🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
DemoInstallSign in
Socket
DemoInstallSign in

github.com/yehaozz/go-secure-api

Package Overview
Dependencies
Alerts
File Explorer
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

github.com/yehaozz/go-secure-api

v0.0.0-20241104223900-8768a7802f9b
Source
Go
Version published
Created
Source

go-secure-api

Project Scope

This project focuses on building a small, cloud-native API service using Go, deployed on Kubernetes, with OAuth2 for authorization. The goal is to practice developing a scalable, secure API in a distributed cloud environment with modern security protocols and infrastructure automation.

Set Up and Build API Service in Go

  • Set Up Development Environment:
  • Install Go, Docker, and kubectl for Kubernetes.
  • Install kind for local Kubernetes deployment.
  • Develop the API Service in Go:
  • Build a simple REST API service in Golang to store music song info.
  • Implement routing, data handling, and basic error handling.
  • TODO: Connect to a cloud database like MongoDB or PostgreSQL.
  • API Security with OAuth2:
  • Integrate OAuth2 for authentication, using Google OAuth 2.0 playground to get access tokens that can be verified with Google Token Info endpoint.
curl -X POST localhost:8080/songs -i -H "Content-Type: application/json" -H "Authorization: Bearer <access_token>" -d '{"title": "Monday","artist": "Leah Dou","rating": 4.5}'
  • Protect specific API endpoints so only authenticated users can access them.

Containerization and Kubernetes Deployment

  • Dockerize the Go Application:
  • Write a Dockerfile to containerize the Go API service.
  • Build and run the Docker container locally to ensure it works correctly.
  • Deploy to Kubernetes:
  • Set up a kind cluster.
  • Create Kubernetes manifests for deploying the Go API service.
  • Auto-scale deployment:
  • Set up Horizontal Pod Autoscaler (HPA) to automatically scale the number of pods based on CPU usage.
# Install metrics-server, and then add "- --kubelet-insecure-tls" to `.containers.args`
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml

Testing and Documentation

  • Add unit tests for all the handlers package using Golang's testing package.
# To run the handlers tests
go test -v ./handlers
  • Write a brief README to explain the steps of this project.

FAQs

Package last updated on 04 Nov 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts