From 964d8e7501b15cab97873bd673ad06a9f7fd9b9c Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Tue, 6 May 2025 22:15:09 +0100 Subject: [PATCH 01/26] Test --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c2bec0368b..25a6289816 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,7 @@ Run the server: go build -o notely && ./notely ``` -*This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`. +_This starts the server in non-database mode._ It will serve a simple webpage at `http://localhost:8080`. -You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course! +You do _not_ need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course! +Benjys version of boot.dev's Notely app From bf3beee2247a9569531c4a3873b27e83f4e58516 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Tue, 6 May 2025 22:30:12 +0100 Subject: [PATCH 02/26] CI test added --- .github/workflows/ci.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000000..6a3dc1ea03 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,22 @@ +name: ci + +on: + pull_request: + branches: [main] + +jobs: + tests: + name: Tests + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.23.0" + + - name: Force Failure + run: (exit 1) From e8d4322d954f0e18ff68dfa1ac18ac14a8d24cf0 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Wed, 7 May 2025 20:43:01 +0100 Subject: [PATCH 03/26] tests added --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6a3dc1ea03..bc4e00766c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.23.0" - name: Force Failure - run: (exit 1) + run: run version From e43de74f37102dc8984eaf4fa3af6ecdd43fc288 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Wed, 7 May 2025 20:46:15 +0100 Subject: [PATCH 04/26] new tests added --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bc4e00766c..e12d778bf9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.23.0" - name: Force Failure - run: run version + run: go version From af33052d3c5127d553aa93cf990ae5dfc0442aa5 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Wed, 7 May 2025 21:34:04 +0100 Subject: [PATCH 05/26] broken tests added --- internal/auth/auth_test.go | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 internal/auth/auth_test.go diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go new file mode 100644 index 0000000000..18a10d58c6 --- /dev/null +++ b/internal/auth/auth_test.go @@ -0,0 +1,27 @@ +package auth + +import ( + "testing" + "net/http" + +) + +func TestAPI (t *testing.T) { + + testKey := "ThisIsKey" + + header := http.Header{} + header.Add("Content-Type", "application/json") + header.Set("Authorization", "ApiKey " +testKey) + + + key, err := GetAPIKey(header) + if err != nil { + t.Fatalf("error: could not get api key: %v", err) + } + if key == "ThisIsAKey" { + return + } else { + t.Fatalf("error: expected %v, got %v, : %v", testKey, key, err) + } +} \ No newline at end of file From 7d536898fb7c2ab931edde21502497b99392c183 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Wed, 7 May 2025 21:40:11 +0100 Subject: [PATCH 06/26] actual broken test added --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e12d778bf9..deb1569303 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.23.0" - name: Force Failure - run: go version + run: go test ./... From 866e20aba9d23299b1ce3b1277af999fd6ba110b Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Wed, 7 May 2025 21:42:30 +0100 Subject: [PATCH 07/26] fixed broken test added --- internal/auth/auth_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index 18a10d58c6..ca1eb26b83 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -8,7 +8,7 @@ import ( func TestAPI (t *testing.T) { - testKey := "ThisIsKey" + testKey := "ThisAIsKey" header := http.Header{} header.Add("Content-Type", "application/json") From 4d63f217a149ba32ca1b4b5aeeb50257792db185 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Wed, 7 May 2025 21:44:32 +0100 Subject: [PATCH 08/26] fixed broken test added v2 --- internal/auth/auth_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index ca1eb26b83..c3efa68cd2 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -8,7 +8,7 @@ import ( func TestAPI (t *testing.T) { - testKey := "ThisAIsKey" + testKey := "ThisIsAKey" header := http.Header{} header.Add("Content-Type", "application/json") From 17ffc651c36d193c7f6dab7049a6559572459f95 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Wed, 7 May 2025 21:48:34 +0100 Subject: [PATCH 09/26] coverage added to tests --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index deb1569303..47fe309b40 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.23.0" - name: Force Failure - run: go test ./... + run: -cover go test ./... From c7fae52347a5df2b6e5f00f0693a9be76eb04682 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Wed, 7 May 2025 21:51:47 +0100 Subject: [PATCH 10/26] coverage added to tests v2 --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 47fe309b40..46de050442 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.23.0" - name: Force Failure - run: -cover go test ./... + run: go test ./... -cover From c3251e43db688e4f0eaf48cd7e4baf67af7d7b4d Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Wed, 7 May 2025 21:55:47 +0100 Subject: [PATCH 11/26] readME badge --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 25a6289816..4669608ead 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ +![alt text goes here](https://github.com/Benjysparks/learn-cicd-starter/actions/workflows/ci.yml/badge.svg) + # learn-cicd-starter (Notely) This repo contains the starter code for the "Notely" application for the "Learn CICD" course on [Boot.dev](https://boot.dev). From c28ead758d93418cc36b52bca800f9af7341be69 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Thu, 8 May 2025 18:55:24 +0100 Subject: [PATCH 12/26] CI test updated --- .github/workflows/ci.yml | 18 ++++++++++++- internal/auth/auth_test.go | 52 ++++++++++++++++++-------------------- 2 files changed, 42 insertions(+), 28 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 46de050442..f86eaf67df 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,5 +18,21 @@ jobs: with: go-version: "1.23.0" - - name: Force Failure + - name: Run unit tests run: go test ./... -cover + + style: + name: Style + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.23.0" + + - name: Check formatting + run: test -z $(go fmt ./...) diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index c3efa68cd2..7da8fa91ff 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -1,27 +1,25 @@ -package auth - -import ( - "testing" - "net/http" - -) - -func TestAPI (t *testing.T) { - - testKey := "ThisIsAKey" - - header := http.Header{} - header.Add("Content-Type", "application/json") - header.Set("Authorization", "ApiKey " +testKey) - - - key, err := GetAPIKey(header) - if err != nil { - t.Fatalf("error: could not get api key: %v", err) - } - if key == "ThisIsAKey" { - return - } else { - t.Fatalf("error: expected %v, got %v, : %v", testKey, key, err) - } -} \ No newline at end of file +package auth + +import ( + "net/http" + "testing" +) + +func TestAPI(t *testing.T) { + + testKey := "ThisIsAKey" + + header := http.Header{} + header.Add("Content-Type", "application/json") + header.Set("Authorization", "ApiKey "+testKey) + + key, err := GetAPIKey(header) + if err != nil { + t.Fatalf("error: could not get api key: %v", err) + } + if key == "ThisIsAKey" { + return + } else { + t.Fatalf("error: expected %v, got %v, : %v", testKey, key, err) + } +} From f95f6106f576be85300927bb47ac815bc56d8877 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Thu, 8 May 2025 19:05:46 +0100 Subject: [PATCH 13/26] CI test updated more --- .github/workflows/ci.yml | 6 ++++++ main.go | 5 +++++ 2 files changed, 11 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f86eaf67df..c392d07b48 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,5 +34,11 @@ jobs: with: go-version: "1.23.0" + - name: Install staticcheck + run: go install honnef.co/go/tools/cmd/staticcheck@latest + - name: Check formatting run: test -z $(go fmt ./...) + + - name: Check linting + run: staticcheck ./... diff --git a/main.go b/main.go index 19d7366c5f..f34e53a2cc 100644 --- a/main.go +++ b/main.go @@ -76,6 +76,11 @@ func main() { } }) + func unused() { + // this function does nothing + // and is called nowhere + } + v1Router := chi.NewRouter() if apiCfg.DB != nil { From 544bf6094408839b323ff10bf3a85cd7e9f9028f Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Thu, 8 May 2025 19:08:04 +0100 Subject: [PATCH 14/26] fixed test error --- main.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/main.go b/main.go index f34e53a2cc..dbfec6db9c 100644 --- a/main.go +++ b/main.go @@ -76,10 +76,6 @@ func main() { } }) - func unused() { - // this function does nothing - // and is called nowhere - } v1Router := chi.NewRouter() From 22a81e495af087e89bc49d2a056170e6d521006c Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Thu, 8 May 2025 19:52:52 +0100 Subject: [PATCH 15/26] fixed test error v2 --- main.go | 1 - 1 file changed, 1 deletion(-) diff --git a/main.go b/main.go index dbfec6db9c..19d7366c5f 100644 --- a/main.go +++ b/main.go @@ -76,7 +76,6 @@ func main() { } }) - v1Router := chi.NewRouter() if apiCfg.DB != nil { From 38187ab091c47715f78f906ac7c630ded96cb58c Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Thu, 8 May 2025 20:05:16 +0100 Subject: [PATCH 16/26] security CI added --- .github/workflows/ci.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c392d07b48..0417668694 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,6 +21,12 @@ jobs: - name: Run unit tests run: go test ./... -cover + - name: Install gosec + run: go install github.com/securego/gosec/v2/cmd/gosec@latest + + - name: Run gosec tests + run: gosec ./... + style: name: Style runs-on: ubuntu-latest From 257c3e15f5df512e908210758b9a794e6c098c0b Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Thu, 8 May 2025 20:19:11 +0100 Subject: [PATCH 17/26] security issues fixed --- json.go | 6 +++++- main.go | 1 + 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/json.go b/json.go index 1e6e7985e1..98e4334c8a 100644 --- a/json.go +++ b/json.go @@ -30,5 +30,9 @@ func respondWithJSON(w http.ResponseWriter, code int, payload interface{}) { return } w.WriteHeader(code) - w.Write(dat) + _, err := w.Write(dat) + if err != nil { + log.Printf("Error writing response: %v", err) + + } } diff --git a/main.go b/main.go index 19d7366c5f..ac84b2dae2 100644 --- a/main.go +++ b/main.go @@ -91,6 +91,7 @@ func main() { srv := &http.Server{ Addr: ":" + port, Handler: router, + ReadHeaderTimeout: time.ParseDuration("10s"), } log.Printf("Serving on port: %s\n", port) From 7bb25d54a580916a31ac74bb8d72dcd01d906465 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Thu, 8 May 2025 20:24:31 +0100 Subject: [PATCH 18/26] security issues fixed --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0417668694..528ea028d9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -44,7 +44,7 @@ jobs: run: go install honnef.co/go/tools/cmd/staticcheck@latest - name: Check formatting - run: test -z $(go fmt ./...) + run: test -z "$(go fmt ./...)" - name: Check linting run: staticcheck ./... From 89dea4934c6d3750d8d58d957ab80bab6e07a734 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Thu, 8 May 2025 20:33:09 +0100 Subject: [PATCH 19/26] security issues fixed --- json.go | 2 +- main.go | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/json.go b/json.go index 98e4334c8a..c4667cacb6 100644 --- a/json.go +++ b/json.go @@ -30,7 +30,7 @@ func respondWithJSON(w http.ResponseWriter, code int, payload interface{}) { return } w.WriteHeader(code) - _, err := w.Write(dat) + _, err = w.Write(dat) if err != nil { log.Printf("Error writing response: %v", err) diff --git a/main.go b/main.go index ac84b2dae2..d6ca076a97 100644 --- a/main.go +++ b/main.go @@ -7,7 +7,7 @@ import ( "log" "net/http" "os" - + "time" "github.com/go-chi/chi" "github.com/go-chi/cors" "github.com/joho/godotenv" @@ -88,10 +88,11 @@ func main() { v1Router.Get("/healthz", handlerReadiness) router.Mount("/v1", v1Router) + timeDur, _ := time.ParseDuration("10s") srv := &http.Server{ Addr: ":" + port, Handler: router, - ReadHeaderTimeout: time.ParseDuration("10s"), + ReadHeaderTimeout: timeDur, } log.Printf("Serving on port: %s\n", port) From 68db92da89264f270b7342c44439c0e228c6e77c Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Thu, 8 May 2025 20:37:42 +0100 Subject: [PATCH 20/26] security issues fixed --- json.go | 6 +++--- main.go | 10 +++++----- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/json.go b/json.go index c4667cacb6..ae419ba796 100644 --- a/json.go +++ b/json.go @@ -31,8 +31,8 @@ func respondWithJSON(w http.ResponseWriter, code int, payload interface{}) { } w.WriteHeader(code) _, err = w.Write(dat) - if err != nil { - log.Printf("Error writing response: %v", err) + if err != nil { + log.Printf("Error writing response: %v", err) - } + } } diff --git a/main.go b/main.go index d6ca076a97..13f2c4ba80 100644 --- a/main.go +++ b/main.go @@ -3,14 +3,14 @@ package main import ( "database/sql" "embed" + "github.com/go-chi/chi" + "github.com/go-chi/cors" + "github.com/joho/godotenv" "io" "log" "net/http" "os" "time" - "github.com/go-chi/chi" - "github.com/go-chi/cors" - "github.com/joho/godotenv" "github.com/bootdotdev/learn-cicd-starter/internal/database" @@ -90,8 +90,8 @@ func main() { router.Mount("/v1", v1Router) timeDur, _ := time.ParseDuration("10s") srv := &http.Server{ - Addr: ":" + port, - Handler: router, + Addr: ":" + port, + Handler: router, ReadHeaderTimeout: timeDur, } From 9a197cca355a4a93aebf85e4b91959fd49b191f4 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Thu, 8 May 2025 21:07:42 +0100 Subject: [PATCH 21/26] cd file added --- .github/workflows/cd.yml | 22 ++++++++++++++++++++++ Dockerfile | 2 +- 2 files changed, 23 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/cd.yml diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml new file mode 100644 index 0000000000..998983fb2f --- /dev/null +++ b/.github/workflows/cd.yml @@ -0,0 +1,22 @@ +name: cd + +on: + push: + branches: [main] + +jobs: + deploy: + name: Deploy + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.23.0" + + - name: Build script + run: scripts/buildprod.sh diff --git a/Dockerfile b/Dockerfile index 2be3d18b81..bb611a09b4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM --platform=linux/amd64 debian:stable-slim +FROM debian:stable-slim RUN apt-get update && apt-get install -y ca-certificates From 948536de38cd8c886e398543d848068f4585bf48 Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Fri, 9 May 2025 19:57:42 +0100 Subject: [PATCH 22/26] cloud service --- .github/workflows/cd.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 998983fb2f..f84b81cccd 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -20,3 +20,17 @@ jobs: - name: Build script run: scripts/buildprod.sh + + - id: "auth" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCP_CREDENTIALS }}" + + - name: "Set up Cloud SDK" + uses: "google-github-actions/setup-gcloud@v2" + + - name: "Use gcloud CLI" + run: "gcloud info" + + - name: "Build docker image" + run: "gcloud builds submit --tag us-central1-docker.pkg.dev/notely-459220/notely-ar-repo/notely:latest . " From fb6a98143914d31be5bd5cd4a1a21b3fcc2d1d1d Mon Sep 17 00:00:00 2001 From: Benjysparks Date: Sat, 10 May 2025 17:18:44 +0100 Subject: [PATCH 23/26] cloud deployment test --- .github/workflows/cd.yml | 3 + static/index.html | 354 ++++++++++++++++++++------------------- 2 files changed, 185 insertions(+), 172 deletions(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index f84b81cccd..5e8f4d8889 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -34,3 +34,6 @@ jobs: - name: "Build docker image" run: "gcloud builds submit --tag us-central1-docker.pkg.dev/notely-459220/notely-ar-repo/notely:latest . " + + - name: Deploy to Cloud Run + run: "gcloud run deploy notely --image us-central1-docker.pkg.dev/notely-459220/notely-ar-repo/notely:latest --region us-central1 --allow-unauthenticated --project notely-459220 --max-instances=4" diff --git a/static/index.html b/static/index.html index 72be101028..7e1fdd7b0f 100644 --- a/static/index.html +++ b/static/index.html @@ -1,193 +1,203 @@ - - - + + Notely - + - -

Notely

+ +

Welcome to Notely

- - + +
-