From 4424e02a4a730a613da03279f95f81734144e4f6 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Tue, 17 Jan 2023 20:30:49 -0800 Subject: [PATCH 01/30] update gitignore --- .gitignore | 1 + .pre-commit-config.yaml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 937e21d..e1784c7 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ __pycache__ .mypy_cache .python-version +.venv diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 25f8d1d..ff3b59b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -68,7 +68,7 @@ repos: args: # Indent by two spaces - -i - - '2' + - "2" # Binary operators may start a line - -bn # Switch cases are indented From b9812b73ede0559fbb19ce7a609a729d8965d72a Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Tue, 17 Jan 2023 20:39:09 -0800 Subject: [PATCH 02/30] update gitignore --- .gitignore | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.gitignore b/.gitignore index e1784c7..f839149 100644 --- a/.gitignore +++ b/.gitignore @@ -2,8 +2,21 @@ # Files already tracked by Git are not affected. # See: https://git-scm.com/docs/gitignore +# Binaries +*.exe +*.exe~ +*.dll +*.so +*.dylib + ## Python ## __pycache__ .mypy_cache .python-version .venv + +# Test binary, built with `go test -c` +*.test + +# Environment variables +.env From 4895aa3b6e6c37b5614a96e7cdf5ded19b6d28bd Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Tue, 17 Jan 2023 20:39:30 -0800 Subject: [PATCH 03/30] update gitignore --- Makefile | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 Makefile diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..ff71740 --- /dev/null +++ b/Makefile @@ -0,0 +1,10 @@ +.PHONY: all help build logs loc up stop down +include .env + +# target: run - run the application +run: + go run *.go + +# target: test - run application tests +test: + go test From e77ca41ba79cb87894ba8a240bd102cb74d6caf5 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Tue, 17 Jan 2023 20:50:08 -0800 Subject: [PATCH 04/30] update readme --- README.md | 33 +++++++++++++++++++-------------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 4f963a0..9093cad 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,28 @@ -# con-pca-tasks # +# Con-PCA Tasks # [![GitHub Build Status](https://github.com/cisagov/con-pca-tasks/workflows/build/badge.svg)](https://github.com/cisagov/con-pca-tasks/actions) -This is a generic skeleton project that can be used to quickly get a -new [cisagov](https://github.com/cisagov) GitHub project started. -This skeleton project contains [licensing information](LICENSE), as -well as [pre-commit hooks](https://pre-commit.com) and -[GitHub Actions](https://github.com/features/actions) configurations -appropriate for the major languages that we use. +## Description ## -In many cases you will instead want to use one of the more specific -skeleton projects derived from this one. +This repo contains the tasks portion for Con-PCA, Continuous Phishing +Assessment. This application is reponsible for executing scheduled tasks for +Con-PCA at scale. -## New Repositories from a Skeleton ## +## Con-PCA Repositories ## -Please see our [Project Setup guide](https://github.com/cisagov/development-guide/tree/develop/project_setup) -for step-by-step instructions on how to start a new repository from -a skeleton. This will save you time and effort when configuring a -new repository! +- [con-pca-api](https://github.com/cisagov/con-pca-api) +- [con-pca-web](https://github.com/cisagov/con-pca-web) +- [con-pca-cicd](https://github.com/cisagov/con-pca-cicd) + +## Commands ## + +Run application + +- `make run` + +Test application + +- `make test` ## Contributing ## From e430ffa099d0a31672c01d8a0291ba9a27a27867 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Tue, 17 Jan 2023 20:51:48 -0800 Subject: [PATCH 05/30] update codeowners --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 371258c..026d08a 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -3,7 +3,7 @@ # These owners will be the default owners for everything in the # repo. Unless a later match takes precedence, these owners will be # requested for review when someone opens a pull request. -* @dav3r @felddy @jsf9k @mcdonnnj +* @dav3r @felddy @itsmostafa @izzy64 @jsf9k @mcdonnnj # These folks own any files in the .github directory at the root of # the repository and any of its subdirectories. From f6622e1f8ca05f57bcadbf6be5b531e8c4d6463b Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Tue, 17 Jan 2023 20:57:49 -0800 Subject: [PATCH 06/30] remove python specific pre-commit hooks in favor of golang ones --- .isort.cfg | 10 ---------- .pre-commit-config.yaml | 13 +++++++++---- 2 files changed, 9 insertions(+), 14 deletions(-) delete mode 100644 .isort.cfg diff --git a/.isort.cfg b/.isort.cfg deleted file mode 100644 index 46d45f3..0000000 --- a/.isort.cfg +++ /dev/null @@ -1,10 +0,0 @@ -[settings] -combine_star=true -force_sort_within_sections=true - -import_heading_stdlib=Standard Python Libraries -import_heading_thirdparty=Third-Party Libraries -import_heading_firstparty=cisagov Libraries - -# Run isort under the black profile to align with our other Python linting -profile=black diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index ff3b59b..58d8f67 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -29,6 +29,15 @@ repos: - id: requirements-txt-fixer - id: trailing-whitespace + # Golang hooks + - repo: https://github.com/dnephin/pre-commit-golang + rev: v0.5.0 + hooks: + - id: go-fmt + - id: go-imports + - id: no-go-testing + - id: go-unit-tests + # Text file hooks - repo: https://github.com/igorshubovych/markdownlint-cli rev: v0.32.2 @@ -97,10 +106,6 @@ repos: - id: flake8 additional_dependencies: - flake8-docstrings - - repo: https://github.com/PyCQA/isort - rev: 5.10.1 - hooks: - - id: isort - repo: https://github.com/pre-commit/mirrors-mypy rev: v0.990 hooks: From e422fcaf6bc1998b40b5a9e6c960ac5d5c8cfed7 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Tue, 17 Jan 2023 20:59:04 -0800 Subject: [PATCH 07/30] remove python specific pre-commit hooks in favor of golang ones --- .pre-commit-config.yaml | 26 -------------------------- 1 file changed, 26 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 58d8f67..56ddf37 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -89,32 +89,6 @@ repos: hooks: - id: shell-lint - # Python hooks - - repo: https://github.com/PyCQA/bandit - rev: 1.7.4 - hooks: - - id: bandit - args: - - --config=.bandit.yml - - repo: https://github.com/psf/black - rev: 22.10.0 - hooks: - - id: black - - repo: https://github.com/PyCQA/flake8 - rev: 5.0.4 - hooks: - - id: flake8 - additional_dependencies: - - flake8-docstrings - - repo: https://github.com/pre-commit/mirrors-mypy - rev: v0.990 - hooks: - - id: mypy - - repo: https://github.com/asottile/pyupgrade - rev: v3.2.0 - hooks: - - id: pyupgrade - # Ansible hooks - repo: https://github.com/ansible-community/ansible-lint rev: v5.4.0 From 452f9b2cda06c354fe5b50d9a615f50deccb12e9 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Tue, 17 Jan 2023 21:22:42 -0800 Subject: [PATCH 08/30] initialize golang project --- .pre-commit-config.yaml | 1 - Makefile | 12 ++++++++++-- controllers.go | 11 +++++++++++ controllers_test.go | 23 +++++++++++++++++++++++ go.mod | 3 +++ go.sum | 0 main.go | 15 +++++++++++++++ 7 files changed, 62 insertions(+), 3 deletions(-) create mode 100644 controllers.go create mode 100644 controllers_test.go create mode 100644 go.mod create mode 100644 go.sum create mode 100644 main.go diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 56ddf37..b091ee4 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -34,7 +34,6 @@ repos: rev: v0.5.0 hooks: - id: go-fmt - - id: go-imports - id: no-go-testing - id: go-unit-tests diff --git a/Makefile b/Makefile index ff71740..f40d449 100644 --- a/Makefile +++ b/Makefile @@ -1,10 +1,18 @@ -.PHONY: all help build logs loc up stop down +.PHONY: help run test tidy include .env +# target: help - display callable targets. +help: + @egrep "^# target:" [Mm]akefile + # target: run - run the application run: go run *.go # target: test - run application tests test: - go test + go test -v + +# target: tidy - add missing necessary modules and remove unused modules +tidy: + go mod tidy diff --git a/controllers.go b/controllers.go new file mode 100644 index 0000000..1789b74 --- /dev/null +++ b/controllers.go @@ -0,0 +1,11 @@ +package main + +import ( + "fmt" + "net/http" +) + +// HealthCheckHandler indicates that the server is up and running. +func HealthCheckHandler(w http.ResponseWriter, r *http.Request) { + fmt.Fprintf(w, "Up and running!") +} diff --git a/controllers_test.go b/controllers_test.go new file mode 100644 index 0000000..3ae8f09 --- /dev/null +++ b/controllers_test.go @@ -0,0 +1,23 @@ +package main + +import ( + "io" + "net/http" + "net/http/httptest" + "testing" +) + +func TestHealthCheckHandler(t *testing.T) { + req := httptest.NewRequest(http.MethodGet, "/", nil) + w := httptest.NewRecorder() + HealthCheckHandler(w, req) + res := w.Result() + defer res.Body.Close() + data, err := io.ReadAll(res.Body) + if err != nil { + t.Errorf("expected error to be nil got %v", err) + } + if string(data) != "Up and running!" { + t.Errorf("expected 'Up and running!', but got %v", string(data)) + } +} diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..6d551a9 --- /dev/null +++ b/go.mod @@ -0,0 +1,3 @@ +module github.com/cisagov/con-pca-tasks + +go 1.19 diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..e69de29 diff --git a/main.go b/main.go new file mode 100644 index 0000000..575f927 --- /dev/null +++ b/main.go @@ -0,0 +1,15 @@ +package main + +import ( + "log" + "net/http" +) + +func main() { + mux := http.NewServeMux() + mux.HandleFunc("/", HealthCheckHandler) + + port := ":8080" + log.Printf("listening on port %s", port) + log.Println(http.ListenAndServe(port, mux)) +} From 43158ba78bcff4eef02dbf5fc2bfd597f865da0a Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Tue, 17 Jan 2023 21:39:39 -0800 Subject: [PATCH 09/30] update golang project structure --- Makefile | 2 +- controllers.go => controllers/controllers.go | 2 +- controllers_test.go => controllers/controllers_test.go | 2 +- main.go | 4 +++- 4 files changed, 6 insertions(+), 4 deletions(-) rename controllers.go => controllers/controllers.go (90%) rename controllers_test.go => controllers/controllers_test.go (95%) diff --git a/Makefile b/Makefile index f40d449..6c46057 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ run: # target: test - run application tests test: - go test -v + go test -v ./... # target: tidy - add missing necessary modules and remove unused modules tidy: diff --git a/controllers.go b/controllers/controllers.go similarity index 90% rename from controllers.go rename to controllers/controllers.go index 1789b74..0744f81 100644 --- a/controllers.go +++ b/controllers/controllers.go @@ -1,4 +1,4 @@ -package main +package controllers import ( "fmt" diff --git a/controllers_test.go b/controllers/controllers_test.go similarity index 95% rename from controllers_test.go rename to controllers/controllers_test.go index 3ae8f09..98ed3b6 100644 --- a/controllers_test.go +++ b/controllers/controllers_test.go @@ -1,4 +1,4 @@ -package main +package controllers import ( "io" diff --git a/main.go b/main.go index 575f927..b5b6acc 100644 --- a/main.go +++ b/main.go @@ -3,11 +3,13 @@ package main import ( "log" "net/http" + + "github.com/cisagov/con-pca-tasks/controllers" ) func main() { mux := http.NewServeMux() - mux.HandleFunc("/", HealthCheckHandler) + mux.HandleFunc("/", controllers.HealthCheckHandler) port := ":8080" log.Printf("listening on port %s", port) From 4dd2f64a71100678e6199cd94fde8c4c3bcfc99f Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Wed, 18 Jan 2023 08:43:09 -0800 Subject: [PATCH 10/30] add back python pre-commit hooks --- .pre-commit-config.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index b091ee4..4d5b771 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -88,6 +88,36 @@ repos: hooks: - id: shell-lint + # Python hooks + - repo: https://github.com/PyCQA/bandit + rev: 1.7.4 + hooks: + - id: bandit + args: + - --config=.bandit.yml + - repo: https://github.com/psf/black + rev: 22.10.0 + hooks: + - id: black + - repo: https://github.com/PyCQA/flake8 + rev: 5.0.4 + hooks: + - id: flake8 + additional_dependencies: + - flake8-docstrings + - repo: https://github.com/PyCQA/isort + rev: 5.10.1 + hooks: + - id: isort + - repo: https://github.com/pre-commit/mirrors-mypy + rev: v0.990 + hooks: + - id: mypy + - repo: https://github.com/asottile/pyupgrade + rev: v3.2.0 + hooks: + - id: pyupgrade + # Ansible hooks - repo: https://github.com/ansible-community/ansible-lint rev: v5.4.0 From 9397e896b2e9d28a6d7445fac40da4d44a09b0bb Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Wed, 18 Jan 2023 09:06:29 -0800 Subject: [PATCH 11/30] minimize tab size --- Makefile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 6c46057..16a6b20 100644 --- a/Makefile +++ b/Makefile @@ -3,16 +3,16 @@ include .env # target: help - display callable targets. help: - @egrep "^# target:" [Mm]akefile + @egrep "^# target:" [Mm]akefile # target: run - run the application run: - go run *.go + go run *.go # target: test - run application tests test: - go test -v ./... + go test -v ./... # target: tidy - add missing necessary modules and remove unused modules tidy: - go mod tidy + go mod tidy From e95a2016c52ef83e86c22f499deb2cc1dcbd8dd9 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Wed, 18 Jan 2023 10:44:19 -0800 Subject: [PATCH 12/30] update codeowners --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 026d08a..a3e3e21 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -3,7 +3,7 @@ # These owners will be the default owners for everything in the # repo. Unless a later match takes precedence, these owners will be # requested for review when someone opens a pull request. -* @dav3r @felddy @itsmostafa @izzy64 @jsf9k @mcdonnnj +* @itsmostafa @izzy64 # These folks own any files in the .github directory at the root of # the repository and any of its subdirectories. From 3add000073e20deba5ce69e868236d0bde794655 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Wed, 18 Jan 2023 10:47:43 -0800 Subject: [PATCH 13/30] fix gitignore formatting --- .gitignore | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index f839149..f9fbf81 100644 --- a/.gitignore +++ b/.gitignore @@ -2,12 +2,14 @@ # Files already tracked by Git are not affected. # See: https://git-scm.com/docs/gitignore -# Binaries +## Binaries ## +*.dll +*.dylib *.exe *.exe~ -*.dll *.so -*.dylib +# Test binary, built with `go test -c` +*.test ## Python ## __pycache__ @@ -15,8 +17,5 @@ __pycache__ .python-version .venv -# Test binary, built with `go test -c` -*.test - -# Environment variables +# Environment variables ## .env From e3c2e82955ab02e64b5d857403dcf2d4c18bedd8 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Wed, 18 Jan 2023 10:50:11 -0800 Subject: [PATCH 14/30] update pre-commit-config format --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 4d5b771..90f52d1 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -34,8 +34,8 @@ repos: rev: v0.5.0 hooks: - id: go-fmt - - id: no-go-testing - id: go-unit-tests + - id: no-go-testing # Text file hooks - repo: https://github.com/igorshubovych/markdownlint-cli From b732ed37a0ef693f9c2844d6e84edfd78f2fb382 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Wed, 18 Jan 2023 10:51:57 -0800 Subject: [PATCH 15/30] revert quotation change in pre-commit-config --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 90f52d1..f1ed288 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -76,7 +76,7 @@ repos: args: # Indent by two spaces - -i - - "2" + - '2' # Binary operators may start a line - -bn # Switch cases are indented From 446b38f96c54b2249c0a9d61f95bae93f4a9f4ac Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Wed, 18 Jan 2023 10:53:10 -0800 Subject: [PATCH 16/30] update Makefile format --- Makefile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 16a6b20..45bb56e 100644 --- a/Makefile +++ b/Makefile @@ -3,16 +3,16 @@ include .env # target: help - display callable targets. help: - @egrep "^# target:" [Mm]akefile + @egrep "^# target:" [Mm]akefile # target: run - run the application run: - go run *.go + go run *.go # target: test - run application tests test: - go test -v ./... + go test -v ./... # target: tidy - add missing necessary modules and remove unused modules tidy: - go mod tidy + go mod tidy From 8c33d7c4e91f24e6457a0fa1941c94083a5e8111 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Wed, 18 Jan 2023 11:06:16 -0800 Subject: [PATCH 17/30] add missing char format in gitignore --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index f9fbf81..7358085 100644 --- a/.gitignore +++ b/.gitignore @@ -17,5 +17,5 @@ __pycache__ .python-version .venv -# Environment variables ## +## Environment variables ## .env From a6d76db7278d096c99f904345a7e481c81e6dfcc Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Wed, 18 Jan 2023 11:11:07 -0800 Subject: [PATCH 18/30] move golang hooks down above python hooks in pre-commit-config --- .pre-commit-config.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index f1ed288..cbf31d5 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -29,14 +29,6 @@ repos: - id: requirements-txt-fixer - id: trailing-whitespace - # Golang hooks - - repo: https://github.com/dnephin/pre-commit-golang - rev: v0.5.0 - hooks: - - id: go-fmt - - id: go-unit-tests - - id: no-go-testing - # Text file hooks - repo: https://github.com/igorshubovych/markdownlint-cli rev: v0.32.2 @@ -88,6 +80,14 @@ repos: hooks: - id: shell-lint + # Golang hooks + - repo: https://github.com/dnephin/pre-commit-golang + rev: v0.5.0 + hooks: + - id: go-fmt + - id: go-unit-tests + - id: no-go-testing + # Python hooks - repo: https://github.com/PyCQA/bandit rev: 1.7.4 From 2effac3853410ab9abf9d2e8b35772f45d8b2ad2 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Thu, 19 Jan 2023 09:41:17 -0800 Subject: [PATCH 19/30] update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 9093cad..a8e4fdb 100644 --- a/README.md +++ b/README.md @@ -8,11 +8,11 @@ This repo contains the tasks portion for Con-PCA, Continuous Phishing Assessment. This application is reponsible for executing scheduled tasks for Con-PCA at scale. -## Con-PCA Repositories ## +## Related Con-PCA Repositories ## - [con-pca-api](https://github.com/cisagov/con-pca-api) -- [con-pca-web](https://github.com/cisagov/con-pca-web) - [con-pca-cicd](https://github.com/cisagov/con-pca-cicd) +- [con-pca-web](https://github.com/cisagov/con-pca-web) ## Commands ## From 8072434cb29e9fdbfe0405685034d6d206387e72 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Thu, 19 Jan 2023 11:44:00 -0800 Subject: [PATCH 20/30] add codeql analysis workflow --- .github/workflows/codeql-analysis.yml | 67 +++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..f4c3a78 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,67 @@ +--- +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +name: "CodeQL" + +on: + push: + # Dependabot triggered push events have read-only access, but uploading code + # scanning requires write access. + branches-ignore: + - dependabot/** + pull_request: + # The branches below must be a subset of the branches above + branches: + - develop + schedule: + - cron: "0 12 * * 5" + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + # required for all workflows + security-events: write + strategy: + fail-fast: false + matrix: + # Override automatic language detection by changing the below list + # Supported options are go, javascript, csharp, python, cpp, and java + language: + - go + # Learn more... + # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + + # Autobuild attempts to build any compiled languages (C/C++, C#, or + # Java). If this step fails, then you should remove it and run the build + # manually (see below). + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following + # three lines and modify them (or add more) to build your code if your + # project uses a compiled language + + # - run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 From f0ce5c764ca219cdbcdd3b654d723bd6555b35bb Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Wed, 25 Jan 2023 19:38:15 -0800 Subject: [PATCH 21/30] add gh actions step for go test --- .github/workflows/build.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8d17421..8825b49 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -98,3 +98,18 @@ jobs: - name: Setup tmate debug session uses: mxschmitt/action-tmate@v3 if: env.RUN_TMATE + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Set up Go + uses: actions/setup-go@v3 + with: + go-version: 1.19 + + - name: Build + run: go build -v ./... + + - name: Test + run: go test -v ./... From cd172760f721a29949c0e3fef819b4daa28ace65 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Wed, 25 Jan 2023 19:51:21 -0800 Subject: [PATCH 22/30] update gh action tests --- .github/workflows/build.yml | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8825b49..13e39a6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -100,16 +100,21 @@ jobs: if: env.RUN_TMATE test: runs-on: ubuntu-latest + strategy: + matrix: + go-version: ["1.18", "1.19"] steps: - uses: actions/checkout@v3 - - name: Set up Go uses: actions/setup-go@v3 with: - go-version: 1.19 - - - name: Build + go-version: ${{ matrix.go-version }} + - name: Install dependencies + run: go mod download + - name: Build executable file run: go build -v ./... - - - name: Test + - name: Run tests run: go test -v ./... + - name: Setup tmate debug session + uses: mxschmitt/action-tmate@v3 + if: env.RUN_TMATE From 7751db53ea6145e573bea708aea853b28cc8aea0 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Thu, 26 Jan 2023 08:27:19 -0800 Subject: [PATCH 23/30] update test steps in build.yml --- .github/workflows/build.yml | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 13e39a6..073aa68 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -102,13 +102,28 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - go-version: ["1.18", "1.19"] + go-version: + - "1.18" + - "1.19" steps: - - uses: actions/checkout@v3 - - name: Set up Go + # We need the Go version and Go cache location for the actions/cache step, + # so the Go installation must happen before that. + - id: setup-go uses: actions/setup-go@v3 with: go-version: ${{ matrix.go-version }} + - uses: actions/cache@v3 + env: + BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\ + go${{ steps.setup-go.outputs.go-version }}-" + with: + path: | + ${{ steps.go-cache.outputs.dir }} + key: "${{ env.BASE_CACHE_KEY }}\ + ${{ hashFiles('go.mod') }}-\ + ${{ hashFiles('go.sum') }}" + restore-keys: | + ${{ env.BASE_CACHE_KEY }} - name: Install dependencies run: go mod download - name: Build executable file From 38c2dcb42941cc8b8d2548a6363176f3698bc211 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Thu, 26 Jan 2023 08:38:44 -0800 Subject: [PATCH 24/30] add missing caching step --- .github/workflows/build.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 073aa68..93c66bb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -112,6 +112,10 @@ jobs: uses: actions/setup-go@v3 with: go-version: ${{ matrix.go-version }} + - name: Lookup Go cache directory + id: go-cache + run: | + echo "dir=$(go env GOCACHE)" >> $GITHUB_OUTPUT - uses: actions/cache@v3 env: BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\ From a892aafd92832b4bb739e1e1b8879ed64eab4494 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Thu, 26 Jan 2023 08:54:15 -0800 Subject: [PATCH 25/30] add gorilla/mux dependancy --- go.mod | 2 ++ go.sum | 2 ++ 2 files changed, 4 insertions(+) diff --git a/go.mod b/go.mod index 6d551a9..560a4b0 100644 --- a/go.mod +++ b/go.mod @@ -1,3 +1,5 @@ module github.com/cisagov/con-pca-tasks go 1.19 + +require github.com/gorilla/mux v1.8.0 diff --git a/go.sum b/go.sum index e69de29..5350288 100644 --- a/go.sum +++ b/go.sum @@ -0,0 +1,2 @@ +github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= +github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= From 6ab301d53b29c3ef056462a63f4656455bb9a9fa Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Thu, 26 Jan 2023 08:58:55 -0800 Subject: [PATCH 26/30] remove unnecessary step --- .github/workflows/build.yml | 2 -- Makefile | 15 ++++++++++----- README.md | 21 ++++++++++++--------- main.go | 3 ++- 4 files changed, 24 insertions(+), 17 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 93c66bb..81963fc 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -128,8 +128,6 @@ jobs: ${{ hashFiles('go.sum') }}" restore-keys: | ${{ env.BASE_CACHE_KEY }} - - name: Install dependencies - run: go mod download - name: Build executable file run: go build -v ./... - name: Run tests diff --git a/Makefile b/Makefile index 45bb56e..34f92b0 100644 --- a/Makefile +++ b/Makefile @@ -1,18 +1,23 @@ .PHONY: help run test tidy include .env -# target: help - display callable targets. +# make all - Default Target. Does nothing. +all: + @echo "Helper commands." + @echo "For more information try 'make help'." + +# target: help - Display callable targets. help: - @egrep "^# target:" [Mm]akefile + @egrep "^# target:" [Mm]akefile # target: run - run the application run: - go run *.go + go run *.go # target: test - run application tests test: - go test -v ./... + go test -v ./... # target: tidy - add missing necessary modules and remove unused modules tidy: - go mod tidy + go mod tidy diff --git a/README.md b/README.md index a8e4fdb..b3f41b2 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,13 @@ # Con-PCA Tasks # [![GitHub Build Status](https://github.com/cisagov/con-pca-tasks/workflows/build/badge.svg)](https://github.com/cisagov/con-pca-tasks/actions) +[![CodeQL](https://github.com/cisagov/con-pca-tasks/workflows/CodeQL/badge.svg)](https://github.com/cisagov/con-pca-tasks/actions/workflows/codeql-analysis.yml) ## Description ## -This repo contains the tasks portion for Con-PCA, Continuous Phishing -Assessment. This application is reponsible for executing scheduled tasks for -Con-PCA at scale. +This project contains the tasks portion for Continuous Phishing Campaign +Assessment (Con-PCA). This application is reponsible for executing scheduled +tasks for Con-PCA at scale. ## Related Con-PCA Repositories ## @@ -14,15 +15,17 @@ Con-PCA at scale. - [con-pca-cicd](https://github.com/cisagov/con-pca-cicd) - [con-pca-web](https://github.com/cisagov/con-pca-web) -## Commands ## +### Running the application ### -Run application +```console +make run +``` -- `make run` +### Testing the application ### -Test application - -- `make test` +```console +make test +``` ## Contributing ## diff --git a/main.go b/main.go index b5b6acc..6ab718b 100644 --- a/main.go +++ b/main.go @@ -5,10 +5,11 @@ import ( "net/http" "github.com/cisagov/con-pca-tasks/controllers" + "github.com/gorilla/mux" ) func main() { - mux := http.NewServeMux() + mux := mux.NewRouter() mux.HandleFunc("/", controllers.HealthCheckHandler) port := ":8080" From 619b4f5ac06da6834d5ff9ee77678c27f13792ac Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Thu, 26 Jan 2023 09:01:54 -0800 Subject: [PATCH 27/30] switch build and test for caching alternatives --- .github/workflows/build.yml | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 81963fc..467ffc8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -128,10 +128,25 @@ jobs: ${{ hashFiles('go.sum') }}" restore-keys: | ${{ env.BASE_CACHE_KEY }} - - name: Build executable file - run: go build -v ./... - - name: Run tests - run: go test -v ./... + # Cache go build cache, used to speedup go test + - name: Go Build Cache + uses: actions/cache@v2 + with: + path: | + ${{ steps.go-cache.outputs.dir }} + key: "${{ env.BASE_CACHE_KEY }}\ + ${{ hashFiles('go.mod') }}-\ + ${{ hashFiles('go.sum') }}" + + # Cache go mod cache, used to speedup builds + - name: Go Mod Cache + uses: actions/cache@v2 + with: + path: | + ${{ steps.go-cache.outputs.dir }} + key: "${{ env.BASE_CACHE_KEY }}\ + ${{ hashFiles('go.mod') }}-\ + ${{ hashFiles('go.sum') }}" - name: Setup tmate debug session uses: mxschmitt/action-tmate@v3 if: env.RUN_TMATE From 5460a0e9a13de4369f26f8b7c38a642afb5368fb Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Thu, 26 Jan 2023 09:26:26 -0800 Subject: [PATCH 28/30] replacing gorilla/mux in favor of chi router --- go.mod | 2 +- go.sum | 4 ++-- main.go | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 560a4b0..585103a 100644 --- a/go.mod +++ b/go.mod @@ -2,4 +2,4 @@ module github.com/cisagov/con-pca-tasks go 1.19 -require github.com/gorilla/mux v1.8.0 +require github.com/go-chi/chi v1.5.4 diff --git a/go.sum b/go.sum index 5350288..874ed9a 100644 --- a/go.sum +++ b/go.sum @@ -1,2 +1,2 @@ -github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= -github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= +github.com/go-chi/chi v1.5.4 h1:QHdzF2szwjqVV4wmByUnTcsbIg7UGaQ0tPF2t5GcAIs= +github.com/go-chi/chi v1.5.4/go.mod h1:uaf8YgoFazUOkPBG7fxPftUylNumIev9awIWOENIuEg= diff --git a/main.go b/main.go index 6ab718b..afb643c 100644 --- a/main.go +++ b/main.go @@ -5,12 +5,12 @@ import ( "net/http" "github.com/cisagov/con-pca-tasks/controllers" - "github.com/gorilla/mux" + "github.com/go-chi/chi" ) func main() { - mux := mux.NewRouter() - mux.HandleFunc("/", controllers.HealthCheckHandler) + mux := chi.NewRouter() + mux.Get("/", controllers.HealthCheckHandler) port := ":8080" log.Printf("listening on port %s", port) From 5b1493b033102587c6a7655d569ca0ce321f8f8f Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Thu, 26 Jan 2023 10:16:29 -0800 Subject: [PATCH 29/30] fix gh actions test step --- .github/workflows/build.yml | 26 +++++++------------------- 1 file changed, 7 insertions(+), 19 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 467ffc8..20cede1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -108,6 +108,7 @@ jobs: steps: # We need the Go version and Go cache location for the actions/cache step, # so the Go installation must happen before that. + - uses: actions/checkout@v3 - id: setup-go uses: actions/setup-go@v3 with: @@ -128,25 +129,12 @@ jobs: ${{ hashFiles('go.sum') }}" restore-keys: | ${{ env.BASE_CACHE_KEY }} - # Cache go build cache, used to speedup go test - - name: Go Build Cache - uses: actions/cache@v2 - with: - path: | - ${{ steps.go-cache.outputs.dir }} - key: "${{ env.BASE_CACHE_KEY }}\ - ${{ hashFiles('go.mod') }}-\ - ${{ hashFiles('go.sum') }}" - - # Cache go mod cache, used to speedup builds - - name: Go Mod Cache - uses: actions/cache@v2 - with: - path: | - ${{ steps.go-cache.outputs.dir }} - key: "${{ env.BASE_CACHE_KEY }}\ - ${{ hashFiles('go.mod') }}-\ - ${{ hashFiles('go.sum') }}" + - name: Install dependencies + run: go mod download + - name: Build application + run: go build -v ./... + - name: Test application + run: go test -v ./... - name: Setup tmate debug session uses: mxschmitt/action-tmate@v3 if: env.RUN_TMATE From 98209ca2c2f00135c5a455a5fdc8fc71f9493b51 Mon Sep 17 00:00:00 2001 From: Mostafa Abdo Date: Thu, 26 Jan 2023 15:15:17 -0800 Subject: [PATCH 30/30] update build.yml test step format --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 20cede1..fd682c0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -106,9 +106,9 @@ jobs: - "1.18" - "1.19" steps: + - uses: actions/checkout@v3 # We need the Go version and Go cache location for the actions/cache step, # so the Go installation must happen before that. - - uses: actions/checkout@v3 - id: setup-go uses: actions/setup-go@v3 with: