Skip to content

luciocarvalhojr/go-api

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
.github
.github
 
 
cmd/api
cmd/api
 
 
docs
docs
 
 
internal/handler
internal/handler
 
 
scripts
scripts
 
 
.gitignore
.gitignore
 
 
.go-version
.go-version
 
 
.releaserc.yaml
.releaserc.yaml
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

Go API - DevSecOps Project

A production-ready Go API following the Standard Go Project Layout with a focus on DevSecOps and security automation.

🚀 Features

  • Standard Layout: Separates entry point (cmd/) from business logic (internal/).
  • DevSecOps Pipeline: Automated Linting, SAST, SCA, and Container Scanning via GitHub Actions.
  • Secure Docker Image: Multi-stage build using a Distroless base image to minimize attack surface.
  • RESTful API: Built with the Gin Gonic framework.

🛠️ Prerequisites

  • Go: v1.24 or higher
  • Docker: For containerization
  • (Optional) Local Security Tools:
    • golangci-lint (Linting)
    • gosec (Security Scan)
    • govulncheck (Vulnerability Scan)

💻 Local Development

Run the API

go run cmd/api/main.go

The server will start at http://localhost:8080.

Run Tests

Run all unit tests with race detection and coverage:

go test -v -race -cover ./...

Manage Dependencies

go mod tidy

🔒 Security & Quality Commands

Use these commands locally to catch issues before pushing to GitHub.

1. Linting

Requires golangci-lint.

golangci-lint run

2. SAST (Static Application Security Testing)

Scans code for security flaws like hardcoded secrets or SQL injection.

go install github.com/securego/gosec/v2/cmd/gosec@latest
gosec ./...

3. SCA (Software Composition Analysis)

Checks for known vulnerabilities in your dependencies.

go install golang.org/x/vuln/cmd/govulncheck@latest
govulncheck ./...

📚 Swagger Documentation

This project uses swag to generate Swagger 2.0 documentation from code comments.

1. Install swag

go install github.com/swaggo/swag/cmd/swag@latest

2. Regenerate Documentation

Run this command from the project root whenever you update API comments:

swag init -g cmd/api/main.go

The documentation will be updated in the docs/ directory.

3. View Swagger UI

Start the API and navigate to: http://localhost:8080/swagger/index.html

🐳 Docker

Build the Image

docker build -t go-api .

Run the Container

docker run -p 8080:8080 go-api

🏗️ Git Hooks

This project includes a pre-push hook that runs tests and security scans automatically before every push. This helps ensure that no broken or insecure code is pushed to the remote repository.

Setup Hooks

To install the local hooks, run the following command:

cp scripts/pre-push .git/hooks/pre-push && chmod +x .git/hooks/pre-push

If you ever need to bypass the hook, use the --no-verify flag:

git push --no-verify

🤖 CI/CD (DevSecOps Pipeline)

The project includes a GitHub Actions workflow in .github/workflows/devsecops.yml that automatically runs on every push and pull request to main:

  1. Test & Lint: Runs golangci-lint and go test.
  2. Security Scan: Runs gosec (SAST) and govulncheck (SCA).
  3. Docker Scan: Builds the image and scans it with Trivy for vulnerabilities.

🛣️ API Endpoints

Method Endpoint Description
GET /albums Get all albums
GET /albums/:id Get album by ID
POST /albums Add a new album

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 9

v1.4.1 Latest
Mar 4, 2026
+ 8 releases

Packages

 
 
 

Contributors

Languages