-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1 from mahendraintelops/compage-v1
commit by compage : generated files through compage for version: v1
- Loading branch information
Showing
23 changed files
with
1,846 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
version = 1 | ||
|
||
[[analyzers]] | ||
name = "shell" | ||
enabled = true | ||
|
||
[[analyzers]] | ||
name = "docker" | ||
enabled = true | ||
|
||
[[analyzers]] | ||
name = "go" | ||
|
||
[analyzers.meta] | ||
import_root = "github.com/mahendraintelops/my-test-project" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,131 @@ | ||
name: user-service-ci | ||
|
||
on: | ||
push: | ||
branches: [ "main" ] | ||
pull_request: | ||
branches: [ "main" ] | ||
|
||
env: | ||
REGISTRY: ghcr.io | ||
GH_URL: https://github.com | ||
|
||
jobs: | ||
build-and-test: | ||
runs-on: ubuntu-20.04 | ||
permissions: | ||
packages: write | ||
id-token: write | ||
contents: read | ||
actions: read | ||
security-events: write | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v3 | ||
with: | ||
submodules: recursive | ||
token: ${{ secrets.GH_TOKEN }} | ||
- name: Set up Go | ||
uses: actions/setup-go@v4 | ||
with: | ||
go-version: '1.20' | ||
cache-dependency-path: '**/user-service/go.sum' | ||
- name: Build | ||
run: | | ||
cd user-service | ||
go mod tidy | ||
go build -v ./... | ||
cd .. | ||
- name: golangci-lint | ||
run: | | ||
go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.52.2 | ||
cd user-service | ||
golangci-lint run | ||
cd .. | ||
- name: Test | ||
run: | | ||
cd user-service | ||
go test -v ./... -race -coverprofile=coverage.out -coverpkg=./... -covermode=atomic | ||
cd .. | ||
- name: Upload coverage to Codecov | ||
uses: codecov/codecov-action@v3 | ||
with: | ||
files: ./user-service/coverage.out | ||
flags: user-service | ||
token: ${{secrets.CODECOV_TOKEN}} | ||
- name: Run Trivy vulnerability scanner in repo mode | ||
uses: aquasecurity/trivy-action@master | ||
with: | ||
scan-type: 'fs' | ||
ignore-unfixed: true | ||
format: 'sarif' | ||
output: 'trivy-results.sarif' | ||
severity: 'CRITICAL' | ||
- name: Upload Trivy scan results to GitHub Security tab | ||
uses: github/codeql-action/upload-sarif@v2 | ||
with: | ||
sarif_file: 'trivy-results.sarif' | ||
publish-docker-image: | ||
if: gitHub.event_name != 'pull_request' | ||
needs: build-and-test | ||
runs-on: ubuntu-20.04 | ||
permissions: | ||
packages: write | ||
id-token: write | ||
contents: read | ||
actions: read | ||
security-events: write | ||
steps: | ||
- name: Checkout GitHub Action | ||
uses: actions/checkout@v3 | ||
# setup Docker build action | ||
- name: Set up Docker Buildx | ||
id: buildx | ||
uses: docker/setup-buildx-action@v2 | ||
- name: Docker metadata | ||
id: metadata | ||
uses: docker/metadata-action@v4 | ||
with: | ||
images: ${{ env.REGISTRY }}/${{ github.repository }}/user-service | ||
tags: | | ||
type=semver,pattern={{version}} | ||
type=semver,pattern={{major}}.{{minor}} | ||
type=raw,value={{sha}},enable=${{ github.ref_type != 'tag' }} | ||
flavor: | | ||
latest=true | ||
- name: Login to GitHub Container Registry | ||
uses: docker/login-action@v2 | ||
with: | ||
registry: ${{ env.REGISTRY }} | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GH_TOKEN }} | ||
- name: Build image and push to GitHub Container Registry | ||
uses: docker/build-push-action@v4 | ||
with: | ||
# relative path to the place where source code with Dockerfile is located | ||
context: ./user-service | ||
# Note: tags has to be all lower-case | ||
tags: ${{ env.REGISTRY }}/${{ github.repository }}/user-service:${{ github.run_id }} | ||
# ${{ steps.metadata.outputs.tags }} | ||
labels: ${{ steps.metadata.outputs.labels }} | ||
# build on feature branches, push only on main branch | ||
push: true | ||
- name: Install cosign | ||
uses: sigstore/cosign-installer@main | ||
- name: Sign the images | ||
run: | | ||
cosign sign -y ${{ env.REGISTRY }}/${{ github.repository }}/user-service:${{ github.run_id }} | ||
env: | ||
COSIGN_EXPERIMENTAL: 1 | ||
- name: Verify the pushed tags | ||
run: cosign verify ${{ env.REGISTRY }}/${{ github.repository }}/user-service:${{ github.run_id }} --certificate-identity ${{ env.GH_URL }}/${{ github.repository }}/.github/workflows/user-service-ci.yml@refs/heads/main --certificate-oidc-issuer https://token.actions.githubusercontent.com | ||
env: | ||
COSIGN_EXPERIMENTAL: 1 | ||
- name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph | ||
uses: aquasecurity/trivy-action@master | ||
with: | ||
scan-type: 'fs' | ||
format: 'github' | ||
output: 'dependency-results.sbom.json' | ||
image-ref: '.' | ||
github-pat: ${{ secrets.GH_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
name: user-service-release | ||
on: | ||
push: | ||
tags: | ||
- "v*.*.*" | ||
|
||
env: | ||
REGISTRY: ghcr.io | ||
GH_URL: https://github.com | ||
|
||
jobs: | ||
push_to_registry: | ||
name: Build and push Docker image github container registry. | ||
runs-on: ubuntu-20.04 | ||
permissions: | ||
packages: write | ||
id-token: write | ||
contents: read | ||
actions: read | ||
security-events: write | ||
steps: | ||
- name: Set environment variable | ||
run: | | ||
echo "RELEASE_VERSION=${GITHUB_REF:10}" >> $GITHUB_ENV | ||
- name: Test environment variable | ||
run: echo ${{ env.RELEASE_VERSION }} | ||
- name: Check out GitHub repo | ||
uses: actions/checkout@v3 | ||
with: | ||
submodules: recursive | ||
token: ${{ secrets.GH_TOKEN }} | ||
- name: Login to GitHub Container Registry | ||
uses: docker/login-action@v2 | ||
with: | ||
registry: ${{ env.REGISTRY }} | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GH_TOKEN }} | ||
- name: Build image and push to GitHub Container Registry | ||
uses: docker/build-push-action@v4 | ||
with: | ||
push: true | ||
context: ./user-service | ||
tags: ${{ env.REGISTRY }}/${{ github.repository }}/user-service:${{ env.RELEASE_VERSION }} | ||
- name: Install cosign | ||
uses: sigstore/cosign-installer@main | ||
- name: Sign the images | ||
run: | | ||
cosign sign -y ${{ env.REGISTRY }}/${{ github.repository }}/user-service:${{ env.RELEASE_VERSION }} | ||
env: | ||
COSIGN_EXPERIMENTAL: 1 | ||
- name: Verify the pushed tags | ||
run: cosign verify ${{ env.REGISTRY }}/${{ github.repository }}/user-service:${{ env.RELEASE_VERSION }} --certificate-identity ${{ env.GH_URL }}/${{ github.repository }}/.github/workflows/user-service-release.yml@refs/tags/${{ env.RELEASE_VERSION }} --certificate-oidc-issuer https://token.actions.githubusercontent.com | ||
env: | ||
COSIGN_EXPERIMENTAL: 1 | ||
- name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph | ||
uses: aquasecurity/trivy-action@master | ||
with: | ||
scan-type: 'fs' | ||
format: 'github' | ||
output: 'dependency-results.sbom.json' | ||
image-ref: '.' | ||
github-pat: ${{ secrets.GH_TOKEN }} # or ${{ secrets.github_pat_name }} if you're using a PAT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,6 @@ | ||
# my-test-project | ||
### Code generated by compage | ||
github.com/mahendraintelops/my-test-project | ||
|
||
#### Steps required for running the GitHub actions for this project. | ||
- Create a GitHub token by following the steps given [here](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token), you need to have these scopes for the token [repo, write:packages] | ||
- Add the above token as an environment variable [*GH_TOKEN*] to this project, please follow the steps given [here](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
FROM mcr.microsoft.com/devcontainers/go:0-1.19-bullseye | ||
|
||
ARG TARGETOS | ||
ARG TARGETARCH | ||
|
||
RUN curl -L -o kind "https://kind.sigs.k8s.io/dl/v0.17.0/kind-linux-${TARGETARCH}" && install -c -m 0755 kind /usr/local/bin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
{ | ||
"name": "Go", | ||
"build": { | ||
"dockerfile": "Dockerfile" | ||
}, | ||
"features": { | ||
"ghcr.io/devcontainers/features/docker-in-docker:2": { | ||
"version": "latest" | ||
} | ||
}, | ||
"postCreateCommand": "kind create cluster --name my-test-project || true", | ||
"mounts": [ | ||
{ | ||
"type": "volume", | ||
"source": "user-service", | ||
"target": "/home/vscode" | ||
} | ||
], | ||
"customizations": { | ||
"devpod": { | ||
"prebuildRepository": "fdog239/prebuilds" | ||
}, | ||
"vscode": { | ||
"settings": {}, | ||
"extensions": [ | ||
"streetsidesoftware.code-spell-checker" | ||
] | ||
} | ||
}, | ||
"forwardPorts": [ | ||
|
||
2333 | ||
|
||
], | ||
"portsAttributes": { | ||
|
||
"2333": { | ||
"label": "Hello Remote World", | ||
"onAutoForward": "notify" | ||
} | ||
|
||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
user-service | ||
../.idea | ||
.devspace | ||
/sqlite.db |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
################ Build & Dev ################ | ||
# Build stage will be used: | ||
# - for building the application for production | ||
FROM golang:1.20.2-alpine3.17 as build | ||
|
||
# Create project directory (workdir) | ||
WORKDIR /app | ||
|
||
# Copy source code files to WORKDIR | ||
COPY . . | ||
|
||
# Build application | ||
RUN go mod tidy && go build -ldflags '-s -w' -o main . | ||
|
||
# Container start command for development | ||
CMD ["go", "run", "main.go"] | ||
|
||
|
||
################ Production ################ | ||
# Creates a minimal image for production using distroless base image | ||
# More info here: https://github.com/GoogleContainerTools/distroless | ||
FROM gcr.io/distroless/base-debian11:nonroot as production | ||
|
||
# Copy application binary from build/dev stage to the distroless container | ||
COPY --from=build /app/main / | ||
|
||
|
||
# Application port (optional) | ||
EXPOSE 2333 | ||
|
||
|
||
|
||
|
||
# Container start command for production | ||
CMD ["/main"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
# mahendraintelops/my-test-project/user-service | ||
user-service | ||
|
||
|
||
### REST Server | ||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
[![Open in DevPod!](https://devpod.sh/assets/open-in-devpod.svg)](https://devpod.sh/open#https://github.com/mahendraintelops/my-test-project/user-service) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
package config | ||
|
||
import ( | ||
"context" | ||
log "github.com/sirupsen/logrus" | ||
"go.opentelemetry.io/otel" | ||
"go.opentelemetry.io/otel/attribute" | ||
"go.opentelemetry.io/otel/exporters/otlp/otlptrace" | ||
"go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc" | ||
"go.opentelemetry.io/otel/propagation" | ||
"go.opentelemetry.io/otel/sdk/resource" | ||
sdktrace "go.opentelemetry.io/otel/sdk/trace" | ||
"google.golang.org/grpc/credentials" | ||
"os" | ||
) | ||
|
||
// InitRestTracer configures an OpenTelemetry exporter and trace provider | ||
func InitRestTracer(serviceName, collectorURL, insecure string) *sdktrace.TracerProvider { | ||
secureOption := otlptracegrpc.WithTLSCredentials(credentials.NewClientTLSFromCert(nil, "")) | ||
if len(insecure) > 0 { | ||
secureOption = otlptracegrpc.WithInsecure() | ||
} | ||
|
||
exporter, err := otlptrace.New( | ||
context.Background(), | ||
otlptracegrpc.NewClient( | ||
secureOption, | ||
otlptracegrpc.WithEndpoint(collectorURL), | ||
), | ||
) | ||
|
||
if err != nil { | ||
log.Debugf("error while configuring opentel, %v", err) | ||
os.Exit(1) | ||
} | ||
restResources, err := resource.New( | ||
context.Background(), | ||
resource.WithAttributes( | ||
attribute.String("service.name", serviceName), | ||
attribute.String("library.language", "go"), | ||
), | ||
) | ||
if err != nil { | ||
log.Errorf("could not set restResources: %v", err) | ||
os.Exit(1) | ||
} | ||
|
||
traceProvider := sdktrace.NewTracerProvider( | ||
sdktrace.WithSampler(sdktrace.AlwaysSample()), | ||
sdktrace.WithBatcher(exporter), | ||
sdktrace.WithResource(restResources), | ||
) | ||
|
||
otel.SetTracerProvider(traceProvider) | ||
otel.SetTextMapPropagator(propagation.NewCompositeTextMapPropagator(propagation.TraceContext{}, propagation.Baggage{})) | ||
|
||
return traceProvider | ||
} |
Oops, something went wrong.