First commits

.github/CODEOWNERS

@@ -3,7 +3,7 @@
 # These owners will be the default owners for everything in the
 # repo. Unless a later match takes precedence, these owners will be
 # requested for review when someone opens a pull request.
-* @dav3r @felddy @jsf9k @mcdonnnj
+* @itsmostafa @izzy64
 
 # These folks own any files in the .github directory at the root of
 # the repository and any of its subdirectories.

.github/workflows/build.yml

@@ -98,3 +98,43 @@ jobs:
  - name: Setup tmate debug session
  uses: mxschmitt/action-tmate@v3
  if: env.RUN_TMATE
+ test:
+ runs-on: ubuntu-latest
+ strategy:
+ matrix:
+ go-version:
+ - "1.18"
+ - "1.19"
+ steps:
+ - uses: actions/checkout@v3
+ # We need the Go version and Go cache location for the actions/cache step,
+ # so the Go installation must happen before that.
+ - id: setup-go
+ uses: actions/setup-go@v3
+ with:
+ go-version: ${{ matrix.go-version }}
+ - name: Lookup Go cache directory
+ id: go-cache
+ run: |
+ echo "dir=$(go env GOCACHE)" >> $GITHUB_OUTPUT
+ - uses: actions/cache@v3
+ env:
+ BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\
+ go${{ steps.setup-go.outputs.go-version }}-"
+ with:
+ path: |
+ ${{ steps.go-cache.outputs.dir }}
+ key: "${{ env.BASE_CACHE_KEY }}\
+ ${{ hashFiles('go.mod') }}-\
+ ${{ hashFiles('go.sum') }}"
+ restore-keys: |
+ ${{ env.BASE_CACHE_KEY }}
+ - name: Install dependencies
+ run: go mod download
+ - name: Build application
+ run: go build -v ./...
+ - name: Test application
+ run: go test -v ./...
+ - name: Setup tmate debug session
+ uses: mxschmitt/action-tmate@v3
+ if: env.RUN_TMATE

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,67 @@
+---
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+name: "CodeQL"
+
+on:
+ push:
+ # Dependabot triggered push events have read-only access, but uploading code
+ # scanning requires write access.
+ branches-ignore:
+ - dependabot/**
+ pull_request:
+ # The branches below must be a subset of the branches above
+ branches:
+ - develop
+ schedule:
+ - cron: "0 12 * * 5"
+
+jobs:
+ analyze:
+ name: Analyze
+ runs-on: ubuntu-latest
+ permissions:
+ # required for all workflows
+ security-events: write
+ strategy:
+ fail-fast: false
+ matrix:
+ # Override automatic language detection by changing the below list
+ # Supported options are go, javascript, csharp, python, cpp, and java
+ language:
+ - go
+ # Learn more...
+ # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v3
+
+ # Initializes the CodeQL tools for scanning.
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v2
+ with:
+ languages: ${{ matrix.language }}
+
+ # Autobuild attempts to build any compiled languages (C/C++, C#, or
+ # Java). If this step fails, then you should remove it and run the build
+ # manually (see below).
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@v2
+
+ # ℹ️ Command-line programs to run using the OS shell.
+ # 📚 https://git.io/JvXDl
+
+ # ✏️ If the Autobuild fails above, remove it and uncomment the following
+ # three lines and modify them (or add more) to build your code if your
+ # project uses a compiled language
+
+ # - run: |
+ # make bootstrap
+ # make release
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v2

.gitignore

@@ -2,7 +2,20 @@
 # Files already tracked by Git are not affected.
 # See: https://git-scm.com/docs/gitignore
 
+## Binaries ##
+*.dll
+*.dylib
+*.exe
+*.exe~
+*.so
+# Test binary, built with `go test -c`
+*.test
+
 ## Python ##
 __pycache__
 .mypy_cache
 .python-version
+.venv
+
+## Environment variables ##
+.env

.pre-commit-config.yaml

@@ -80,6 +80,14 @@ repos:
  hooks:
  - id: shell-lint
 
+ # Golang hooks
+ - repo: https://github.com/dnephin/pre-commit-golang
+ rev: v0.5.0
+ hooks:
+ - id: go-fmt
+ - id: go-unit-tests
+ - id: no-go-testing
+
  # Python hooks
  - repo: https://github.com/PyCQA/bandit
  rev: 1.7.4

Makefile

@@ -0,0 +1,23 @@
+.PHONY: help run test tidy
+include .env
+
+# make all - Default Target. Does nothing.
+all:
+ @echo "Helper commands."
+ @echo "For more information try 'make help'."
+
+# target: help - Display callable targets.
+help:
+ @egrep "^# target:" [Mm]akefile
+
+# target: run - run the application
+run:
+ go run *.go
+
+# target: test - run application tests
+test:
+ go test -v ./...
+
+# target: tidy - add missing necessary modules and remove unused modules
+tidy:
+ go mod tidy

README.md

@@ -1,23 +1,31 @@
-# con-pca-tasks #
+# Con-PCA Tasks #
 
 [![GitHub Build Status](https://github.com/cisagov/con-pca-tasks/workflows/build/badge.svg)](https://github.com/cisagov/con-pca-tasks/actions)
+[![CodeQL](https://github.com/cisagov/con-pca-tasks/workflows/CodeQL/badge.svg)](https://github.com/cisagov/con-pca-tasks/actions/workflows/codeql-analysis.yml)
 
-This is a generic skeleton project that can be used to quickly get a
-new [cisagov](https://github.com/cisagov) GitHub project started.
-This skeleton project contains [licensing information](LICENSE), as
-well as [pre-commit hooks](https://pre-commit.com) and
-[GitHub Actions](https://github.com/features/actions) configurations
-appropriate for the major languages that we use.
+## Description ##
 
-In many cases you will instead want to use one of the more specific
-skeleton projects derived from this one.
+This project contains the tasks portion for Continuous Phishing Campaign
+Assessment (Con-PCA). This application is reponsible for executing scheduled
+tasks for Con-PCA at scale.
 
-## New Repositories from a Skeleton ##
+## Related Con-PCA Repositories ##
 
-Please see our [Project Setup guide](https://github.com/cisagov/development-guide/tree/develop/project_setup)
-for step-by-step instructions on how to start a new repository from
-a skeleton. This will save you time and effort when configuring a
-new repository!
+- [con-pca-api](https://github.com/cisagov/con-pca-api)
+- [con-pca-cicd](https://github.com/cisagov/con-pca-cicd)
+- [con-pca-web](https://github.com/cisagov/con-pca-web)
+
+### Running the application ###
+
+```console
+make run
+```
+
+### Testing the application ###
+
+```console
+make test
+```
 
 ## Contributing ##
 

controllers/controllers.go

@@ -0,0 +1,11 @@
+package controllers
+
+import (
+ "fmt"
+ "net/http"
+)
+
+// HealthCheckHandler indicates that the server is up and running.
+func HealthCheckHandler(w http.ResponseWriter, r *http.Request) {
+ fmt.Fprintf(w, "Up and running!")
+}

controllers/controllers_test.go

@@ -0,0 +1,23 @@
+package controllers
+
+import (
+ "io"
+ "net/http"
+ "net/http/httptest"
+ "testing"
+)
+
+func TestHealthCheckHandler(t *testing.T) {
+ req := httptest.NewRequest(http.MethodGet, "/", nil)
+ w := httptest.NewRecorder()
+ HealthCheckHandler(w, req)
+ res := w.Result()
+ defer res.Body.Close()
+ data, err := io.ReadAll(res.Body)
+ if err != nil {
+ t.Errorf("expected error to be nil got %v", err)
+ }
+ if string(data) != "Up and running!" {
+ t.Errorf("expected 'Up and running!', but got %v", string(data))
+ }
+}

go.mod

@@ -0,0 +1,5 @@
+module github.com/cisagov/con-pca-tasks
+
+go 1.19
+
+require github.com/go-chi/chi v1.5.4

go.sum

@@ -0,0 +1,2 @@
+github.com/go-chi/chi v1.5.4 h1:QHdzF2szwjqVV4wmByUnTcsbIg7UGaQ0tPF2t5GcAIs=
+github.com/go-chi/chi v1.5.4/go.mod h1:uaf8YgoFazUOkPBG7fxPftUylNumIev9awIWOENIuEg=

main.go

@@ -0,0 +1,18 @@
+package main
+
+import (
+ "log"
+ "net/http"
+
+ "github.com/cisagov/con-pca-tasks/controllers"
+ "github.com/go-chi/chi"
+)
+
+func main() {
+ mux := chi.NewRouter()
+ mux.Get("/", controllers.HealthCheckHandler)
+
+ port := ":8080"
+ log.Printf("listening on port %s", port)
+ log.Println(http.ListenAndServe(port, mux))
+}