From 9cb09d13d33ce791f5d3a47ea08f377203718fbd Mon Sep 17 00:00:00 2001 From: Greg Tyler Date: Tue, 24 Oct 2023 15:08:04 +0100 Subject: [PATCH] Add linting and security checks to pipeline (#21) * Add linting and security checks to pipeline Lint runs as part of normal workflow, security runs in a separate pipeline that's also called daily. #minor * Fix existing security issues Unhandled errors and adding a default timeout to the Mock API Gateway server #patch --- .github/workflows/codeql.yml | 38 +++++++++++++++++++++++++++++++ .github/workflows/env-test.yml | 2 +- .github/workflows/workflow-pr.yml | 22 +++++++++++++++++- .gitignore | 3 +++ Makefile | 18 ++++++++++++--- docker-compose.yml | 15 ++++++++++++ go.work | 2 +- go.work.sum | 9 ++++---- lambda/create/go.mod | 4 +--- lambda/get/go.mod | 4 +--- lambda/shared/go.mod | 8 ++----- lambda/shared/go.sum | 12 ++-------- lambda/update/go.mod | 13 ++++++++--- lambda/update/go.sum | 21 +++++++++++++++-- mock-apigw/main.go | 21 +++++++++++++---- signer/main.go | 10 ++++++-- 16 files changed, 158 insertions(+), 44 deletions(-) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000..a99c636c --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,38 @@ +name: "CodeQL" + +on: + push: + branches: [main] + pull_request: + branches: [main] + schedule: + - cron: "0 16 * * 0" + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + directory: ["lambda/create", "lambda/update", "lambda/get"] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 2 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: go + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + with: + working-directory: ${{ matrix.directory }} + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/env-test.yml b/.github/workflows/env-test.yml index 6a0a384a..5424d089 100644 --- a/.github/workflows/env-test.yml +++ b/.github/workflows/env-test.yml @@ -35,7 +35,7 @@ jobs: fetch-depth: "0" - uses: actions/setup-go@v4 with: - go-version: "1.21" + go-version: "1.20" - uses: unfor19/install-aws-cli-action@v1 - name: Configure AWS uses: aws-actions/configure-aws-credentials@v4 diff --git a/.github/workflows/workflow-pr.yml b/.github/workflows/workflow-pr.yml index da6a2ad4..b35a060e 100644 --- a/.github/workflows/workflow-pr.yml +++ b/.github/workflows/workflow-pr.yml @@ -32,6 +32,20 @@ jobs: outputs: environment_workspace_name: ${{ steps.name_workspace.outputs.name }} + static-analysis: + name: Run static analysis checks + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: "0" + - run: make check-code + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v2 + if: always() + with: + sarif_file: results.sarif + build: name: Build, Scan & Push Images needs: [generate-tag] @@ -53,7 +67,13 @@ jobs: deploy-pr-env: name: Deploy PR Environment - needs: [build, generate-tag, generate-environment-workspace-name] + needs: + [ + build, + static-analysis, + generate-tag, + generate-environment-workspace-name, + ] uses: ./.github/workflows/env-deploy.yml with: workspace_name: ${{ needs.generate-environment-workspace-name.outputs.environment_workspace_name }} diff --git a/.gitignore b/.gitignore index 19aef862..944526c9 100644 --- a/.gitignore +++ b/.gitignore @@ -19,3 +19,6 @@ signer/test-api # structurizr .structurizr docs/architecture/dsl/**/workspace.json +# caches +.cache +.gocache diff --git a/Makefile b/Makefile index a15715af..c372ff34 100644 --- a/Makefile +++ b/Makefile @@ -2,16 +2,20 @@ SHELL = '/bin/bash' export AWS_ACCESS_KEY_ID ?= X export AWS_SECRET_ACCESS_KEY ?= X -build: +help: + @grep --no-filename -E '^[0-9a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' + +build: ## Build containers docker compose build --parallel lambda-create lambda-update lambda-get apigw -up: +up: ## Start application docker compose up -d apigw make create-tables -down: +down: ## Stop application docker compose down +test-api: ## Test the API endpoints test-api: URL ?= http://localhost:9000 test-api: go build -o ./signer/test-api ./signer && \ @@ -43,3 +47,11 @@ run-structurizr-export: docker pull structurizr/cli:latest docker run --rm -v $(PWD)/docs/architecture/dsl/local:/usr/local/structurizr structurizr/cli \ export -workspace /usr/local/structurizr/workspace.dsl -format mermaid + +go-lint: ## Lint Go code + docker compose run --rm go-lint + +gosec: ## Scan Go code for security flaws + docker compose run --rm gosec + +check-code: go-lint gosec diff --git a/docker-compose.yml b/docker-compose.yml index 01e8f989..436db0db 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -70,3 +70,18 @@ services: AWS_ACCESS_KEY_ID: X AWS_SECRET_ACCESS_KEY: X AWS_PAGER: "" + + go-lint: + image: golangci/golangci-lint:v1.54.2 + working_dir: /go/src/app + volumes: + - ./:/go/src/app + - ./.cache/golangci-lint/v1.53.3:/root/.cache + command: golangci-lint run --timeout 5m --out-format=github-actions ./lambda/get/... ./lambda/create/... ./lambda/update/... + + gosec: + image: securego/gosec:2.18.2 + working_dir: /app + volumes: + - .:/app + command: -exclude-dir=.gocache -fmt sarif -out /app/results.sarif /app/... diff --git a/go.work b/go.work index 76b06e19..9e519d5b 100644 --- a/go.work +++ b/go.work @@ -1,4 +1,4 @@ -go 1.21.0 +go 1.20 use ( ./lambda/create diff --git a/go.work.sum b/go.work.sum index 2cfced49..6fbf9013 100644 --- a/go.work.sum +++ b/go.work.sum @@ -1,20 +1,21 @@ github.com/aws/aws-sdk-go-v2 v1.6.0/go.mod h1:tI4KhsR5VkzlUa2DZAdwx7wCAYGwkZZ1H31PYrBFx1w= github.com/aws/aws-sdk-go-v2/service/route53 v1.6.2/go.mod h1:ZnAMilx42P7DgIrdjlWCkNIGSBLzeyk6T31uB8oGTwY= github.com/aws/smithy-go v1.4.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= -github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/yuin/goldmark v1.4.13 h1:fVcFKWvrslecOb/tg+Cc05dkeYx540o0FuFt3nUVDoE= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 h1:7I4JAnoQBe7ZtJcBaYHi5UtiO8tQHbUSXxL+pnGRANg= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s= +golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.1.0 h1:hZ/3BUoy5aId7sCpA/Tc5lt8DkFgdVS2onTpJsZ/fl0= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 h1:uVc8UZUe6tr40fFVnUP5Oj+veunVezqYl9z7DYw9xzw= golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U= golang.org/x/term v0.1.0 h1:g6Z6vPFA9dYBAF7DWcH6sCcOntplXsDKcliusYijMlw= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg= golang.org/x/tools v0.1.12 h1:VveCTK38A2rkS8ZqFY25HIDFscX5X9OoEhJd3quQmXU= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7 h1:9zdDQZ7Thm29KFXgAX/+yaf3eVbP7djjWp/dXAppNCc= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= diff --git a/lambda/create/go.mod b/lambda/create/go.mod index 1c879678..dfb7e26f 100644 --- a/lambda/create/go.mod +++ b/lambda/create/go.mod @@ -1,8 +1,6 @@ module github.com/ministryofjustice/opg-data-lpa-deed/lambda/create -go 1.21.0 - -toolchain go1.21.3 +go 1.20 require ( github.com/aws/aws-lambda-go v1.41.0 diff --git a/lambda/get/go.mod b/lambda/get/go.mod index 68158245..a026af89 100644 --- a/lambda/get/go.mod +++ b/lambda/get/go.mod @@ -1,8 +1,6 @@ module github.com/ministryofjustice/opg-data-lpa-deed/lambda/get -go 1.21.0 - -toolchain go1.21.3 +go 1.20 require ( github.com/aws/aws-lambda-go v1.41.0 diff --git a/lambda/shared/go.mod b/lambda/shared/go.mod index fafe5415..6b7c01e6 100644 --- a/lambda/shared/go.mod +++ b/lambda/shared/go.mod @@ -1,6 +1,6 @@ module github.com/ministryofjustice/opg-data-lpa-deed/lambda/shared -go 1.21.0 +go 1.20 require ( github.com/aws/aws-lambda-go v1.41.0 @@ -10,14 +10,11 @@ require ( require ( github.com/andybalholm/brotli v1.0.4 // indirect - github.com/go-openapi/jsonpointer v0.20.0 // indirect - github.com/go-openapi/swag v0.22.4 // indirect github.com/golang/protobuf v1.4.3 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect - github.com/josharian/intern v1.0.0 // indirect github.com/klauspost/compress v1.15.0 // indirect - github.com/mailru/easyjson v0.7.7 // indirect github.com/pkg/errors v0.9.1 // indirect + github.com/stretchr/testify v1.8.4 // indirect github.com/valyala/bytebufferpool v1.0.0 // indirect github.com/valyala/fasthttp v1.34.0 // indirect golang.org/x/net v0.17.0 // indirect @@ -26,5 +23,4 @@ require ( google.golang.org/genproto v0.0.0-20210114201628-6edceaf6022f // indirect google.golang.org/grpc v1.35.0 // indirect google.golang.org/protobuf v1.25.0 // indirect - gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/lambda/shared/go.sum b/lambda/shared/go.sum index 759fdfdd..4314b657 100644 --- a/lambda/shared/go.sum +++ b/lambda/shared/go.sum @@ -20,10 +20,6 @@ github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymF github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ= -github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA= -github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= -github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -50,12 +46,8 @@ github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9Y github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/klauspost/compress v1.15.0 h1:xqfchp4whNFxn5A4XFyyYtitiWI8Hy5EW59jEwcyL6U= github.com/klauspost/compress v1.15.0/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -63,8 +55,8 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.7.2 h1:4jaiDzPyXQvSd7D0EjG45355tLlV3VOECpq10pLC+8s= -github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= github.com/valyala/fasthttp v1.34.0 h1:d3AAQJ2DRcxJYHm7OXNXtXt2as1vMDfxeIcFvhmGGm4= diff --git a/lambda/update/go.mod b/lambda/update/go.mod index 28c68e56..8ed2aecc 100644 --- a/lambda/update/go.mod +++ b/lambda/update/go.mod @@ -1,11 +1,18 @@ module github.com/ministryofjustice/opg-data-lpa-deed/lambda/update -go 1.21.0 - -toolchain go1.21.3 +go 1.20 require ( github.com/aws/aws-lambda-go v1.41.0 + github.com/go-openapi/jsonpointer v0.20.0 github.com/ministryofjustice/opg-data-lpa-deed/lambda/shared v0.0.0-20231012101804-da267f23d7db github.com/ministryofjustice/opg-go-common v0.0.0-20220816144329-763497f29f90 ) + +require ( + github.com/go-openapi/swag v0.22.4 // indirect + github.com/josharian/intern v1.0.0 // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/rogpeppe/go-internal v1.11.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect +) diff --git a/lambda/update/go.sum b/lambda/update/go.sum index bfef836f..1ea451a6 100644 --- a/lambda/update/go.sum +++ b/lambda/update/go.sum @@ -2,13 +2,30 @@ github.com/aws/aws-lambda-go v1.41.0 h1:l/5fyVb6Ud9uYd411xdHZzSf2n86TakxzpvIoz7l github.com/aws/aws-lambda-go v1.41.0/go.mod h1:jwFe2KmMsHmffA1X2R09hH6lFzJQxzI8qK17ewzbQMM= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ= +github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA= +github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= +github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= +github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= +github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/ministryofjustice/opg-data-lpa-deed/lambda/shared v0.0.0-20231012101804-da267f23d7db h1:HcdoeSkWe5Bkokl3SvmaOlPNsCk+T78oQqVDrFNgsD8= github.com/ministryofjustice/opg-data-lpa-deed/lambda/shared v0.0.0-20231012101804-da267f23d7db/go.mod h1:uarvaw7JMaubij8CuiO2bNcJBp8zWEdiU+AVqe78Ggc= github.com/ministryofjustice/opg-go-common v0.0.0-20220816144329-763497f29f90 h1:mxTHIeCYV7LDZPN7C44wwLlBTUsgQ0G8FQprsrsKXaA= github.com/ministryofjustice/opg-go-common v0.0.0-20220816144329-763497f29f90/go.mod h1:1RmCNi6dkAv8umAgNHp8RkuBoSKLlxp1UtfsGYH7ufc= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/stretchr/testify v1.7.2 h1:4jaiDzPyXQvSd7D0EjG45355tLlV3VOECpq10pLC+8s= -github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= +github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/mock-apigw/main.go b/mock-apigw/main.go index 8a2f4e66..96981fa4 100644 --- a/mock-apigw/main.go +++ b/mock-apigw/main.go @@ -9,6 +9,7 @@ import ( "net/http" "regexp" "strings" + "time" "github.com/aws/aws-lambda-go/events" ) @@ -62,8 +63,7 @@ func delegateHandler(w http.ResponseWriter, r *http.Request) { resp, err := client.Do(proxyReq) if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return + log.Fatal(err) } encodedRespBody, _ := io.ReadAll(resp.Body) @@ -72,14 +72,25 @@ func delegateHandler(w http.ResponseWriter, r *http.Request) { _ = json.Unmarshal(encodedRespBody, &respBody) w.WriteHeader(respBody.StatusCode) - w.Write([]byte(respBody.Body)) + _, err = w.Write([]byte(respBody.Body)) + + if err != nil { + log.Fatal(err) + } } func main() { http.HandleFunc("/", delegateHandler) - fmt.Printf("Starting server at port 8080\n") - if err := http.ListenAndServe(":8080", nil); err != nil { + server := &http.Server{ + Addr: ":8080", + Handler: nil, + ReadHeaderTimeout: 10 * time.Second, + } + + if err := server.ListenAndServe(); err != nil { log.Fatal(err) } + + fmt.Printf("running on port 8080\n") } diff --git a/signer/main.go b/signer/main.go index 1b168eda..c012569b 100644 --- a/signer/main.go +++ b/signer/main.go @@ -28,7 +28,10 @@ func main() { req.Header.Add("Content-type", "application/json") - signer.Sign(req, body, "execute-api", "eu-west-1", time.Now()) + _, err = signer.Sign(req, body, "execute-api", "eu-west-1", time.Now()) + if err != nil { + panic(err) + } client := http.Client{} resp, err := client.Do(req) @@ -45,5 +48,8 @@ func main() { panic(fmt.Sprintf("invalid status code %d", resp.StatusCode)) } - os.Stdout.WriteString(fmt.Sprintf("%d: %s\n", resp.StatusCode, buf.String())) + _, err = os.Stdout.WriteString(fmt.Sprintf("%d: %s\n", resp.StatusCode, buf.String())) + if err != nil { + panic(err) + } }