create-svc 0.1.9 → 0.1.11

package/templates/variants/go-chi/internal/auth/middleware_test.go

@@ -0,0 +1,38 @@
+package auth
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+func TestMiddlewareRejectsProtectedPathWithoutBearerToken(t *testing.T) {
+	handler := Middleware(Config{
+		Enabled:  true,
+		Issuer:   "https://auth.anmho.com",
+		Audience: "api://{{SERVICE_ID}}",
+		JWKSURL:  "https://auth.anmho.com/api/auth/jwks",
+	})(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
+		w.WriteHeader(http.StatusNoContent)
+	}))
+
+	response := httptest.NewRecorder()
+	handler.ServeHTTP(response, httptest.NewRequest(http.MethodPost, "/v1/waitlist", nil))
+
+	if response.Code != http.StatusUnauthorized {
+		t.Fatalf("expected 401, got %d", response.Code)
+	}
+}
+
+func TestMiddlewareLeavesHealthPublic(t *testing.T) {
+	handler := Middleware(Config{Enabled: true})(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
+		w.WriteHeader(http.StatusNoContent)
+	}))
+
+	response := httptest.NewRecorder()
+	handler.ServeHTTP(response, httptest.NewRequest(http.MethodGet, "/healthz", nil))
+
+	if response.Code != http.StatusNoContent {
+		t.Fatalf("expected health to pass through, got %d", response.Code)
+	}
+}

package/templates/variants/go-chi/internal/config/config.go

@@ -1,17 +1,48 @@
 package config
 
-import "os"
+import (
+	"errors"
+	"os"
+	"strings"
+)
 
 type Config struct {
-	Port        string
-	DatabaseURL string
+	Port              string
+	DatabaseURL       string
+	TemporalEnabled   bool
+	TemporalAddress   string
+	TemporalNamespace string
+	TemporalTaskQueue string
+	TemporalAPIKey    string
+	AuthEnabled       bool
+	AuthIssuer        string
+	AuthAudience      string
+	AuthJWKSURL       string
 }
 
 func Load() (Config, error) {
-	return Config{
-		Port:        envOr("PORT", "8080"),
-		DatabaseURL: envOr("DATABASE_URL", ""),
-	}, nil
+	cfg := Config{
+		Port:              envOr("PORT", "8080"),
+		DatabaseURL:       strings.TrimSpace(os.Getenv("DATABASE_URL")),
+		TemporalEnabled:   envBool("TEMPORAL_ENABLED"),
+		TemporalAddress:   envOr("TEMPORAL_ADDRESS", "localhost:7233"),
+		TemporalNamespace: envOr("TEMPORAL_NAMESPACE", "default"),
+		TemporalTaskQueue: envOr("TEMPORAL_TASK_QUEUE", "{{SERVICE_NAME}}"),
+		TemporalAPIKey:    strings.TrimSpace(os.Getenv("TEMPORAL_API_KEY")),
+		AuthEnabled:       envBool("AUTH_ENABLED"),
+		AuthIssuer:        envOr("AUTH_ISSUER", "{{AUTH_ISSUER}}"),
+		AuthAudience:      envOr("AUTH_AUDIENCE", "{{AUTH_AUDIENCE}}"),
+		AuthJWKSURL:       envOr("AUTH_JWKS_URL", "{{AUTH_JWKS_URL}}"),
+	}
+	if cfg.DatabaseURL == "" {
+		return Config{}, errors.New("DATABASE_URL is required")
+	}
+	return cfg, nil
+}
+
+func envBool(key string) bool {
+	value := strings.TrimSpace(strings.ToLower(os.Getenv(key)))
+	return value == "1" || value == "true" || value == "yes" || value == "on"
 }
 
 func envOr(key string, fallback string) string {

package/templates/variants/go-chi/internal/httpapi/routes.go

@@ -3,6 +3,7 @@ package httpapi
 import (
 	"encoding/json"
 	"errors"
+	"io"
 	"net/http"
 	"strconv"
 	"strings"
@@ -12,67 +13,154 @@ import (
 	"{{MODULE_PATH}}/internal/app"
 )
 
-func RegisterRoutes(router chi.Router, service *app.DNSService) {
+func RegisterRoutes(router chi.Router, service *app.WaitlistService) {
 	router.Get("/healthz", func(w http.ResponseWriter, _ *http.Request) {
 		writeJSON(w, http.StatusOK, map[string]string{"status": "ok"})
 	})
+	router.Get("/readyz", func(w http.ResponseWriter, _ *http.Request) {
+		writeJSON(w, http.StatusOK, map[string]string{"status": "ok"})
+	})
+	router.Get("/", func(w http.ResponseWriter, _ *http.Request) {
+		writeJSON(w, http.StatusOK, map[string]string{
+			"service":   "{{SERVICE_NAME}}",
+			"domain":    "waitlist",
+			"apiOrigin": "https://api.{{SERVICE_NAME}}.anmho.com",
+		})
+	})
+
+	router.Post("/v1/waitlist", func(w http.ResponseWriter, request *http.Request) {
+		var input app.JoinWaitlistInput
+		if err := decodeJSON(request, &input); err != nil {
+			writeError(w, err)
+			return
+		}
+		result, err := service.JoinWaitlist(request.Context(), input)
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		status := http.StatusOK
+		if result.Created {
+			status = http.StatusCreated
+		}
+		writeJSON(w, status, result)
+	})
+
+	router.Get("/v1/waitlist", func(w http.ResponseWriter, request *http.Request) {
+		entry, err := service.GetEntryByEmail(request.Context(), request.URL.Query().Get("email"))
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		writeJSON(w, http.StatusOK, map[string]any{"entry": entry})
+	})
+
+	router.Get("/v1/waitlist/{entryID}", func(w http.ResponseWriter, request *http.Request) {
+		entry, err := service.GetEntry(request.Context(), chi.URLParam(request, "entryID"))
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		writeJSON(w, http.StatusOK, map[string]any{"entry": entry})
+	})
+
+	router.Get("/v1/admin/waitlist", func(w http.ResponseWriter, request *http.Request) {
+		entries, err := service.ListEntries(request.Context(), app.ListWaitlistEntriesInput{
+			Status: request.URL.Query().Get("status"),
+			Limit:  optionalInt(request.URL.Query().Get("limit")),
+		})
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		writeJSON(w, http.StatusOK, map[string]any{"entries": entries})
+	})
+
+	router.Get("/v1/admin/waitlist/export", func(w http.ResponseWriter, request *http.Request) {
+		csv, err := service.ExportEntries(request.Context(), app.ListWaitlistEntriesInput{
+			Status: request.URL.Query().Get("status"),
+			Limit:  optionalInt(request.URL.Query().Get("limit")),
+		})
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		w.Header().Set("Content-Type", "text/csv; charset=utf-8")
+		w.Header().Set("Content-Disposition", `attachment; filename="waitlist.csv"`)
+		w.WriteHeader(http.StatusOK)
+		_, _ = w.Write([]byte(csv))
+	})
+
+	router.Patch("/v1/admin/waitlist/{entryID}", func(w http.ResponseWriter, request *http.Request) {
+		var input app.UpdateWaitlistEntryInput
+		if err := decodeJSON(request, &input); err != nil {
+			writeError(w, err)
+			return
+		}
+		input.EntryID = chi.URLParam(request, "entryID")
+		entry, err := service.UpdateEntry(request.Context(), input)
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		writeJSON(w, http.StatusOK, map[string]any{"entry": entry})
+	})
 
-	router.Route("/v1/dns/records", func(r chi.Router) {
-		r.Get("/", func(w http.ResponseWriter, request *http.Request) {
-			records, err := service.ListRecords(request.Context())
-			if err != nil {
-				writeError(w, err)
-				return
-			}
-			writeJSON(w, http.StatusOK, map[string]any{"records": records})
+	router.Post("/v1/triggers/waitlist", func(w http.ResponseWriter, request *http.Request) {
+		var payload map[string]any
+		if err := decodeOptionalJSON(request, &payload); err != nil {
+			writeError(w, err)
+			return
+		}
+		trigger, err := service.RecordTrigger(request.Context(), app.RecordTriggerInput{
+			Type:    stringValue(payload, "type", "manual"),
+			EntryID: stringValue(payload, "entry_id", ""),
+			Payload: payload,
 		})
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		writeJSON(w, http.StatusAccepted, map[string]any{"trigger": trigger})
+	})
 
-		r.Post("/", func(w http.ResponseWriter, request *http.Request) {
-			var input app.CreateRecordInput
-			if err := decodeJSON(request, &input); err != nil {
-				writeError(w, err)
-				return
-			}
-
-			record, err := service.CreateRecord(request.Context(), input)
-			if err != nil {
-				writeError(w, err)
-				return
-			}
-			writeJSON(w, http.StatusCreated, map[string]any{"record": record})
+	router.Post("/webhooks/{provider}", func(w http.ResponseWriter, request *http.Request) {
+		rawBody, err := io.ReadAll(request.Body)
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		trigger, err := service.RecordTrigger(request.Context(), app.RecordTriggerInput{
+			Type: "webhook." + chi.URLParam(request, "provider"),
+			Payload: map[string]any{
+				"headers": request.Header,
+				"rawBody": string(rawBody),
+			},
 		})
+		if err != nil {
+			writeError(w, err)
+			return
+		}
+		writeJSON(w, http.StatusAccepted, map[string]any{"trigger": trigger})
+	})
 
-		r.Route("/{recordID}", func(r chi.Router) {
-			r.Put("/", func(w http.ResponseWriter, request *http.Request) {
-				var input app.UpdateRecordInput
-				if err := decodeJSON(request, &input); err != nil {
-					writeError(w, err)
-					return
-				}
-
-				record, err := service.UpdateRecord(request.Context(), chi.URLParam(request, "recordID"), input)
-				if err != nil {
-					writeError(w, err)
-					return
-				}
-				writeJSON(w, http.StatusOK, map[string]any{"record": record})
-			})
-
-			r.Delete("/", func(w http.ResponseWriter, request *http.Request) {
-				if err := service.DeleteRecord(request.Context(), chi.URLParam(request, "recordID")); err != nil {
-					writeError(w, err)
-					return
-				}
-				w.WriteHeader(http.StatusNoContent)
-			})
+	router.Get("/webhooks/{provider}/health", func(w http.ResponseWriter, request *http.Request) {
+		writeJSON(w, http.StatusOK, map[string]string{
+			"status":   "ok",
+			"provider": chi.URLParam(request, "provider"),
 		})
 	})
 }
 
 func decodeJSON(request *http.Request, out any) error {
 	defer request.Body.Close()
+	return json.NewDecoder(request.Body).Decode(out)
+}
 
-	if err := json.NewDecoder(request.Body).Decode(out); err != nil {
+func decodeOptionalJSON(request *http.Request, out any) error {
+	defer request.Body.Close()
+	decoder := json.NewDecoder(request.Body)
+	if err := decoder.Decode(out); err != nil && !errors.Is(err, io.EOF) {
 		return err
 	}
 	return nil
@@ -85,9 +173,44 @@ func writeJSON(w http.ResponseWriter, status int, payload any) {
 }
 
 func writeError(w http.ResponseWriter, err error) {
+	var appErr *app.AppError
+	if errors.As(err, &appErr) {
+		writeJSON(w, appErr.Status, map[string]string{
+			"error": appErr.Error(),
+			"code":  appErr.Code,
+		})
+		return
+	}
+
 	status := http.StatusInternalServerError
-	if errors.Is(err, strconv.ErrSyntax) || strings.Contains(strings.ToLower(err.Error()), "json") {
+	if strings.Contains(strings.ToLower(err.Error()), "json") {
 		status = http.StatusBadRequest
 	}
 	writeJSON(w, status, map[string]string{"error": err.Error()})
 }
+
+func stringValue(values map[string]any, key string, fallback string) string {
+	if values == nil {
+		return fallback
+	}
+	value, ok := values[key]
+	if !ok && key == "entry_id" {
+		value, ok = values["entryId"]
+	}
+	if !ok {
+		return fallback
+	}
+	text, ok := value.(string)
+	if !ok {
+		return fallback
+	}
+	return strings.TrimSpace(text)
+}
+
+func optionalInt(value string) int {
+	parsed, err := strconv.Atoi(strings.TrimSpace(value))
+	if err != nil {
+		return 0
+	}
+	return parsed
+}

package/templates/variants/go-chi/internal/httpapi/waitlist_integration_test.go

@@ -0,0 +1,199 @@
+package httpapi
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"io"
+	"net/http"
+	"net/http/httptest"
+	"os"
+	"strings"
+	"testing"
+
+	"github.com/go-chi/chi/v5"
+	_ "github.com/jackc/pgx/v5/stdlib"
+
+	"{{MODULE_PATH}}/internal/app"
+)
+
+func TestWaitlistJoinIsIdempotentAndRecordsTriggers(t *testing.T) {
+	databaseURL := strings.TrimSpace(os.Getenv("DATABASE_URL"))
+	if databaseURL == "" {
+		t.Skip("DATABASE_URL is required for integration test")
+	}
+
+	db, err := app.OpenDatabase(context.Background(), databaseURL)
+	if err != nil {
+		t.Fatalf("open database: %v", err)
+	}
+	t.Cleanup(func() { _ = db.Close() })
+
+	if _, err := db.ExecContext(context.Background(), `
+truncate table
+  waitlist_triggers,
+  waitlist_entries
+restart identity cascade`); err != nil {
+		t.Fatalf("truncate tables: %v", err)
+	}
+
+	service := app.NewWaitlistService(db)
+	router := chi.NewRouter()
+	RegisterRoutes(router, service)
+	server := httptest.NewServer(router)
+	t.Cleanup(server.Close)
+
+	first := joinWaitlist(t, server.URL, "Founder@Example.com")
+	if first.Created != true {
+		t.Fatal("expected first join to create entry")
+	}
+	if first.Entry.Email != "founder@example.com" {
+		t.Fatalf("expected normalized email, got %s", first.Entry.Email)
+	}
+
+	second := joinWaitlist(t, server.URL, "founder@example.com")
+	if second.Created {
+		t.Fatal("expected second join to be idempotent")
+	}
+	if second.Entry.ID != first.Entry.ID {
+		t.Fatalf("expected same entry id, got %s and %s", first.Entry.ID, second.Entry.ID)
+	}
+
+	trigger := recordTrigger(t, server.URL, first.Entry.ID)
+	if trigger.Trigger.Type != "cron.digest" {
+		t.Fatalf("expected cron.digest trigger, got %s", trigger.Trigger.Type)
+	}
+	if trigger.Trigger.EntryID != first.Entry.ID {
+		t.Fatalf("expected trigger entry id %s, got %s", first.Entry.ID, trigger.Trigger.EntryID)
+	}
+
+	updated := updateEntry(t, server.URL, first.Entry.ID, "invited")
+	if updated.Entry.Status != "invited" {
+		t.Fatalf("expected invited status, got %s", updated.Entry.Status)
+	}
+
+	list := listEntries(t, server.URL, "invited")
+	if len(list.Entries) != 1 || list.Entries[0].ID != first.Entry.ID {
+		t.Fatalf("expected one invited entry %s, got %+v", first.Entry.ID, list.Entries)
+	}
+
+	exported := exportEntries(t, server.URL, "invited")
+	if !strings.Contains(exported, "founder@example.com") {
+		t.Fatalf("expected exported csv to contain email, got %s", exported)
+	}
+}
+
+type joinResponse struct {
+	Entry   app.WaitlistEntry `json:"entry"`
+	Created bool              `json:"created"`
+}
+
+type triggerResponse struct {
+	Trigger app.WaitlistTrigger `json:"trigger"`
+}
+
+type entryResponse struct {
+	Entry app.WaitlistEntry `json:"entry"`
+}
+
+type listResponse struct {
+	Entries []app.WaitlistEntry `json:"entries"`
+}
+
+func joinWaitlist(t *testing.T, baseURL string, email string) joinResponse {
+	t.Helper()
+	body := bytes.NewBufferString(`{"email":` + quoteJSON(email) + `,"name":"Founder","company":"Example Co","source":"homepage"}`)
+	response, err := http.Post(baseURL+"/v1/waitlist", "application/json", body)
+	if err != nil {
+		t.Fatalf("join waitlist: %v", err)
+	}
+	defer response.Body.Close()
+	if response.StatusCode != http.StatusCreated && response.StatusCode != http.StatusOK {
+		t.Fatalf("expected success, got %d", response.StatusCode)
+	}
+	var payload joinResponse
+	if err := json.NewDecoder(response.Body).Decode(&payload); err != nil {
+		t.Fatalf("decode join response: %v", err)
+	}
+	return payload
+}
+
+func recordTrigger(t *testing.T, baseURL string, entryID string) triggerResponse {
+	t.Helper()
+	body := bytes.NewBufferString(`{"type":"cron.digest","entry_id":` + quoteJSON(entryID) + `}`)
+	response, err := http.Post(baseURL+"/v1/triggers/waitlist", "application/json", body)
+	if err != nil {
+		t.Fatalf("record trigger: %v", err)
+	}
+	defer response.Body.Close()
+	if response.StatusCode != http.StatusAccepted {
+		t.Fatalf("expected 202, got %d", response.StatusCode)
+	}
+	var payload triggerResponse
+	if err := json.NewDecoder(response.Body).Decode(&payload); err != nil {
+		t.Fatalf("decode trigger response: %v", err)
+	}
+	return payload
+}
+
+func updateEntry(t *testing.T, baseURL string, entryID string, status string) entryResponse {
+	t.Helper()
+	body := bytes.NewBufferString(`{"status":` + quoteJSON(status) + `}`)
+	request, err := http.NewRequest(http.MethodPatch, baseURL+"/v1/admin/waitlist/"+entryID, body)
+	if err != nil {
+		t.Fatalf("build update entry request: %v", err)
+	}
+	request.Header.Set("Content-Type", "application/json")
+	response, err := http.DefaultClient.Do(request)
+	if err != nil {
+		t.Fatalf("update entry: %v", err)
+	}
+	defer response.Body.Close()
+	if response.StatusCode != http.StatusOK {
+		t.Fatalf("expected 200, got %d", response.StatusCode)
+	}
+	var payload entryResponse
+	if err := json.NewDecoder(response.Body).Decode(&payload); err != nil {
+		t.Fatalf("decode update response: %v", err)
+	}
+	return payload
+}
+
+func listEntries(t *testing.T, baseURL string, status string) listResponse {
+	t.Helper()
+	response, err := http.Get(baseURL + "/v1/admin/waitlist?status=" + status)
+	if err != nil {
+		t.Fatalf("list entries: %v", err)
+	}
+	defer response.Body.Close()
+	if response.StatusCode != http.StatusOK {
+		t.Fatalf("expected 200, got %d", response.StatusCode)
+	}
+	var payload listResponse
+	if err := json.NewDecoder(response.Body).Decode(&payload); err != nil {
+		t.Fatalf("decode list response: %v", err)
+	}
+	return payload
+}
+
+func exportEntries(t *testing.T, baseURL string, status string) string {
+	t.Helper()
+	response, err := http.Get(baseURL + "/v1/admin/waitlist/export?status=" + status)
+	if err != nil {
+		t.Fatalf("export entries: %v", err)
+	}
+	defer response.Body.Close()
+	if response.StatusCode != http.StatusOK {
+		t.Fatalf("expected 200, got %d", response.StatusCode)
+	}
+	raw, err := io.ReadAll(response.Body)
+	if err != nil {
+		t.Fatalf("read export response: %v", err)
+	}
+	return string(raw)
+}
+
+func quoteJSON(value string) string {
+	encoded, _ := json.Marshal(value)
+	return string(encoded)
+}

package/templates/variants/go-chi/internal/temporal/activities.go

@@ -0,0 +1,27 @@
+package temporalapp
+
+import "context"
+
+type WaitlistFollowUpInput struct {
+	TriggerID string
+	Email     string
+	Type      string
+}
+
+type WaitlistFollowUpResult struct {
+	Status    string
+	TriggerID string
+	Email     string
+	Type      string
+}
+
+type Activities struct{}
+
+func (a *Activities) RecordWaitlistFollowUp(ctx context.Context, input WaitlistFollowUpInput) (WaitlistFollowUpResult, error) {
+	return WaitlistFollowUpResult{
+		Status:    "queued",
+		TriggerID: input.TriggerID,
+		Email:     input.Email,
+		Type:      input.Type,
+	}, nil
+}

package/templates/variants/go-chi/internal/temporal/worker.go

@@ -0,0 +1,42 @@
+package temporalapp
+
+import (
+	"go.temporal.io/sdk/client"
+	"go.temporal.io/sdk/worker"
+)
+
+type WorkerConfig struct {
+	Address   string
+	Namespace string
+	TaskQueue string
+	APIKey    string
+}
+
+func StartWorker(cfg WorkerConfig) (func(), error) {
+	options := client.Options{
+		HostPort:  cfg.Address,
+		Namespace: cfg.Namespace,
+	}
+	if cfg.APIKey != "" {
+		options.Credentials = client.NewAPIKeyStaticCredentials(cfg.APIKey)
+	}
+
+	temporalClient, err := client.Dial(options)
+	if err != nil {
+		return nil, err
+	}
+
+	temporalWorker := worker.New(temporalClient, cfg.TaskQueue, worker.Options{})
+	temporalWorker.RegisterWorkflow(WaitlistFollowUpWorkflow)
+	temporalWorker.RegisterActivity(&Activities{})
+
+	if err := temporalWorker.Start(); err != nil {
+		temporalClient.Close()
+		return nil, err
+	}
+
+	return func() {
+		temporalWorker.Stop()
+		temporalClient.Close()
+	}, nil
+}

package/templates/variants/go-chi/internal/temporal/workflows.go

@@ -0,0 +1,18 @@
+package temporalapp
+
+import (
+	"time"
+
+	"go.temporal.io/sdk/workflow"
+)
+
+func WaitlistFollowUpWorkflow(ctx workflow.Context, input WaitlistFollowUpInput) (WaitlistFollowUpResult, error) {
+	options := workflow.ActivityOptions{
+		StartToCloseTimeout: time.Minute,
+	}
+	ctx = workflow.WithActivityOptions(ctx, options)
+
+	var result WaitlistFollowUpResult
+	err := workflow.ExecuteActivity(ctx, "RecordWaitlistFollowUp", input).Get(ctx, &result)
+	return result, err
+}

package/templates/variants/go-chi/migrations/0000_init.sql

@@ -0,0 +1,20 @@
+create table if not exists waitlist_entries (
+  id text primary key,
+  email text not null unique,
+  name text,
+  company text,
+  source text,
+  status text not null default 'joined',
+  created_at timestamptz not null default now(),
+  updated_at timestamptz not null default now()
+);
+
+create table if not exists waitlist_triggers (
+  id text primary key,
+  type text not null,
+  entry_id text references waitlist_entries(id),
+  status text not null default 'queued',
+  payload_json text not null,
+  created_at timestamptz not null default now(),
+  processed_at timestamptz
+);

package/templates/variants/go-chi/migrations/atlas.sum

@@ -0,0 +1,2 @@
+h1:D9GgvtEf0xxnRDaTb/C3cPtRbncVXsK6Ef0KYQuLMRw=
+0000_init.sql h1:dBpLGyoeZNRpjT6RvQXiqx3p2ICAChKy2jVqCIYuWQg=

package/templates/variants/go-chi/package.json

@@ -3,9 +3,15 @@
   "private": true,
   "type": "module",
   "bin": {
-    "svc-cloudrun": "./scripts/cloudrun/cli.ts"
+    "service": "./scripts/cloudrun/cli.ts"
+  },
+  "scripts": {
+    "service": "bun run ./scripts/cloudrun/cli.ts",
+    "auth": "bun run ./scripts/cloudrun/cli.ts auth",
+    "dashboards": "bun run ./scripts/cloudrun/cli.ts dashboards"
   },
   "dependencies": {
+    "@anmho/authctl": "0.1.1",
     "@clack/prompts": "^1.2.0",
     "@neondatabase/api-client": "^2.7.1"
   }

package/templates/variants/go-chi/test/go.test.ts

@@ -1,7 +1,10 @@
 import { expect, test } from "bun:test";
 
 test("go test ./...", { timeout: 60_000 }, () => {
-  const result = Bun.spawnSync(["go", "test", "./..."], {
+  const go = Bun.which("go");
+  expect(go, "go must be installed and available on PATH").toBeString();
+
+  const result = Bun.spawnSync([go, "test", "./..."], {
     cwd: process.cwd(),
     stdout: "pipe",
     stderr: "pipe",