From 2d51ffd1764ba8c27c66814a98c599e1853dc03c Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 11:14:42 -0700 Subject: [PATCH 01/15] Add personal attribution to README --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index c2bec0368b..1a5f0dd181 100644 --- a/README.md +++ b/README.md @@ -21,3 +21,5 @@ go build -o notely && ./notely *This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`. You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course! + +GitHub Copilot's version of Boot.dev's Notely app. From 5335d55c52f8318810a6b8368d657d144676fb71 Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 11:19:15 -0700 Subject: [PATCH 02/15] v1 --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 1a5f0dd181..60dca9ef5a 100644 --- a/README.md +++ b/README.md @@ -23,3 +23,6 @@ go build -o notely && ./notely You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course! GitHub Copilot's version of Boot.dev's Notely app. + + +Grant's version of Boot.dev's Notely app. \ No newline at end of file From 5fa9b2e1f5ce4282f6441a3427971969fa6945eb Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 11:28:02 -0700 Subject: [PATCH 03/15] Add failing CI workflow for pull requests --- .github/workflows/ci.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000000..a54d8248d5 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,22 @@ +name: ci + +on: + pull_request: + branches: [main] + +jobs: + tests: + name: Tests + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.25.1" + + - name: Force Failure + run: (exit 1) \ No newline at end of file From df65b0cc02da7be954c67aeca9ad162fa07bd89a Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 11:32:24 -0700 Subject: [PATCH 04/15] Make CI step report Go version --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a54d8248d5..db7f155dca 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,5 +18,5 @@ jobs: with: go-version: "1.25.1" - - name: Force Failure - run: (exit 1) \ No newline at end of file + - name: Display Go version + run: go version \ No newline at end of file From ab555eaf0229aea12abf9d2767191245855d9e33 Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 11:47:27 -0700 Subject: [PATCH 05/15] Add unit tests for GetAPIKey --- internal/auth/auth_test.go | 60 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 internal/auth/auth_test.go diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go new file mode 100644 index 0000000000..e5523d8ac1 --- /dev/null +++ b/internal/auth/auth_test.go @@ -0,0 +1,60 @@ +package auth + +import ( + "errors" + "net/http" + "testing" +) + +func TestGetAPIKey(t *testing.T) { + t.Run("returns API key when header formatted correctly", func(t *testing.T) { + headers := http.Header{} + headers.Set("Authorization", "ApiKey secret123") + + key, err := GetAPIKey(headers) + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + if key != "secret123" { + t.Fatalf("expected key 'secret123', got %q", key) + } + }) + + t.Run("returns error when header missing", func(t *testing.T) { + headers := http.Header{} + + _, err := GetAPIKey(headers) + if err == nil { + t.Fatal("expected error, got nil") + } + if !errors.Is(err, ErrNoAuthHeaderIncluded) { + t.Fatalf("expected ErrNoAuthHeaderIncluded, got %v", err) + } + }) + + t.Run("returns error when header malformed", func(t *testing.T) { + headers := http.Header{} + headers.Set("Authorization", "Bearer token") + + _, err := GetAPIKey(headers) + if err == nil { + t.Fatal("expected error, got nil") + } + if err.Error() != "malformed authorization header" { + t.Fatalf("expected malformed header error, got %v", err) + } + }) + + t.Run("returns error when API key missing", func(t *testing.T) { + headers := http.Header{} + headers.Set("Authorization", "ApiKey") + + _, err := GetAPIKey(headers) + if err == nil { + t.Fatal("expected error, got nil") + } + if err.Error() != "malformed authorization header" { + t.Fatalf("expected malformed header error, got %v", err) + } + }) +} From 3cd371dbb6e4a9a92a7aea6f11368e424301214c Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 11:50:43 -0700 Subject: [PATCH 06/15] Run tests in CI and introduce failing expectation --- .github/workflows/ci.yml | 4 ++-- internal/auth/auth_test.go | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index db7f155dca..880d801555 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,5 +18,5 @@ jobs: with: go-version: "1.25.1" - - name: Display Go version - run: go version \ No newline at end of file + - name: Run unit tests + run: go test ./... \ No newline at end of file diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index e5523d8ac1..cb740f532e 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -15,8 +15,8 @@ func TestGetAPIKey(t *testing.T) { if err != nil { t.Fatalf("expected no error, got %v", err) } - if key != "secret123" { - t.Fatalf("expected key 'secret123', got %q", key) + if key != "secret124" { + t.Fatalf("expected key 'secret124', got %q", key) } }) From 4f520c086f13513fa7da3cf2f80d6e3fff960eae Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 11:51:56 -0700 Subject: [PATCH 07/15] Fix GetAPIKey test expectation --- internal/auth/auth_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index cb740f532e..e5523d8ac1 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -15,8 +15,8 @@ func TestGetAPIKey(t *testing.T) { if err != nil { t.Fatalf("expected no error, got %v", err) } - if key != "secret124" { - t.Fatalf("expected key 'secret124', got %q", key) + if key != "secret123" { + t.Fatalf("expected key 'secret123', got %q", key) } }) From ef3ca07e174d8a6f7cb40e98b87e2f9737efc89d Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 11:56:58 -0700 Subject: [PATCH 08/15] Report coverage in CI tests --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 880d801555..12632a7167 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.25.1" - name: Run unit tests - run: go test ./... \ No newline at end of file + run: go test -cover ./... \ No newline at end of file From 9151d04e3ab5c23c4989b6f56eb8a72a103ea29d Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 12:29:37 -0700 Subject: [PATCH 09/15] Add CI status badge to README --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 60dca9ef5a..33b49a4004 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ +![CI status](https://github.com/mnem0nic7/learn-cicd-starter/actions/workflows/ci.yml/badge.svg) + # learn-cicd-starter (Notely) This repo contains the starter code for the "Notely" application for the "Learn CICD" course on [Boot.dev](https://boot.dev). From 2f7c1127929599961f615ba1e8bf45c3beb456bb Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 13:32:36 -0700 Subject: [PATCH 10/15] Add style formatting job to CI --- .github/workflows/ci.yml | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 12632a7167..1ca7f1e32e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,20 @@ jobs: go-version: "1.25.1" - name: Run unit tests - run: go test -cover ./... \ No newline at end of file + run: go test -cover ./... + + style: + name: Style + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.25.1" + + - name: Check formatting + run: test -z $(go fmt ./...) \ No newline at end of file From 7a3e9075f328cfa65a849cb16781c94e0825227c Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 13:46:35 -0700 Subject: [PATCH 11/15] Add staticcheck to CI and demonstrate failure --- .github/workflows/ci.yml | 8 +++++++- main.go | 4 ++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1ca7f1e32e..e7f98b8703 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -35,4 +35,10 @@ jobs: go-version: "1.25.1" - name: Check formatting - run: test -z $(go fmt ./...) \ No newline at end of file + run: test -z $(go fmt ./...) + + - name: Install staticcheck + run: go install honnef.co/go/tools/cmd/staticcheck@latest + + - name: Run staticcheck + run: staticcheck ./... \ No newline at end of file diff --git a/main.go b/main.go index 19d7366c5f..01ebd86ff7 100644 --- a/main.go +++ b/main.go @@ -21,6 +21,10 @@ type apiConfig struct { DB *database.Queries } +func unused() { + // temporary unused function to demonstrate staticcheck failure +} + //go:embed static/* var staticFiles embed.FS From 058acc53557933487d79230b6ce1e253b4b92fdd Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 13:48:27 -0700 Subject: [PATCH 12/15] Remove unused function after staticcheck test --- main.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/main.go b/main.go index 01ebd86ff7..19d7366c5f 100644 --- a/main.go +++ b/main.go @@ -21,10 +21,6 @@ type apiConfig struct { DB *database.Queries } -func unused() { - // temporary unused function to demonstrate staticcheck failure -} - //go:embed static/* var staticFiles embed.FS From 382a8363c3666ebfe4b68bd3aba8692a0eeb81d3 Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 14:07:12 -0700 Subject: [PATCH 13/15] Add gosec scan to tests job --- .github/workflows/ci.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e7f98b8703..636db6956d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,6 +21,12 @@ jobs: - name: Run unit tests run: go test -cover ./... + - name: Install gosec + run: go install github.com/securego/gosec/v2/cmd/gosec@latest + + - name: Run gosec + run: gosec ./... + style: name: Style runs-on: ubuntu-latest From 6e72ae91f2066d2ab72078a05cfeb2184b06a6b9 Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Fri, 26 Sep 2025 14:20:24 -0700 Subject: [PATCH 14/15] Fix gosec findings --- json.go | 4 +++- main.go | 6 ++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/json.go b/json.go index 1e6e7985e1..0f8075d808 100644 --- a/json.go +++ b/json.go @@ -30,5 +30,7 @@ func respondWithJSON(w http.ResponseWriter, code int, payload interface{}) { return } w.WriteHeader(code) - w.Write(dat) + if _, err := w.Write(dat); err != nil { + log.Printf("Error writing response: %s", err) + } } diff --git a/main.go b/main.go index 19d7366c5f..15ee531c5d 100644 --- a/main.go +++ b/main.go @@ -7,6 +7,7 @@ import ( "log" "net/http" "os" + "time" "github.com/go-chi/chi" "github.com/go-chi/cors" @@ -89,8 +90,9 @@ func main() { router.Mount("/v1", v1Router) srv := &http.Server{ - Addr: ":" + port, - Handler: router, + Addr: ":" + port, + Handler: router, + ReadHeaderTimeout: 5 * time.Second, } log.Printf("Serving on port: %s\n", port) From 2f00f826ddfa1d5c7908248348723cd3d22aec1d Mon Sep 17 00:00:00 2001 From: mnem0nic7 Date: Tue, 30 Sep 2025 10:30:36 -0400 Subject: [PATCH 15/15] Add CD workflow for deployment to main --- .github/workflows/cd.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/workflows/cd.yml diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml new file mode 100644 index 0000000000..8dd80e6fef --- /dev/null +++ b/.github/workflows/cd.yml @@ -0,0 +1,22 @@ +name: cd + +on: + push: + branches: [main] + +jobs: + deploy: + name: Deploy + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.25.1" + + - name: Build production binary + run: ./scripts/buildprod.sh