v0.2.0 (#89)

minimize and redesign feature
m-mizutani · Sep 18, 2023 · f8384eb · f8384eb
1 parent 08fb781
commit f8384eb
Show file tree

Hide file tree

Showing 281 changed files with 4,990 additions and 72,668 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml
@@ -1,4 +1,4 @@
-name: "Security Scan"
+name: "gosec"
 
 # Run workflow each time code is pushed to your repository and on a schedule.
 # The scheduled workflow runs every at 00:00 on Sunday UTC time.
@@ -17,7 +17,7 @@ jobs:
         uses: securego/gosec@master
         with:
           # we let the report trigger content trigger a failure using the GitHub Security features.
-          args: '-no-fail -fmt sarif -out results.sarif ./...'
+          args: "-no-fail -fmt sarif -out results.sarif ./..."
       - name: Upload SARIF file
         uses: github/codeql-action/upload-sarif@v1
         with:

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -7,9 +7,6 @@ env:
   TAG_NAME: octovy:${{ github.sha }}
   GITHUB_IMAGE_REPO: ghcr.io/${{ github.repository_owner }}/octovy
   GITHUB_IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/octovy:${{ github.sha }}
-  GCP_IMAGE_REPO: gcr.io/octovy/octovy
-  GCP_IMAGE_NAME: gcr.io/octovy/octovy:${{ github.sha }}
-  GCP_PROJECT_ID: octovy
 
 jobs:
   build:
@@ -39,39 +36,6 @@ jobs:
           SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
           SLACK_MESSAGE: "Pushed to ${{ env.GITHUB_IMAGE_NAME }}"
 
-  push-gcp:
-    runs-on: ubuntu-latest
-    needs: build
-    if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')
-    steps:
-      - name: checkout
-        uses: actions/checkout@v2
-      - name: GCP Authenticate
-        uses: google-github-actions/setup-gcloud@master
-        with:
-          project_id: ${{ env.GCP_PROJECT_ID }}
-          service_account_key: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }}
-          export_default_credentials: true
-      - name: Configure Docker
-        run: gcloud auth configure-docker --quiet
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v1
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Pull Docker image
-        run: docker pull ${{ env.GITHUB_IMAGE_NAME }}
-      - name: Rename Docker image (tag name)
-        run: docker tag ${{ env.GITHUB_IMAGE_NAME }} "${{ env.GCP_IMAGE_NAME }}"
-      - name: Push Docker image (tag name)
-        run: docker push "${{ env.GCP_IMAGE_NAME }}"
-      - name: Slack Notification
-        uses: rtCamp/action-slack-notify@v2
-        env:
-          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
-          SLACK_MESSAGE: "Pushed to ${{ env.GCP_IMAGE_NAME }}"
-
   release-ghcr:
     runs-on: ubuntu-latest
     needs: build
@@ -105,39 +69,3 @@ jobs:
         env:
           SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
           SLACK_MESSAGE: "Pushed to ${{ env.GITHUB_IMAGE_REPO }}:${{ steps.tag.outputs.tag }}"
-
-  release-gcp:
-    runs-on: ubuntu-latest
-    needs: build
-    if: startsWith(github.ref, 'refs/tags/')
-    steps:
-      - name: checkout
-        uses: actions/checkout@v2
-      - name: extract tag
-        id: tag
-        run: |
-          TAG=$(echo ${{ github.ref }} | sed -e "s#refs/tags/##g")
-          echo ::set-output name=tag::$TAG
-      - name: GCP Authenticate
-        uses: google-github-actions/setup-gcloud@master
-        with:
-          project_id: ${{ env.GCP_PROJECT_ID }}
-          service_account_key: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }}
-          export_default_credentials: true
-      - name: Configure Docker
-        run: gcloud auth configure-docker --quiet
-      - name: Push Docker image
-        run: docker pull ${{ env.GITHUB_IMAGE_NAME }}
-      - name: Rename Docker image (tag name)
-        run: docker tag ${{ env.GITHUB_IMAGE_NAME }} "${{ env.GCP_IMAGE_REPO }}:${{ steps.tag.outputs.tag }}"
-      - name: Rename Docker image (latest)
-        run: docker tag ${{ env.GITHUB_IMAGE_NAME }} "${{ env.GCP_IMAGE_REPO }}:latest"
-      - name: Push Docker image (tag name)
-        run: docker push "${{ env.GCP_IMAGE_REPO }}:${{ steps.tag.outputs.tag }}"
-      - name: Push Docker image (latest)
-        run: docker push "${{ env.GCP_IMAGE_REPO }}:latest"
-      - name: Slack Notification
-        uses: rtCamp/action-slack-notify@v2
-        env:
-          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
-          SLACK_MESSAGE: "Pushed to ${{ env.GCP_IMAGE_REPO }}:${{ steps.tag.outputs.tag }}"
diff --git a/.github/workflows/sqlc.yml b/.github/workflows/sqlc.yml
@@ -0,0 +1,17 @@
+name: sqlc
+
+on: [push]
+
+jobs:
+  testing:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout upstream repo
+        uses: actions/checkout@v2
+        with:
+          ref: ${{ github.head_ref }}
+      - uses: sqlc-dev/setup-sqlc@v4
+        with:
+          sqlc-version: "1.21.0"
+      - run: sqlc diff
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -1,18 +1,36 @@
-name: Unit test
+name: test
 
 on: [push]
 
 jobs:
   testing:
     runs-on: ubuntu-latest
+    services:
+      postgres:
+        image: postgres:14
+        env:
+          POSTGRES_USER: pguser
+          POSTGRES_PASSWORD: pgpass
+          POSTGRES_DB: testdb
+        ports:
+          - 5432:5432
+        options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
 
     steps:
       - name: Checkout upstream repo
         uses: actions/checkout@v2
         with:
           ref: ${{ github.head_ref }}
-      - uses: actions/setup-go@v2
+      - uses: actions/setup-go@v4
         with:
-          go-version: "1.16"
+          go-version-file: "go.mod"
+      - run: |
+          curl -Lsf -O https://github.com/k0kubun/sqldef/releases/download/v0.16.5/psqldef_linux_amd64.tar.gz
+          tar xzf psqldef_linux_amd64.tar.gz
+          ./psqldef -U pguser -f ./database/schema.sql testdb
+        env:
+          PGPASSWORD: pgpass
       - run: go test --tags github ./...
+        env:
+          TEST_DB_DSN: "user=pguser password=pgpass dbname=testdb sslmode=disable"
       - run: go vet --tags github ./...
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -1,4 +1,4 @@
-name: Vulnerability scan
+name: trivy
 
 on: [push]
 
@@ -15,6 +15,7 @@ jobs:
         uses: aquasecurity/trivy-action@master
         with:
           scan-type: "fs"
+          scan-ref: "."
           ignore-unfixed: true
           format: "template"
           template: "@/contrib/sarif.tpl"

diff --git a/.gitignore b/.gitignore
@@ -5,6 +5,7 @@
 node_modules
 assets/out
 assets/.next
+/*.json
 
 tmp
 

diff --git a/.travis.yml b/.travis.yml
diff --git a/Dockerfile b/Dockerfile
@@ -1,20 +1,15 @@
-FROM node:16.10.0-buster AS build-node
-ADD . /app
-WORKDIR /app/assets
-RUN npm i
-RUN npm run export
-#
-FROM golang:1.16 AS build-go
-COPY --from=build-node /app /app
+FROM golang:1.21 AS build-go
+COPY . /app
 WORKDIR /app
+ENV CGO_ENABLED=0
 RUN go build .
 
-#gcr.io/distroless/static is not enough because of github.com/mattn/go-sqlite3
 FROM gcr.io/distroless/base
 COPY --from=build-go /app/octovy /octovy
-COPY --from=aquasec/trivy:0.21.2 /usr/local/bin/trivy /trivy
+COPY --from=build-go /app/database /database
+COPY --from=aquasec/trivy:0.45.1 /usr/local/bin/trivy /trivy
 WORKDIR /
-ENV OCTOVY_ADDR="0.0.0.0"
+ENV OCTOVY_ADDR="0.0.0.0:8000"
 ENV OCTOVY_TRIVY_PATH=/trivy
-EXPOSE 9080
+EXPOSE 8000
 ENTRYPOINT ["/octovy"]
-Original file line number
+Diff line change
@@ Expand Up / @@ -5,6 +5,7 @@ @@
     node_modules
     assets/out
     assets/.next
+    /*.json
     tmp
@@ Expand Down @@