diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 371258c..a3e3e21 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -3,7 +3,7 @@ # These owners will be the default owners for everything in the # repo. Unless a later match takes precedence, these owners will be # requested for review when someone opens a pull request. -* @dav3r @felddy @jsf9k @mcdonnnj +* @itsmostafa @izzy64 # These folks own any files in the .github directory at the root of # the repository and any of its subdirectories. diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8d17421..fd682c0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -98,3 +98,43 @@ jobs: - name: Setup tmate debug session uses: mxschmitt/action-tmate@v3 if: env.RUN_TMATE + test: + runs-on: ubuntu-latest + strategy: + matrix: + go-version: + - "1.18" + - "1.19" + steps: + - uses: actions/checkout@v3 + # We need the Go version and Go cache location for the actions/cache step, + # so the Go installation must happen before that. + - id: setup-go + uses: actions/setup-go@v3 + with: + go-version: ${{ matrix.go-version }} + - name: Lookup Go cache directory + id: go-cache + run: | + echo "dir=$(go env GOCACHE)" >> $GITHUB_OUTPUT + - uses: actions/cache@v3 + env: + BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\ + go${{ steps.setup-go.outputs.go-version }}-" + with: + path: | + ${{ steps.go-cache.outputs.dir }} + key: "${{ env.BASE_CACHE_KEY }}\ + ${{ hashFiles('go.mod') }}-\ + ${{ hashFiles('go.sum') }}" + restore-keys: | + ${{ env.BASE_CACHE_KEY }} + - name: Install dependencies + run: go mod download + - name: Build application + run: go build -v ./... + - name: Test application + run: go test -v ./... + - name: Setup tmate debug session + uses: mxschmitt/action-tmate@v3 + if: env.RUN_TMATE diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..f4c3a78 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,67 @@ +--- +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +name: "CodeQL" + +on: + push: + # Dependabot triggered push events have read-only access, but uploading code + # scanning requires write access. + branches-ignore: + - dependabot/** + pull_request: + # The branches below must be a subset of the branches above + branches: + - develop + schedule: + - cron: "0 12 * * 5" + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + # required for all workflows + security-events: write + strategy: + fail-fast: false + matrix: + # Override automatic language detection by changing the below list + # Supported options are go, javascript, csharp, python, cpp, and java + language: + - go + # Learn more... + # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + + # Autobuild attempts to build any compiled languages (C/C++, C#, or + # Java). If this step fails, then you should remove it and run the build + # manually (see below). + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following + # three lines and modify them (or add more) to build your code if your + # project uses a compiled language + + # - run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 diff --git a/.gitignore b/.gitignore index 937e21d..7358085 100644 --- a/.gitignore +++ b/.gitignore @@ -2,7 +2,20 @@ # Files already tracked by Git are not affected. # See: https://git-scm.com/docs/gitignore +## Binaries ## +*.dll +*.dylib +*.exe +*.exe~ +*.so +# Test binary, built with `go test -c` +*.test + ## Python ## __pycache__ .mypy_cache .python-version +.venv + +## Environment variables ## +.env diff --git a/.isort.cfg b/.isort.cfg deleted file mode 100644 index 46d45f3..0000000 --- a/.isort.cfg +++ /dev/null @@ -1,10 +0,0 @@ -[settings] -combine_star=true -force_sort_within_sections=true - -import_heading_stdlib=Standard Python Libraries -import_heading_thirdparty=Third-Party Libraries -import_heading_firstparty=cisagov Libraries - -# Run isort under the black profile to align with our other Python linting -profile=black diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 25f8d1d..cbf31d5 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -80,6 +80,14 @@ repos: hooks: - id: shell-lint + # Golang hooks + - repo: https://github.com/dnephin/pre-commit-golang + rev: v0.5.0 + hooks: + - id: go-fmt + - id: go-unit-tests + - id: no-go-testing + # Python hooks - repo: https://github.com/PyCQA/bandit rev: 1.7.4 diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..34f92b0 --- /dev/null +++ b/Makefile @@ -0,0 +1,23 @@ +.PHONY: help run test tidy +include .env + +# make all - Default Target. Does nothing. +all: + @echo "Helper commands." + @echo "For more information try 'make help'." + +# target: help - Display callable targets. +help: + @egrep "^# target:" [Mm]akefile + +# target: run - run the application +run: + go run *.go + +# target: test - run application tests +test: + go test -v ./... + +# target: tidy - add missing necessary modules and remove unused modules +tidy: + go mod tidy diff --git a/README.md b/README.md index 4f963a0..b3f41b2 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,31 @@ -# con-pca-tasks # +# Con-PCA Tasks # [![GitHub Build Status](https://github.com/cisagov/con-pca-tasks/workflows/build/badge.svg)](https://github.com/cisagov/con-pca-tasks/actions) +[![CodeQL](https://github.com/cisagov/con-pca-tasks/workflows/CodeQL/badge.svg)](https://github.com/cisagov/con-pca-tasks/actions/workflows/codeql-analysis.yml) -This is a generic skeleton project that can be used to quickly get a -new [cisagov](https://github.com/cisagov) GitHub project started. -This skeleton project contains [licensing information](LICENSE), as -well as [pre-commit hooks](https://pre-commit.com) and -[GitHub Actions](https://github.com/features/actions) configurations -appropriate for the major languages that we use. +## Description ## -In many cases you will instead want to use one of the more specific -skeleton projects derived from this one. +This project contains the tasks portion for Continuous Phishing Campaign +Assessment (Con-PCA). This application is reponsible for executing scheduled +tasks for Con-PCA at scale. -## New Repositories from a Skeleton ## +## Related Con-PCA Repositories ## -Please see our [Project Setup guide](https://github.com/cisagov/development-guide/tree/develop/project_setup) -for step-by-step instructions on how to start a new repository from -a skeleton. This will save you time and effort when configuring a -new repository! +- [con-pca-api](https://github.com/cisagov/con-pca-api) +- [con-pca-cicd](https://github.com/cisagov/con-pca-cicd) +- [con-pca-web](https://github.com/cisagov/con-pca-web) + +### Running the application ### + +```console +make run +``` + +### Testing the application ### + +```console +make test +``` ## Contributing ## diff --git a/controllers/controllers.go b/controllers/controllers.go new file mode 100644 index 0000000..0744f81 --- /dev/null +++ b/controllers/controllers.go @@ -0,0 +1,11 @@ +package controllers + +import ( + "fmt" + "net/http" +) + +// HealthCheckHandler indicates that the server is up and running. +func HealthCheckHandler(w http.ResponseWriter, r *http.Request) { + fmt.Fprintf(w, "Up and running!") +} diff --git a/controllers/controllers_test.go b/controllers/controllers_test.go new file mode 100644 index 0000000..98ed3b6 --- /dev/null +++ b/controllers/controllers_test.go @@ -0,0 +1,23 @@ +package controllers + +import ( + "io" + "net/http" + "net/http/httptest" + "testing" +) + +func TestHealthCheckHandler(t *testing.T) { + req := httptest.NewRequest(http.MethodGet, "/", nil) + w := httptest.NewRecorder() + HealthCheckHandler(w, req) + res := w.Result() + defer res.Body.Close() + data, err := io.ReadAll(res.Body) + if err != nil { + t.Errorf("expected error to be nil got %v", err) + } + if string(data) != "Up and running!" { + t.Errorf("expected 'Up and running!', but got %v", string(data)) + } +} diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..585103a --- /dev/null +++ b/go.mod @@ -0,0 +1,5 @@ +module github.com/cisagov/con-pca-tasks + +go 1.19 + +require github.com/go-chi/chi v1.5.4 diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..874ed9a --- /dev/null +++ b/go.sum @@ -0,0 +1,2 @@ +github.com/go-chi/chi v1.5.4 h1:QHdzF2szwjqVV4wmByUnTcsbIg7UGaQ0tPF2t5GcAIs= +github.com/go-chi/chi v1.5.4/go.mod h1:uaf8YgoFazUOkPBG7fxPftUylNumIev9awIWOENIuEg= diff --git a/main.go b/main.go new file mode 100644 index 0000000..afb643c --- /dev/null +++ b/main.go @@ -0,0 +1,18 @@ +package main + +import ( + "log" + "net/http" + + "github.com/cisagov/con-pca-tasks/controllers" + "github.com/go-chi/chi" +) + +func main() { + mux := chi.NewRouter() + mux.Get("/", controllers.HealthCheckHandler) + + port := ":8080" + log.Printf("listening on port %s", port) + log.Println(http.ListenAndServe(port, mux)) +}