feat: Add SNS publisher module

[laouji]

Fixes: BAN-13

[coderabbitai]

"""

Walkthrough

This change introduces support for AWS SNS publishing in the CLI tooling. It adds CLI flags to enable SNS publishing and configure endpoint overrides, updates configuration structures, and integrates a new SNS publisher module using Uber Fx for dependency injection. The SNS module handles credentials, endpoint overrides, and resource cleanup.

Changes

File(s)	Change Summary
publish/cli.go	Added SNS publishing support: new CLI flags, config fields, logic in FXModuleFromFlags for SNS.
publish/sns.go	Introduced SNS publisher creation and Fx module for dependency injection and configuration.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant CLI
    participant FX
    participant SNSPublisher
    participant AWS

    User->>CLI: Run command with --publisher-sns-enabled
    CLI->>FX: Initialize modules with SNS options
    FX->>SNSPublisher: Construct with config, endpoint, credentials
    SNSPublisher->>AWS: Load config, resolve endpoint/credentials
    SNSPublisher->>SNSPublisher: Create publisher, manage lifecycle
    SNSPublisher-->>FX: Provide publisher instance

Loading

Assessment against linked issues

Objective	Addressed	Explanation
Add middleware to enable publishing SNS messages (BAN-13)	✅

Possibly related PRs

• feat: Add sqs listener capabilities to publish module #449: Adds SQS subscription support with similar CLI and module patterns, showing a related approach to AWS messaging integration.

Suggested reviewers

• gfyrag

Poem

In the warren, code hops anew,
SNS flags sprout in morning dew.
Publishers leap, endpoints override,
Messages sent on a cloud-borne ride.
🐇 With every hop, a feature grows—
Now SNS in our toolkit shows!
"""

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7eeca03 and 936d53e.

📒 Files selected for processing (1)

• publish/cli.go (6 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• publish/cli.go

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Ci
• GitHub Check: Analyze (go)

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch BAN-13

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai auto-generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 88 lines in your changes missing coverage. Please review.

Project coverage is 33.07%. Comparing base (77b10b7) to head (936d53e).
Report is 2 commits behind head on main.

Files with missing lines	Patch %	Lines
publish/sns.go	0.00%	65 Missing ⚠️
publish/cli.go	0.00%	23 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #463      +/-   ##
==========================================
- Coverage   33.55%   33.07%   -0.49%     
==========================================
  Files         130      131       +1     
  Lines        5507     5587      +80     
==========================================
  Hits         1848     1848              
- Misses       3550     3630      +80     
  Partials      109      109              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

publish/sns.go (1)

26-29: Use a constant for the default account ID.

The hardcoded account ID should be defined as a constant for better maintainability and clarity.

+const defaultDevAccountID = "000000000000"
+
 func NewSnsPublisher(cmd *cobra.Command, logger watermill.LoggerAdapter, config aws.Config, optFns []func(*snsservice.Options)) (*sns.Publisher, error) {
 	credentials, err := config.Credentials.Retrieve(cmd.Context())
 	if err != nil {
 		return nil, fmt.Errorf("failed to fetch credentials: %w", err)
 	}
-	accountID := "000000000000" // if we are using a static credentials provider in a dev env, it may be empty
+	accountID := defaultDevAccountID // if we are using a static credentials provider in a dev env, it may be empty
 	if credentials.AccountID != "" {
 		accountID = credentials.AccountID
 	}

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 77b10b7 and 7eeca03.

⛔ Files ignored due to path filters (2)

• go.mod is excluded by !**/*.mod
• go.sum is excluded by !**/*.sum, !**/*.sum

📒 Files selected for processing (2)

• publish/cli.go (6 hunks)
• publish/sns.go (1 hunks)

🧰 Additional context used

🧬 Code Graph Analysis (1)

publish/sns.go (1)

service/context.go (1)

• IsDebug (54-60)

🪛 GitHub Check: codecov/patch

publish/sns.go

[warning] 21-29: publish/sns.go#L21-L29
Added lines #L21 - L29 were not covered by tests

---

[warning] 31-34: publish/sns.go#L31-L34
Added lines #L31 - L34 were not covered by tests

---

[warning] 36-41: publish/sns.go#L36-L41
Added lines #L36 - L41 were not covered by tests

---

[warning] 44-55: publish/sns.go#L44-L55
Added lines #L44 - L55 were not covered by tests

---

[warning] 59-64: publish/sns.go#L59-L64
Added lines #L59 - L64 were not covered by tests

---

[warning] 68-72: publish/sns.go#L68-L72
Added lines #L68 - L72 were not covered by tests

---

[warning] 74-83: publish/sns.go#L74-L83
Added lines #L74 - L83 were not covered by tests

---

[warning] 87-95: publish/sns.go#L87-L95
Added lines #L87 - L95 were not covered by tests

---

[warning] 97-97: publish/sns.go#L97
Added line #L97 was not covered by tests

---

[warning] 100-102: publish/sns.go#L100-L102
Added lines #L100 - L102 were not covered by tests

publish/cli.go

[warning] 157-160: publish/cli.go#L157-L160
Added lines #L157 - L160 were not covered by tests

---

[warning] 221-221: publish/cli.go#L221
Added line #L221 was not covered by tests

---

[warning] 247-254: publish/cli.go#L247-L254
Added lines #L247 - L254 were not covered by tests

🔇 Additional comments (2)

publish/cli.go (1)

157-160: Add test coverage for the new SNS flags.

The static analysis indicates these lines lack test coverage. Please add tests to verify that the SNS flags are properly registered and can be retrieved from the command.

publish/sns.go (1)

44-104: Well-implemented Fx module with proper lifecycle management.

The SNS module implementation is well-structured with:

• Appropriate handling of development environments via endpoint overrides
• Proper lifecycle management with cleanup on shutdown
• Good separation of concerns across providers

However, the static analysis indicates this entire module lacks test coverage. Please add comprehensive tests to verify the module behavior in both production and development scenarios.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Clarify the fallthrough pattern and potential duplicate IAM loading.

The fallthrough from the SQS case to the SNS case allows both modules to be enabled simultaneously. This design has potential issues:

1. When both SQS and SNS are enabled, the IAM loading options will be supplied twice with potentially conflicting tag names (name:"publish-sqs-enabled" and name:"publish-sns-enabled").
2. The comment "we might have both a sqs listener and a sns publisher" suggests this is intentional, but the implementation could cause issues with dependency injection.

Consider separating the cases or using a different approach to handle when both are enabled.

Additionally, please add test coverage for this configuration logic.

---

🏁 Script executed:

#!/bin/bash
# Description: Check if there are any existing tests for the FXModuleFromFlags function
# and verify how other messaging systems handle multiple enabled flags

# Search for existing tests of FXModuleFromFlags
rg -A 10 "TestFXModuleFromFlags|Test.*FromFlags" --glob "**/*test*.go"

# Check how IAM loading is used in other parts of the codebase
ast-grep --pattern 'iam.LoadOptionFromCommand($$$)'

# Look for other uses of fx.Supply with tag annotations
rg -A 2 'fx\.Supply.*fx\.Annotate.*fx\.ResultTags'

Length of output: 1279

---

Publish CLI: clarify fallthrough logic and add missing tests

The fallthrough from the SQS case into the SNS case is intentional (per the inline comment), and because we annotate the IAM options with distinct tags (publish-sqs-enabled vs. publish-sns-enabled), there’s no collision at runtime. However, this pattern can be hard to read and isn’t covered by existing tests. Please:

• Refactor the switch/fallthrough in publish/cli.go into two independent if blocks (one for SQS, one for SNS) to make the intent clearer.
• Verify that each call to iam.LoadOptionFromCommand(cmd) uses a unique fx.ResultTags value to avoid any ambiguity.
• Add unit tests for FXModuleFromFlags covering:
  • SQS-only enabled
  • SNS-only enabled
  • Both SQS and SNS enabled

Tests can live alongside the existing TestFXModuleFromFlags in licence/cli_test.go or in a new publish/cli_test.go.

🧰 Tools

🪛 GitHub Check: codecov/patch

[warning] 247-254: publish/cli.go#L247-L254
Added lines #L247 - L254 were not covered by tests

🤖 Prompt for AI Agents

In publish/cli.go around lines 247 to 254, refactor the switch statement with
fallthrough into two separate if blocks, one checking if SQS is enabled and the
other if SNS is enabled, to improve code clarity. Ensure each call to
iam.LoadOptionFromCommand(cmd) is annotated with a unique fx.ResultTags value to
prevent runtime collisions. Then, add unit tests for the FXModuleFromFlags
function covering three scenarios: SQS-only enabled, SNS-only enabled, and both
enabled. Place these tests either in licence/cli_test.go alongside
TestFXModuleFromFlags or create a new publish/cli_test.go file.

[fguery]

we can have SQS listener & publisher, likewise for SNS right?
Also I might be wrong, but I think the fallthrough will execute even if the condition is false -- so if you have sqsEnabled, you'll always setup sns -- is it what we want?

[laouji]

yes cursor actually caught the same bug. I guess I need to come up with something a bit more robust so that it's possible to specify just SQS or SQS + SNS

[laouji]

Please see my most recent commit!