(Feat): Initial Commit
Some checks failed
Build & Test / build-test (push) Has been cancelled
Build & Test / swagger-codegen-cli (push) Has been cancelled
CodeQL / Analyze (go) (push) Has been cancelled

This commit is contained in:
2026-07-03 19:41:31 +05:30
commit 7e940c83a7
461 changed files with 45002 additions and 0 deletions

1
.github/README.md vendored Symbolic link
View File

@@ -0,0 +1 @@
../README-go-starter.md

22
.github/dependabot.yml vendored Normal file
View File

@@ -0,0 +1,22 @@
version: 2
updates:
# Enable version updates for gomod
- package-ecosystem: "gomod"
directory: "/"
schedule:
interval: "daily"
# Enable version updates for Docker
- package-ecosystem: "docker"
# Look for a `Dockerfile` in the `root` directory
directory: "/"
schedule:
interval: "daily"
# Enable version updates for github-actions
- package-ecosystem: "github-actions"
# Workflow files stored in the
# default location of `.github/workflows`
directory: "/"
schedule:
interval: "daily"

102
.github/workflows/build-test.yml vendored Normal file
View File

@@ -0,0 +1,102 @@
name: Build & Test
on:
push:
branches: "**"
# pull_request:
# branches: [master]
# types: [opened, reopened] # avoid running twice (on push above), see https://github.com/open-telemetry/opentelemetry-python/issues/1370
env:
DOCKER_ENV_FILE: ".github/workflows/docker.env"
permissions:
security-events: write
actions: write
contents: read
jobs:
build-test:
runs-on: ubuntu-latest
services:
postgres:
image: postgres:17.4-alpine # should be the same version as used in .drone.yml, .github/workflows, Dockerfile and live
env:
POSTGRES_DB: "development"
POSTGRES_USER: "dbuser"
POSTGRES_PASSWORD: "dbpass"
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
integresql:
image: ghcr.io/allaboutapps/integresql:v1.1.0
env:
PGHOST: "postgres"
PGUSER: "dbuser"
PGPASSWORD: "dbpass"
mailhog:
image: mailhog/mailhog
steps:
- uses: actions/checkout@v4
- name: docker build (target builder)
run: DOCKER_BUILDKIT=1 docker build --target builder --file Dockerfile --tag allaboutapps.dev/aw/go-starter:builder-${GITHUB_SHA} .
- name: docker build (target app)
run: DOCKER_BUILDKIT=1 docker build --target app --file Dockerfile --tag allaboutapps.dev/aw/go-starter:app-${GITHUB_SHA} .
- name: trivy scan
uses: aquasecurity/trivy-action@master
with:
image-ref: 'allaboutapps.dev/aw/go-starter:app-${{ github.sha }}'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results.sarif'
severity: 'CRITICAL,HIGH'
ignore-unfixed: true
- name: docker run (target builder)
run: docker run -d --env-file $DOCKER_ENV_FILE --network "${{ job.services.postgres.network }}" --name=builder -it allaboutapps.dev/aw/go-starter:builder-${GITHUB_SHA}
- name: "build & diff"
# Note builder stage now includes .git, thus we rm it again to again diff with the original git workspace
run: |
docker exec builder make tidy
docker exec builder make build
docker cp builder:/app ./post-build && rm -rf ./post-build/.git && git -C post-build diff --exit-code
- name: test
run: docker exec builder make test
- name: upload coverage to codecov
run: docker cp builder:/tmp/coverage.out ./coverage.out && bash <(curl -s https://codecov.io/bash)
- name: test-scripts (gsdev, go-starter only)
if: ${{ github.repository == 'allaboutapps/go-starter' }}
run: docker exec builder make test-scripts
- name: info
run: docker exec builder make info
- name: "binary: deps"
run: docker exec builder bash -c 'make get-embedded-modules-count && make get-embedded-modules'
- name: "binary: licenses"
run: docker exec builder make get-licenses
- name: docker run (target app)
run: |
docker run --env-file $DOCKER_ENV_FILE --network "${{ job.services.postgres.network }}" allaboutapps.dev/aw/go-starter:app-${GITHUB_SHA} help
docker run --env-file $DOCKER_ENV_FILE --network "${{ job.services.postgres.network }}" allaboutapps.dev/aw/go-starter:app-${GITHUB_SHA} -v
docker run --env-file $DOCKER_ENV_FILE --network "${{ job.services.postgres.network }}" allaboutapps.dev/aw/go-starter:app-${GITHUB_SHA} env
- name: upload trivy scan results to GitHub security tab
# Currently limited to master because of the following:
# Workflows triggered by Dependabot on the "push" event run with read-only access. Uploading Code Scanning results requires write access.
# To use Code Scanning with Dependabot, please ensure you are using the "pull_request" event for this workflow and avoid triggering on the "push" event for Dependabot branches.
# See https://docs.github.com/en/code-security/secure-coding/configuring-code-scanning#scanning-on-push for more information on how to configure these events.
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'
- name: stop container
if: ${{ always() }}
run: docker stop builder
- name: remove container
if: ${{ always() }}
run: docker rm builder
swagger-codegen-cli:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: run the main swagger.yml validation
run: |
docker run --rm -v ${{ github.workspace }}:/local swaggerapi/swagger-codegen-cli validate -i /local/api/swagger.yml

75
.github/workflows/codeql-analysis.yml vendored Normal file
View File

@@ -0,0 +1,75 @@
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
name: "CodeQL"
on:
push:
# Currently limited to master because of the following:
# Workflows triggered by Dependabot on the "push" event run with read-only access. Uploading Code Scanning results requires write access.
# To use Code Scanning with Dependabot, please ensure you are using the "pull_request" event for this workflow and avoid triggering on the "push" event for Dependabot branches.
# See https://docs.github.com/en/code-security/secure-coding/configuring-code-scanning#scanning-on-push for more information on how to configure these events.
branches: [master]
pull_request:
# The branches below must be a subset of the branches above
branches: [master]
schedule:
- cron: '0 19 * * 5'
permissions:
security-events: write
actions: write
contents: read
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
# Override automatic language detection by changing the below list
# Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
language: ['go']
# Learn more...
# https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
steps:
- name: Checkout repository
uses: actions/checkout@v2.3.4
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v3
# Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language
#- run: |
# make bootstrap
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3

22
.github/workflows/docker.env vendored Normal file
View File

@@ -0,0 +1,22 @@
CI=true
GITHUB_ACTIONS=true
# required: env for main working database, service
# default for sql-migrate (target development) and psql cli tool
PGDATABASE=development
PGUSER=dbuser
PGPASSWORD=dbpass
PGHOST=postgres
PGPORT=5432
PGSSLMODE=disable
# optional: env for sql-boiler (ability to generate models out of a "spec" database)
# sql-boiler should operate on a "spec" database only
PSQL_DBNAME=spec
PSQL_USER=dbuser
PSQL_PASS=dbpass
PSQL_HOST=postgres
PSQL_PORT=5432
PSQL_SSLMODE=disable
# optional: project root directory, used for relative path resolution (e.g. fixtures)
PROJECT_ROOT_DIR=/app