create-svc 0.1.2 → 0.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +6 -3
- package/src/cli.ts +328 -108
- package/src/gcp.test.ts +71 -0
- package/src/gcp.ts +97 -0
- package/src/naming.test.ts +37 -0
- package/src/naming.ts +103 -0
- package/src/neon.test.ts +48 -0
- package/src/neon.ts +76 -0
- package/src/post-scaffold.ts +77 -0
- package/src/scaffold.test.ts +66 -31
- package/src/scaffold.ts +60 -55
- package/templates/shared/.github/workflows/ci.yml +22 -0
- package/templates/shared/.github/workflows/deploy.yml +30 -0
- package/templates/shared/.github/workflows/personal.yml +41 -0
- package/templates/shared/.github/workflows/preview-cleanup.yml +25 -0
- package/templates/shared/.github/workflows/preview.yml +29 -0
- package/templates/shared/README.md +37 -0
- package/templates/shared/scripts/cloudrun/bootstrap.ts +76 -0
- package/templates/shared/scripts/cloudrun/config.ts +57 -0
- package/templates/shared/scripts/cloudrun/deploy.ts +82 -0
- package/templates/shared/scripts/cloudrun/lib.ts +380 -0
- package/templates/shared/scripts/cloudrun/neon.ts +104 -0
- package/templates/shared/service.yaml +28 -0
- package/templates/variants/bun-connectrpc/Dockerfile +13 -0
- package/templates/variants/bun-connectrpc/package.json +20 -0
- package/templates/variants/bun-connectrpc/scripts/codegen.ts +1 -0
- package/templates/variants/bun-connectrpc/src/index.ts +32 -0
- package/templates/variants/bun-connectrpc/test/app.test.ts +17 -0
- package/templates/variants/bun-connectrpc/tsconfig.json +10 -0
- package/templates/variants/bun-hono/Dockerfile +13 -0
- package/templates/variants/bun-hono/package.json +21 -0
- package/templates/variants/bun-hono/scripts/codegen.ts +1 -0
- package/templates/variants/bun-hono/src/index.ts +24 -0
- package/templates/variants/bun-hono/test/app.test.ts +12 -0
- package/templates/variants/bun-hono/tsconfig.json +10 -0
- package/templates/variants/go-chi/Dockerfile +23 -0
- package/templates/variants/go-chi/buf.gen.yaml +10 -0
- package/templates/variants/go-chi/buf.yaml +9 -0
- package/templates/variants/go-chi/cmd/server/main.go +52 -0
- package/templates/variants/go-chi/gen/dns/v1/dns.pb.go +623 -0
- package/templates/variants/go-chi/gen/dns/v1/dnsv1connect/dns.connect.go +192 -0
- package/templates/variants/go-chi/go.mod +10 -0
- package/templates/variants/go-chi/internal/app/service.go +109 -0
- package/templates/variants/go-chi/internal/app/token_source.go +50 -0
- package/templates/variants/go-chi/internal/cloudflare/client.go +160 -0
- package/templates/variants/go-chi/internal/config/config.go +23 -0
- package/templates/variants/go-chi/internal/connectapi/handler.go +79 -0
- package/templates/variants/go-chi/internal/httpapi/routes.go +93 -0
- package/templates/variants/go-chi/internal/vault/client.go +148 -0
- package/templates/variants/go-chi/package.json +16 -0
- package/templates/variants/go-chi/protos/dns/v1/dns.proto +58 -0
- package/templates/variants/go-chi/test/go.test.ts +19 -0
- package/templates/variants/go-connectrpc/Dockerfile +23 -0
- package/templates/variants/go-connectrpc/buf.gen.yaml +10 -0
- package/templates/variants/go-connectrpc/buf.yaml +9 -0
- package/templates/variants/go-connectrpc/cmd/server/main.go +51 -0
- package/templates/variants/go-connectrpc/gen/dns/v1/dns.pb.go +623 -0
- package/templates/variants/go-connectrpc/gen/dns/v1/dnsv1connect/dns.connect.go +192 -0
- package/templates/variants/go-connectrpc/go.mod +10 -0
- package/templates/variants/go-connectrpc/internal/app/service.go +109 -0
- package/templates/variants/go-connectrpc/internal/app/token_source.go +50 -0
- package/templates/variants/go-connectrpc/internal/cloudflare/client.go +160 -0
- package/templates/variants/go-connectrpc/internal/config/config.go +23 -0
- package/templates/variants/go-connectrpc/internal/connectapi/handler.go +79 -0
- package/templates/variants/go-connectrpc/internal/httpapi/routes.go +93 -0
- package/templates/variants/go-connectrpc/internal/vault/client.go +148 -0
- package/templates/variants/go-connectrpc/package.json +16 -0
- package/templates/variants/go-connectrpc/protos/dns/v1/dns.proto +58 -0
- package/templates/variants/go-connectrpc/test/go.test.ts +19 -0
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
package httpapi
|
|
2
|
+
|
|
3
|
+
import (
|
|
4
|
+
"encoding/json"
|
|
5
|
+
"errors"
|
|
6
|
+
"net/http"
|
|
7
|
+
"strconv"
|
|
8
|
+
"strings"
|
|
9
|
+
|
|
10
|
+
"github.com/go-chi/chi/v5"
|
|
11
|
+
|
|
12
|
+
"{{MODULE_PATH}}/internal/app"
|
|
13
|
+
)
|
|
14
|
+
|
|
15
|
+
func RegisterRoutes(router chi.Router, service *app.DNSService) {
|
|
16
|
+
router.Get("/healthz", func(w http.ResponseWriter, _ *http.Request) {
|
|
17
|
+
writeJSON(w, http.StatusOK, map[string]string{"status": "ok"})
|
|
18
|
+
})
|
|
19
|
+
|
|
20
|
+
router.Route("/v1/dns/records", func(r chi.Router) {
|
|
21
|
+
r.Get("/", func(w http.ResponseWriter, request *http.Request) {
|
|
22
|
+
records, err := service.ListRecords(request.Context())
|
|
23
|
+
if err != nil {
|
|
24
|
+
writeError(w, err)
|
|
25
|
+
return
|
|
26
|
+
}
|
|
27
|
+
writeJSON(w, http.StatusOK, map[string]any{"records": records})
|
|
28
|
+
})
|
|
29
|
+
|
|
30
|
+
r.Post("/", func(w http.ResponseWriter, request *http.Request) {
|
|
31
|
+
var input app.CreateRecordInput
|
|
32
|
+
if err := decodeJSON(request, &input); err != nil {
|
|
33
|
+
writeError(w, err)
|
|
34
|
+
return
|
|
35
|
+
}
|
|
36
|
+
|
|
37
|
+
record, err := service.CreateRecord(request.Context(), input)
|
|
38
|
+
if err != nil {
|
|
39
|
+
writeError(w, err)
|
|
40
|
+
return
|
|
41
|
+
}
|
|
42
|
+
writeJSON(w, http.StatusCreated, map[string]any{"record": record})
|
|
43
|
+
})
|
|
44
|
+
|
|
45
|
+
r.Route("/{recordID}", func(r chi.Router) {
|
|
46
|
+
r.Put("/", func(w http.ResponseWriter, request *http.Request) {
|
|
47
|
+
var input app.UpdateRecordInput
|
|
48
|
+
if err := decodeJSON(request, &input); err != nil {
|
|
49
|
+
writeError(w, err)
|
|
50
|
+
return
|
|
51
|
+
}
|
|
52
|
+
|
|
53
|
+
record, err := service.UpdateRecord(request.Context(), chi.URLParam(request, "recordID"), input)
|
|
54
|
+
if err != nil {
|
|
55
|
+
writeError(w, err)
|
|
56
|
+
return
|
|
57
|
+
}
|
|
58
|
+
writeJSON(w, http.StatusOK, map[string]any{"record": record})
|
|
59
|
+
})
|
|
60
|
+
|
|
61
|
+
r.Delete("/", func(w http.ResponseWriter, request *http.Request) {
|
|
62
|
+
if err := service.DeleteRecord(request.Context(), chi.URLParam(request, "recordID")); err != nil {
|
|
63
|
+
writeError(w, err)
|
|
64
|
+
return
|
|
65
|
+
}
|
|
66
|
+
w.WriteHeader(http.StatusNoContent)
|
|
67
|
+
})
|
|
68
|
+
})
|
|
69
|
+
})
|
|
70
|
+
}
|
|
71
|
+
|
|
72
|
+
func decodeJSON(request *http.Request, out any) error {
|
|
73
|
+
defer request.Body.Close()
|
|
74
|
+
|
|
75
|
+
if err := json.NewDecoder(request.Body).Decode(out); err != nil {
|
|
76
|
+
return err
|
|
77
|
+
}
|
|
78
|
+
return nil
|
|
79
|
+
}
|
|
80
|
+
|
|
81
|
+
func writeJSON(w http.ResponseWriter, status int, payload any) {
|
|
82
|
+
w.Header().Set("Content-Type", "application/json")
|
|
83
|
+
w.WriteHeader(status)
|
|
84
|
+
_ = json.NewEncoder(w).Encode(payload)
|
|
85
|
+
}
|
|
86
|
+
|
|
87
|
+
func writeError(w http.ResponseWriter, err error) {
|
|
88
|
+
status := http.StatusInternalServerError
|
|
89
|
+
if errors.Is(err, strconv.ErrSyntax) || strings.Contains(strings.ToLower(err.Error()), "json") {
|
|
90
|
+
status = http.StatusBadRequest
|
|
91
|
+
}
|
|
92
|
+
writeJSON(w, status, map[string]string{"error": err.Error()})
|
|
93
|
+
}
|
|
@@ -0,0 +1,148 @@
|
|
|
1
|
+
package vault
|
|
2
|
+
|
|
3
|
+
import (
|
|
4
|
+
"bytes"
|
|
5
|
+
"context"
|
|
6
|
+
"encoding/json"
|
|
7
|
+
"fmt"
|
|
8
|
+
"io"
|
|
9
|
+
"net/http"
|
|
10
|
+
"os"
|
|
11
|
+
"strings"
|
|
12
|
+
"sync"
|
|
13
|
+
)
|
|
14
|
+
|
|
15
|
+
type AppRoleClient struct {
|
|
16
|
+
addr string
|
|
17
|
+
roleIDFile string
|
|
18
|
+
secretIDFile string
|
|
19
|
+
client *http.Client
|
|
20
|
+
|
|
21
|
+
mu sync.Mutex
|
|
22
|
+
token string
|
|
23
|
+
}
|
|
24
|
+
|
|
25
|
+
func NewAppRoleClient(addr string, roleIDFile string, secretIDFile string, client *http.Client) *AppRoleClient {
|
|
26
|
+
return &AppRoleClient{
|
|
27
|
+
addr: strings.TrimRight(addr, "/"),
|
|
28
|
+
roleIDFile: roleIDFile,
|
|
29
|
+
secretIDFile: secretIDFile,
|
|
30
|
+
client: client,
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
|
|
34
|
+
func (c *AppRoleClient) Get(ctx context.Context, path string, key string) (string, error) {
|
|
35
|
+
token, err := c.login(ctx)
|
|
36
|
+
if err != nil {
|
|
37
|
+
return "", err
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
request, err := http.NewRequestWithContext(ctx, http.MethodGet, fmt.Sprintf("%s/v1/secret/data/%s", c.addr, strings.TrimLeft(path, "/")), nil)
|
|
41
|
+
if err != nil {
|
|
42
|
+
return "", err
|
|
43
|
+
}
|
|
44
|
+
request.Header.Set("X-Vault-Token", token)
|
|
45
|
+
|
|
46
|
+
response, err := c.client.Do(request)
|
|
47
|
+
if err != nil {
|
|
48
|
+
return "", err
|
|
49
|
+
}
|
|
50
|
+
defer response.Body.Close()
|
|
51
|
+
|
|
52
|
+
raw, err := io.ReadAll(response.Body)
|
|
53
|
+
if err != nil {
|
|
54
|
+
return "", err
|
|
55
|
+
}
|
|
56
|
+
if response.StatusCode < 200 || response.StatusCode >= 300 {
|
|
57
|
+
return "", fmt.Errorf("vault read failed: status=%d body=%s", response.StatusCode, strings.TrimSpace(string(raw)))
|
|
58
|
+
}
|
|
59
|
+
|
|
60
|
+
var payload struct {
|
|
61
|
+
Data struct {
|
|
62
|
+
Data map[string]string `json:"data"`
|
|
63
|
+
} `json:"data"`
|
|
64
|
+
}
|
|
65
|
+
if err := json.Unmarshal(raw, &payload); err != nil {
|
|
66
|
+
return "", err
|
|
67
|
+
}
|
|
68
|
+
|
|
69
|
+
value := strings.TrimSpace(payload.Data.Data[key])
|
|
70
|
+
if value == "" {
|
|
71
|
+
return "", fmt.Errorf("vault secret key %q is empty", key)
|
|
72
|
+
}
|
|
73
|
+
return value, nil
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
func (c *AppRoleClient) login(ctx context.Context) (string, error) {
|
|
77
|
+
c.mu.Lock()
|
|
78
|
+
defer c.mu.Unlock()
|
|
79
|
+
|
|
80
|
+
if c.token != "" {
|
|
81
|
+
return c.token, nil
|
|
82
|
+
}
|
|
83
|
+
|
|
84
|
+
roleID, err := readSecretFile(c.roleIDFile)
|
|
85
|
+
if err != nil {
|
|
86
|
+
return "", err
|
|
87
|
+
}
|
|
88
|
+
secretID, err := readSecretFile(c.secretIDFile)
|
|
89
|
+
if err != nil {
|
|
90
|
+
return "", err
|
|
91
|
+
}
|
|
92
|
+
|
|
93
|
+
body, err := json.Marshal(map[string]string{
|
|
94
|
+
"role_id": roleID,
|
|
95
|
+
"secret_id": secretID,
|
|
96
|
+
})
|
|
97
|
+
if err != nil {
|
|
98
|
+
return "", err
|
|
99
|
+
}
|
|
100
|
+
|
|
101
|
+
request, err := http.NewRequestWithContext(ctx, http.MethodPost, c.addr+"/v1/auth/approle/login", bytes.NewReader(body))
|
|
102
|
+
if err != nil {
|
|
103
|
+
return "", err
|
|
104
|
+
}
|
|
105
|
+
request.Header.Set("Content-Type", "application/json")
|
|
106
|
+
|
|
107
|
+
response, err := c.client.Do(request)
|
|
108
|
+
if err != nil {
|
|
109
|
+
return "", err
|
|
110
|
+
}
|
|
111
|
+
defer response.Body.Close()
|
|
112
|
+
|
|
113
|
+
raw, err := io.ReadAll(response.Body)
|
|
114
|
+
if err != nil {
|
|
115
|
+
return "", err
|
|
116
|
+
}
|
|
117
|
+
if response.StatusCode < 200 || response.StatusCode >= 300 {
|
|
118
|
+
return "", fmt.Errorf("vault login failed: status=%d body=%s", response.StatusCode, strings.TrimSpace(string(raw)))
|
|
119
|
+
}
|
|
120
|
+
|
|
121
|
+
var payload struct {
|
|
122
|
+
Auth struct {
|
|
123
|
+
ClientToken string `json:"client_token"`
|
|
124
|
+
} `json:"auth"`
|
|
125
|
+
}
|
|
126
|
+
if err := json.Unmarshal(raw, &payload); err != nil {
|
|
127
|
+
return "", err
|
|
128
|
+
}
|
|
129
|
+
|
|
130
|
+
c.token = strings.TrimSpace(payload.Auth.ClientToken)
|
|
131
|
+
if c.token == "" {
|
|
132
|
+
return "", fmt.Errorf("vault returned an empty client token")
|
|
133
|
+
}
|
|
134
|
+
return c.token, nil
|
|
135
|
+
}
|
|
136
|
+
|
|
137
|
+
func readSecretFile(path string) (string, error) {
|
|
138
|
+
bytes, err := os.ReadFile(path)
|
|
139
|
+
if err != nil {
|
|
140
|
+
return "", err
|
|
141
|
+
}
|
|
142
|
+
|
|
143
|
+
value := strings.TrimSpace(string(bytes))
|
|
144
|
+
if value == "" {
|
|
145
|
+
return "", fmt.Errorf("secret file %q is empty", path)
|
|
146
|
+
}
|
|
147
|
+
return value, nil
|
|
148
|
+
}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "{{SERVICE_NAME}}",
|
|
3
|
+
"private": true,
|
|
4
|
+
"type": "module",
|
|
5
|
+
"dependencies": {
|
|
6
|
+
"@neondatabase/api-client": "^2.7.1"
|
|
7
|
+
},
|
|
8
|
+
"scripts": {
|
|
9
|
+
"dev": "go run ./cmd/server",
|
|
10
|
+
"gen": "buf generate",
|
|
11
|
+
"lint": "go vet ./... && buf lint",
|
|
12
|
+
"test": "bun test ./test",
|
|
13
|
+
"bootstrap": "bun run ./scripts/cloudrun/bootstrap.ts",
|
|
14
|
+
"deploy": "bun run ./scripts/cloudrun/deploy.ts"
|
|
15
|
+
}
|
|
16
|
+
}
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
syntax = "proto3";
|
|
2
|
+
|
|
3
|
+
package dns.v1;
|
|
4
|
+
|
|
5
|
+
option go_package = "{{MODULE_PATH}}/gen/dns/v1;dnsv1";
|
|
6
|
+
|
|
7
|
+
service DNSService {
|
|
8
|
+
rpc ListRecords(ListRecordsRequest) returns (ListRecordsResponse) {}
|
|
9
|
+
rpc CreateRecord(CreateRecordRequest) returns (CreateRecordResponse) {}
|
|
10
|
+
rpc UpdateRecord(UpdateRecordRequest) returns (UpdateRecordResponse) {}
|
|
11
|
+
rpc DeleteRecord(DeleteRecordRequest) returns (DeleteRecordResponse) {}
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
message Record {
|
|
15
|
+
string id = 1;
|
|
16
|
+
string type = 2;
|
|
17
|
+
string name = 3;
|
|
18
|
+
string content = 4;
|
|
19
|
+
int32 ttl = 5;
|
|
20
|
+
bool proxied = 6;
|
|
21
|
+
}
|
|
22
|
+
|
|
23
|
+
message ListRecordsRequest {}
|
|
24
|
+
|
|
25
|
+
message ListRecordsResponse {
|
|
26
|
+
repeated Record records = 1;
|
|
27
|
+
}
|
|
28
|
+
|
|
29
|
+
message CreateRecordRequest {
|
|
30
|
+
string type = 1;
|
|
31
|
+
string name = 2;
|
|
32
|
+
string content = 3;
|
|
33
|
+
int32 ttl = 4;
|
|
34
|
+
bool proxied = 5;
|
|
35
|
+
}
|
|
36
|
+
|
|
37
|
+
message CreateRecordResponse {
|
|
38
|
+
Record record = 1;
|
|
39
|
+
}
|
|
40
|
+
|
|
41
|
+
message UpdateRecordRequest {
|
|
42
|
+
string id = 1;
|
|
43
|
+
string type = 2;
|
|
44
|
+
string name = 3;
|
|
45
|
+
string content = 4;
|
|
46
|
+
int32 ttl = 5;
|
|
47
|
+
bool proxied = 6;
|
|
48
|
+
}
|
|
49
|
+
|
|
50
|
+
message UpdateRecordResponse {
|
|
51
|
+
Record record = 1;
|
|
52
|
+
}
|
|
53
|
+
|
|
54
|
+
message DeleteRecordRequest {
|
|
55
|
+
string id = 1;
|
|
56
|
+
}
|
|
57
|
+
|
|
58
|
+
message DeleteRecordResponse {}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import { expect, test } from "bun:test";
|
|
2
|
+
|
|
3
|
+
const decoder = new TextDecoder();
|
|
4
|
+
|
|
5
|
+
test(
|
|
6
|
+
"go test ./...",
|
|
7
|
+
{ timeout: 60_000 },
|
|
8
|
+
() => {
|
|
9
|
+
const result = Bun.spawnSync(["go", "test", "./..."], {
|
|
10
|
+
cwd: process.cwd(),
|
|
11
|
+
stdout: "pipe",
|
|
12
|
+
stderr: "pipe",
|
|
13
|
+
env: process.env,
|
|
14
|
+
});
|
|
15
|
+
|
|
16
|
+
const output = [decoder.decode(result.stdout), decoder.decode(result.stderr)].join("").trim();
|
|
17
|
+
expect(result.exitCode, output || "go test ./... failed").toBe(0);
|
|
18
|
+
}
|
|
19
|
+
);
|