
Security News
npm Adopts OIDC for Trusted Publishing in CI/CD Workflows
npm now supports Trusted Publishing with OIDC, enabling secure package publishing directly from CI/CD workflows without relying on long-lived tokens.
github.com/novacloudcz/graphql-orm
Golang GraphQL API generator using gqlgen and gorm
While following microservices design patterns we ended up with many "model services". gqlgen is perfect tool, but implementing resolvers in every service is getting more and more cumbersome. Using this tool we only have to update model.graphql
and all resolvers get generated automatically.
Before you start, please make sure you have goimports
installed:
go get golang.org/x/tools/cmd/goimports
NOTE: Make sure you have Go installed on your system.
go mod init [MODULE]
to initialize your project with go modulesgo run github.com/novacloudcz/graphql-orm init
make run
to start service with dummy modelmodel.graphql
and create your custom model schemamake generate
or go run github.com/novacloudcz/graphql-orm
to recreate generated source codesNOTE: graphql-orm requires Go modules for installation. If you are running in $GOPATH, make sure you are running init command with GO111MODULE=on
For running locally you can use:
make run
or without makefile:
DATABASE_URL=sqlite3://test.db PORT=8080 go run *.go
DATABASE_URL
- connection string for database in format db://user:password@host:port/tablename
(eg. mysql://root:pass@localhost:3306/test
; required)EXPOSE_MIGRATION_ENDPOINT
- expose /migration
endpoint which triggers database migration (migrates to latest database schema; default: false)TABLE_NAME_PREFIX
- set global prefix for all table names (default: "")EVENT_TRANSPORT_URL
- destination url for sending mutation events (array supported in format EVENT_TRANSPORT_URL_[INDEX]
) see Events transportEVENT_TRANSPORT_SOURCE
- custom value for CloudEvent source attribute (default: http://{hostname}/graphql
)In case you want to connect with sqlite, you can use local file storage:
sqlite3://path/to/file.db
Or use in-memory storage:
sqlite3://:memory:
You can find example project at graphql-orm-example repo
GraphQL Voyager is very nice tool for previewing your GraphQL Schema, you can run it locally by:
make voyager
or without makefile:
docker run --rm -v `pwd`/gen/schema.graphql:/app/schema.graphql -p 8080:80 graphql/voyager
...after voyager starts up go to https://localhost:8080
All generated stuff is stored in ./gen/
folder.
If you generated Dockerfile initialization it's as easy as running:
docker build -t {IMAGE_NAME} .
If you want to create your own docker image, you can check the example repository for generated Dockerfile: https://github.com/novacloudcz/graphql-orm-example/blob/master/Dockerfile
For event driven architecture it's necessary that the service is able to send events about changes in state. Services built using this library automatically send event for every mutation using CloudEvents (entity created/updated/deleted and changed column and their values). Supported targets are:
For more information about event structure see: https://github.com/novacloudcz/graphql-orm/blob/master/events/model.go
Since version 0.4.0
the migrations using gormigrate are introduced and it's possible to write custom migrations with rollbacks.
The automigration (with foreign keys) is still available, but gormigrate migrations are used by default. You use following commands:
make migrate
- runs gormigrate migrationsmake automigrate
- runs gorm basic automigrationThe same applies for HTTP endpoints (when EXPOSE_MIGRATION_ENDPOINT=true
):
POST /migrate
- runs gormigrate migrationspost /automigrate
- runs gorm basic automigrationTo add new migration, edit src/migrations
file and its GetMigrations method. For more information see gormigrate Readme
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
npm now supports Trusted Publishing with OIDC, enabling secure package publishing directly from CI/CD workflows without relying on long-lived tokens.
Research
/Security News
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
Security News
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.