Giters

mr-chelyshkin / hyperproof

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Hyperproof Take-Home Assessment

Manual retrieve key:

You can retrieve (or create) any key manually using GitHub manual action: Manual Retrieve key.
Incoming params:

  • Key name for retrieve
  • Targets for key restriction
  • IPs for key restriction

manual-retrieve
Execution:
manual-retrieve-execution

Schedule retrieve key:

Every 6 hours workflow: retrieve GoogleMapKey retrieves a predefined key "GoogleMapKey".
retrieve-pipeline Workflow: schedule-flow

Client

The project sources is a GoLang client which work with Cloud Platforms (GCP / Azure).
It's a cli-app based on urfave and use for executing platform actions.

Usage

$ hyperproof -h
# Show help with all commands short description
$ hyperproof {{ cmd }} -h
# Show help for current command

Command list:

  • retrieve: re-new ApiKey in GCP and put it in Azure Vault.
  • ...

retrieve:

$ hyperproof retrieve -h

retrieve-usage process: retrieve-process result: retrieve-process azure-vault-secrets azure-vault-secrets-versions

Add new commands

Commands provided in ./commands directory. Each cmd is a separate entity located in its directory and consists of the following objects:

  • action.go - the main process of the team's operation
  • flags.go - flags and parameters of the team
  • usage.go - template for describing the team's operation
  • command.go - the main object

To create a new cmd, you need to define all the objects and also add the team to commands.go.

return []*cli.Command{
	retrieve.Command(),
        {{ cmd_name }}.Command(),
}

Infrastructure

Use Taskfile for automate infrastructure actions.

# current actions:
$ task -l
# task: Available tasks for this project:
# * default:            Default task.
# * go/build/dev:       Build development binary. (include "-race" option)
# * go/build/prd:       Build prd binaries files.
# * go/lint/run:        Run golangci-lint.

Inside Taskfile we have predefined variables which we use:

  • golint_version
  • binary_name

and predefined builds matrix for manage build options:

- task: go/build/sample
  vars: { GOOS: "linux", GOARCH: "amd64", BUILD_TYPE: "prd" }
- task: go/build/sample
  vars: { GOOS: "linux", GOARCH: "arm64", BUILD_TYPE: "prd" }
- task: go/build/sample
  vars: { GOOS: "darwin", GOARCH: "amd64", BUILD_TYPE: "prd" }
- task: go/build/sample
  vars: { GOOS: "darwin", GOARCH: "arm64", BUILD_TYPE: "prd" }

Build path: ./build

Note

  • Inside infrastructure workflow we also execute Taskfile.
  • By default, we build binaries with GO version from go.mod file (no additional updates need if we decide update version)

StaticChecks and Unittests

Any feature addition should be done in separate branches, where the branch name should reflect the general meaning of the feature. For each commit to a feature branch, a workflow with general checks is triggered. checks-workflow

Deploy

Deployment is done in a separate workflow, which is triggered after a new tag is published. The deployment process creates a new release, builds the client for different platforms, and publishes the artifacts in the release. deploy-workflow

After finishing deployment process new release will be available: release

For creating new tag:

# use semver pattern
$ git tag {{ v[0-9]+.\[0-9]+.\[0-9]+.\ }} 
$ git push origin {{ v[0-9]+.\[0-9]+.\[0-9]+.\ }}

About

Languages

Language:Go 100.0%