https://github.com/rkgcloud/crud
An introductory web application written in go with pgsql that runs on kubernetes
https://github.com/rkgcloud/crud
database go golang gorm kubernetes kubernetes-deployment pgsql web
Last synced: 2 months ago
JSON representation
An introductory web application written in go with pgsql that runs on kubernetes
- Host: GitHub
- URL: https://github.com/rkgcloud/crud
- Owner: rkgcloud
- License: apache-2.0
- Created: 2024-10-30T01:52:36.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2026-04-09T00:39:46.000Z (3 months ago)
- Last Synced: 2026-04-09T02:22:11.233Z (3 months ago)
- Topics: database, go, golang, gorm, kubernetes, kubernetes-deployment, pgsql, web
- Language: Go
- Homepage:
- Size: 15.4 MB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: Readme.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
Awesome Lists containing this project
README
# CRUD Application
A secure, production-ready CRUD application built with Go, featuring comprehensive security middleware, health checks, and enterprise-grade reliability.
## Features
- ๐ **Security**: Rate limiting, CORS protection, security headers, input validation
- ๐ **Monitoring**: Health checks, metrics, structured logging
- ๐งช **Testing**: Comprehensive unit and integration tests
- ๐ **Production Ready**: Graceful shutdown, configuration management
- ๐ง **CI/CD**: Automated testing, security scanning, and deployment
## Quick Start
### Local Development
1. **Start PostgreSQL database:**
```shell
make run-db
```
2. **Set environment variables:**
```shell
export KO_DATA_PATH=$(pwd)/kodata
export DATABASE_URL="host=localhost user=postgres password=mysecretpassword dbname=postgres sslmode=disable"
export SECRET="your-32-character-secret-key-here"
```
3. **Run the application:**
```shell
make run
```
### Testing
```shell
# Run unit tests
make test
# Run integration tests (requires running app)
make test-integration
# Run all tests
make test-all
```
### Building
```shell
# Build the application
make build
# The binary will be available at .bin/crud
```
## Health Endpoints
The application provides several health check endpoints:
- `GET /health/live` - Liveness probe
- `GET /health/ready` - Readiness probe with database connectivity check
- `GET /health/` - Comprehensive health status
- `GET /health/metrics` - Application metrics and runtime information
## Configuration
All configuration is environment-based with sensible defaults:
| Environment Variable | Default | Description |
|---------------------|---------|-------------|
| `PORT` | `8080` | Server port |
| `DEBUG` | `false` | Debug mode |
| `SECRET` | *(required)* | Session secret (min 32 chars) |
| `DATABASE_URL` | `host=localhost...` | PostgreSQL connection string |
| `RATE_LIMIT_PER_MINUTE` | `60` | Rate limit per IP per minute |
| `ALLOWED_ORIGINS` | `http://localhost:8080` | CORS allowed origins |
## CI/CD Pipeline
The project uses GitHub Actions for continuous integration and deployment:
### Workflow Jobs
1. **Lint** - Code quality checks with golangci-lint
2. **Test** - Unit tests with PostgreSQL service
3. **Build** - Application build verification
4. **Security** - Security scanning with Gosec
5. **Integration** - End-to-end integration tests
### Security Features
- **Gosec** security scanning
- **Dependency scanning** with GitHub's security features
- **SARIF** upload for security findings
- **Codecov** integration for test coverage
### Running CI Locally
You can run the same checks locally:
```shell
# Lint
golangci-lint run
# Test with coverage
make test
# Build
make build
# Integration tests
./hack/integration-test.sh
```
## Kubernetes Deployment
### Install CRUD database
```shell
make db-deploy
```
### Install CRUD application
```shell
make deploy
```
### Connect from cluster
```shell
kubectl port-forward service/go-postgres-crud-service 8080:8080
```
## Security
This application implements multiple layers of security:
- **Rate Limiting**: IP-based rate limiting with configurable limits
- **CORS Protection**: Configurable CORS with secure defaults
- **Security Headers**: CSP, XSS protection, frame options, HSTS
- **Input Validation**: Comprehensive validation for all user inputs
- **Session Security**: Secure session configuration with HttpOnly, Secure, SameSite
- **SQL Injection Protection**: Parameterized queries and GORM protections
- **OAuth Security**: CSRF-protected OAuth flow with secure state tokens
## Architecture
```
โโโ cmd/ # Application entrypoints
โโโ pkg/
โ โโโ config/ # Configuration management
โ โโโ controllers/ # HTTP request handlers
โ โโโ middleware/ # Security middleware
โ โโโ models/ # Data models
โ โโโ health/ # Health checks and metrics
โ โโโ auth/ # Authentication types
โ โโโ session/ # Session management
โ โโโ database/ # Database connectivity
โโโ hack/ # Development scripts and utilities
โโโ .github/workflows/ # CI/CD pipelines
โโโ kodata/ # Static assets and templates
```
## Contributing
1. Fork the repository
2. Create a feature branch
3. Make your changes with tests
4. Run `make test-all` to verify
5. Submit a pull request
The CI pipeline will automatically run all checks on your pull request.