Enable Circle CI

.circleci/config.yml

@@ -0,0 +1,74 @@
+# Golang CircleCI 2.0 configuration file
+#
+# Check https://circleci.com/docs/2.0/language-go/ for more details
+version: 2
+jobs:
+  format:
+    docker:
+      - image: circleci/golang:1.12
+        environment:
+          - GO111MODULE=on
+    working_directory: /go/src/github.com/ory/hive
+    steps:
+      - checkout
+      - restore_cache:
+          keys:
+            - go-mod-v1-{{ checksum "go.sum" }}
+      - run: go mod download
+      - run: go mod vendor
+      - save_cache:
+          key: go-mod-v1-{{ checksum "go.sum" }}
+          paths:
+            - "/go/pkg/mod"
+      - run: curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(go env GOPATH)/bin v1.17.1
+      - run: make lint
+
+  test:
+    docker:
+      - image: circleci/golang:1.12
+        environment:
+          - GO111MODULE=on
+          - TEST_SELFSERVICE_OIDC_HYDRA_ADMIN=http://127.0.0.1:4445
+          - TEST_SELFSERVICE_OIDC_HYDRA_PUBLIC=http://127.0.0.1:4444
+          - TEST_SELFSERVICE_OIDC_HYDRA_INTEGRATION_ADDR=127.0.0.1:4499
+      - image: oryd/hydra:v1.0.0
+        environment:
+          - DSN=memory
+          - URLS_SELF_ISSUER=http://127.0.0.1:4444/
+          - URLS_LOGIN=http://127.0.0.1:4499/login
+          - URLS_CONSENT=http://127.0.0.1:4499/consent
+        command: serve all --dangerous-force-http
+    working_directory: /go/src/github.com/ory/hive
+    steps:
+      - checkout
+      - setup_remote_docker
+      - run:
+          command: |
+            ./.circleci/release_name.bash
+            echo 'export DOCKER_SHORT_TAG=$CIRCLE_SHA1' >> $BASH_ENV
+            source $BASH_ENV
+      - run: GO111MODULE=off go get github.com/mattn/goveralls github.com/ory/go-acc
+      - restore_cache:
+          keys:
+            - go-mod-v1-{{ checksum "go.sum" }}
+      - run: go mod download
+      - save_cache:
+          key: go-mod-v1-{{ checksum "go.sum" }}
+          paths:
+            - "/go/pkg/mod"
+      - run: timeout 15 sh -c 'until nc -z $0 $1; do sleep 1; done' 127.0.0.1 4444
+      - run: go-acc -o coverage.txt ./... -- -failfast -timeout=20m -v
+      - run: test -z "$CIRCLE_PR_NUMBER" && goveralls -service=circle-ci -coverprofile=coverage.txt -repotoken=$COVERALLS_REPO_TOKEN || echo "forks are not allowed to push to coveralls"
+
+workflows:
+  version: 2
+  "test":
+    jobs:
+      - format:
+          filters:
+            tags:
+              only: /.*/
+      - test:
+          filters:
+            tags:
+              only: /.*/

.circleci/release_name.bash

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+release=$(curl -s "https://api.github.com/repos/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME/releases")
+tag=$(echo ${release} | jq -r ".[0].tag_name")
+tag_name=$(echo ${release} | jq -r ".[0].name")
+
+if [[ -n "$tag_name" ]]; then
+    echo "export RELEASE_NAME=$tag_name" >> $BASH_ENV
+elif [[ -n "$tag" ]]; then
+    echo "export RELEASE_NAME=$tag" >> $BASH_ENV
+else
+    echo "export RELEASE_NAME=$CIRCLE_SHA1" >> $BASH_ENV
+fi

.golangci.yml

@@ -0,0 +1,3 @@
+linters:
+  disable:
+    - ineffassign

Makefile

@@ -1,5 +1,10 @@
 SHELL=/bin/bash -o pipefail
 
+all:
+ifeq (, $(shell which golangci-lint))
+    curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(go env GOPATH)/bin v1.17.1
+endif
+
 .PHONY: init
 init:
 		GO111MODULE=off go get -u \
@@ -15,6 +20,10 @@ init:
 			github.com/go-openapi/strfmt \
 			github.com/golang/mock/...
 
+.PHONY: lint
+lint:
+		golangci-lint run
+
 .PHONY: format
 format:
 		goreturns -w -local github.com/ory $$(listx .)

README.md

@@ -1,3 +1,6 @@
 # hive
 
+[![Coverage Status](https://coveralls.io/repos/github/ory/hive/badge.svg?branch=master)](https://coveralls.io/github/ory/hive?branch=master)
+[![CircleCI](https://circleci.com/gh/ory/hive/tree/master.svg?style=shield)](https://circleci.com/gh/ory/hive/tree/master)
+
 Cloud Native User & Identity Provider & Management written in Go.

doc.go

@@ -28,6 +28,7 @@ package main
 // Error responses are sent when an error (e.g. unauthorized, bad request, ...) occurred.
 //
 // swagger:model genericError
+// nolint:deadcode,unused
 type genericError struct {
 	// Name is the error name.
 	//
@@ -55,4 +56,5 @@ type genericError struct {
 // typically 201.
 //
 // swagger:response emptyResponse
+// nolint:deadcode,unused
 type emptyResponse struct{}

errorx/manager_test.go

@@ -42,7 +42,7 @@ func TestManager(t *testing.T) {
 			time.Sleep(time.Millisecond)
 
 			require.NoError(t, m.Clear(time.Nanosecond, false))
-			got, err = m.Read(id)
+			_, err = m.Read(id)
 			require.Error(t, err)
 		})
 	}

identity/doc.go

@@ -1,6 +1,7 @@
 package identity
 
 // swagger:parameters createIdentity upsertIdentity
+// nolint:deadcode,unused
 type swaggerParametersCreateIdentity struct {
 	// in: body
 	// required: true

identity/identity.go

@@ -18,7 +18,7 @@ type CredentialsType string
 //
 // swagger:model identity
 type Identity struct {
-	l sync.RWMutex
+	l *sync.RWMutex
 
 	// PK: The primary key used for hive-internal processing. It is auto-assigned and immutable.
 	PK uint64 `json:"-" faker:"-" form:"-"`
@@ -38,9 +38,16 @@ type Identity struct {
 	Traits          json.RawMessage `json:"traits" form:"traits" faker:"-"`
 }
 
+func (i *Identity) lock() *sync.RWMutex {
+	if i.l == nil {
+		i.l = new(sync.RWMutex)
+	}
+	return i.l
+}
+
 func (i *Identity) SetCredentials(t CredentialsType, c Credentials) {
-	i.l.Lock()
-	defer i.l.Unlock()
+	i.lock().Lock()
+	defer i.lock().Unlock()
 	if i.Credentials == nil {
 		i.Credentials = make(map[CredentialsType]Credentials)
 	}
@@ -50,8 +57,8 @@ func (i *Identity) SetCredentials(t CredentialsType, c Credentials) {
 }
 
 func (i *Identity) GetCredentials(t CredentialsType) (*Credentials, bool) {
-	i.l.RLock()
-	defer i.l.RUnlock()
+	i.lock().RLock()
+	defer i.lock().RUnlock()
 
 	if c, ok := i.Credentials[t]; ok {
 		return &c, true
@@ -61,8 +68,8 @@ func (i *Identity) GetCredentials(t CredentialsType) (*Credentials, bool) {
 }
 
 func (i *Identity) WithoutCredentials() *Identity {
-	i.l.Lock()
-	defer i.l.Unlock()
+	i.lock().Lock()
+	defer i.lock().Unlock()
 	i.Credentials = nil
 	return i
 }
@@ -92,5 +99,6 @@ func NewIdentity(traitsSchemaURL string) *Identity {
 		// Metadata:        json.RawMessage("{}"),
 		Traits:          json.RawMessage("{}"),
 		TraitsSchemaURL: traitsSchemaURL,
+		l:               new(sync.RWMutex),
 	}
 }

identity/pool_memory.go

@@ -87,10 +87,10 @@ func (p *PoolMemory) Create(_ context.Context, i *Identity) (*Identity, error) {
 	return i, nil
 }
 
-func (p *PoolMemory) Upsert(_ context.Context, i *Identity) (*Identity, error) {
-	ii, err := p.Update(nil, i)
+func (p *PoolMemory) Upsert(ctx context.Context, i *Identity) (*Identity, error) {
+	ii, err := p.Update(ctx, i)
 	if err != nil && err.Error() == herodot.ErrNotFound.Error() {
-		return p.Create(nil, i)
+		return p.Create(ctx, i)
 	} else if err != nil {
 		return nil, err
 	}

identity/pool_test.go

@@ -68,10 +68,10 @@ func TestPool(t *testing.T) {
 
 			t.Run("case=create", func(t *testing.T) {
 				i := identities[0]
-				g, err := p.Create(ctx, &i)
+				_, err := p.Create(ctx, &i)
 				require.NoError(t, err)
 
-				g, err = p.Get(ctx, identities[0].ID)
+				g, err := p.Get(ctx, identities[0].ID)
 				require.NoError(t, err)
 
 				require.EqualValues(t, g, &i)
@@ -83,10 +83,10 @@ func TestPool(t *testing.T) {
 
 			t.Run("case=upsert", func(t *testing.T) {
 				i := identities[1]
-				g, err := p.Upsert(ctx, &i)
+				_, err := p.Upsert(ctx, &i)
 				require.NoError(t, err)
 
-				g, err = p.Get(ctx, identities[1].ID)
+				g, err := p.Get(ctx, identities[1].ID)
 				require.NoError(t, err)
 
 				require.EqualValues(t, g, &i)
@@ -109,12 +109,11 @@ func TestPool(t *testing.T) {
 			t.Run("case=update", func(t *testing.T) {
 				i := identities[0]
 				i.Traits = json.RawMessage(`["a"]`)
-				g, err := p.Update(ctx, &i)
+				_, err := p.Update(ctx, &i)
 				require.NoError(t, err)
 
-				g, err = p.Get(ctx, identities[0].ID)
+				g, err := p.Get(ctx, identities[0].ID)
 				require.NoError(t, err)
-
 				require.EqualValues(t, g, &i)
 
 				i2 := identities[2]

schema/loader.go

@@ -13,7 +13,7 @@ import (
 // NewWindowsCompatibleReferenceLoader returns a JSON reference loader using the given source and the local OS file system.
 func NewWindowsCompatibleReferenceLoader(source string) (_ gojsonschema.JSONLoader, err error) {
 	if runtime.GOOS == "windows" && strings.HasPrefix(source, "file://") {
-		source, err = filepath.Abs(strings.TrimLeft(source, "file://"))
+		source, err = filepath.Abs(strings.TrimPrefix(source, "file://"))
 		if err != nil {
 			return nil, errors.WithStack(err)
 		}

selfservice/handler_test.go

@@ -49,7 +49,7 @@ func TestLoginHandler(t *testing.T) {
 		defer res.Body.Close()
 		body, err := ioutil.ReadAll(res.Body)
 		require.NoError(t, err)
-		w.Write(body)
+		_, _ = w.Write(body)
 	}))
 	defer loginTS.Close()
 
@@ -103,7 +103,7 @@ func TestRegistrationHandler(t *testing.T) {
 		defer res.Body.Close()
 		body, err := ioutil.ReadAll(res.Body)
 		require.NoError(t, err)
-		w.Write(body)
+		_, _ = w.Write(body)
 	}))
 	defer loginTS.Close()
 

selfservice/oidc/strategy.go

@@ -255,8 +255,6 @@ func (s *Strategy) handleCallback(w http.ResponseWriter, r *http.Request, ps htt
 		s.handleError(w, r, ar.GetID(), err)
 		return
 	}
-
-	return
 }
 
 func uid(provider, subject string) string {
@@ -500,5 +498,4 @@ func (s *Strategy) handleError(w http.ResponseWriter, r *http.Request, rid strin
 	}
 
 	s.d.ErrorManager().ForwardError(w, r, err)
-	return
 }

selfservice/oidc/strategy_helper_test.go

@@ -3,6 +3,7 @@ package oidc_test
 import (
 	"bytes"
 	"encoding/json"
+	"fmt"
 	"io"
 	"net/http"
 	"net/http/httptest"
@@ -67,7 +68,7 @@ func createClient(t *testing.T, remote string, redir string) {
 	}))
 }
 
-func newHydraIntegration(t *testing.T, remote *string, subject *string, scope *[]string) *httptest.Server {
+func newHydraIntegration(t *testing.T, remote *string, subject *string, scope *[]string, addr string) (*http.Server, string) {
 	router := httprouter.New()
 
 	type p struct {
@@ -122,7 +123,19 @@ func newHydraIntegration(t *testing.T, remote *string, subject *string, scope *[
 		do(w, r, href, &b)
 	})
 
-	return httptest.NewServer(router)
+	if addr == "" {
+		server := httptest.NewServer(router)
+		return server.Config, server.URL
+	}
+	server := &http.Server{Addr: addr, Handler: router}
+	go func() {
+		err := server.ListenAndServe()
+		if err == http.ErrServerClosed {
+		} else if err != nil {
+			panic(err)
+		}
+	}()
+	return server, fmt.Sprintf("http://%s", addr)
 }
 
 func newReturnTs(t *testing.T, reg driver.Registry) *httptest.Server {