Refactor schema for common structures (#11)

* Create codeql.yml

* Update codeql.yml

* Refactor schema for common structures

* Update Dockerfile image for api-doc

Signed-off-by: Nathalia <[email protected]>

.github/workflows/codeql.yml

@@ -0,0 +1,72 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "master" ]
+  schedule:
+    - cron: '41 2 * * 2'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+
+        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+    #   If the Autobuild fails above, remove it and uncomment the following three lines. 
+    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+    # - run: |
+    #   echo "Run, Build Application using script"
+    #   ./location_of_script_within_repo/buildscript.sh
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2

.github/workflows/trivy.yml

@@ -3,7 +3,7 @@
 # separate terms of service, privacy policy, and support
 # documentation.
 
-name: build
+name: trivy
 
 on:
   push:

README.md

@@ -6,10 +6,12 @@
 
 Server and Client Go code is generated from the OpenAPI definition by [oapi-codegen](https://github.com/deepmap/oapi-codegen).
 
-Run the following command to generate the code:
+Run the following command to generate the code, from the root folder:
 
 ```bash
-oapi-codegen --package api api.yaml > api.gen.go
+oapi-codegen --config=oapi-codegen/schemas.cfg.yaml oapi-codegen/schemas.yaml
+oapi-codegen --config=oapi-codegen/harvester.cfg.yaml oapi-codegen/harvester.yaml
+oapi-codegen --config=oapi-codegen/server.cfg.yaml oapi-codegen/server.yaml
 ```
 
 Run the following command to have a live view of the API documentation:

cmd/server/main.go

@@ -17,7 +17,7 @@ import (
 	"fmt"
 	"os"
 
-	api "github.com/HewlettPackard/Galadriel/pkg/server/api/v1"
+	serverapi "github.com/HewlettPackard/Galadriel/pkg/server/api/server"
 	"github.com/deepmap/oapi-codegen/pkg/middleware"
 	"github.com/labstack/echo/v4"
 	echomiddleware "github.com/labstack/echo/v4/middleware"
@@ -27,7 +27,7 @@ func main() {
 	var port = flag.Int("port", 8080, "Port for HTTP Galadriel server")
 	flag.Parse()
 
-	swagger, err := api.GetSwagger()
+	swagger, err := serverapi.GetSwagger()
 	if err != nil {
 		fmt.Fprintf(os.Stderr, "Error loading swagger spec\n: %s", err)
 		os.Exit(1)
@@ -37,7 +37,7 @@ func main() {
 	// that server names match. We don't know how this thing will be run.
 	swagger.Servers = nil
 
-	server := api.MyDumbServer{}
+	galadriel_server := serverapi.MyDumbServer{}
 
 	// This is how you set up a basic Echo router
 	router := echo.New()
@@ -50,7 +50,7 @@ func main() {
 	router.Use(middleware.OapiRequestValidator(swagger))
 
 	// We now register our store above as the handler for the interface
-	api.RegisterHandlers(router, server)
+	serverapi.RegisterHandlers(router, galadriel_server)
 
 	// And we serve HTTP until the world ends.
 	router.Logger.Fatal(router.Start(fmt.Sprintf("0.0.0.0:%d", *port)))

dev/api/Dockerfile

@@ -1,5 +1,5 @@
-# python:3.10.5-alpine3.16 (linux/amd64)
-FROM python@sha256:52ce18e9d7a2556a3632d093f8f77700307735b7e7049dce3339c9bf9221ae7f
+# python:3.11.0b4-alpine3.15 (linux/amd64)
+FROM python@sha256:70825f4d36b31382c5b06e5c0d37de0c0bde49a42f26e77e6b3479d37662eb95
 
 EXPOSE 8000
 

oapi-codegen/harvester.cfg.yaml

@@ -0,0 +1,9 @@
+package: harvester
+generate:
+  echo-server: true
+  client: false
+  models: true
+  embedded-spec: true
+output: pkg/server/api/harvester/harvester.gen.go
+output-options:
+  skip-prune: true

pkg/server/api/v1/api_harvester.yaml → oapi-codegen/harvester.yaml

@@ -7,75 +7,6 @@ info:
 servers:
   - url: http://localhost:32308/
 
-components:
-  schemas:
-    FederationRelationship:
-      # Represents a federated relationship between SPIRE server
-      type: object
-      properties:
-        id:
-          type: integer
-          format: int64
-        federationGroupId:
-          type: integer
-          format: int64
-        spireServer:
-          type: string
-          format: string
-        spireServerFederatedWith:
-          type: string
-          format: string
-        spireServerFederatedWithConsent:
-          type: string
-          format: string
-        spireServerConsent:
-          type: string
-          format: string
-        status:
-          type: string
-          enum:
-            - active
-            - inactive
-            - invited
-      required:
-        - id
-        - federationGroupId
-        - spireServer
-        - spireServerFederatedWith
-    TrustBundle:
-      # Represents the trust bundle of a SPIRE Server that is a member of the bridge
-      type: object
-      properties:
-        id:
-          type: integer
-          format: int64
-        trustDomain:
-          type: string
-          format: string
-        bundle:
-          type: string
-          format: bytes
-        status:
-          type: string
-          enum:
-            - active
-            - inactive
-            - to_delete
-      required:
-        - id
-        - trustdomain
-        - bundle
-    Error:
-      type: object
-      properties:
-        code:
-          type: integer
-          format: int32
-        message:
-          type: string
-      required:
-        - code
-        - message
 paths:
   /FederationRelationship:
     get:
@@ -108,13 +39,13 @@ paths:
               schema:
                 type: array
                 items:
-                  $ref: '#/components/schemas/FederationRelationship'
+                  $ref: './schemas.yaml'
         default:
           description: unexpected error
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Error'
+                $ref: './schemas.yaml'
   /FederationRelationship/{relationshipID}:
     get: 
       description: get data for one organization
@@ -133,13 +64,13 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/FederationRelationship'
+                $ref: './schemas.yaml'
         default:
           description: unexpected error
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Error'  
+                $ref: './schemas.yaml'
     put:
       description: update an the status of a relationship by ID
       operationId: updateFederatedRelationshipStatus
@@ -156,7 +87,7 @@ paths:
         content:
           application/x-www-form-urlencoded:
             schema:
-              $ref: '#/components/schemas/FederationRelationship'
+              $ref: './schemas.yaml'
       responses:
         '204':
           description: no content
@@ -165,7 +96,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Error'
+                $ref: './schemas.yaml'
   /trustBundles/{trustBundleId}:
     put:
       description: Upload a TrustBundle
@@ -183,18 +114,18 @@ paths:
         content:
           application/x-www-form-urlencoded:
             schema:
-              $ref: '#/components/schemas/TrustBundle'
+              $ref: './schemas.yaml'
       responses:
           '200':
             description: get trust bundle's response 
             content:
               application/json:
                 schema:
-                  $ref: '#/components/schemas/TrustBundle'
+                  $ref: './schemas.yaml'
           default:
             description: unexpected error
             content:
               application/json:
                 schema:
-                  $ref: '#/components/schemas/Error'
+                  $ref: './schemas.yaml'
 

oapi-codegen/schemas.cfg.yaml

@@ -0,0 +1,9 @@
+package: common
+generate:
+  echo-server: false
+  client: false
+  models: true
+  embedded-spec: true
+output: pkg/common/schemas.gen.go
+output-options:
+  skip-prune: true

oapi-codegen/schemas.yaml

@@ -0,0 +1,70 @@
+
+components:
+  schemas:
+    FederationRelationship:
+      # Represents a federated relationship between SPIRE server
+      type: object
+      properties:
+        id:
+          type: integer
+          format: int64
+        federationGroupId:
+          type: integer
+          format: int64
+        spireServer:
+          type: string
+          format: string
+        spireServerFederatedWith:
+          type: string
+          format: string
+        spireServerFederatedWithConsent:
+          type: string
+          format: string
+        spireServerConsent:
+          type: string
+          format: string
+        status:
+          type: string
+          enum:
+            - active
+            - inactive
+            - invited
+      required:
+        - id
+        - federationGroupId
+        - spireServer
+        - spireServerFederatedWith
+    TrustBundle:
+      # Represents the trust bundle of a SPIRE Server that is a member of the bridge
+      type: object
+      properties:
+        id:
+          type: integer
+          format: int64
+        trustDomain:
+          type: string
+          format: string
+        bundle:
+          type: string
+          format: bytes
+        status:
+          type: string
+          enum:
+            - active
+            - inactive
+            - to_delete
+      required:
+        - id
+        - trustdomain
+        - bundle
+    Error:
+      type: object
+      properties:
+        code:
+          type: integer
+          format: int32
+        message:
+          type: string
+      required:
+        - code
+        - message

oapi-codegen/server.cfg.yaml

@@ -0,0 +1,9 @@
+package: server
+generate:
+  echo-server: true
+  client: false
+  models: true
+  embedded-spec: true
+output: pkg/server/api/server/server.gen.go
+output-options:
+  skip-prune: true