diff --git a/.github/workflows/github-actions-test.yml b/.github/workflows/github-actions-test.yml deleted file mode 100644 index fefa057..0000000 --- a/.github/workflows/github-actions-test.yml +++ /dev/null @@ -1,62 +0,0 @@ -name: Docker Image CI -on: - push: - tags: - - "v*.*.*" - -jobs: - build: - runs-on: ubuntu-latest - steps: - - - name: CheckOut Repo - uses: actions/checkout@v2 - - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v2 - - - name: Cache Docker layers - uses: actions/cache@v3 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx- - - - name: Check Out Repo - uses: actions/checkout@v2 - - - name: Set env - run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - - name: Test - run: | - echo $RELEASE_VERSION - echo ${{ env.RELEASE_VERSION }} - - - name: Docker meta - id: meta - uses: docker/metadata-action@v3 - with: - images: cropalato/rest_auth_proxy - tags: | - type=ref,event=branch - type=ref,event=pr - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - - name: Build and push - id: docker_build - uses: docker/build-push-action@v2 - with: - context: . - builder: ${{ steps.buildx.outputs.name }} - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - - name: Image digest - run: echo ${{ steps.docker_build.outputs.digest }} diff --git a/.github/workflows/go-build-artifacts.yml b/.github/workflows/go-build-artifacts.yml deleted file mode 100644 index eec9250..0000000 --- a/.github/workflows/go-build-artifacts.yml +++ /dev/null @@ -1,31 +0,0 @@ -# workflow name -name: Generate release-artifacts - -# on events -on: - push: - tags: - - build - -# workflow tasks -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: Setup Go - uses: actions/setup-go@v3 - with: - go-version: "1.18.3" # The Go version to download (if necessary) and use. - cache: true - cache-dependency-path: | - **/go.sum - **/go.mod - - - name: Run Build - run: | - CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -tags netgo -ldflags '-w -extldflags "-static"' -o rest_auth_proxy . - - uses: actions/upload-artifact@v3 - with: - path: rest_auth_proxy diff --git a/.github/workflows/merged_pr.yaml b/.github/workflows/merged_pr.yaml new file mode 100644 index 0000000..d2567bf --- /dev/null +++ b/.github/workflows/merged_pr.yaml @@ -0,0 +1,51 @@ +name: Merged PR +on: + pull_request: + branches: + - "main" + types: [opened, synchronize, closed] +jobs: + build-project: + if: ((github.event.action == 'closed' && github.event.pull_request.merged == true)) + strategy: + matrix: + go: [1.18] + os: [ubuntu] + name: Build golang application + runs-on: ${{ matrix.os}}-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: Setup Go environment + uses: actions/setup-go@v3 + with: + go-version: ${{ matrix.go }} + - name: golangci-lint + uses: golangci/golangci-lint-action@v3 + - run: go build -o test-${{ matrix.os }} + - name: Upload artifacts + uses: actions/upload-artifact@v3 + with: + name: test-${{ matrix.os }} + path: ./ + release-project: + if: ((github.event.action == 'closed' && github.event.pull_request.merged == true)) + strategy: + matrix: + #os: [macos, windows, ubuntu] + os: [ubuntu] + name: Release golang application + runs-on: ubuntu-latest + needs: build-project + steps: + - name: Download applications + uses: actions/download-artifact@v3 + #with: + #name: test-${{ matrix.os }} + - run: ls -la + - name: Create Github release + uses: ncipollo/release-action@v1 + with: + tag: test + allowUpdates: true + artifacts: "**/test-*" diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml new file mode 100644 index 0000000..8155d91 --- /dev/null +++ b/.github/workflows/push.yaml @@ -0,0 +1,23 @@ +name: Push +on: + push: + branches: + - "**" + - "!main" +jobs: + build-project: + strategy: + matrix: + go: [1.18] + os: [ubuntu] + name: Checking golang application + runs-on: ${{ matrix.os}}-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: Setup Go environment + uses: actions/setup-go@v3 + with: + go-version: ${{ matrix.go }} + - name: golangci-lint + uses: golangci/golangci-lint-action@v3 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml deleted file mode 100644 index 610e2e2..0000000 --- a/.github/workflows/test.yml +++ /dev/null @@ -1,21 +0,0 @@ -on: - push: - branches: - - main - pull_request: - branches: - - "*" -name: Test -jobs: - test: - strategy: - matrix: - go-version: [1.17.x, 1.18.x] - os: [ubuntu-latest, macos-latest, windows-latest] - runs-on: ${{ matrix.os }} - steps: - - uses: actions/setup-go@v3 - with: - go-version: ${{ matrix.go-version }} - - uses: actions/checkout@v3 - - run: go test ./... diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2909814..21f5e79 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,17 +1,13 @@ repos: -- repo: https://github.com/dnephin/pre-commit-golang - rev: v0.4.0 - hooks: - - id: go-fmt - - id: go-vet - - id: go-lint - - id: go-imports - - id: go-cyclo - args: [-over=15] - - id: validate-toml - - id: no-go-testing - - id: golangci-lint - - id: go-critic - - id: go-unit-tests - - id: go-build - - id: go-mod-tidy + - repo: https://github.com/Bahjat/pre-commit-golang + rev: v1.0.1 + hooks: + - id: go-fmt-import + - id: go-vet + - id: go-lint + - id: go-unit-tests + - id: gofumpt # requires github.com/mvdan/gofumpt + - id: go-err-check # requires github.com/kisielk/errcheck + - id: go-static-check # install https://staticcheck.io/docs/ + - id: golangci-lint # requires github.com/golangci/golangci-lint + args: [--config=.github/linters/.golangci.yml] # optional diff --git a/config.go b/config.go index 8dd58e4..8bce346 100644 --- a/config.go +++ b/config.go @@ -8,12 +8,6 @@ import ( "k8s.io/klog/v2" ) -// Authorization is used to validate it method + URL is allowed. -type Authorization struct { - Method string `yaml:"method"` - PathRegEx []string `yaml:"pathregex"` -} - type requesAuthz struct { Method string `json:"method"` PathRegEx []string `json:"pathregex"` diff --git a/main.go b/main.go index 9785d0a..d38aca1 100644 --- a/main.go +++ b/main.go @@ -7,7 +7,6 @@ import ( "fmt" "net/http" "os" - "strconv" "k8s.io/klog" ) @@ -30,18 +29,6 @@ func LookupEnvOrString(key string, defaultVal string) string { return defaultVal } -// LookupEnvOrBool returns the value from env variable key is exists or defaultVal as boolean -func LookupEnvOrBool(key string, defaultVal bool) bool { - if val, ok := os.LookupEnv(key); ok { - v, err := strconv.ParseBool(val) - if err != nil { - klog.Fatal(fmt.Sprintf("LookupEnvOrBool[%s]: %v", key, err)) - } - return v - } - return defaultVal -} - func main() { klog.InitFlags(nil) defer klog.Flush() diff --git a/proxyHandler.go b/proxyHandler.go index 2c92877..22cfc00 100644 --- a/proxyHandler.go +++ b/proxyHandler.go @@ -31,7 +31,7 @@ func (h *headerRules) requestAuthz(method string, url string, headerKey string, for _, u := range a.PathRegEx { if match, _ := regexp.MatchString(u, url); match { if klog.V(5) { - klog.Info(fmt.Sprintf("Matched")) + klog.Info("Matched") } return nil } @@ -57,19 +57,23 @@ func (h *headerRules) proxyHandler(w http.ResponseWriter, r *http.Request) { } if override = err == nil; !override { if klog.V(3) { - klog.Info(fmt.Sprintf("Forwarding request without changes.")) + klog.Info("Forwarding request without changes.") } } newURL := fmt.Sprintf("%s%s", serverAPIURL, r.URL) pr, err := forwardRequest(newURL, r, override) if err == nil { w.WriteHeader(pr.statusCode) - w.Write(pr.body) + if _, err = w.Write(pr.body); err != nil { + klog.Errorf("Write failed: %v", err) + } return } klog.Errorf(fmt.Sprintf("Failed forwaring request. %v", err)) w.WriteHeader(http.StatusInternalServerError) - w.Write([]byte(fmt.Sprintf("%v", err))) + if _, err = w.Write([]byte(fmt.Sprintf("%v", err))); err != nil { + klog.Errorf("Write failed: %v", err) + } } func forwardRequest(url string, r *http.Request, override bool) (proxyResp, error) { @@ -86,7 +90,7 @@ func forwardRequest(url string, r *http.Request, override bool) (proxyResp, erro } req, err := http.NewRequest(method, url, nil) if err != nil { - return *pr, fmt.Errorf("Got error %s", err.Error()) + return *pr, fmt.Errorf("got error %s", err.Error()) } for k, v := range r.Header { if len(v) > 1 { @@ -102,10 +106,12 @@ func forwardRequest(url string, r *http.Request, override bool) (proxyResp, erro } response, err := client.Do(req) if err != nil { - return *pr, fmt.Errorf("Got error %s", err.Error()) + return *pr, fmt.Errorf("got error %s", err.Error()) } body, _ := ioutil.ReadAll(response.Body) - response.Body.Close() + if err = response.Body.Close(); err != nil { + klog.Errorf("close error: %v", err) + } pr.statusCode = response.StatusCode pr.headers = response.Header pr.body = body