feat(core): Add namespace get/query by FQN

[Doom4535]

This adds support for querying the results based on the namespace FQN. I was originally planning to target the returned 'name' but the platform/sdk doesn't currently provide a nice way to do that with out adding in some new logic. This code adds a new flag option for policy attributes namespace get of -n and --fqn; I nearly put these down as -u and --url as the current behavior of the sdk forces the FQN to be treated as a URL.

Note: I don't believe the OpenTDF/platform is treating the FQN properly by forcing it to a URL, which would also prevent the need to add new logic to bypass the forced checks for http:// and https://.

Usage example:

otdfctl$ ./otdfctl --host https://platform.opentdf.local:8443 --tls-no-verify --log-level debug --with-client-creds '{"clientId":"opentdf","clientSecret":"secret"}' --json policy attributes namespaces get --fqn http://opentdf.io
{
  "id": "8a6063eb-1235-49b9-88b2-f74e34ebf89c",
  "name": "opentdf.io",
  "fqn": "https://opentdf.io",
  "active": {
    "value": true
  },
  "metadata": {
    "created_at": {
      "seconds": 1766163705,
      "nanos": 515548000
    },
    "updated_at": {
      "seconds": 1766163705,
      "nanos": 515548000
    }
  }
}

[gemini-code-assist]

Summary of Changes

Hello @Doom4535, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request enhances the otdfctl command-line interface by enabling users to retrieve attribute namespaces not only by their unique ID but also by their Fully Qualified Name (FQN). It introduces a new --fqn flag for the policy attributes namespaces get command, along with robust validation to ensure proper usage of either the ID or FQN for querying. A key aspect highlighted is the current requirement to provide FQNs as full URLs due to the underlying SDK's behavior.

Highlights

• Feature: Introduced the ability to query attribute namespaces using their Fully Qualified Name (FQN).
• CLI Enhancement: Added a new command-line flag, -n or --fqn, to the policy attributes namespaces get command for FQN-based lookups.
• Flag Logic: Implemented logic to ensure that the id and fqn flags are mutually exclusive and that one of them is always provided when getting a namespace.
• SDK Interaction: Noted that the underlying platform/sdk currently treats FQNs as URLs, necessitating the inclusion of a protocol (e.g., http:// or https://) when using the --fqn flag.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a valuable feature for querying namespaces by FQN. The implementation is solid, including a well-commented workaround for cobra's flag handling limitations. The documentation updates are also clear and helpful.

However, a critical aspect is missing: tests. The end-to-end tests in e2e/namespaces.bats have not been updated to reflect these changes. This will likely break existing tests for the get command and leaves the new functionality untested. This is a high-severity issue that should be addressed. Please add tests for the --fqn flag, including success cases and failure cases (e.g., using --id and --fqn together), and update existing tests as needed.

I've also left one comment with a suggestion to make the code a bit more concise.

[Doom4535]

For details on the need to add custom logic for the mutually exclusive flags, see: #728

[gemini-code-assist]

Code Review

This pull request introduces a valuable feature by allowing namespaces to be queried by their Fully Qualified Name (FQN). The implementation correctly adds a new flag and handles the mutual exclusivity with the existing ID flag. My review focuses on improving code clarity, ensuring correct error handling, and fixing issues in the e2e tests to make them more robust and ensure they accurately validate the new functionality. There are some minor opportunities for code improvement and more significant issues with the test cases, including a potentially fragile assumption in the test setup and incorrect assertions for error messages.

[jakedoublev]

Thanks for opening this, and for adding unit tests and examples! Much appreciated. Would you please update this enhancement to employ the patterns set here to utilize the Cobra markings during initialization and its own error messaging?

[Doom4535]

@jakedoublev

Thanks for opening this, and for adding unit tests and examples! Much appreciated. Would you please update this enhancement to employ the patterns set here to utilize the Cobra markings during initialization and its own error messaging?

Awesome, done.