Security News
Crates.io Implements Trusted Publishing Support
Crates.io adds Trusted Publishing support, enabling secure GitHub Actions-based crate releases without long-lived API tokens.
By Sarah Gooding - Jul 16, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
github.com/ivanov-gv/color-picker-test-app
- Version published
- Created
Color picker test app
Backend of a simple app where the user can save his favorite color. It is an interview test task.
It is deployed on Google cloud
Go to https://color-app-hznvjhuleq-no.a.run.app/user/1/color to fetch someone's favourite colors!
Details
Dockerized
The app is fully dockerized. You can see here 3 Dockefiles:
- Dockerfile - for building local and staging versions of the app. Allows you to provide environment specific configs, builds extended version of an app using -tags migrate defined in the Makefile for seamless db migrations.
- Dockerfile-prod - for building production version. Uses minimal app version without staging functionality. Only uses production configuration.
- integration-test/Dockerfile - for building another instance for running integration tests. Is a part of build described in docker-compose.yml. Ready to be used in CI/CD.
All the docker builds are staged. Final image uses scratch, which makes it lightweight - 11.61 MB.
Cloud native
The app is exposing /healtz probe, used by kubernetes for checking liveness of a container. In this case it is not necessary, but it is also possible to expose readiness and startup probes as well.
It makes this app ready to be running in kubernetes.
Also, cmd/main.go contains functionality to receive syscalls and make graceful shutdown.
Clean architecture
Clean architecture pattern was used for development. This pattern allows to easily extend application functionality, make it flexible and easy to test.
Endpoints
POST /user - create new user
POST /user/{id}/color - add color to a user
{
"name": "my happy color",
"HEX": "#00000"
}
GET /user/{id}/color - get all the colors of the user
DELETE /user/{user_id}/color/{color_id}/ - delete color
It is restricted to add colors with the same name or the same color code. Also, "name" could be only 20 letters long and "HEX" could be only valid hex color format.
Integration tests, that checks those validators, are passed
Try this api yourself using try-me.http
Run locally
- clone this repo
- make run-docker
FAQs
Unknown package
Package last updated on 13 Nov 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Tracking Protestware Spread: 28 npm Packages Affected by Payload Targeting Russian-Language Users
Undocumented protestware found in 28 npm packages disrupts UI for Russian-language users visiting Russian and Belarusian domains.
By Olivia Brown - Jul 15, 2025
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
By Kirill Boychenko - Jul 14, 2025