From d80cf540d551d379836beffcd0e9df20417840d0 Mon Sep 17 00:00:00 2001 From: mecebeci Date: Sat, 4 Oct 2025 22:26:27 +0300 Subject: [PATCH 01/16] change the README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index c2bec0368b..3d3e9fa506 100644 --- a/README.md +++ b/README.md @@ -21,3 +21,4 @@ go build -o notely && ./notely *This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`. You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course! +Emre's version of Boot.dev's Notely app. From 8014da8f10da45f3515227d292aa5f637e2ab22d Mon Sep 17 00:00:00 2001 From: mecebeci Date: Sun, 5 Oct 2025 22:30:48 +0300 Subject: [PATCH 02/16] change README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 3d3e9fa506..46e4afbafc 100644 --- a/README.md +++ b/README.md @@ -21,4 +21,5 @@ go build -o notely && ./notely *This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`. You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course! + Emre's version of Boot.dev's Notely app. From 693fb17f418b047b0d37fffe7255c5c1a2b5262e Mon Sep 17 00:00:00 2001 From: mecebeci Date: Wed, 8 Oct 2025 10:10:30 +0300 Subject: [PATCH 03/16] add workflows --- .github/workflows/ci.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000000..249cc5258a --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,22 @@ +name: ci + +on: + pull_request: + branches: [main] + +jobs: + tests: + name: Tests + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.25.1" + + - name: Force Failure + run: (exit 1) From 610cb4656f6d6476c2404036f50adcf75945519b Mon Sep 17 00:00:00 2001 From: mecebeci Date: Wed, 8 Oct 2025 10:25:11 +0300 Subject: [PATCH 04/16] add go version check --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 249cc5258a..1ee2bba1dc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,5 +18,5 @@ jobs: with: go-version: "1.25.1" - - name: Force Failure - run: (exit 1) + - name: Check Go version + run: go version From 7bc84152d82e89bb8e880c75e3ff81d81b0cc59a Mon Sep 17 00:00:00 2001 From: mecebeci Date: Wed, 8 Oct 2025 10:46:25 +0300 Subject: [PATCH 05/16] add unit test --- .github/workflows/ci.yml | 4 +-- internal/auth/auth_test.go | 53 ++++++++++++++++++++++++++++++++++++++ main.go | 2 +- 3 files changed, 56 insertions(+), 3 deletions(-) create mode 100644 internal/auth/auth_test.go diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1ee2bba1dc..ffb6c4f936 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,5 +18,5 @@ jobs: with: go-version: "1.25.1" - - name: Check Go version - run: go version + - name: Unit test + run: go test ./... diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go new file mode 100644 index 0000000000..7a652c7b02 --- /dev/null +++ b/internal/auth/auth_test.go @@ -0,0 +1,53 @@ +package auth + +import ( + "net/http" + "testing" +) + +func TestGetAPIKey(t *testing.T) { + tests := []struct { + name string + headers http.Header + wantKey string + wantError error + }{ + { + name: "valid ApiKey header", + headers: http.Header{ + "Authorization": []string{"ApiKey my-secret-key"}, + }, + wantKey: "my-secret-key", + wantError: nil, + }, + { + name: "missing Authorization header", + headers: http.Header{}, + wantKey: "", + wantError: ErrNoAuthHeaderIncluded, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + key, err := GetAPIKey(tt.headers) + + if tt.wantError != nil { + if err == nil { + t.Fatalf("expected error %v, got nil", tt.wantError) + } + if err != tt.wantError { + t.Fatalf("expected error %v, got %v", tt.wantError, err) + } + } else { + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + if key != tt.wantKey { + t.Errorf("expected key %q, got %q", tt.wantKey, key) + } + } + }) + } +} + diff --git a/main.go b/main.go index 19d7366c5f..08ad2ec29a 100644 --- a/main.go +++ b/main.go @@ -35,7 +35,7 @@ func main() { log.Fatal("PORT environment variable is not set") } - apiCfg := apiConfig{} + apiCfg = apiConfig{} // https://github.com/libsql/libsql-client-go/#open-a-connection-to-sqld // libsql://[your-database].turso.io?authToken=[your-auth-token] From 24c3ddedc25121678e92a6d682879d1205a48eb8 Mon Sep 17 00:00:00 2001 From: mecebeci Date: Wed, 8 Oct 2025 10:48:29 +0300 Subject: [PATCH 06/16] fix error in main.go file --- main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.go b/main.go index 08ad2ec29a..19d7366c5f 100644 --- a/main.go +++ b/main.go @@ -35,7 +35,7 @@ func main() { log.Fatal("PORT environment variable is not set") } - apiCfg = apiConfig{} + apiCfg := apiConfig{} // https://github.com/libsql/libsql-client-go/#open-a-connection-to-sqld // libsql://[your-database].turso.io?authToken=[your-auth-token] From a3429d94389bfbf06de7f5b5e030ccdf36fee3c6 Mon Sep 17 00:00:00 2001 From: mecebeci Date: Wed, 8 Oct 2025 10:58:21 +0300 Subject: [PATCH 07/16] add -cover flag on go test command in ci.yml file --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ffb6c4f936..0657ec22b0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,4 +19,4 @@ jobs: go-version: "1.25.1" - name: Unit test - run: go test ./... + run: go test -cover ./... From 87fa68e2b67488db49407632886004c4c0813ec4 Mon Sep 17 00:00:00 2001 From: mecebeci Date: Wed, 8 Oct 2025 11:06:43 +0300 Subject: [PATCH 08/16] change README.md file --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 46e4afbafc..d60d1c1003 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # learn-cicd-starter (Notely) +![Build status](https://github.com/mecebeci/learn-cicd-starte/actions/workflows/ci.yml/badge.svg) + This repo contains the starter code for the "Notely" application for the "Learn CICD" course on [Boot.dev](https://boot.dev). ## Local Development From 91d08a15565f8b3e2a110aaaf7d59de7b1636d09 Mon Sep 17 00:00:00 2001 From: mecebeci Date: Wed, 8 Oct 2025 17:33:54 +0300 Subject: [PATCH 09/16] add formatting to the ci.yml file --- .github/workflows/ci.yml | 16 ++++++++++++++++ internal/auth/auth_test.go | 1 - 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0657ec22b0..365f82a67b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,3 +20,19 @@ jobs: - name: Unit test run: go test -cover ./... + + style: + name: Style + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.25.1" + + - name: Check formatting + run: test -z "$(go fmt ./...)" diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index 7a652c7b02..8d178aa0ec 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -50,4 +50,3 @@ func TestGetAPIKey(t *testing.T) { }) } } - From 9183db6c00b723591056e05e12c8e738d13aebe0 Mon Sep 17 00:00:00 2001 From: mecebeci Date: Wed, 8 Oct 2025 17:52:23 +0300 Subject: [PATCH 10/16] add linting --- .github/workflows/ci.yml | 9 +++++++++ main.go | 5 +++++ 2 files changed, 14 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 365f82a67b..548e2268f4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,5 +34,14 @@ jobs: with: go-version: "1.25.1" + - name: Add Go bin to PATH + run: echo "$(go env GOPATH)/bin" >> $GITHUB_PATH + - name: Check formatting run: test -z "$(go fmt ./...)" + + - name: Install staticcheck + run: go install honnef.co/go/tools/cmd/staticcheck@latest + + - name: Check linting + run: staticcheck ./... diff --git a/main.go b/main.go index 19d7366c5f..bba91d7c97 100644 --- a/main.go +++ b/main.go @@ -96,3 +96,8 @@ func main() { log.Printf("Serving on port: %s\n", port) log.Fatal(srv.ListenAndServe()) } + +func unused() { + + // ho ho +} From ce9ecbf1bf6c5efdbf0fcd9d94c8cf6c44a77064 Mon Sep 17 00:00:00 2001 From: mecebeci Date: Wed, 8 Oct 2025 17:56:46 +0300 Subject: [PATCH 11/16] remove unused function on main.go --- main.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/main.go b/main.go index bba91d7c97..981c527885 100644 --- a/main.go +++ b/main.go @@ -97,7 +97,3 @@ func main() { log.Fatal(srv.ListenAndServe()) } -func unused() { - - // ho ho -} From 7e3e881492d788e02924989249ae43993ef0494a Mon Sep 17 00:00:00 2001 From: mecebeci Date: Wed, 8 Oct 2025 17:58:56 +0300 Subject: [PATCH 12/16] check format issue in main.go --- main.go | 1 - 1 file changed, 1 deletion(-) diff --git a/main.go b/main.go index 981c527885..19d7366c5f 100644 --- a/main.go +++ b/main.go @@ -96,4 +96,3 @@ func main() { log.Printf("Serving on port: %s\n", port) log.Fatal(srv.ListenAndServe()) } - From afb43dd3bbcc0b127154062716d9ab2aee730e3d Mon Sep 17 00:00:00 2001 From: mecebeci Date: Wed, 8 Oct 2025 21:05:41 +0300 Subject: [PATCH 13/16] add install goces and security check steps --- .github/workflows/ci.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 548e2268f4..5882aa2eb1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,6 +21,12 @@ jobs: - name: Unit test run: go test -cover ./... + - name: Install gosec + run: go install github.com/securego/gosec/v2/cmd/gosec@latest + + - name: Security check + run: gosec ./... + style: name: Style runs-on: ubuntu-latest From a1a9169323aa502c681c3e63c1315176819fdbd1 Mon Sep 17 00:00:00 2001 From: mecebeci Date: Wed, 8 Oct 2025 21:12:22 +0300 Subject: [PATCH 14/16] fix the security issues --- json.go | 4 +++- main.go | 6 ++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/json.go b/json.go index 1e6e7985e1..8d4f9d6c93 100644 --- a/json.go +++ b/json.go @@ -30,5 +30,7 @@ func respondWithJSON(w http.ResponseWriter, code int, payload interface{}) { return } w.WriteHeader(code) - w.Write(dat) + if _, err := w.Write(dat); err != nil { + log.Printf("failed to write response: %v", err) + } } diff --git a/main.go b/main.go index 19d7366c5f..5f999a81ef 100644 --- a/main.go +++ b/main.go @@ -89,10 +89,12 @@ func main() { router.Mount("/v1", v1Router) srv := &http.Server{ - Addr: ":" + port, - Handler: router, + Addr: ":" + port, + Handler: router, + ReadHeaderTimeout: 5 * time.Second, } + log.Printf("Serving on port: %s\n", port) log.Fatal(srv.ListenAndServe()) } From eed5aa6a3aa409f3f9bd07ce275877bf332fc466 Mon Sep 17 00:00:00 2001 From: mecebeci Date: Wed, 8 Oct 2025 21:16:59 +0300 Subject: [PATCH 15/16] import time and fix fmt error --- main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.go b/main.go index 5f999a81ef..15ee531c5d 100644 --- a/main.go +++ b/main.go @@ -7,6 +7,7 @@ import ( "log" "net/http" "os" + "time" "github.com/go-chi/chi" "github.com/go-chi/cors" @@ -94,7 +95,6 @@ func main() { ReadHeaderTimeout: 5 * time.Second, } - log.Printf("Serving on port: %s\n", port) log.Fatal(srv.ListenAndServe()) } From 73c1e9c1cfbc3f2f164f389a72222a1b5a198f78 Mon Sep 17 00:00:00 2001 From: mecebeci Date: Thu, 9 Oct 2025 14:57:27 +0300 Subject: [PATCH 16/16] add cd.yml file --- .github/workflows/.ci.yml.swp | Bin 0 -> 12288 bytes .github/workflows/cd.yml | 22 ++++++++++++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 .github/workflows/.ci.yml.swp create mode 100644 .github/workflows/cd.yml diff --git a/.github/workflows/.ci.yml.swp b/.github/workflows/.ci.yml.swp new file mode 100644 index 0000000000000000000000000000000000000000..9a1eb93e89f0cb9dd072bec47c14e7df54c2bb27 GIT binary patch literal 12288 zcmeI2zfTlF6vqcUQPgOsi5U(|Byo2+l)@{>9T*P^g9%_`2-%w(?pAhZj@{WKScsKI zJN*|Vq0v9V7Gt8FwwPF08%?w$e)q=#o&fDDiUGC&5%02v?y$IO6RXY6M`V_!}oG5r6(^ZWnzS;l^WAK)wa z2tI&q@D{uQFTo4&1bCndZUY;f2D@hv7wmv-unAs)r=SALUjytr*6QU`_3b!5Gwpli6apeZG#HZ2`-&4j@4VDjbo~~_Z?kNQDecsec z$z@w;r=cCAwU0ZvLESkJz3jV2My4zLOuqiW#I8+}McjJG3&U5j-*RBGV~!NMB4r0% z)?wh9L(VEiQ|B?HYV+#s-OBv*h*R@aflo~E;p)u%^upv)@@-e(O1;jjnqww6nx_-? zG;rR~R$GPU1zNvK5uGP^emDB`1w*u`;oBpd?wf=ghjFEQ^xY zd=bZ!mphW;&?cFaA`U&X&eN0aAG^CtvU}R-lE6WzIFx9XhQ?c`J(l)M`r+tKNvHg~ zMb;)lqZo%CaY1>8rwy1|Ns>Bl#hb@pO2l}YB`W?v*E)5tg|0$r(0%s<*Hep_)QWw7 TDU_=*7L^!!g0ZXxaJByrK6!uP literal 0 HcmV?d00001 diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml new file mode 100644 index 0000000000..4f6c7296ff --- /dev/null +++ b/.github/workflows/cd.yml @@ -0,0 +1,22 @@ +name: cd + +on: + push: + branches: [main] + +jobs: + Deploy: + name: Deploy + runs-on: ubuntu-latest + + steps: + - name: Checkout the code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: '1.23' + + - name: Build the app + run: bash scripts/buildprod.sh