go
• Moved prune-specific errors into prune_execute.go

Behavior Changes

• Removed run_id from execution results and related code paths.
• Removed the migration_run metadata label from namespaced policy migration output and tests.
• Updated BATS coverage to stop asserting on migration_run.
• Made migrate, migrate prune, and their namespaced-policy commands visible in the CLI instead of hidden.

Summary by CodeRabbit

Release Notes

• New Features

  • Added interactive prompts to confirm backup completion before migration commits and during cleanup operations.

• Bug Fixes

  • Removed legacy run-tracking metadata labels from migrated resources; migration history now tracked solely through source identifiers.

• Documentation

  • Updated migration command documentation to clarify available workflows and flag usage.

• Chores

  • Unhid migrate and prune commands, making them available in CLI help.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: c1656111-0765-4d38-9b7f-9403281378c5

📥 Commits

Reviewing files that changed from the base of the PR and between eae8645 and 66647fc.

📒 Files selected for processing (30)

• otdfctl/cmd/migrate/namespaced_policy.go
• otdfctl/cmd/migrate/prune/namespaced_policy.go
• otdfctl/cmd/migrate/prune/prune.go
• otdfctl/docs/man/migrate/_index.md
• otdfctl/e2e/migrate-namespaced-policy.bats
• otdfctl/migrations/namespacedpolicy/actions_execute.go
• otdfctl/migrations/namespacedpolicy/actions_execute_test.go
• otdfctl/migrations/namespacedpolicy/backup_confirmation.go
• otdfctl/migrations/namespacedpolicy/migration_commit_confirmation.go
• otdfctl/migrations/namespacedpolicy/migration_commit_confirmation_test.go
• otdfctl/migrations/namespacedpolicy/migration_execute.go
• otdfctl/migrations/namespacedpolicy/migration_finalize_plan.go
• otdfctl/migrations/namespacedpolicy/migration_finalize_plan_test.go
• otdfctl/migrations/namespacedpolicy/migration_plan.go
• otdfctl/migrations/namespacedpolicy/migration_plan_test.go
• otdfctl/migrations/namespacedpolicy/migration_planner.go
• otdfctl/migrations/namespacedpolicy/migration_planner_test.go
• otdfctl/migrations/namespacedpolicy/migration_summary.go
• otdfctl/migrations/namespacedpolicy/migration_summary_test.go
• otdfctl/migrations/namespacedpolicy/obligation_triggers_execute.go
• otdfctl/migrations/namespacedpolicy/obligation_triggers_execute_test.go
• otdfctl/migrations/namespacedpolicy/prune_execute.go
• otdfctl/migrations/namespacedpolicy/prune_execute_test.go
• otdfctl/migrations/namespacedpolicy/prune_planner.go
• otdfctl/migrations/namespacedpolicy/registered_resources_execute.go
• otdfctl/migrations/namespacedpolicy/registered_resources_execute_test.go
• otdfctl/migrations/namespacedpolicy/subject_condition_sets_execute.go
• otdfctl/migrations/namespacedpolicy/subject_condition_sets_execute_test.go
• otdfctl/migrations/namespacedpolicy/subject_mappings_execute.go
• otdfctl/migrations/namespacedpolicy/subject_mappings_execute_test.go

💤 Files with no reviewable changes (1)

• otdfctl/cmd/migrate/prune/prune.go

---

📝 Walkthrough

Walkthrough

This PR renames the core namespaced policy migration APIs from Planner/Plan/Executor to MigrationPlanner/MigrationPlan/MigrationExecutor, removes the RunID field from ExecutionResult to simplify metadata (keeping only the migrated_from label), introduces a new PruneExecutor type, adds interactive backup confirmation, and updates all CLI commands, tests, and documentation accordingly.

Changes

Namespaced Policy Migration API Refactoring

Layer / File(s)	Summary
Plan/Executor/Planner API Type Renames otdfctl/migrations/namespacedpolicy/migration_plan.go, migration_execute.go, migration_planner.go, migration_plan_test.go	Rename exported types: Plan → MigrationPlan, Executor → MigrationExecutor, Planner → MigrationPlanner; remove RunID field from ExecutionResult struct; update all lookup methods and constructors.
Executor Methods Migration otdfctl/migrations/namespacedpolicy/actions_execute.go, subject_condition_sets_execute.go, subject_mappings_execute.go, registered_resources_execute.go, obligation_triggers_execute.go, *_execute_test.go	Move all executor methods from *Executor receiver to *MigrationExecutor; remove RunID assignments from all ExecutionResult initialization in success and error paths across action, subject-mapping, registered-resource, and obligation-trigger handlers.
Plan Finalization and Summary Updates otdfctl/migrations/namespacedpolicy/migration_finalize_plan.go, migration_summary.go, migration_summary_test.go	Update finalizePlan and planFinalizer.build to return *MigrationPlan; propagate *MigrationPlan type through all summary rendering entrypoints and section builders.
PruneExecutor Introduction otdfctl/migrations/namespacedpolicy/prune_execute.go, prune_planner.go, prune_execute_test.go	Introduce new PruneExecutor struct and NewPruneExecutor constructor; update prune scope handlers to be methods on PruneExecutor; update PrunePlanner to use MigrationPlanner; update prune execution result recording to omit RunID.
Interactive Backup Confirmation otdfctl/migrations/namespacedpolicy/backup_confirmation.go	Add new file with ConfirmNamespacedPolicyBackup and ConfirmNamespacedPolicyPruneBackup exported functions; define interactive selection handling and backup confirmation error states.
Migration Commit and Confirmation Flow otdfctl/migrations/namespacedpolicy/migration_commit_confirmation.go, migration_commit_confirmation_test.go	Reorganize prompt text constants; rename ReviewNamespacedPolicyInteractiveCommit to ConfirmMigrationPlan; introduce interactiveCommitReviewState to track skip reasons for actions and propagate to dependents; update all prompt helpers to accept *MigrationPlan.
CLI Command Wiring and Visibility otdfctl/cmd/migrate/namespaced_policy.go, cmd/migrate/prune/namespaced_policy.go, cmd/migrate/prune/prune.go, docs/man/migrate/_index.md	Remove doc.Hidden from migrate and prune commands to make them visible; update migrate command to construct MigrationPlanner and MigrationExecutor; update prune command to construct PruneExecutor; update documentation to describe migrate command purpose and shared flags.
E2E Test Updates for Metadata Simplification otdfctl/e2e/migrate-namespaced-policy.bats	Remove all assertions checking for the legacy migration_run metadata label on migrated targets; update assert_metadata_labels_preserved to ignore only migrated_from; remove migration_run label from test fixture seeding across all prune scenarios.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• opentdf/platform#3363: Updates E2E assertions in migrate-namespaced-policy.bats to rely on migrated_from label instead of planner-run metadata expectations.
• opentdf/platform#3458: Modifies prune workflow code including prune executor logic and how execution results record IDs (Executor vs PruneExecutor/RunID handling).
• opentdf/platform#3456: Adds prune-summary rendering using prune-plan item ExecutionResult fields that this PR updates by removing RunID.

Suggested labels

comp:policy, size/l

Suggested reviewers

• elizabethhealy
• alkalescent

Poem

🐇 The migration dance is now more clear,
With names that whisper what they do,
No run ID trails in metadata here—
Just migrated_from, the source shines through!
The prune and confirm paths join the show,
Simpler, stronger, ready to grow! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 2.86% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore(cli): Refactor file/function naming.' is partially related to the changeset. It accurately describes a major aspect of the change (renaming files and functions), but omits the significant behavior changes (removing run_id tracking, hiding/unhiding commands, and refactoring execution flows) and structural reorganization that are equally important to this refactor.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch refactor-file-names

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refactors the otdfctl namespaced policy migration and prune flows to improve code layout and API explicitness. By renaming key components, separating execution responsibilities, and removing unused metadata tracking, the codebase becomes more maintainable. Additionally, the changes expose previously hidden CLI commands and update end-to-end tests to align with the new structural improvements.

Highlights

• Refactoring and Renaming: Renamed core migration files and types for better clarity, including changing Planner to MigrationPlanner and updating execution-related file names.
• Separation of Concerns: Split execution logic into distinct MigrationExecutor and PruneExecutor classes to better handle their respective flows.
• Metadata Cleanup: Removed run_id and migration_run metadata labels from execution results and updated BATS tests to remove related assertions.
• CLI Visibility: Updated the CLI to make migrate, migrate prune, and their associated namespaced-policy commands visible instead of hidden.
• Interactive Logic Consolidation: Moved interactive commit confirmation logic into a dedicated file, migration_commit_confirmation.go, for better organization.

New Features

🧠 You can now enable Memory (public preview) to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

---

The code was messy, names were vague, Refactoring made it quite the plague. But now it's clean, the flow is clear, Migration paths have lost their fear.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request refactors the migration and pruning logic by renaming core types—such as Plan to MigrationPlan and Executor to MigrationExecutor—and removing the runID tracking system. Additionally, it exposes migration commands by removing their hidden status and introduces a new backup_confirmation.go file for interactive user prompts. Feedback indicates that the direct use of fmt.Println in the backup confirmation logic should be integrated into the prompter abstraction to ensure consistent terminal output and avoid potential layout issues with the TUI.

[github-actions]

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	140.017956ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	72.209607ms

Benchmark Statistics

Name	№ Requests	Avg Duration	Min Duration	Max Duration

Bulk Benchmark Results

Metric	Value
Total Decrypts	100
Successful Decrypts	100
Failed Decrypts	0
Total Time	334.225718ms
Throughput	299.20 requests/second

TDF3 Benchmark Results:

Metric	Value
Total Requests	5000
Successful Requests	5000
Failed Requests	0
Concurrent Requests	50
Total Time	33.517049466s
Average Latency	333.742382ms
Throughput	149.18 requests/second

[github-actions]

⚠️ Govulncheck found vulnerabilities ⚠️

The following modules have known vulnerabilities:

• examples
• otdfctl
• sdk
• service
• lib/fixtures
• tests-bdd

See the workflow run for details.

[github-actions]

X-Test Failure Report

✅ go@main-pull-3490
bats-test-results
✅ java@main-pull-3490
✅ js@main-pull-3490
✅ java@main-v0.9.0
✅ js@main-v0.9.0
cukes-report
opentdfplatformA7U2V0.dockerbuild
govulncheck-failure-8
govulncheck-failure-5
govulncheck-failure-1
govulncheck-failure-3
govulncheck-failure-2
govulncheck-failure-0

[github-actions]

X-Test Results

✅ go@main-v0.9.0
✅ go@main-pull-3490
bats-test-results
✅ java@main-pull-3490
✅ js@main-pull-3490
✅ java@main-v0.9.0
✅ js@main-v0.9.0
cukes-report
opentdfplatformA7U2V0.dockerbuild
govulncheck-failure-8
govulncheck-failure-5
govulncheck-failure-1
govulncheck-failure-3
govulncheck-failure-2
govulncheck-failure-0