diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml new file mode 100644 index 00000000000..28eff19849d --- /dev/null +++ b/.github/workflows/cd.yml @@ -0,0 +1,19 @@ +on: + push: + branches: [main] + +jobs: + deploy: + name: Deploy + runs-on: ubuntu-latest + steps: + + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.26.0" + - name: Build + run: ./scripts/buildprod.sh diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000000..b04756738cc --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,37 @@ +name: ci + +on: + pull_request: + branches: [main] + +jobs: + tests: + name: Tests + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.26.0" + + - name: Install staticcheck + run: go install honnef.co/go/tools/cmd/staticcheck@latest + + - name: Install gosec + run: go install github.com/securego/gosec/v2/cmd/gosec@latest + + - name: Run gosec + run: gosec ./... + + - name: Auth Fuction Test + run: go test -cover ./... + + - name: Show formatting output + run: go fmt ./... + + - name: check code style + run: test -z "$(go fmt ./...)" diff --git a/README.md b/README.md index c2bec0368b7..5ccb09f82b5 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,4 @@ +![alt text goes here](https://github.com/CSgyz/Boot.dev.CICD.learning/actions/workflows/ci.yml/badge.svg) # learn-cicd-starter (Notely) This repo contains the starter code for the "Notely" application for the "Learn CICD" course on [Boot.dev](https://boot.dev). @@ -21,3 +22,4 @@ go build -o notely && ./notely *This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`. You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course! +CSgyz's version of Boot.dev's Notely app. diff --git a/internal/auth/get_api_key_test.go b/internal/auth/get_api_key_test.go new file mode 100644 index 00000000000..e5f8f1092a8 --- /dev/null +++ b/internal/auth/get_api_key_test.go @@ -0,0 +1,85 @@ +package auth + +import ( + "errors" + "net/http" + "testing" +) + +func TestGetAPIKey(t *testing.T) { + tests := []struct { + name string + headers http.Header + wantKey string + wantErr bool + wantErrIs error + wantErrMsg string + }{ + // 用例 1:缺失 Authorization 头 + { + name: "缺失 Authorization 头", + headers: http.Header{}, + wantKey: "", + wantErr: true, + wantErrIs: ErrNoAuthHeaderIncluded, + }, + // 用例 2A:前缀错误 + { + name: "前缀错误 Bearer 而非 ApiKey", + headers: http.Header{"Authorization": []string{"Bearer 12345"}}, + wantKey: "", + wantErr: true, + wantErrMsg: "malformed authorization header", + }, + // 用例 2B:只有前缀无 Token + { + name: "只有前缀无 Token", + headers: http.Header{"Authorization": []string{"ApiKey"}}, + wantKey: "", + wantErr: true, + wantErrMsg: "malformed authorization header", + }, + // 用例 2C:随机内容 + { + name: "内容完全随机", + headers: http.Header{"Authorization": []string{"randomstuff"}}, + wantKey: "", + wantErr: true, + wantErrMsg: "malformed authorization header", + }, + // 用例 3:成功路径 + { + name: "格式正确应返回 Key", + headers: http.Header{"Authorization": []string{"ApiKey 12345-abcde"}}, + wantKey: "12345-abcde", + wantErr: false, + }, + } + // 遍历所有用例 + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + gotKey, err := GetAPIKey(tt.headers) + + // 断言 key + if gotKey != tt.wantKey { + t.Errorf("key = %q, want %q", gotKey, tt.wantKey) + } + + // 断言错误存在性 + if (err != nil) != tt.wantErr { + t.Errorf("error = %v, wantErr = %v", err, tt.wantErr) + return + } + + // 断言哨定错误(errors.Is) + if tt.wantErrIs != nil && !errors.Is(err, tt.wantErrIs) { + t.Errorf("error = %v, want errors.Is match %v", err, tt.wantErrIs) + } + + // 断言错误消息内容 + if tt.wantErrMsg != "" && err != nil && err.Error() != tt.wantErrMsg { + t.Errorf("error msg = %q, want %q", err.Error(), tt.wantErrMsg) + } + }) + } +} diff --git a/json.go b/json.go index 1e6e7985e18..76ca891f694 100644 --- a/json.go +++ b/json.go @@ -30,5 +30,7 @@ func respondWithJSON(w http.ResponseWriter, code int, payload interface{}) { return } w.WriteHeader(code) - w.Write(dat) + _, err = w.Write(dat) + if err != nil { + log.Printf("Critical error writing response: %s", err) } diff --git a/main.go b/main.go index 19d7366c5f7..5d09015f223 100644 --- a/main.go +++ b/main.go @@ -91,8 +91,14 @@ func main() { srv := &http.Server{ Addr: ":" + port, Handler: router, + ReadHeaderTimeout: time.Second * 5, } - log.Printf("Serving on port: %s\n", port) + log.Println("Serving server") log.Fatal(srv.ListenAndServe()) } + +func unused() { + // this function does nothing + // and is called nowhere +} diff --git a/middleware_auth.go b/middleware_auth.go index 6cbe03f8673..0a6f35f07f5 100644 --- a/middleware_auth.go +++ b/middleware_auth.go @@ -1,10 +1,9 @@ package main import ( - "net/http" - "github.com/bootdotdev/learn-cicd-starter/internal/auth" "github.com/bootdotdev/learn-cicd-starter/internal/database" + "net/http" ) type authedHandler func(http.ResponseWriter, *http.Request, database.User) diff --git a/notely.log b/notely.log new file mode 100644 index 00000000000..a818efb42c7 --- /dev/null +++ b/notely.log @@ -0,0 +1,5 @@ +nohup: ignoring input +2026/04/21 17:54:50 warning: assuming default configuration. .env unreadable: open .env: no such file or directory +2026/04/21 17:54:50 DATABASE_URL environment variable is not set +2026/04/21 17:54:50 Running without CRUD endpoints +2026/04/21 17:54:50 Serving on port: 8080