feat: add automation workflow with github action

fullstacksherpa · fullstacksherpa · commit 2f95e7b3af02 · 2025-02-13T23:03:09.000-08:00
diff --git a/.github/workflows/audit.yaml b/.github/workflows/audit.yaml
@@ -0,0 +1,36 @@
+name: Audit
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  audit:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set up Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.23.4
+
+      - name: Verify Dependencies
+        run: go mod verify
+
+      - name: Build
+        run: go build -v ./...
+
+      - name: Run go vet
+        run: go vet ./...
+
+      - name: Install staticcheck
+        run: go install honnef.co/go/tools/cmd/staticcheck@latest
+
+      - name: Run staticcheck
+        run: staticcheck ./...
+
+      - name: Run Tests
+        run: go test -race ./...
diff --git a/.vscode/settings.json b/.vscode/settings.json
diff --git a/app.log b/app.log
@@ -0,0 +1 @@
+FILE: 2025/02/11 02:24:08 Log entry written to file.
diff --git a/cmd/api/api.go b/cmd/api/api.go
@@ -7,6 +7,7 @@ import (
 	"blogsapi/internal/store" //this is required to generate swagger docs
 	"context"
 	"errors"
+	"expvar"
 	"fmt"
 	"net/http"
 	"os"
@@ -16,6 +17,7 @@ import (
 
 	"github.com/go-chi/chi/v5"
 	"github.com/go-chi/chi/v5/middleware"
+	"github.com/go-chi/cors"
 	httpSwagger "github.com/swaggo/http-swagger/v2"
 	"go.uber.org/zap"
 )
@@ -79,12 +81,26 @@ func (app *application) mount() http.Handler {
 	r.Use(middleware.Logger)
 	r.Use(middleware.Recoverer)
 
+	// Basic CORS
+	// for more ideas, see: https://developer.github.com/v3/#cross-origin-resource-sharing
+	r.Use(cors.Handler(cors.Options{
+		// AllowedOrigins:   []string{"https://foo.com"}, // Use this to allow specific origin hosts
+		AllowedOrigins: []string{"https://*", "http://*"},
+		// AllowOriginFunc:  func(r *http.Request, origin string) bool { return true },
+		AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
+		AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"},
+		ExposedHeaders:   []string{"Link"},
+		AllowCredentials: false,
+		MaxAge:           300, // Maximum value not ignored by any of major browsers
+	}))
+
 	//Set a timeout value on the request context (ctx), that will signal through ctx.Done() that the request has timed out and further processing should be stopped
 	r.Use(middleware.Timeout(60 * time.Second))
 
 	r.Route("/v1", func(r chi.Router) {
+		//Operations
 		r.With(app.BasicAuthMiddleware()).Get("/health", app.healthCheckHandler)
-
+		r.With(app.BasicAuthMiddleware()).Get("/debug/vars", expvar.Handler().ServeHTTP)
 		//dynamically configuring this since later we will have development env, staging env, and production env.
 		docsURL := fmt.Sprintf("%s/swagger/doc.json", app.config.addr)
 		r.Get("/swagger/*", httpSwagger.Handler(httpSwagger.URL(docsURL)))
@@ -141,6 +157,7 @@ func (app *application) run(mux http.Handler) error {
 		IdleTimeout:  time.Minute,
 	}
 
+	// Implementing graceful shutdown
 	shutdown := make(chan error)
 
 	go func() {
diff --git a/cmd/api/json.go b/cmd/api/json.go
@@ -9,6 +9,11 @@ import (
 
 var Validate *validator.Validate
 
+// init is special function in Go. it is used for package initialization and has some unique properties.  it is executed before main(), without explicitly called.
+// each package can have multiple init() func, but they run only once when the package is imported.
+// init() func in imported package run before the init() of the main package
+// init() cannot take parameters or return values
+
 func init() {
 	Validate = validator.New(validator.WithRequiredStructEnabled())
 }
diff --git a/cmd/api/main.go b/cmd/api/main.go
@@ -5,8 +5,10 @@ import (
 	"blogsapi/internal/db"
 	"blogsapi/internal/mailer"
 	"blogsapi/internal/store"
+	"expvar"
 	"log"
 	"os"
+	"runtime"
 	"strconv"
 	"time"
 
@@ -112,6 +114,15 @@ func main() {
 		authenticator: jwtAuthenticator,
 	}
 
+	//Metrics collected
+	expvar.NewString("version").Set(version)
+	expvar.Publish("database", expvar.Func(func() any {
+		return db.Stats()
+	}))
+	expvar.Publish("goroutines", expvar.Func(func() any {
+		return runtime.NumGoroutine()
+	}))
+
 	mux := app.mount()
 
 	logger.Fatal(app.run(mux))
diff --git a/cmd/api/users.go b/cmd/api/users.go
@@ -2,7 +2,6 @@ package main
 
 import (
 	"blogsapi/internal/store"
-	"context"
 	"net/http"
 	"strconv"
 
@@ -137,31 +136,31 @@ func (app *application) activateUserHandler(w http.ResponseWriter, r *http.Reque
 	}
 }
 
-func (app *application) userContextMiddleware(next http.Handler) http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		userID, err := strconv.ParseInt(chi.URLParam(r, "userID"), 10, 64)
-		if err != nil {
-			app.badRequestResponse(w, r, err)
-			return
-		}
-		ctx := r.Context()
-		user, err := app.store.Users.GetByID(ctx, userID)
-		if err != nil {
-			switch err {
-			case store.ErrNotFound:
-				app.notFoundResponse(w, r, err)
-				return
-			default:
-				app.internalServerError(w, r, err)
-				return
-			}
-		}
-
-		ctx = context.WithValue(ctx, userCtx, user)
-		next.ServeHTTP(w, r.WithContext(ctx))
-
-	})
-}
+// func (app *application) userContextMiddleware(next http.Handler) http.Handler {
+// 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+// 		userID, err := strconv.ParseInt(chi.URLParam(r, "userID"), 10, 64)
+// 		if err != nil {
+// 			app.badRequestResponse(w, r, err)
+// 			return
+// 		}
+// 		ctx := r.Context()
+// 		user, err := app.store.Users.GetByID(ctx, userID)
+// 		if err != nil {
+// 			switch err {
+// 			case store.ErrNotFound:
+// 				app.notFoundResponse(w, r, err)
+// 				return
+// 			default:
+// 				app.internalServerError(w, r, err)
+// 				return
+// 			}
+// 		}
+
+// 		ctx = context.WithValue(ctx, userCtx, user)
+// 		next.ServeHTTP(w, r.WithContext(ctx))
+
+// 	})
+// }
 
 func getUserFromContext(r *http.Request) *store.User {
 	user, _ := r.Context().Value(userCtx).(*store.User)
diff --git a/cmd/migrate/seed/main.go b/cmd/migrate/seed/main.go
diff --git a/go.mod b/go.mod
@@ -10,7 +10,10 @@ require (
 	github.com/swaggo/http-swagger/v2 v2.0.2
 )
 
-require github.com/sendgrid/rest v2.6.9+incompatible // indirect
+require (
+	github.com/go-chi/cors v1.2.1 // indirect
+	github.com/sendgrid/rest v2.6.9+incompatible // indirect
+)
 
 require (
 	github.com/KyleBanks/depth v1.2.1 // indirect
diff --git a/go.sum b/go.sum
@@ -6,6 +6,8 @@ github.com/gabriel-vasile/mimetype v1.4.8 h1:FfZ3gj38NjllZIeJAmMhr+qKL8Wu+nOoI3G
 github.com/gabriel-vasile/mimetype v1.4.8/go.mod h1:ByKUIKGjh1ODkGM1asKUbQZOLGrPjydw3hYPU2YU9t8=
 github.com/go-chi/chi/v5 v5.2.0 h1:Aj1EtB0qR2Rdo2dG4O94RIU35w2lvQSj6BRA4+qwFL0=
 github.com/go-chi/chi/v5 v5.2.0/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
+github.com/go-chi/cors v1.2.1 h1:xEC8UT3Rlp2QuWNEr4Fs/c2EAGVKBwy/1vHx3bppil4=
+github.com/go-chi/cors v1.2.1/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58=
 github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ=
 github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY=
 github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ=
diff --git a/internal/env/env.go b/internal/env/env.go
diff --git a/internal/store/storage.go b/internal/store/storage.go
@@ -13,6 +13,7 @@ var (
 	QueryTimeoutDuration = time.Second * 5
 )
 
+// it acts as data access layer, ensuring that the business logic does not directly interact with the database. The application.storage field hold an instance of this storage struct created with NewStorage function below , making it available throughout the application so that all handlers and services can access the storage layer.
 type Storage struct {
 	Posts interface {
 		GetByID(context.Context, int64) (*Post, error)
diff --git a/try/main.go b/try/main.go

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+FILE: 2025/02/11 02:24:08 Log entry written to file.`