From 18944bda0f74bdef2b089e9b4a6d53e59a029f74 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Thu, 17 Apr 2025 15:33:37 -0400 Subject: [PATCH 01/19] Add trivial change to README See boot.dev lesson with UUID 'c140afde-0a53-4086-873f-0785b6fa4618'. --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index c2bec0368b..6ef010f3e2 100644 --- a/README.md +++ b/README.md @@ -21,3 +21,5 @@ go build -o notely && ./notely *This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`. You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course! + +Brandon's version of Boot.dev's Notely app. From e86df9ea53411ef37243d051b793e9fb2e039fc7 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Thu, 17 Apr 2025 15:44:29 -0400 Subject: [PATCH 02/19] Another trivial edit --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 6ef010f3e2..2ff084e9f2 100644 --- a/README.md +++ b/README.md @@ -22,4 +22,4 @@ go build -o notely && ./notely You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course! -Brandon's version of Boot.dev's Notely app. +Brandon's version of Boot.dev's Notely app From 3b0ee24c3f5c8fd35248b67025ac11c466d2dfd6 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Thu, 17 Apr 2025 16:00:32 -0400 Subject: [PATCH 03/19] Add CI Github workflow --- .github/workflows/ci.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000000..99ceb2f807 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,22 @@ +name: ci + +on: + pull_request: + branches: [main] + +jobs: + tests: + name: Tests + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.23.0" + + - name: Force Failure + run: (exit 1) From f598bb79138e326d8db30582bbabda7fe1e7371c Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Thu, 17 Apr 2025 16:05:44 -0400 Subject: [PATCH 04/19] Make failing CI step pass --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 99ceb2f807..073b84bb0c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,5 +18,5 @@ jobs: with: go-version: "1.23.0" - - name: Force Failure - run: (exit 1) + - name: Stat Go version + run: go version From 987988d6d9f891ad581e233bccb8b00864e17e47 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Fri, 18 Apr 2025 21:55:06 -0400 Subject: [PATCH 05/19] Attempt unsuccessfully to use go-cmp in tests It comes in as an indirect require-entry (apparently, some of the other dependencies use it, likely in their own test code.) But that is making it difficult (if not outright preventing me) from using it directly in my own tests! --- go.mod | 1 + go.sum | 10 +++++++++- vendor/modules.txt | 2 ++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 09e04f9c12..1120695a78 100644 --- a/go.mod +++ b/go.mod @@ -12,6 +12,7 @@ require ( require ( github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230512164433-5d1fd1a340c9 // indirect + github.com/google/go-cmp v0.7.0 // indirect github.com/klauspost/compress v1.15.15 // indirect github.com/libsql/sqlite-antlr4-parser v0.0.0-20230802215326-5cb5bb604475 // indirect golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect diff --git a/go.sum b/go.sum index e3c6163bd0..85f6ffe38f 100644 --- a/go.sum +++ b/go.sum @@ -26,8 +26,10 @@ github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/E github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= @@ -37,6 +39,7 @@ github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/klauspost/compress v1.10.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.15.15 h1:EF27CXIuDsYJ6mmvtBRlEuB2UVOqHG1tAXgZ7yIO+lw= github.com/klauspost/compress v1.15.15/go.mod h1:ZcK2JAFqKOpnBlxcLsJzYfrS9X1akm9fHZNnD9+Vo/4= @@ -46,8 +49,10 @@ github.com/libsql/sqlite-antlr4-parser v0.0.0-20230802215326-5cb5bb604475 h1:6Pf github.com/libsql/sqlite-antlr4-parser v0.0.0-20230802215326-5cb5bb604475/go.mod h1:20nXSmcf0nAscrzqsXeC2/tA3KkV2eCiJqYuyAgl+ss= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.18 h1:DOKFKCQ7FNG2L1rbrmstDN4QVRdS89Nkh85u68Uwp98= +github.com/mattn/go-isatty v0.0.18/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742 h1:Esafd1046DLDQ0W1YjYsBW+p8U2u7vzgW2SQVmlNazg= github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -64,14 +69,17 @@ golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e h1:+WEEuIdZHnUeJJmEUjyYC2gfU golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s= +golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= +google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= nhooyr.io/websocket v1.8.7 h1:usjR2uOr/zjjkVMy0lW+PPohFok7PCow5sDjLgX4P4g= nhooyr.io/websocket v1.8.7/go.mod h1:B70DZP8IakI65RVQ51MsWP/8jndNma26DVA/nFSCgW0= diff --git a/vendor/modules.txt b/vendor/modules.txt index 9fefa57685..7ad4ab3c6d 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -7,6 +7,8 @@ github.com/go-chi/chi # github.com/go-chi/cors v1.2.1 ## explicit; go 1.14 github.com/go-chi/cors +# github.com/google/go-cmp v0.7.0 +## explicit; go 1.21 # github.com/google/uuid v1.3.0 ## explicit github.com/google/uuid From 7fcb7c951ce578192d5fd0148b78089747450b25 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Fri, 18 Apr 2025 21:58:39 -0400 Subject: [PATCH 06/19] Ignore Emacs autosave files --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 2092f54e78..847dbc0894 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ out .env learn-cicd-starter notely +\#* From 0eeac4f047b28afae02d59562b63382ffbeea2f0 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Fri, 18 Apr 2025 21:58:57 -0400 Subject: [PATCH 07/19] Add spacing + move error definition alongside existing one --- internal/auth/auth.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/internal/auth/auth.go b/internal/auth/auth.go index f969aacf63..bcd926464c 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -7,16 +7,20 @@ import ( ) var ErrNoAuthHeaderIncluded = errors.New("no authorization header included") +var ErrMalformedAuthHeader = errors.New("malformed authorization header") // GetAPIKey - func GetAPIKey(headers http.Header) (string, error) { authHeader := headers.Get("Authorization") + if authHeader == "" { return "", ErrNoAuthHeaderIncluded } + splitAuth := strings.Split(authHeader, " ") + if len(splitAuth) < 2 || splitAuth[0] != "ApiKey" { - return "", errors.New("malformed authorization header") + return "", ErrMalformedAuthHeader } return splitAuth[1], nil From 5e460586326fe437ef5b3bb9dbcf0b4ae5ab3754 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Fri, 18 Apr 2025 21:59:30 -0400 Subject: [PATCH 08/19] Add test for GetAPIKey under 'auth_test.go' --- internal/auth/auth_test.go | 60 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 internal/auth/auth_test.go diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go new file mode 100644 index 0000000000..eccbcc116b --- /dev/null +++ b/internal/auth/auth_test.go @@ -0,0 +1,60 @@ +package auth + +import ( + "net/http" + "testing" +) + +func TestGetAPIKey(t *testing.T) { + tests := map[string]struct { + header http.Header + apiKey string + err error + }{ + "simple": { + header: http.Header{ + "Authorization": {"ApiKey abcde"}, + }, + apiKey: "abcde", + err: nil, + }, + + "missing_auth_header": { + header: http.Header{ + "Content-Type": {"application/json"}, + }, + apiKey: "", + err: ErrNoAuthHeaderIncluded, + }, + + "insufficient_length": { + header: http.Header{ + "Authorization": {"ApiKey"}, + }, + apiKey: "", + err: ErrMalformedAuthHeader, + }, + + "wrong_prefix": { + header: http.Header{ + "Authorization": {"API_KEY"}, + }, + apiKey: "", + err: ErrMalformedAuthHeader, + }, + } + + for name, tc := range tests { + t.Run(name, func(t *testing.T) { + got, actualErr := GetAPIKey(tc.header) + + if actualErr != nil && actualErr != tc.err { + t.Fatalf("Wrong error: %v", actualErr) + } + + if got != tc.apiKey { + t.Fatalf("Wrong API key result: %v", got) + } + }) + } +} From 7bd28bcad4ea41c58d48ca02cdf926e3c7592730 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Sat, 19 Apr 2025 18:25:33 -0400 Subject: [PATCH 09/19] Implement CI fail sanity check --- .github/workflows/ci.yml | 4 ++-- internal/auth/auth.go | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 073b84bb0c..7f198f66d7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,5 +18,5 @@ jobs: with: go-version: "1.23.0" - - name: Stat Go version - run: go version + - name: Run tests + run: go test ./... diff --git a/internal/auth/auth.go b/internal/auth/auth.go index bcd926464c..9b6b92a3d3 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -19,7 +19,7 @@ func GetAPIKey(headers http.Header) (string, error) { splitAuth := strings.Split(authHeader, " ") - if len(splitAuth) < 2 || splitAuth[0] != "ApiKey" { + if len(splitAuth) < 2 || splitAuth[0] != "ApeKey" { return "", ErrMalformedAuthHeader } From bf5cb813bbcf47665cbcfeae3f0e9a8992ebdc9b Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Sat, 19 Apr 2025 18:29:47 -0400 Subject: [PATCH 10/19] Make test failure-messages more descriptive --- internal/auth/auth_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index eccbcc116b..fcb802b80f 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -49,11 +49,11 @@ func TestGetAPIKey(t *testing.T) { got, actualErr := GetAPIKey(tc.header) if actualErr != nil && actualErr != tc.err { - t.Fatalf("Wrong error: %v", actualErr) + t.Fatalf("Wrong error: %v; should be %v", actualErr, tc.err) } if got != tc.apiKey { - t.Fatalf("Wrong API key result: %v", got) + t.Fatalf("Wrong API key result: %v; should be %v", got, tc.apiKey) } }) } From 634f40535635f7346cdc296eeaf316a31c8fa5a3 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Sat, 19 Apr 2025 18:32:04 -0400 Subject: [PATCH 11/19] Restore code to test-passing state --- internal/auth/auth.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/auth/auth.go b/internal/auth/auth.go index 9b6b92a3d3..bcd926464c 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -19,7 +19,7 @@ func GetAPIKey(headers http.Header) (string, error) { splitAuth := strings.Split(authHeader, " ") - if len(splitAuth) < 2 || splitAuth[0] != "ApeKey" { + if len(splitAuth) < 2 || splitAuth[0] != "ApiKey" { return "", ErrMalformedAuthHeader } From 4f5aaf22522d7ae4e18802528260e97c204f7995 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Sat, 19 Apr 2025 18:54:19 -0400 Subject: [PATCH 12/19] Add -cover flag to test-runner in CI step --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7f198f66d7..693e2ca884 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.23.0" - name: Run tests - run: go test ./... + run: go test -cover ./... From b74e46c8952b324e6a78f7f1d773d5660a3d73c6 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Sat, 19 Apr 2025 19:07:03 -0400 Subject: [PATCH 13/19] Add CI status badge to README --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 2ff084e9f2..a8c083d2c9 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ +![CI status badge](https://github.com/BrandonIrizarry/learn-cicd-starter/actions/workflows/ci.yml/badge.svg) + # learn-cicd-starter (Notely) This repo contains the starter code for the "Notely" application for the "Learn CICD" course on [Boot.dev](https://boot.dev). From 9edb5980193ecd46ffccc3d3419c0ce03336386b Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Sat, 19 Apr 2025 19:30:13 -0400 Subject: [PATCH 14/19] Add 'style' job to check for formatting issues in PRs --- .github/workflows/ci.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 693e2ca884..b2b03e9603 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,3 +20,19 @@ jobs: - name: Run tests run: go test -cover ./... + + style: + name: Style + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.23.0" + + - name: Check for formatting issues + run: test -z $(go fmt ./...) From bdac75be4c60614afb8c1d53cc38a7b99db14a24 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Sat, 19 Apr 2025 19:39:22 -0400 Subject: [PATCH 15/19] Introduce CI linter check with unlinted code for sanity check --- .github/workflows/ci.yml | 6 ++++++ main.go | 4 ++++ 2 files changed, 10 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b2b03e9603..c4fc99c1d2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,5 +34,11 @@ jobs: with: go-version: "1.23.0" + - name: Install staticcheck + run: go install honnef.co/go/tools/cmd/staticcheck@latest + - name: Check for formatting issues run: test -z $(go fmt ./...) + + - name: Check for linter issues + run: staticcheck ./... diff --git a/main.go b/main.go index 19d7366c5f..04207443ce 100644 --- a/main.go +++ b/main.go @@ -96,3 +96,7 @@ func main() { log.Printf("Serving on port: %s\n", port) log.Fatal(srv.ListenAndServe()) } + +func unused() { + +} From f8cd7c6be8edb59788cd966a5a27c91f97cad82b Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Sat, 19 Apr 2025 19:41:36 -0400 Subject: [PATCH 16/19] Remove linter-breaking code so that CI now passes --- main.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/main.go b/main.go index 04207443ce..19d7366c5f 100644 --- a/main.go +++ b/main.go @@ -96,7 +96,3 @@ func main() { log.Printf("Serving on port: %s\n", port) log.Fatal(srv.ListenAndServe()) } - -func unused() { - -} From e4332a6a4060a862d38310660b56b1d010efc3b0 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Sat, 19 Apr 2025 19:49:42 -0400 Subject: [PATCH 17/19] Add gosec CI step under the tests job The CI step itself will currently fail, as intended. --- .github/workflows/ci.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c4fc99c1d2..0f36e46c79 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,9 +18,15 @@ jobs: with: go-version: "1.23.0" + - name: Install gosec + run: go install github.com/securego/gosec/v2/cmd/gosec@latest + - name: Run tests run: go test -cover ./... + - name: Perform security check + run: gosec ./... + style: name: Style runs-on: ubuntu-latest From 844bc88d0c1d20ab09f63a0a0add04c64ba5570f Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Sat, 19 Apr 2025 19:55:31 -0400 Subject: [PATCH 18/19] Address gosec issues --- json.go | 8 +++++++- main.go | 6 ++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/json.go b/json.go index 1e6e7985e1..d760794399 100644 --- a/json.go +++ b/json.go @@ -30,5 +30,11 @@ func respondWithJSON(w http.ResponseWriter, code int, payload interface{}) { return } w.WriteHeader(code) - w.Write(dat) + _, err = w.Write(dat) + + if err != nil { + log.Printf("Error writing JSON: %s", err) + w.WriteHeader(500) + return + } } diff --git a/main.go b/main.go index 19d7366c5f..cc228fe0d0 100644 --- a/main.go +++ b/main.go @@ -7,6 +7,7 @@ import ( "log" "net/http" "os" + "time" "github.com/go-chi/chi" "github.com/go-chi/cors" @@ -89,8 +90,9 @@ func main() { router.Mount("/v1", v1Router) srv := &http.Server{ - Addr: ":" + port, - Handler: router, + Addr: ":" + port, + Handler: router, + ReadHeaderTimeout: 2 * time.Second, } log.Printf("Serving on port: %s\n", port) From bc018e4a8c44910ee334812a7c753cea51bcb5b7 Mon Sep 17 00:00:00 2001 From: "Brandon C. Irizarry" Date: Sun, 20 Apr 2025 19:42:48 -0400 Subject: [PATCH 19/19] Introduce cd.yml --- .github/workflows/cd.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 .github/workflows/cd.yml diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml new file mode 100644 index 0000000000..e5badf0110 --- /dev/null +++ b/.github/workflows/cd.yml @@ -0,0 +1,20 @@ +on: + push: + branches: [main] + +jobs: + deploy: + name: Deploy + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.23.0" + + - name: Build app + run: ./scripts/buildprod.sh