Merge pull request #1 from mahendraintelops/compage-v1

commit by compage : generated files through compage for version: v1

.deepsource.toml

@@ -0,0 +1,15 @@
+version = 1
+
+[[analyzers]]
+name = "shell"
+enabled = true
+
+[[analyzers]]
+name = "docker"
+enabled = true
+
+[[analyzers]]
+name = "go"
+
+  [analyzers.meta]
+  import_root = "github.com/mahendraintelops/my-test-project"

.github/workflows/user-service-ci.yml

@@ -0,0 +1,131 @@
+name: user-service-ci
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+env:
+    REGISTRY: ghcr.io
+    GH_URL: https://github.com
+
+jobs:
+  build-and-test:
+    runs-on: ubuntu-20.04
+    permissions:
+      packages: write
+      id-token: write
+      contents: read
+      actions: read
+      security-events: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          submodules: recursive
+          token: ${{ secrets.GH_TOKEN }}
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.20'
+          cache-dependency-path: '**/user-service/go.sum'
+      - name: Build
+        run: |
+          cd user-service
+          go mod tidy
+          go build -v ./...
+          cd ..
+      - name: golangci-lint
+        run: |
+          go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.52.2
+          cd user-service
+          golangci-lint run
+          cd ..
+      - name: Test
+        run: |
+          cd user-service
+          go test -v ./... -race -coverprofile=coverage.out -coverpkg=./... -covermode=atomic
+          cd ..
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v3
+        with:
+          files: ./user-service/coverage.out
+          flags: user-service
+          token: ${{secrets.CODECOV_TOKEN}}
+      - name: Run Trivy vulnerability scanner in repo mode
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          ignore-unfixed: true
+          format: 'sarif'
+          output: 'trivy-results.sarif'
+          severity: 'CRITICAL'
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: 'trivy-results.sarif'
+  publish-docker-image:
+    if: gitHub.event_name != 'pull_request'
+    needs: build-and-test
+    runs-on: ubuntu-20.04
+    permissions:
+      packages: write
+      id-token: write
+      contents: read
+      actions: read
+      security-events: write
+    steps:
+      - name: Checkout GitHub Action
+        uses: actions/checkout@v3
+        # setup Docker build action
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Docker metadata
+        id: metadata
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ github.repository }}/user-service
+          tags: |
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=raw,value={{sha}},enable=${{ github.ref_type != 'tag' }}
+          flavor: |
+            latest=true
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GH_TOKEN }}
+      - name: Build image and push to GitHub Container Registry
+        uses: docker/build-push-action@v4
+        with:
+          # relative path to the place where source code with Dockerfile is located
+          context: ./user-service
+          # Note: tags has to be all lower-case
+          tags: ${{ env.REGISTRY }}/${{ github.repository }}/user-service:${{ github.run_id }}
+          # ${{ steps.metadata.outputs.tags }}
+          labels: ${{ steps.metadata.outputs.labels }}
+          # build on feature branches, push only on main branch
+          push: true
+      - name: Install cosign
+        uses: sigstore/cosign-installer@main
+      - name: Sign the images
+        run: |
+          cosign sign -y ${{ env.REGISTRY }}/${{ github.repository }}/user-service:${{ github.run_id }}
+        env:
+          COSIGN_EXPERIMENTAL: 1
+      - name: Verify the pushed tags
+        run: cosign verify ${{ env.REGISTRY }}/${{ github.repository }}/user-service:${{ github.run_id }} --certificate-identity ${{ env.GH_URL }}/${{ github.repository }}/.github/workflows/user-service-ci.yml@refs/heads/main --certificate-oidc-issuer https://token.actions.githubusercontent.com
+        env:
+          COSIGN_EXPERIMENTAL: 1
+      - name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          format: 'github'
+          output: 'dependency-results.sbom.json'
+          image-ref: '.'
+          github-pat: ${{ secrets.GH_TOKEN }}

.github/workflows/user-service-release.yml

@@ -0,0 +1,62 @@
+name: user-service-release
+on:
+  push:
+    tags:
+      - "v*.*.*"
+
+env:
+  REGISTRY: ghcr.io
+  GH_URL: https://github.com
+
+jobs:
+  push_to_registry:
+    name: Build and push Docker image github container registry.
+    runs-on: ubuntu-20.04
+    permissions:
+      packages: write
+      id-token: write
+      contents: read
+      actions: read
+      security-events: write
+    steps:
+      - name: Set environment variable
+        run: |
+          echo "RELEASE_VERSION=${GITHUB_REF:10}" >> $GITHUB_ENV
+      - name: Test environment variable
+        run: echo ${{ env.RELEASE_VERSION }}
+      - name: Check out GitHub repo
+        uses: actions/checkout@v3
+        with:
+          submodules: recursive
+          token: ${{ secrets.GH_TOKEN }}
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GH_TOKEN }}
+      - name: Build image and push to GitHub Container Registry
+        uses: docker/build-push-action@v4
+        with:
+          push: true
+          context: ./user-service
+          tags: ${{ env.REGISTRY }}/${{ github.repository }}/user-service:${{ env.RELEASE_VERSION }}
+      - name: Install cosign
+        uses: sigstore/cosign-installer@main
+      - name: Sign the images
+        run: |
+          cosign sign -y ${{ env.REGISTRY }}/${{ github.repository }}/user-service:${{ env.RELEASE_VERSION }}
+        env:
+          COSIGN_EXPERIMENTAL: 1
+      - name: Verify the pushed tags
+        run: cosign verify ${{ env.REGISTRY }}/${{ github.repository }}/user-service:${{ env.RELEASE_VERSION }} --certificate-identity ${{ env.GH_URL }}/${{ github.repository }}/.github/workflows/user-service-release.yml@refs/tags/${{ env.RELEASE_VERSION }}  --certificate-oidc-issuer https://token.actions.githubusercontent.com
+        env:
+          COSIGN_EXPERIMENTAL: 1
+      - name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          format: 'github'
+          output: 'dependency-results.sbom.json'
+          image-ref: '.'
+          github-pat: ${{ secrets.GH_TOKEN }} # or ${{ secrets.github_pat_name }} if you're using a PAT

README.md

@@ -1 +1,6 @@
-# my-test-project
+### Code generated by compage
+github.com/mahendraintelops/my-test-project
+
+#### Steps required for running the GitHub actions for this project.
+- Create a GitHub token by following the steps given [here](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token), you need to have these scopes for the token [repo, write:packages]
+- Add the above token as an environment variable [*GH_TOKEN*] to this project, please follow the steps given [here](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization)

user-service/.devcontainer/Dockerfile

@@ -0,0 +1,6 @@
+FROM mcr.microsoft.com/devcontainers/go:0-1.19-bullseye
+
+ARG TARGETOS
+ARG TARGETARCH
+
+RUN curl -L -o kind "https://kind.sigs.k8s.io/dl/v0.17.0/kind-linux-${TARGETARCH}" && install -c -m 0755 kind /usr/local/bin

user-service/.devcontainer/devcontainer.json

@@ -0,0 +1,43 @@
+{
+  "name": "Go",
+  "build": {
+    "dockerfile": "Dockerfile"
+  },
+  "features": {
+    "ghcr.io/devcontainers/features/docker-in-docker:2": {
+      "version": "latest"
+    }
+  },
+  "postCreateCommand": "kind create cluster --name my-test-project || true",
+  "mounts": [
+    {
+      "type": "volume",
+      "source": "user-service",
+      "target": "/home/vscode"
+    }
+  ],
+  "customizations": {
+    "devpod": {
+      "prebuildRepository": "fdog239/prebuilds"
+    },
+    "vscode": {
+      "settings": {},
+      "extensions": [
+        "streetsidesoftware.code-spell-checker"
+      ]
+    }
+  },
+  "forwardPorts": [
+
+        2333
+
+  ],
+  "portsAttributes": {
+
+        "2333": {
+          "label": "Hello Remote World",
+          "onAutoForward": "notify"
+        }
+
+  }
+}

user-service/.gitignore

@@ -0,0 +1,4 @@
+user-service
+../.idea
+.devspace
+/sqlite.db

user-service/Dockerfile

@@ -0,0 +1,35 @@
+################ Build & Dev ################
+# Build stage will be used:
+# - for building the application for production
+FROM golang:1.20.2-alpine3.17 as build
+
+# Create project directory (workdir)
+WORKDIR /app
+
+# Copy source code files to WORKDIR
+COPY . .
+
+# Build application
+RUN go mod tidy && go build -ldflags '-s -w' -o main .
+
+# Container start command for development
+CMD ["go", "run", "main.go"]
+
+
+################ Production ################
+# Creates a minimal image for production using distroless base image
+# More info here: https://github.com/GoogleContainerTools/distroless
+FROM gcr.io/distroless/base-debian11:nonroot as production
+
+# Copy application binary from build/dev stage to the distroless container
+COPY --from=build /app/main /
+
+
+# Application port (optional)
+EXPOSE 2333
+
+
+
+
+# Container start command for production
+CMD ["/main"]

user-service/README.md

@@ -0,0 +1,20 @@
+# mahendraintelops/my-test-project/user-service
+user-service
+
+
+### REST Server
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+[![Open in DevPod!](https://devpod.sh/assets/open-in-devpod.svg)](https://devpod.sh/open#https://github.com/mahendraintelops/my-test-project/user-service)

user-service/config/rest-opentel-config.go

@@ -0,0 +1,58 @@
+package config
+
+import (
+	"context"
+	log "github.com/sirupsen/logrus"
+	"go.opentelemetry.io/otel"
+	"go.opentelemetry.io/otel/attribute"
+	"go.opentelemetry.io/otel/exporters/otlp/otlptrace"
+	"go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc"
+	"go.opentelemetry.io/otel/propagation"
+	"go.opentelemetry.io/otel/sdk/resource"
+	sdktrace "go.opentelemetry.io/otel/sdk/trace"
+	"google.golang.org/grpc/credentials"
+	"os"
+)
+
+// InitRestTracer configures an OpenTelemetry exporter and trace provider
+func InitRestTracer(serviceName, collectorURL, insecure string) *sdktrace.TracerProvider {
+	secureOption := otlptracegrpc.WithTLSCredentials(credentials.NewClientTLSFromCert(nil, ""))
+	if len(insecure) > 0 {
+		secureOption = otlptracegrpc.WithInsecure()
+	}
+
+	exporter, err := otlptrace.New(
+		context.Background(),
+		otlptracegrpc.NewClient(
+			secureOption,
+			otlptracegrpc.WithEndpoint(collectorURL),
+		),
+	)
+
+	if err != nil {
+		log.Debugf("error while configuring opentel, %v", err)
+		os.Exit(1)
+	}
+	restResources, err := resource.New(
+		context.Background(),
+		resource.WithAttributes(
+			attribute.String("service.name", serviceName),
+			attribute.String("library.language", "go"),
+		),
+	)
+	if err != nil {
+		log.Errorf("could not set restResources: %v", err)
+		os.Exit(1)
+	}
+
+	traceProvider := sdktrace.NewTracerProvider(
+		sdktrace.WithSampler(sdktrace.AlwaysSample()),
+		sdktrace.WithBatcher(exporter),
+		sdktrace.WithResource(restResources),
+	)
+
+	otel.SetTracerProvider(traceProvider)
+	otel.SetTextMapPropagator(propagation.NewCompositeTextMapPropagator(propagation.TraceContext{}, propagation.Baggage{}))
+
+	return traceProvider
+}