From 7ef336fea8266af80a2269fa23929ebd4ae5959b Mon Sep 17 00:00:00 2001 From: Sander Rodrigues <155313547+sander-dallorto@users.noreply.github.com> Date: Tue, 30 Sep 2025 20:00:45 -0300 Subject: [PATCH 01/38] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index c2bec0368b..29ed999adb 100644 --- a/README.md +++ b/README.md @@ -21,3 +21,4 @@ go build -o notely && ./notely *This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`. You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course! +Sander's version of Boot.dev's Notely app. From 3c58981b0fb9d09c86d7294cab2f70cbd06d57c2 Mon Sep 17 00:00:00 2001 From: Sander Rodrigues <155313547+sander-dallorto@users.noreply.github.com> Date: Tue, 30 Sep 2025 20:02:27 -0300 Subject: [PATCH 02/38] Update README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 29ed999adb..c2bec0368b 100644 --- a/README.md +++ b/README.md @@ -21,4 +21,3 @@ go build -o notely && ./notely *This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`. You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course! -Sander's version of Boot.dev's Notely app. From e13ac2b51d55456cf53c3fb451774d1fc440b578 Mon Sep 17 00:00:00 2001 From: Sander Rodrigues <155313547+sander-dallorto@users.noreply.github.com> Date: Tue, 30 Sep 2025 20:03:00 -0300 Subject: [PATCH 03/38] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index c2bec0368b..29ed999adb 100644 --- a/README.md +++ b/README.md @@ -21,3 +21,4 @@ go build -o notely && ./notely *This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`. You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course! +Sander's version of Boot.dev's Notely app. From 96b928636383357f21091bb338507f34590f0921 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Tue, 30 Sep 2025 21:13:31 -0300 Subject: [PATCH 04/38] add ci --- .github/workflows/ci.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000000..249cc5258a --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,22 @@ +name: ci + +on: + pull_request: + branches: [main] + +jobs: + tests: + name: Tests + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.25.1" + + - name: Force Failure + run: (exit 1) From 2f0d00023b48203ce65b8fb6354b0b05ba1b6dbd Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 1 Oct 2025 08:47:43 -0300 Subject: [PATCH 05/38] Update ci.yml --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 249cc5258a..40844475dd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.25.1" - name: Force Failure - run: (exit 1) + run: go version From c49326e8ccb9472a4d3a37480818cac8aeaa6b9b Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 1 Oct 2025 10:03:13 -0300 Subject: [PATCH 06/38] Testing ci --- .github/workflows/ci.yml | 2 +- internal/auth/auth.go | 2 +- internal/auth/auth_test.go | 67 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 69 insertions(+), 2 deletions(-) create mode 100644 internal/auth/auth_test.go diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 40844475dd..1ccf0b1444 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.25.1" - name: Force Failure - run: go version + run: go test ./... diff --git a/internal/auth/auth.go b/internal/auth/auth.go index f969aacf63..c23c39ce26 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -10,7 +10,7 @@ var ErrNoAuthHeaderIncluded = errors.New("no authorization header included") // GetAPIKey - func GetAPIKey(headers http.Header) (string, error) { - authHeader := headers.Get("Authorization") + authHeader := headers.Get("Authorizations") if authHeader == "" { return "", ErrNoAuthHeaderIncluded } diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go new file mode 100644 index 0000000000..f8b33c020e --- /dev/null +++ b/internal/auth/auth_test.go @@ -0,0 +1,67 @@ +package auth + +import ( + "errors" + "net/http" + "reflect" + "testing" +) + +func TestGetAPIKey(t *testing.T) { + tests := []struct { + name string + headers http.Header + wantKey string + wantErr error + }{ + { + name: "no Authorization header", + headers: http.Header{}, + wantErr: ErrNoAuthHeaderIncluded, + }, + { + name: "malformed Authorization header - missing ApiKey prefix", + headers: http.Header{ + "Authorization": []string{"Bearer sometoken"}, + }, + wantErr: errors.New("malformed authorization header"), + }, + { + name: "malformed Authorization header - only ApiKey with no token", + headers: http.Header{ + "Authorization": []string{"ApiKey"}, + }, + wantErr: errors.New("malformed authorization header"), + }, + { + name: "valid Authorization header", + headers: http.Header{ + "Authorization": []string{"ApiKey my-secret-key"}, + }, + wantKey: "my-secret-key", + wantErr: nil, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + key, err := GetAPIKey(tt.headers) + + if tt.wantErr != nil { + if err == nil || err.Error() != tt.wantErr.Error() { + t.Errorf("expected error %v, got %v", tt.wantErr, err) + } + return + } + + if err != nil { + t.Errorf("unexpected error: %v", err) + return + } + + if !reflect.DeepEqual(key, tt.wantKey) { + t.Errorf("expected key %q, got %q", tt.wantKey, key) + } + }) + } +} From de34f4bcd24d7ea83d45c00431effc31cd4b1f55 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 1 Oct 2025 10:05:15 -0300 Subject: [PATCH 07/38] Testing ci --- internal/auth/auth.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/auth/auth.go b/internal/auth/auth.go index c23c39ce26..f969aacf63 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -10,7 +10,7 @@ var ErrNoAuthHeaderIncluded = errors.New("no authorization header included") // GetAPIKey - func GetAPIKey(headers http.Header) (string, error) { - authHeader := headers.Get("Authorizations") + authHeader := headers.Get("Authorization") if authHeader == "" { return "", ErrNoAuthHeaderIncluded } From f5084d5d8caf4e548953a8aa8106d508526c39d5 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 1 Oct 2025 10:18:35 -0300 Subject: [PATCH 08/38] Updating ci --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1ccf0b1444..a4ec991430 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.25.1" - name: Force Failure - run: go test ./... + run: go test -cover ./... From bd6718af9f546c1694a1605467eaf4465a966682 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 1 Oct 2025 11:47:22 -0300 Subject: [PATCH 09/38] Update readme.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 29ed999adb..82e750ca0d 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ +![test badge]https://github.com/sander-dallorto/learn-cicd-starter/actions/workflows/ci/badge.svg + # learn-cicd-starter (Notely) This repo contains the starter code for the "Notely" application for the "Learn CICD" course on [Boot.dev](https://boot.dev). From a39bbeca3d6a09f188f34a35b66b4c708dd6e68d Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Tue, 30 Sep 2025 21:13:31 -0300 Subject: [PATCH 10/38] add ci --- .github/workflows/ci.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000000..249cc5258a --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,22 @@ +name: ci + +on: + pull_request: + branches: [main] + +jobs: + tests: + name: Tests + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.25.1" + + - name: Force Failure + run: (exit 1) From f923c6623f4f0776839dd4bc6733d5ec6ddfeb9e Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 1 Oct 2025 08:47:43 -0300 Subject: [PATCH 11/38] Update ci.yml --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 249cc5258a..40844475dd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.25.1" - name: Force Failure - run: (exit 1) + run: go version From 919e36a2224acb2bed8716606163a5b3f773d468 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 1 Oct 2025 10:03:13 -0300 Subject: [PATCH 12/38] Testing ci --- .github/workflows/ci.yml | 2 +- internal/auth/auth.go | 2 +- internal/auth/auth_test.go | 67 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 69 insertions(+), 2 deletions(-) create mode 100644 internal/auth/auth_test.go diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 40844475dd..1ccf0b1444 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.25.1" - name: Force Failure - run: go version + run: go test ./... diff --git a/internal/auth/auth.go b/internal/auth/auth.go index f969aacf63..c23c39ce26 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -10,7 +10,7 @@ var ErrNoAuthHeaderIncluded = errors.New("no authorization header included") // GetAPIKey - func GetAPIKey(headers http.Header) (string, error) { - authHeader := headers.Get("Authorization") + authHeader := headers.Get("Authorizations") if authHeader == "" { return "", ErrNoAuthHeaderIncluded } diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go new file mode 100644 index 0000000000..f8b33c020e --- /dev/null +++ b/internal/auth/auth_test.go @@ -0,0 +1,67 @@ +package auth + +import ( + "errors" + "net/http" + "reflect" + "testing" +) + +func TestGetAPIKey(t *testing.T) { + tests := []struct { + name string + headers http.Header + wantKey string + wantErr error + }{ + { + name: "no Authorization header", + headers: http.Header{}, + wantErr: ErrNoAuthHeaderIncluded, + }, + { + name: "malformed Authorization header - missing ApiKey prefix", + headers: http.Header{ + "Authorization": []string{"Bearer sometoken"}, + }, + wantErr: errors.New("malformed authorization header"), + }, + { + name: "malformed Authorization header - only ApiKey with no token", + headers: http.Header{ + "Authorization": []string{"ApiKey"}, + }, + wantErr: errors.New("malformed authorization header"), + }, + { + name: "valid Authorization header", + headers: http.Header{ + "Authorization": []string{"ApiKey my-secret-key"}, + }, + wantKey: "my-secret-key", + wantErr: nil, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + key, err := GetAPIKey(tt.headers) + + if tt.wantErr != nil { + if err == nil || err.Error() != tt.wantErr.Error() { + t.Errorf("expected error %v, got %v", tt.wantErr, err) + } + return + } + + if err != nil { + t.Errorf("unexpected error: %v", err) + return + } + + if !reflect.DeepEqual(key, tt.wantKey) { + t.Errorf("expected key %q, got %q", tt.wantKey, key) + } + }) + } +} From 55c56af917c1e9a4b7c2b902131605028acb47b8 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 1 Oct 2025 10:05:15 -0300 Subject: [PATCH 13/38] Testing ci --- internal/auth/auth.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/auth/auth.go b/internal/auth/auth.go index c23c39ce26..f969aacf63 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -10,7 +10,7 @@ var ErrNoAuthHeaderIncluded = errors.New("no authorization header included") // GetAPIKey - func GetAPIKey(headers http.Header) (string, error) { - authHeader := headers.Get("Authorizations") + authHeader := headers.Get("Authorization") if authHeader == "" { return "", ErrNoAuthHeaderIncluded } From 554a858c14aed44166548e618de77189272530b4 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 1 Oct 2025 10:18:35 -0300 Subject: [PATCH 14/38] Updating ci --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1ccf0b1444..a4ec991430 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.25.1" - name: Force Failure - run: go test ./... + run: go test -cover ./... From b33098b20ddc18b64e54fc78ecac64194bccbcad Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 1 Oct 2025 11:47:22 -0300 Subject: [PATCH 15/38] Update readme.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index c2bec0368b..95eb377ce3 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ +![test badge]https://github.com/sander-dallorto/learn-cicd-starter/actions/workflows/ci/badge.svg + # learn-cicd-starter (Notely) This repo contains the starter code for the "Notely" application for the "Learn CICD" course on [Boot.dev](https://boot.dev). From 7c792432725eca1ae8c373d779af44143b471f58 Mon Sep 17 00:00:00 2001 From: Sander Rodrigues <155313547+sander-dallorto@users.noreply.github.com> Date: Wed, 1 Oct 2025 11:58:32 -0300 Subject: [PATCH 16/38] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 82e750ca0d..fb8e948735 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -![test badge]https://github.com/sander-dallorto/learn-cicd-starter/actions/workflows/ci/badge.svg +![test badge](https://github.com/sander-dallorto/learn-cicd-starter/actions/workflows/ci.yml/badge.svg) # learn-cicd-starter (Notely) From a7d6454b890e28f568777ad565e7019fb7e446bd Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Thu, 2 Oct 2025 20:02:25 -0300 Subject: [PATCH 17/38] Update ci.yml --- .github/workflows/ci.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a4ec991430..6b3ff68fd0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,3 +20,19 @@ jobs: - name: Force Failure run: go test -cover ./... + + style: + name: Style + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup=go@v5 + with: + go-version: "1.25.1" + + - name: Format code + run: test -z $(go fmt ./...) \ No newline at end of file From e91244a73f68a0f30730a04111c62881a13b1178 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Thu, 2 Oct 2025 20:06:39 -0300 Subject: [PATCH 18/38] Update ci.yml --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6b3ff68fd0..19fe08ef9a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -30,7 +30,7 @@ jobs: uses: actions/checkout@v4 - name: Set up Go - uses: actions/setup=go@v5 + uses: actions/setup-go@v5 with: go-version: "1.25.1" From 5eabd7ddcb2cc3251d6a75d8ee7b81461b022125 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Thu, 2 Oct 2025 20:08:37 -0300 Subject: [PATCH 19/38] Update ci.yml --- .github/workflows/ci.yml | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a4ec991430..23290e51ca 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,5 +18,21 @@ jobs: with: go-version: "1.25.1" - - name: Force Failure - run: go test -cover ./... + - name: Run tests with coverage + run: go test -cover ./... + + style: + name: Style + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.25.1" + + - name: Format code + run: test -z "$(go fmt ./...)" From b6340fe0c65ea3b96b3e9cf76539178733a4c2e7 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Thu, 2 Oct 2025 20:13:59 -0300 Subject: [PATCH 20/38] Updating ci.yml --- .github/workflows/ci.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 19fe08ef9a..23290e51ca 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,8 +18,8 @@ jobs: with: go-version: "1.25.1" - - name: Force Failure - run: go test -cover ./... + - name: Run tests with coverage + run: go test -cover ./... style: name: Style @@ -32,7 +32,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 with: - go-version: "1.25.1" + go-version: "1.25.1" - name: Format code - run: test -z $(go fmt ./...) \ No newline at end of file + run: test -z "$(go fmt ./...)" From ce8683aad408024e282621d9d0f1281719780f55 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Thu, 2 Oct 2025 20:15:14 -0300 Subject: [PATCH 21/38] Updating ci.yml --- .github/workflows/ci.yml | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 23290e51ca..3cf82f67b3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,19 +20,3 @@ jobs: - name: Run tests with coverage run: go test -cover ./... - - style: - name: Style - runs-on: ubuntu-latest - - steps: - - name: Check out code - uses: actions/checkout@v4 - - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: "1.25.1" - - - name: Format code - run: test -z "$(go fmt ./...)" From 92ce42dd492573a2d352e0f0162d5aa54cba2191 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Fri, 3 Oct 2025 09:11:15 -0300 Subject: [PATCH 22/38] Update ci.yml --- .github/workflows/ci.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 23290e51ca..7352d584c5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -36,3 +36,9 @@ jobs: - name: Format code run: test -z "$(go fmt ./...)" + + - name: Install staticcheck + run: go install honnef.co/go/tools/cmd/staticcheck@latest + + - name: Run staticcheck + run: staticcheck ./... \ No newline at end of file From 7933fbf1e3e27bdb7625cd59ca1717df26ced2ad Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Fri, 3 Oct 2025 09:12:40 -0300 Subject: [PATCH 23/38] Update ci.yml --- main.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/main.go b/main.go index 19d7366c5f..a621713c2b 100644 --- a/main.go +++ b/main.go @@ -96,3 +96,8 @@ func main() { log.Printf("Serving on port: %s\n", port) log.Fatal(srv.ListenAndServe()) } + +func unused() { + // this function does nothing + // and is called nowhere +} From 10493cba94255407682ac42dd4a93ae20f7585ef Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Fri, 3 Oct 2025 09:16:35 -0300 Subject: [PATCH 24/38] Update ci.yml --- main.go | 5 ----- 1 file changed, 5 deletions(-) diff --git a/main.go b/main.go index a621713c2b..19d7366c5f 100644 --- a/main.go +++ b/main.go @@ -96,8 +96,3 @@ func main() { log.Printf("Serving on port: %s\n", port) log.Fatal(srv.ListenAndServe()) } - -func unused() { - // this function does nothing - // and is called nowhere -} From 63ddd6211280d0a5ee4c1af6cc6f351c3eca7700 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Fri, 3 Oct 2025 09:20:46 -0300 Subject: [PATCH 25/38] Add security check to ci.yml --- .github/workflows/ci.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7352d584c5..874574658d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,8 +18,15 @@ jobs: with: go-version: "1.25.1" + - name: Install gosec + uses: go install github.com/securego/gosec/v2/cmd/gosec@latest + - name: Run tests with coverage - run: go test -cover ./... + run: go test -cover ./... + + - name: Run security check + run: gosec ./... + style: name: Style From a5bfad34bd0be07a5b0330d9e436c0433ea9736f Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Fri, 3 Oct 2025 09:25:01 -0300 Subject: [PATCH 26/38] Add gosec and security check to ci.yml --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 874574658d..a8ed799c97 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,12 +18,12 @@ jobs: with: go-version: "1.25.1" - - name: Install gosec - uses: go install github.com/securego/gosec/v2/cmd/gosec@latest - - name: Run tests with coverage run: go test -cover ./... + - name: Install gosec + uses: go install github.com/securego/gosec/v2/cmd/gosec@latest + - name: Run security check run: gosec ./... From 68484c8c6dc227705de5e1572d9c7d104773b518 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Fri, 3 Oct 2025 09:30:40 -0300 Subject: [PATCH 27/38] Add gosec and security step in ci.yml --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a8ed799c97..e6d4d741dd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,8 +22,8 @@ jobs: run: go test -cover ./... - name: Install gosec - uses: go install github.com/securego/gosec/v2/cmd/gosec@latest - + run: go install github.com/securego/gosec/v2/cmd/gosec@latest + - name: Run security check run: gosec ./... From fa276d9beb35107240072a896521c1aa3a912607 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Fri, 3 Oct 2025 09:39:58 -0300 Subject: [PATCH 28/38] Fix security issues --- json.go | 6 +++++- main.go | 6 ++++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/json.go b/json.go index 1e6e7985e1..cee305e316 100644 --- a/json.go +++ b/json.go @@ -30,5 +30,9 @@ func respondWithJSON(w http.ResponseWriter, code int, payload interface{}) { return } w.WriteHeader(code) - w.Write(dat) + + _, err = w.Write(dat) + if err != nil { + log.Printf("Error writting data: %s", err) + } } diff --git a/main.go b/main.go index 19d7366c5f..72873fee93 100644 --- a/main.go +++ b/main.go @@ -7,6 +7,7 @@ import ( "log" "net/http" "os" + "time" "github.com/go-chi/chi" "github.com/go-chi/cors" @@ -89,8 +90,9 @@ func main() { router.Mount("/v1", v1Router) srv := &http.Server{ - Addr: ":" + port, - Handler: router, + Addr: ":" + port, + Handler: router, + ReadHeaderTimeout: 10 * time.Second, } log.Printf("Serving on port: %s\n", port) From dcdb24b58d4a0691dc8649a6fc82e221e964ead6 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Sat, 4 Oct 2025 19:37:26 -0300 Subject: [PATCH 29/38] Add cd workflow --- .github/workflows/cd.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 .github/workflows/cd.yml diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml new file mode 100644 index 0000000000..ffad79e231 --- /dev/null +++ b/.github/workflows/cd.yml @@ -0,0 +1,20 @@ +name: cd + +on: + push: + branches: [main] + +jobs: + deploy: + name: Deploy + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + + - name: Build the app + run: ./scripts/buildprod.sh \ No newline at end of file From b59915ae706d1ca8a27167190d38858ef36f5d49 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Mon, 6 Oct 2025 14:14:10 -0300 Subject: [PATCH 30/38] Update cd.yml --- .github/workflows/cd.yml | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index ffad79e231..98b4173c4f 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -17,4 +17,21 @@ jobs: uses: actions/setup-go@v5 - name: Build the app - run: ./scripts/buildprod.sh \ No newline at end of file + run: ./scripts/buildprod.sh + + - id: 'auth' + uses: 'google-github-actions/auth@v2' + with: + workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider' + service_account: 'my-service-account@my-project.iam.gserviceaccount.com' + + - name: 'Set up Cloud SDK' + uses: 'google-github-actions/setup-gcloud@v3' + with: + version: '>= 363.0.0' + + - name: 'Use gcloud CLI' + run: 'gcloud info' + + - name: Build Docker image + run: gcloud builds submit --tag us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 . \ No newline at end of file From 0c9854a91327f5f0486da2108792c10980e9baaa Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Mon, 6 Oct 2025 14:57:56 -0300 Subject: [PATCH 31/38] Update cd.yml --- .github/workflows/cd.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 98b4173c4f..a250480a40 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -22,9 +22,7 @@ jobs: - id: 'auth' uses: 'google-github-actions/auth@v2' with: - workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider' - service_account: 'my-service-account@my-project.iam.gserviceaccount.com' - + credentials_json: ${{ secrets.GCP_CREDENTIALS }} - name: 'Set up Cloud SDK' uses: 'google-github-actions/setup-gcloud@v3' with: From 623986e9095d6bd87483634322aabb38f42758ef Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Tue, 7 Oct 2025 09:30:38 -0300 Subject: [PATCH 32/38] Update cd.yml and index.html --- .github/workflows/cd.yml | 5 ++++- static/index.html | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index a250480a40..c0cf8ef37b 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -32,4 +32,7 @@ jobs: run: 'gcloud info' - name: Build Docker image - run: gcloud builds submit --tag us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 . \ No newline at end of file + run: gcloud builds submit --tag us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 . + + - name: Deploy to run Cloud Run + run: gcloud run deploy notely --image REGION-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 --region us-central1 --allow-unauthenticated --project notely-474312 --max-instances=4 \ No newline at end of file diff --git a/static/index.html b/static/index.html index 72be101028..5d4ad73c09 100644 --- a/static/index.html +++ b/static/index.html @@ -7,7 +7,7 @@ -

Notely

+

Welcome to Notely

From f53aa451f006f27b969ff48573817d59e3bb71fd Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Tue, 7 Oct 2025 09:34:14 -0300 Subject: [PATCH 33/38] fix cd.yml --- .github/workflows/cd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index c0cf8ef37b..95f5d4433c 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -35,4 +35,4 @@ jobs: run: gcloud builds submit --tag us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 . - name: Deploy to run Cloud Run - run: gcloud run deploy notely --image REGION-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 --region us-central1 --allow-unauthenticated --project notely-474312 --max-instances=4 \ No newline at end of file + run: gcloud run deploy notely --image us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 --region us-central1 --allow-unauthenticated --project notely-474312 --max-instances=4 \ No newline at end of file From 8fd55835463de925f88e0b93471dd3919393418f Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 8 Oct 2025 09:46:35 -0300 Subject: [PATCH 34/38] Add goose and migrate up to cd.yml --- .github/workflows/cd.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 95f5d4433c..7cadd29e88 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -9,6 +9,9 @@ jobs: name: Deploy runs-on: ubuntu-latest + env: + DATABASE_URL: ${{ secrets.DATABASE_URL }} + steps: - name: Check out code uses: actions/checkout@v4 @@ -16,6 +19,9 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 + - name: Set up Goose + run: go install github.com/pressly/goose/v3/cmd/goose@latest + - name: Build the app run: ./scripts/buildprod.sh @@ -34,5 +40,8 @@ jobs: - name: Build Docker image run: gcloud builds submit --tag us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 . + - name: Run migrations + run: goose -driver libsql -database ${{ secrets.DATABASE_URL }} up + - name: Deploy to run Cloud Run run: gcloud run deploy notely --image us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 --region us-central1 --allow-unauthenticated --project notely-474312 --max-instances=4 \ No newline at end of file From 90012c401c02028545766d6b06bfdc2e3ccab8db Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 8 Oct 2025 09:55:00 -0300 Subject: [PATCH 35/38] Fix cd.yml migrations --- .github/workflows/cd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 7cadd29e88..cf7a521224 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -41,7 +41,7 @@ jobs: run: gcloud builds submit --tag us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 . - name: Run migrations - run: goose -driver libsql -database ${{ secrets.DATABASE_URL }} up + run: goose -dir ./sql/schema libsql "${{ secrets.DATABASE_URL }}" up - name: Deploy to run Cloud Run run: gcloud run deploy notely --image us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 --region us-central1 --allow-unauthenticated --project notely-474312 --max-instances=4 \ No newline at end of file From 24fd987146e393dd4a69b32e64b1ddbbd1421759 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 8 Oct 2025 10:00:58 -0300 Subject: [PATCH 36/38] Fix cd.yml migrations --- .github/workflows/cd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index cf7a521224..99644ae231 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -41,7 +41,7 @@ jobs: run: gcloud builds submit --tag us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 . - name: Run migrations - run: goose -dir ./sql/schema libsql "${{ secrets.DATABASE_URL }}" up + run: goose -dir ./sql/schema sqlite3 "${{ secrets.DATABASE_URL }}" up - name: Deploy to run Cloud Run run: gcloud run deploy notely --image us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 --region us-central1 --allow-unauthenticated --project notely-474312 --max-instances=4 \ No newline at end of file From 58c189cba45bae7154dabcffad8fe7afffdbdab4 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 8 Oct 2025 10:09:56 -0300 Subject: [PATCH 37/38] Fix cd.yml migrations --- .github/workflows/cd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 99644ae231..2aca016063 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -41,7 +41,7 @@ jobs: run: gcloud builds submit --tag us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 . - name: Run migrations - run: goose -dir ./sql/schema sqlite3 "${{ secrets.DATABASE_URL }}" up + run: goose -dir ./sql/schema sqlite3 "file:remote.db?dsn=${DATABASE_URL}" up - name: Deploy to run Cloud Run run: gcloud run deploy notely --image us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 --region us-central1 --allow-unauthenticated --project notely-474312 --max-instances=4 \ No newline at end of file From 68006f398f01a3971432e33991ed4a4df537e631 Mon Sep 17 00:00:00 2001 From: sander-dallorto Date: Wed, 8 Oct 2025 10:19:52 -0300 Subject: [PATCH 38/38] fix stuff --- .github/workflows/cd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 2aca016063..3e15ffc6de 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -41,7 +41,7 @@ jobs: run: gcloud builds submit --tag us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 . - name: Run migrations - run: goose -dir ./sql/schema sqlite3 "file:remote.db?dsn=${DATABASE_URL}" up + run: ./scripts/migrateup.sh - name: Deploy to run Cloud Run run: gcloud run deploy notely --image us-central1-docker.pkg.dev/notely-474312/notely-ar-repo/notely:v1 --region us-central1 --allow-unauthenticated --project notely-474312 --max-instances=4 \ No newline at end of file