Merge pull request #8 from spectrocloud/bulwark-gitleaks

bulwark gitleaks pr validation action
spectrocloud · Mar 21, 2023 · d55c40f · d55c40f
2 parents 6c6f22d + 70132e3
commit d55c40f
Show file tree

Hide file tree

Showing 8 changed files with 605 additions and 471 deletions.
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
@@ -0,0 +1,8 @@
+## Describe the Change
+
+This PR .....
+
+## Review Changes
+
+
+🎫 [Jira Ticket]()
diff --git a/.github/workflows/gitleaks.yaml b/.github/workflows/gitleaks.yaml
@@ -9,13 +9,11 @@ jobs:
   gitleaks-scan:
     runs-on: ubuntu-latest
     container:
-      image: gcr.io/spectro-common-dev/fayasa/bulwark:latest
+      image: gcr.io/spectro-dev-public/bulwark/gitleaks:latest
       env:
         REPO: ${{ github.event.repository.name }}
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      credentials:
-        username: _json_key
-        password: ${{ secrets.GCR_SPCD_JSON_KEY }}
+        GITLEAKS_CONFIG: config.toml
     steps:
 
       - name: run-bulwark-gitleaks-scan

diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -35,7 +35,7 @@ jobs:
 
     - uses: actions/[email protected]
       with:
-        go-version: '1.19'
+        go-version: '1.20'
         check-latest: true
 
     - name: Build
@@ -52,7 +52,7 @@ jobs:
 
     - uses: actions/[email protected]
       with:
-        go-version: '1.19'
+        go-version: '1.20'
         check-latest: true
 
     - name: Lint Internal Package

diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.19.4-alpine3.17 as builder
+FROM golang:1.20.2-alpine3.17 as builder
 WORKDIR /go/src/app
 COPY . .
 RUN go build -o /go/bin/app && \

diff --git a/README.md b/README.md
@@ -9,7 +9,7 @@ A Spectro Cloud demo application. This is the API server for the [Hello Universe
 </p>
 
 # Overview
-The [Hello Universe](https://github.com/spectrocloud/hello-universe) app includes an API server that expands the capabilities of the application. The API server requires a Postgres database to store and retrieve data. Use the [Hello Universe DB](https://github.com/spectrocloud/hello-universe-db) container for a simple integration with a Postgres database.
+The [Hello Universe](https://github.com/spectrocloud/hello-universe) app includes an API server that expands the capabilities of the application. The API server requires a Postgres database to store and retrieve data. Use the [Hello Universe DB](https://github.com/spectrocloud/hello-universe-db) container for simple integration with a Postgres database.
 
 # Endpoints
 
@@ -20,11 +20,11 @@ A Postman collection is available to help you explore the API. Review the [Postm
 The quickest method to start the API server locally is by using the Docker image. 
 
 ```shell
-docker pull ghcr.io/spectrocloud/hello-universe-api:1.0.8
-docker run -p 3000:3000 ghcr.io/spectrocloud/hello-universe-api:1.0.8
+docker pull ghcr.io/spectrocloud/hello-universe-api:1.0.9
+docker run -p 3000:3000 ghcr.io/spectrocloud/hello-universe-api:1.0.9
 ```
 
-To start the API server you must have connectivity to a postgres instance. Use [environment variables](#environment-variables) to customize the API server start parameters.
+To start the API server you must have connectivity to a Postgres instance. Use [environment variables](#environment-variables) to customize the API server start parameters.
 
 ## Environment Variables
 
@@ -45,7 +45,7 @@ The API server accepts the following environment variables.
 
 ## Authorization
 
-The API can be enabled with authoriation wich results in all request requiring an authorization header with a token. An anonymous token is available:
+The API can be enabled with authorization which results in all requests requiring an authorization header with a token. An anonymous token is available:
 
 ```shell
 931A3B02-8DCC-543F-A1B2-69423D1A0B94

diff --git a/go.mod b/go.mod
@@ -1,17 +1,17 @@
 module spectrocloud.com/hello-universe-api
 
-go 1.19
+go 1.20
 
 require (
 	github.com/jmoiron/sqlx v1.3.5
 	github.com/lib/pq v1.10.7
 	github.com/mileusna/useragent v1.2.1
-	github.com/rs/zerolog v1.28.0
-	go.uber.org/automaxprocs v1.5.1
+	github.com/rs/zerolog v1.29.0
+	go.uber.org/automaxprocs v1.5.2
 )
 
 require (
-	github.com/mattn/go-colorable v0.1.12 // indirect
-	github.com/mattn/go-isatty v0.0.14 // indirect
-	golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.17 // indirect
+	golang.org/x/sys v0.6.0 // indirect
 )
diff --git a/go.sum b/go.sum
@@ -9,8 +9,13 @@ github.com/lib/pq v1.10.7 h1:p7ZhMD+KsSRozJr34udlUrhboJwWAgCg34+/ZZNvZZw=
 github.com/lib/pq v1.10.7/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40=
 github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
+github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
+github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
 github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y=
 github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
+github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
+github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng=
+github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/mattn/go-sqlite3 v1.14.6 h1:dNPt6NO46WmLVt2DLNpwczCmdV5boIZ6g/tlDrlRUbg=
 github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
 github.com/mileusna/useragent v1.2.1 h1:p3RJWhi3LfuI6BHdddojREyK3p6qX67vIfOVMnUIVr0=
@@ -19,8 +24,15 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE
 github.com/rs/xid v1.4.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
 github.com/rs/zerolog v1.28.0 h1:MirSo27VyNi7RJYP3078AA1+Cyzd2GB66qy3aUHvsWY=
 github.com/rs/zerolog v1.28.0/go.mod h1:NILgTygv/Uej1ra5XxGf82ZFSLk58MFGAUS2o6usyD0=
+github.com/rs/zerolog v1.29.0 h1:Zes4hju04hjbvkVkOhdl2HpZa+0PmVwigmo8XoORE5w=
+github.com/rs/zerolog v1.29.0/go.mod h1:NILgTygv/Uej1ra5XxGf82ZFSLk58MFGAUS2o6usyD0=
 go.uber.org/automaxprocs v1.5.1 h1:e1YG66Lrk73dn4qhg8WFSvhF0JuFQF0ERIp4rpuV8Qk=
 go.uber.org/automaxprocs v1.5.1/go.mod h1:BF4eumQw0P9GtnuxxovUd06vwm1o18oMzFtK66vU6XU=
+go.uber.org/automaxprocs v1.5.2 h1:2LxUOGiR3O6tw8ui5sZa2LAaHnsviZdVOUZw4fvbnME=
+go.uber.org/automaxprocs v1.5.2/go.mod h1:eRbA25aqJrxAbsLO0xy5jVwPt7FQnRgjW+efnwa1WM0=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6 h1:foEbQz/B0Oz6YIqu/69kfXPYeFQAuuMYFkjaqXzl5Wo=
 golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=