From 1d53212d7a0b3429f3cd2f8f53daddd6a4ec18b0 Mon Sep 17 00:00:00 2001 From: Pauline <4224001+paulineribeyre@users.noreply.github.com> Date: Thu, 2 Jun 2022 15:54:25 -0500 Subject: [PATCH 1/4] Fix lint CI + replace travis with GH workflow --- .github/workflows/golang-ci-workflow.yaml | 30 ++++++++++++++++++ .github/workflows/golangci-lint.yml | 38 ----------------------- .gitignore | 1 + .travis.yml | 32 ------------------- 4 files changed, 31 insertions(+), 70 deletions(-) create mode 100644 .github/workflows/golang-ci-workflow.yaml delete mode 100644 .github/workflows/golangci-lint.yml delete mode 100644 .travis.yml diff --git a/.github/workflows/golang-ci-workflow.yaml b/.github/workflows/golang-ci-workflow.yaml new file mode 100644 index 00000000..ffa3b317 --- /dev/null +++ b/.github/workflows/golang-ci-workflow.yaml @@ -0,0 +1,30 @@ +name: Golang CI Workflow + +on: push + +jobs: + ci: + name: golang-ci + runs-on: ubuntu-latest + services: + postgres: + image: postgres:9.6 + env: + POSTGRES_USER: postgres + POSTGRES_PASSWORD: postgres + POSTGRES_DB: arborist_test + ports: + - 5432:5432 + options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 + env: + COVERAGE_PROFILE_OUTPUT_LOCATION: "./profile.cov" + steps: + - name: Checkout code / lint code / install dependencies for goveralls / run tests + uses: uc-cdis/.github/.github/actions/golang-ci@master + with: + GO_VERSION: "1.17" + COVERAGE_PROFILE_OUTPUT_LOCATION: ${{ env.COVERAGE_PROFILE_OUTPUT_LOCATION }} + - name: Send coverage to coveralls using goveralls + env: + COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: goveralls -coverprofile=${{ env.COVERAGE_PROFILE_OUTPUT_LOCATION }} -service=github diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml deleted file mode 100644 index e227fc6b..00000000 --- a/.github/workflows/golangci-lint.yml +++ /dev/null @@ -1,38 +0,0 @@ -name: golangci-lint -on: - push: - tags: - - v* - branches: - - master - - main - pull_request: -jobs: - golangci: - name: lint - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: golangci-lint - uses: golangci/golangci-lint-action@v2 - with: - # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version - version: v1.29 - - # Optional: working directory, useful for monorepos - # working-directory: somedir - - # Optional: golangci-lint command line arguments. - # args: --issues-exit-code=0 --timeout=5m - - # Optional: show only new issues if it's a pull request. The default value is `false`. - only-new-issues: true - - # Optional: if set to true then the action will use pre-installed Go. - # skip-go-installation: true - - # Optional: if set to true then the action don't cache or restore ~/go/pkg. - # skip-pkg-cache: true - - # Optional: if set to true then the action don't cache or restore ~/.cache/go-build. - # skip-build-cache: true diff --git a/.gitignore b/.gitignore index a20f5d63..3e211240 100644 --- a/.gitignore +++ b/.gitignore @@ -9,6 +9,7 @@ *.dll *.so *.dylib +bin/ # Test binary, built with `go test -c` *.test diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index c3a59023..00000000 --- a/.travis.yml +++ /dev/null @@ -1,32 +0,0 @@ -language: go - -go: - - "1.17" - -# Restrict to cloning only 1 commit. -git: - depth: 1 - -sudo: false - -addons: - postgresql: "9.5" - -env: - global: - - PGHOST=localhost - - PGPORT=5432 - - PGUSER=postgres - - PGDATABASE=arborist_test - -install: - - createdb - - ./migrations/latest - - go get golang.org/x/tools/cmd/cover - - go get github.com/mattn/goveralls - -script: - - go test -v ./arborist/ --covermode=count --coverprofile=coverage.out - -after_script: - - goveralls --coverprofile=coverage.out --service=travis-ci --repotoken $COVERALLS_TOKEN From bd8f00aea46c05705b8ed3e217651eb5b8e13d35 Mon Sep 17 00:00:00 2001 From: Pauline <4224001+paulineribeyre@users.noreply.github.com> Date: Thu, 2 Jun 2022 16:25:38 -0500 Subject: [PATCH 2/4] fix issues --- .github/workflows/golang-ci-workflow.yaml | 24 +++++-- arborist/response.go | 4 -- arborist/server_test.go | 76 ++++++++++++++--------- arborist/sql.go | 2 +- arborist/stmt.go | 2 +- 5 files changed, 67 insertions(+), 41 deletions(-) diff --git a/.github/workflows/golang-ci-workflow.yaml b/.github/workflows/golang-ci-workflow.yaml index ffa3b317..69d24b5f 100644 --- a/.github/workflows/golang-ci-workflow.yaml +++ b/.github/workflows/golang-ci-workflow.yaml @@ -6,23 +6,35 @@ jobs: ci: name: golang-ci runs-on: ubuntu-latest + env: + COVERAGE_PROFILE_OUTPUT_LOCATION: "./profile.cov" + PGDATABASE: arborist_test + PGUSER: postgres + PGPASSWORD: postgres + PGHOST: localhost + PGPORT: 5432 + PGSSLMODE: disable services: postgres: image: postgres:9.6 env: - POSTGRES_USER: postgres - POSTGRES_PASSWORD: postgres - POSTGRES_DB: arborist_test + POSTGRES_DB: ${{ env.PGDATABASE }} + POSTGRES_USER: ${{ env.PGUSER }} + POSTGRES_PASSWORD: ${{ env.PGPASSWORD }} ports: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 - env: - COVERAGE_PROFILE_OUTPUT_LOCATION: "./profile.cov" steps: - - name: Checkout code / lint code / install dependencies for goveralls / run tests + - name: Check out code + uses: actions/checkout@v3 + - name: Setup database + shell: bash + run: ./migrations/latest + - name: Run tests, lint code, install goveralls uses: uc-cdis/.github/.github/actions/golang-ci@master with: GO_VERSION: "1.17" + TESTS_LOCATION: ./arborist/ COVERAGE_PROFILE_OUTPUT_LOCATION: ${{ env.COVERAGE_PROFILE_OUTPUT_LOCATION }} - name: Send coverage to coveralls using goveralls env: diff --git a/arborist/response.go b/arborist/response.go index f7b87259..e2e33977 100644 --- a/arborist/response.go +++ b/arborist/response.go @@ -5,10 +5,6 @@ import ( "net/http" ) -type responseJSON interface { - write(w http.ResponseWriter, r *http.Request) error -} - type jsonResponse struct { content interface{} code int diff --git a/arborist/server_test.go b/arborist/server_test.go index aa284afd..1fbffd69 100644 --- a/arborist/server_test.go +++ b/arborist/server_test.go @@ -345,13 +345,16 @@ func TestServer(t *testing.T) { return result } - getTagForResource := func(path string) string { + getTagForResource := func(path string) (string, error) { var tags []string - db.Select(&tags, "SELECT tag FROM resource WHERE path = $1", arborist.FormatPathForDb(path)) + err := db.Select(&tags, "SELECT tag FROM resource WHERE path = $1", arborist.FormatPathForDb(path)) + if err != nil { + return "", err + } if len(tags) == 0 { - return "" + return "", nil } - return tags[0] + return tags[0], nil } createRoleBytes := func(t *testing.T, body []byte) { @@ -371,7 +374,7 @@ func TestServer(t *testing.T) { httpError(t, w, "couldn't create policy") } result := struct { - _ interface{} `json:"created"` + I interface{} `json:"created"` }{} err = json.Unmarshal(w.Body.Bytes(), &result) if err != nil { @@ -387,7 +390,7 @@ func TestServer(t *testing.T) { httpError(t, w, "couldn't create group") } result := struct { - _ interface{} `json:"created"` + I interface{} `json:"created"` }{} err = json.Unmarshal(w.Body.Bytes(), &result) if err != nil { @@ -930,7 +933,7 @@ func TestServer(t *testing.T) { httpError(t, w, "couldn't create resource") } expected := struct { - _ interface{} `json:"created"` + I interface{} `json:"created"` }{} err = json.Unmarshal(w.Body.Bytes(), &expected) if err != nil { @@ -956,7 +959,7 @@ func TestServer(t *testing.T) { httpError(t, w, "couldn't create resource") } expected := struct { - _ interface{} `json:"created"` + I interface{} `json:"created"` }{} err = json.Unmarshal(w.Body.Bytes(), &expected) if err != nil { @@ -1001,7 +1004,7 @@ func TestServer(t *testing.T) { httpError(t, w, "couldn't create resource") } expected = struct { - _ interface{} `json:"created"` + I interface{} `json:"created"` }{} err = json.Unmarshal(w.Body.Bytes(), &expected) if err != nil { @@ -1076,14 +1079,20 @@ func TestServer(t *testing.T) { httpError(t, w, "couldn't create resource using PUT") } expected := struct { - _ interface{} `json:"created"` + I interface{} `json:"created"` }{} err = json.Unmarshal(w.Body.Bytes(), &expected) if err != nil { httpError(t, w, "couldn't read response from resource creation") } - escherTag := getTagForResource("Godel.Escher") - bachTag := getTagForResource("Godel.Escher.Bach") + escherTag, err := getTagForResource("Godel.Escher") + if err != nil { + httpError(t, w, "couldn't get tag for resource Godel.Escher") + } + bachTag, err := getTagForResource("Godel.Escher.Bach") + if err != nil { + httpError(t, w, "couldn't get tag for resource Godel.Escher.Bach") + } // now PUT over the same resource, but keep the subresources w = httptest.NewRecorder() body = []byte(`{ @@ -1098,8 +1107,14 @@ func TestServer(t *testing.T) { if w.Code != http.StatusCreated { httpError(t, w, "couldn't update resource using PUT") } - newEscherTag := getTagForResource("Godel.Escher") - newBachTag := getTagForResource("Godel.Escher.Bach") + newEscherTag, err := getTagForResource("Godel.Escher") + if err != nil { + httpError(t, w, "couldn't get tag for resource Godel.Escher") + } + newBachTag, err := getTagForResource("Godel.Escher.Bach") + if err != nil { + httpError(t, w, "couldn't get tag for resource Godel.Escher.Bach") + } assert.Equal(t, escherTag, newEscherTag, "subresource tag changed after PUT") assert.Equal(t, bachTag, newBachTag, "subresource tag changed after PUT") getResourceWithPath(t, "/Godel,/completeness_theorem") @@ -1207,7 +1222,7 @@ func TestServer(t *testing.T) { } // make one-off struct to read the response into result := struct { - _ interface{} `json:"created"` + I interface{} `json:"created"` }{} err = json.Unmarshal(w.Body.Bytes(), &result) if err != nil { @@ -1229,7 +1244,7 @@ func TestServer(t *testing.T) { } // make one-off struct to read the response into result := struct { - _ interface{} `json:"created"` + I interface{} `json:"created"` }{} err = json.Unmarshal(w.Body.Bytes(), &result) if err != nil { @@ -1296,7 +1311,7 @@ func TestServer(t *testing.T) { } // make one-off struct to read the response into result := struct { - _ interface{} `json:"updated"` + I interface{} `json:"updated"` }{} err = json.Unmarshal(w.Body.Bytes(), &result) if err != nil { @@ -1425,7 +1440,7 @@ func TestServer(t *testing.T) { httpError(t, w, "couldn't create policy") } result := struct { - _ interface{} `json:"created"` + I interface{} `json:"created"` }{} err = json.Unmarshal(w.Body.Bytes(), &result) if err != nil { @@ -1507,7 +1522,7 @@ func TestServer(t *testing.T) { } result := struct { Policies struct { - policy []string `json:"policy"` + Policy []string `json:"policy"` } }{} err = json.Unmarshal(w.Body.Bytes(), &result) @@ -1690,7 +1705,7 @@ func TestServer(t *testing.T) { httpError(t, w, "couldn't create user") } result := struct { - _ interface{} `json:"created"` + I interface{} `json:"created"` }{} err = json.Unmarshal(w.Body.Bytes(), &result) if err != nil { @@ -2211,7 +2226,7 @@ func TestServer(t *testing.T) { httpError(t, w, "couldn't create client") } result := struct { - _ interface{} `json:"created"` + I interface{} `json:"created"` }{} err = json.Unmarshal(w.Body.Bytes(), &result) if err != nil { @@ -2402,7 +2417,7 @@ func TestServer(t *testing.T) { httpError(t, w, "couldn't create group") } result := struct { - _ interface{} `json:"created"` + I interface{} `json:"created"` }{} err = json.Unmarshal(w.Body.Bytes(), &result) if err != nil { @@ -2825,7 +2840,7 @@ func TestServer(t *testing.T) { result := struct { Name string `json:"name"` Users []string `json:"users"` - _ []string `json:"policies"` + P []string `json:"policies"` }{} err = json.Unmarshal(w.Body.Bytes(), &result) if err != nil { @@ -3129,7 +3144,10 @@ func TestServer(t *testing.T) { t.Run("Tag", func(t *testing.T) { w := httptest.NewRecorder() - tag := getTagForResource(resourcePath) + tag, err := getTagForResource(resourcePath) + if err != nil { + httpError(t, w, "couldn't get tag for resource") + } body := []byte(fmt.Sprintf( `{ "user": {"token": "%s"}, @@ -3806,7 +3824,7 @@ func TestServer(t *testing.T) { if err != nil { httpError(t, w, "couldn't read response from auth resources") } - msg = fmt.Sprintf("got response body: %s", w.Body.String()) + fmt.Printf("got response body: %s", w.Body.String()) expectedTags := make([]string, 0) for _, resourcePath := range expectedResources { resource := getResourceWithPath(t, resourcePath) @@ -3858,7 +3876,7 @@ func TestServer(t *testing.T) { if err != nil { httpError(t, w, "couldn't read response from auth resources") } - msg = fmt.Sprintf("got response body: %s", w.Body.String()) + fmt.Printf("got response body: %s", w.Body.String()) expectedTags := make([]string, 0) for _, resourcePath := range expectedResources { resource := getResourceWithPath(t, resourcePath) @@ -3906,7 +3924,7 @@ func TestServer(t *testing.T) { if err != nil { httpError(t, w, "couldn't read response from auth resources") } - msg = fmt.Sprintf("got response body: %s", w.Body.String()) + fmt.Printf("got response body: %s", w.Body.String()) anonymousTags := make([]string, 0) for _, resourcePath := range anonymousResourcePaths { resource := getResourceWithPath(t, resourcePath) @@ -3982,7 +4000,7 @@ func TestServer(t *testing.T) { if err != nil { httpError(t, w, "couldn't read response from auth resources") } - msg = fmt.Sprintf("got response body: %s", w.Body.String()) + fmt.Printf("got response body: %s", w.Body.String()) expectedTags := make([]string, 0) for _, resourcePath := range expectedResources { resource := getResourceWithPath(t, resourcePath) @@ -4033,7 +4051,7 @@ func TestServer(t *testing.T) { if err != nil { httpError(t, w, "couldn't read response from auth resources") } - msg = fmt.Sprintf("got response body: %s", w.Body.String()) + fmt.Printf("got response body: %s", w.Body.String()) expectedTags := make([]string, 0) for _, resourcePath := range expectedResources { resource := getResourceWithPath(t, resourcePath) diff --git a/arborist/sql.go b/arborist/sql.go index ef88cbf3..8d6c3b68 100644 --- a/arborist/sql.go +++ b/arborist/sql.go @@ -66,7 +66,7 @@ func transactify(db *sqlx.DB, call func(tx *sqlx.Tx) *ErrorResponse) *ErrorRespo errResponse := call(tx) if errResponse != nil { errResponse.log.Info("rolling back transaction") - tx.Rollback() + _ = tx.Rollback() return errResponse } err = tx.Commit() diff --git a/arborist/stmt.go b/arborist/stmt.go index a5c776b4..83ce6053 100644 --- a/arborist/stmt.go +++ b/arborist/stmt.go @@ -18,7 +18,7 @@ func (s *CachedStmts) Prepare(query string) (*sqlx.Stmt, error) { stmt, ok := s.stmts[query] if !ok { // GOTCHA: It's okay not to lock this lazy initialization - var err error = nil + var err error stmt, err = s.db.Preparex(query) if err != nil { return nil, err From 2bf0bc4c23c2b24936e51f8e1da5628fec900e0f Mon Sep 17 00:00:00 2001 From: Pauline <4224001+paulineribeyre@users.noreply.github.com> Date: Thu, 2 Jun 2022 17:48:02 -0500 Subject: [PATCH 3/4] push and build image with gh workflow --- .github/workflows/image_build_push.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 .github/workflows/image_build_push.yaml diff --git a/.github/workflows/image_build_push.yaml b/.github/workflows/image_build_push.yaml new file mode 100644 index 00000000..05b3c488 --- /dev/null +++ b/.github/workflows/image_build_push.yaml @@ -0,0 +1,13 @@ +name: Build and Push Image + +on: push + +jobs: + ci: + name: Build and Push Image + uses: uc-cdis/.github/.github/workflows/image_build_push.yaml@master + secrets: + ECR_AWS_ACCESS_KEY_ID: ${{ secrets.ECR_AWS_ACCESS_KEY_ID }} + ECR_AWS_SECRET_ACCESS_KEY: ${{ secrets.ECR_AWS_SECRET_ACCESS_KEY }} + QUAY_USERNAME: ${{ secrets.QUAY_USERNAME }} + QUAY_ROBOT_TOKEN: ${{ secrets.QUAY_ROBOT_TOKEN }} From 278d125f5769bbd9375d4a70f4e9f6c1b60df471 Mon Sep 17 00:00:00 2001 From: Pauline <4224001+paulineribeyre@users.noreply.github.com> Date: Fri, 3 Jun 2022 10:26:45 -0500 Subject: [PATCH 4/4] update .secrets.baseline --- .secrets.baseline | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/.secrets.baseline b/.secrets.baseline index 833bcd0e..71dcd4d5 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -1,9 +1,9 @@ { "exclude": { - "files": "go.sum", + "files": "go.sum|^.secrets.baseline$", "lines": null }, - "generated_at": "2022-02-11T04:54:33Z", + "generated_at": "2022-06-03T15:26:18Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -58,6 +58,14 @@ } ], "results": { + ".github/workflows/golang-ci-workflow.yaml": [ + { + "hashed_secret": "afc848c316af1a89d49826c5ae9d00ed769415f3", + "is_verified": false, + "line_number": 13, + "type": "Secret Keyword" + } + ], "docs/openapi.yaml": [ { "hashed_secret": "f9fdc64928c96c7ad56bf7da557f70345d83a6ed",