From 4d9db2da5203ecf02e87b0b6980e56b99ba4a769 Mon Sep 17 00:00:00 2001 From: Binayak Mishra Date: Thu, 1 Feb 2018 15:41:12 +0530 Subject: [PATCH 1/6] Exports Run(), RunWithErr() from grace package; Adds ServeWithConfig() to support http server configuration --- init.go | 28 +++++++++++++++++++++------- init_test.go | 10 +++++----- 2 files changed, 26 insertions(+), 12 deletions(-) diff --git a/init.go b/init.go index b5b39d1..c752d15 100644 --- a/init.go +++ b/init.go @@ -1,4 +1,4 @@ -// grace provides for graceful restart for go http servers. +// Package grace provides for graceful restart for go http servers. // There are 2 parts to graceful restarts // 1. Share listening sockets (this is done via socketmaster binary) // 2. Close listener gracefully (via graceful) @@ -83,7 +83,25 @@ func ServerFastHTTP(hport string, handler fasthttp.RequestHandler) error { // start serving on hport. If running via socketmaster, the hport argument is // ignored. Also, if a port was specified via -p, it takes precedence on hport func Serve(hport string, handler http.Handler) error { + timeout := 10 * time.Second + config := http.Server{ + Handler: handler, + ReadTimeout: 5 * time.Second, + WriteTimeout: 10 * time.Second, + } + + return ServeWithConfig(hport, timeout, config) +} + +func Run(addr string, timeout time.Duration, n http.Handler) { + graceful.Run(addr, timeout, n) +} + +func RunWithErr(addr string, timeout time.Duration, n http.Handler) error { + return graceful.RunWithErr(addr, timeout, n) +} +func ServeWithConfig(hport string, timeout time.Duration, config http.Server) error { checkConfigTest() l, err := Listen(hport) @@ -92,12 +110,8 @@ func Serve(hport string, handler http.Handler) error { } srv := &graceful.Server{ - Timeout: 10 * time.Second, - Server: &http.Server{ - Handler: handler, - ReadTimeout: 5 * time.Second, - WriteTimeout: 10 * time.Second, - }, + Timeout: timeout, + Server: &config, } log.Println("starting serve on ", hport) diff --git a/init_test.go b/init_test.go index d978442..0f59cc6 100644 --- a/init_test.go +++ b/init_test.go @@ -1,15 +1,15 @@ package grace import ( - "net/http" - "log" + "log" + "net/http" ) func ExampleServe() { - http.HandleFunc("/foo/bar", foobarHandler) - log.Fatal(grace.Serve(":9000", nil)) + http.HandleFunc("/foo/bar", foobarHandler) + log.Fatal(Serve(":9000", nil)) } func foobarHandler(w http.ResponseWriter, r *http.Request) { - w.Write([]byte("foobar")) + w.Write([]byte("foobar")) } From 2664e2e695d6a7e0ae1cab0f78fdd53d8accfaf6 Mon Sep 17 00:00:00 2001 From: Binayak Mishra Date: Thu, 1 Feb 2018 15:54:24 +0530 Subject: [PATCH 2/6] Further updates --- init.go | 54 ++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 34 insertions(+), 20 deletions(-) diff --git a/init.go b/init.go index c752d15..4ed27e8 100644 --- a/init.go +++ b/init.go @@ -23,6 +23,13 @@ import ( var listenPort string var cfgtestFlag bool +// Config grace package config +type Config struct { + Timeout time.Duration + HTTPReadTimeout time.Duration + HTTPWriteTimeout time.Duration +} + // add -p flag to the list of flags supported by the app, // and allow it to over-ride default listener port in config/app func init() { @@ -30,12 +37,13 @@ func init() { flag.BoolVar(&cfgtestFlag, "t", false, "config test") } -// applications need some way to access the port +// GetListenPort applications need some way to access the port // TODO: this method will work only after grace.Serve is called. func GetListenPort(hport string) string { return listenPort } +// ServerFastHTTP use fasthttp server func ServerFastHTTP(hport string, handler fasthttp.RequestHandler) error { var l net.Listener var err error @@ -80,28 +88,20 @@ func ServerFastHTTP(hport string, handler fasthttp.RequestHandler) error { } -// start serving on hport. If running via socketmaster, the hport argument is +// Serve start serving on hport. If running via socketmaster, the hport argument is // ignored. Also, if a port was specified via -p, it takes precedence on hport func Serve(hport string, handler http.Handler) error { - timeout := 10 * time.Second - config := http.Server{ - Handler: handler, - ReadTimeout: 5 * time.Second, - WriteTimeout: 10 * time.Second, + config := Config{ + Timeout: 10 * time.Second, + HTTPReadTimeout: 5 * time.Second, + HTTPWriteTimeout: 10 * time.Second, } - return ServeWithConfig(hport, timeout, config) -} - -func Run(addr string, timeout time.Duration, n http.Handler) { - graceful.Run(addr, timeout, n) -} - -func RunWithErr(addr string, timeout time.Duration, n http.Handler) error { - return graceful.RunWithErr(addr, timeout, n) + return ServeWithConfig(hport, config, handler) } -func ServeWithConfig(hport string, timeout time.Duration, config http.Server) error { +// ServeWithConfig serve using package config +func ServeWithConfig(hport string, config Config, handler http.Handler) error { checkConfigTest() l, err := Listen(hport) @@ -110,15 +110,29 @@ func ServeWithConfig(hport string, timeout time.Duration, config http.Server) er } srv := &graceful.Server{ - Timeout: timeout, - Server: &config, + Timeout: config.Timeout, + Server: &http.Server{ + Handler: handler, + ReadTimeout: config.HTTPReadTimeout, + WriteTimeout: config.HTTPWriteTimeout, + }, } log.Println("starting serve on ", hport) return srv.Serve(l) } -// This method can be used for any TCP Listener, e.g. non HTTP +// Run exports Run() from grace package +func Run(addr string, timeout time.Duration, n http.Handler) { + graceful.Run(addr, timeout, n) +} + +// RunWithErr exports RunWithErr from grace package +func RunWithErr(addr string, timeout time.Duration, n http.Handler) error { + return graceful.RunWithErr(addr, timeout, n) +} + +// Listen This method can be used for any TCP Listener, e.g. non HTTP func Listen(hport string) (net.Listener, error) { var l net.Listener From 6240d363fd90fa9062c3a1dacf81b4080ff2445c Mon Sep 17 00:00:00 2001 From: IT SEC BOT Date: Tue, 16 Feb 2021 15:14:31 +0700 Subject: [PATCH 3/6] code scanning --- .github/workflows/codeql-analysis.yml | 59 +++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..5e2cc19 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,59 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +name: "CodeQL" + +on: + pull_request: + # The branches below must be a subset of the branches above + branches: [master] + workflow_dispatch: + +jobs: + analyze: + name: Analyze + runs-on: [self-hosted, linux, x64, aws-runner-1] + + strategy: + fail-fast: false + matrix: + # Override automatic language detection by changing the below list + # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] + language: ['go'] + # Learn more... + # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # queries: ./path/to/local/query, your-org/your-repo/queries@main + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 From 2a1b87103a1aa1b8ecd1e65e5227f8b7b46c3ddb Mon Sep 17 00:00:00 2001 From: IT SEC BOT Date: Fri, 29 Jul 2022 07:28:44 +0000 Subject: [PATCH 4/6] code scanning --- .github/workflows/codeql-analysis.yml | 43 +++++++++++++++++++++++---- 1 file changed, 38 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 5e2cc19..acc23d6 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -3,18 +3,35 @@ # # You may wish to alter this file to override the set of languages analyzed, # or to provide custom queries or build logic. -name: "CodeQL" +name: "IT Security Code Scan" on: + push: + # The branches below must be a subset of the branches above + branches: [master] + paths-ignore: + - '**/*.md' + - '**/*.txt' + - '**/*.yml' + - '**/*.yaml' pull_request: # The branches below must be a subset of the branches above branches: [master] + paths-ignore: + - '**/*.md' + - '**/*.txt' + - '**/*.yml' + - '**/*.yaml' workflow_dispatch: jobs: analyze: name: Analyze - runs-on: [self-hosted, linux, x64, aws-runner-1] + runs-on: [runnerset=code-scanning-runners] + env: + CODEQL_RAM: 8192 + CODEQL_THREADS: 2 + GOPRIVATE: github.com/tokopedia/* strategy: fail-fast: false @@ -28,10 +45,26 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v2 + - run: git config --global --add url."git@github.com:".insteadOf "https://github.com/" + - name: Set Up Go + if: matrix.language == 'go' + uses: actions/setup-go@v2 + with: + go-version: 1.14 + - name: Set Up Node + if: matrix.language == 'javascript' + uses: actions/setup-node@v3 + with: + node-version: '14' + - name: Set Up Python + if: matrix.language == 'python' + uses: actions/setup-python@v4 + with: + python-version: '3.x' # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@v2 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -42,7 +75,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v1 + uses: github/codeql-action/autobuild@v2 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -56,4 +89,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v2 From 171fcb65bd1346203c9e37cf63e331a276cbcf33 Mon Sep 17 00:00:00 2001 From: IT SEC BOT Date: Mon, 1 Aug 2022 01:03:35 +0000 Subject: [PATCH 5/6] code scanning From 6f6758f48baee65705d78df53c29ee5928e65ea2 Mon Sep 17 00:00:00 2001 From: IT SEC BOT Date: Tue, 2 Aug 2022 09:25:28 +0000 Subject: [PATCH 6/6] code scanning --- .github/workflows/codeql-analysis.yml | 92 --------------------------- 1 file changed, 92 deletions(-) delete mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index acc23d6..0000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,92 +0,0 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -name: "IT Security Code Scan" - -on: - push: - # The branches below must be a subset of the branches above - branches: [master] - paths-ignore: - - '**/*.md' - - '**/*.txt' - - '**/*.yml' - - '**/*.yaml' - pull_request: - # The branches below must be a subset of the branches above - branches: [master] - paths-ignore: - - '**/*.md' - - '**/*.txt' - - '**/*.yml' - - '**/*.yaml' - workflow_dispatch: - -jobs: - analyze: - name: Analyze - runs-on: [runnerset=code-scanning-runners] - env: - CODEQL_RAM: 8192 - CODEQL_THREADS: 2 - GOPRIVATE: github.com/tokopedia/* - - strategy: - fail-fast: false - matrix: - # Override automatic language detection by changing the below list - # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] - language: ['go'] - # Learn more... - # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection - - steps: - - name: Checkout repository - uses: actions/checkout@v2 - - run: git config --global --add url."git@github.com:".insteadOf "https://github.com/" - - name: Set Up Go - if: matrix.language == 'go' - uses: actions/setup-go@v2 - with: - go-version: 1.14 - - name: Set Up Node - if: matrix.language == 'javascript' - uses: actions/setup-node@v3 - with: - node-version: '14' - - - name: Set Up Python - if: matrix.language == 'python' - uses: actions/setup-python@v4 - with: - python-version: '3.x' - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2