Lint for cross-system imports only happening to root of systems

[mshustov]

Problem

Client and side parts of the core and plugins should expose their contracts explicitly via index.js files.
Direct imports from core/server/foo/..., core/public/foo/..., src/plugins/bar/public/..., src/plugins/bar/server/... should be restricted by linter.

Considered options

• use linter. There are 2 types of files in codebase: js & ts, we have to setup linters for both. Disadvantages: setup twice and manual synchronization (until tslint merges into eslint this year)
• use a separate tool for check - webpack plugin or CLI utility. Disadvantages: The check is run on late stage, on CI or as a pre-commit hook.

I decided to go with the former option as providing better DX.

Requirements

Linter should block attempts to import from module internals. This way we force a module to declare public interface explicitly.
Linter should check only product code, because quite often in tests and dev-utils we want to manipulate module internals, mock a part of a module, for example.

eslint

PR #33697
import/no-restricted-paths uses a similar approach with zones.

Restrict import from sibling folders

Now src/plugins/foo/foo.js can import from src/plugins/bar/bar.js. Such restriction is not supported by import/no-restricted-paths, will be implemented as a separate plugin.

tslint

PR: #34688

PR on hold, waits migration from tslint to eslint #33562

I start with tslint setup. There is import-blacklist rule, which implemented in the last version.

  import-blacklist:
    - true
    -
      - "core/public/(?!utils)."
      - "core/server/(?!utils)."
      - "^(?!x-pack).*\/plugins.*server\/"
      - "^(?!x-pack).*\/plugins.*public\/."

The problem with it this approach that restrictions are applied for the whole project, we cannot exclude or override settings for specific path and this feature won't be implemented palantir/tslint#3447
Also, because it's simple string check without file path resolution, we cannot limit access when import expression doesn't contain the full path(say one plugin import internals of another from sibling folder import * from '../sibling_folder/server/types.ts.

I decided to go with https://github.com/vladimiry/tslint-rules-bunch as this rule provides granular setup for a specific path with glob syntax and uses file path resolution mechanism internally.

Related issues

Export types from root of systems
#33963

[elasticmachine]

Pinging @elastic/kibana-platform