baidu resource enrich

[Center-Sun]

Thank you for your contribution to CloudRec!

What About:

• Server (java)
• Collector (go)
• Rule (opa)

Description:

Two related commits to expand baidu cloud coverage:

1. feat(collector): add baidu ENI and ACL resources (d8c626d)

Adds two previously-uncollected resource types under BAIDU_CLOUD:

• ENI — bcc.Client.ListEnis() across all baidu BCC regions
• ACL — bcc.Client.ListAclEntrys() keyed by VPC

Both follow the flat-instance convention (struct embedding *sdk.Foo + sibling fields), so paths read naturally as $.eniId, $.vpcId, etc.

2. feat(collector): enrich baidu BLB and APPBLB with SDK-omitted fields (8371686)

The baidu Go SDK's BLBModel / AppBLBModel / AppAllListenerModel / AppServerGroupPort structs under-model the actual API responses. Fields the SDK silently drops
are now captured:

API	New fields preserved
GET /v1/blb, GET /v1/appblb	type, underlayVip, expireTime, billingMethod, paymentTiming, performanceLevel, allowModify,
modificationProtectionReason
GET /v1/blb/{id}/listener	backendPortType, healthCheckValid
GET /v1/appblb/{id}/listener	description
GET /v1/appblb/{id}/appservergroup	portList[].healthCheckValid

Each affected Detail field switches to a struct that embeds the SDK type and appends the missing fields, so existing JSONPaths ($.Blb.blbId, $.AppBLB.name,
$.AppServerGroupList[].portList[].port, etc.) are preserved bit-for-bit. New fields appear as parallel siblings under the same wrapper.

The SDK's typed DescribeLoadBalancers / DescribeAllListeners / DescribeAppServerGroup calls are replaced with direct bce.RequestBuilder calls bound to the same
URI and pagination contract, so the request count is unchanged — a single API call now feeds both the SDK-modeled and new fields.

Validation

End-to-end run against two production-style baidu cloud accounts:

• 5 BLB rows + 609 APPBLB rows upserted into cloud_resource_instance_v1
• Every fresh $.Blb.* and $.AppBLB.* instance has exactly 23 keys = 15 SDK-modeled + 8 newly preserved
• description populated on 608/608 APPBLBs with non-empty listeners (1 CCE-managed BLB with listenerList=[] returns null — same behavior as pre-change SDK call)
• portList[].healthCheckValid populated on 15/15 APPBLBs with non-empty portList
• All pre-existing field paths under $.Blb.* / $.AppBLB.* resolve unchanged

[gemini-code-assist]

Code Review

This pull request adds support for collecting ENI and ACL resources from Baidu Cloud and enhances the BLB and AppBLB collectors by introducing 'enriched' structs and custom request builders to capture API fields missing from the standard SDK. The review feedback identifies a high-severity issue with an incorrect JSONPath for ENI addresses, suggests refactoring duplicated client initialization logic in services.go, and points out several instances in the BLB collectors where API errors are swallowed, which could result in incomplete resource data.

[gemini-code-assist]

The JSONPath $.privateIpSet[0].publicIpAddress is likely incorrect. The eni.Eni struct in the Baidu SDK contains privateIpAddress within the privateIpSet elements, but does not include a publicIpAddress field. Since the collector uses the SDK struct, this field will be missing in the serialized JSON, and the JSONPath will fail to resolve. If the intention is to capture the primary private IP, please use $.privateIpSet[0].privateIpAddress.

Suggested change

	Address: "$.privateIpSet[0].publicIpAddress",
	Address: "$.privateIpSet[0].privateIpAddress",

[gemini-code-assist]

The initialization logic for VPCClient is duplicated across the VPC, ACL, and ENI resource types. This can be refactored to reduce redundancy and improve maintainability.

Suggested change

	case VPC, ACL:
	vpcClient, err := vpc.NewClient(param.AK, param.SK, param.Region)
	if err != nil {
	log.GetWLogger().Warn(fmt.Sprintf("init vpc client failed, err: %s", err))
	}
	s.VPCClient = vpcClient
	case ENI:
	vpcClient, err := vpc.NewClient(param.AK, param.SK, param.Region)
	if err != nil {
	log.GetWLogger().Warn(fmt.Sprintf("init vpc client failed, err: %s", err))
	}
	s.VPCClient = vpcClient
	eniClient, err := eni.NewClient(param.AK, param.SK, param.Region)
	if err != nil {
	log.GetWLogger().Warn(fmt.Sprintf("init eni client failed, err: %s", err))
	}
	s.ENIClient = eniClient
	case VPC, ACL, ENI:
	vpcClient, err := vpc.NewClient(param.AK, param.SK, param.Region)
	if err != nil {
	log.GetWLogger().Warn(fmt.Sprintf("init vpc client failed, err: %s", err))
	}
	s.VPCClient = vpcClient
	if cloudAccountParam.ResourceType == ENI {
	eniClient, err := eni.NewClient(param.AK, param.SK, param.Region)
	if err != nil {
	log.GetWLogger().Warn(fmt.Sprintf("init eni client failed, err: %s", err))
	}
	s.ENIClient = eniClient
	}

[gemini-code-assist]

The function describeAppAllListeners (and similarly describeAppServerGroup at line 207) swallows errors from the API call, returning a potentially empty or partial list without notifying the caller. This can lead to incomplete resource data being collected silently. Consider updating these functions to return an error along with the results, allowing the caller to handle API failures more robustly.

[gemini-code-assist]

The function describeAllListeners swallows errors from the rb.Do() call. If the API request fails, it returns an empty or partial list, which might result in incomplete data collection. It is recommended to return the error to the caller for better error handling and visibility.