Merge pull request #5 from yext/UpdateHHUsersApi

Update HitchhikerUserAPI with Netlify Changes

.github/CODEOWNERS

@@ -1 +1 @@
-*   @netlify/opensource @netlify/backend
+*   @netlify/serverless

.github/workflows/fossa.yml

@@ -4,6 +4,7 @@ on:
   push:
     branches:
       - master
+      - chore/fossa-workflow
 
 defaults:
   run:
@@ -13,19 +14,23 @@ jobs:
   fossa:
     runs-on: ubuntu-latest
     steps:
-    - name: Checkout
-      uses: actions/checkout@v2
-    - name: Fossa init
-      run: |- 
-        curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install.sh | bash
-        fossa init
-    - name: Set env
-      run: echo ::set-env name=line_number::$(grep -n "project" .fossa.yml | cut -f1 -d:)
-    - name: Configuration
-      run: |-
-        sed -i "${line_number}s|.*|  project: [email protected]:${GITHUB_REPOSITORY}.git|" .fossa.yml
-        cat .fossa.yml
-    - name: Upload dependencies
-      run: fossa analyze --debug
-      env:
-        FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Download fossa cli
+        run: |-
+          mkdir -p $HOME/.local/bin
+          curl https://raw.githubusercontent.com/fossas/fossa-cli/master/install.sh | bash -s -- -b $HOME/.local/bin
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
+
+      - name: Fossa init
+        run: fossa init
+      - name: Set env
+        run: echo "line_number=$(grep -n "project" .fossa.yml | cut -f1 -d:)" >> $GITHUB_ENV
+      - name: Configuration
+        run: |-
+          sed -i "${line_number}s|.*|  project: [email protected]:${GITHUB_REPOSITORY}.git|" .fossa.yml
+          cat .fossa.yml
+      - name: Upload dependencies
+        run: fossa analyze --debug
+        env:
+          FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}

.github/workflows/stalebot.yml

@@ -0,0 +1,18 @@
+name: 'Mark and close stale issues in the repo'
+on:
+  schedule:
+    - cron: '30 1 * * *' # runs daily at 1:30 https://crontab.guru/#30_1_*_*_*
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+        with:
+          exempt-issue-labels: 'WIP,security,action_item,never_stale'
+          days-before-issue-stale: 365
+          stale-issue-label: 'stale'
+          stale-issue-message: 'This issue has been automatically marked as stale because it has not had activity in 1 year. It will be closed in 7 days if no further activity occurs. Thanks!'
+          days-before-issue-close: 7
+          close-issue-message: 'This issue was closed because it had no activity for over 1 year.'
+          days-before-pr-close: -1

.github/workflows/test.yaml

@@ -1,15 +1,15 @@
 on:
   push:
     branches: [master]
-    tags: ['*']
+    tags: ["*"]
   pull_request:
     types: [opened, synchronize, reopened]
 name: Test
 jobs:
   test:
     strategy:
       matrix:
-        go-version: [1.13.x, 1.14.x]
+        go-version: [1.15.x, 1.16.x]
     runs-on: ubuntu-latest
     services:
       mysql:
@@ -22,7 +22,7 @@ jobs:
         options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3
     steps:
       - name: Install Go
-        uses: actions/setup-go@v2-beta
+        uses: actions/setup-go@v2
         with:
           go-version: ${{ matrix.go-version }}
       - name: Checkout code
@@ -32,4 +32,15 @@ jobs:
       - name: Apply database migrations
         run: make migrate_test
       - name: Lint and test
-        run: make all
+        run: make all
+      - name: Trigger CircleCI for deployment
+        env:
+          CIRCLE_API_USER_TOKEN: ${{ secrets.CIRCLE_API_USER_TOKEN }}
+        if: ${{ matrix.go-version == '1.15.x' && env.CIRCLE_API_USER_TOKEN != null }}
+        run: |
+          REF="${GITHUB_HEAD_REF:-main}"
+          curl -X POST --silent --show-error --fail \
+            --user $CIRCLE_API_USER_TOKEN: \
+            -H 'content-type: application/json' \
+            --data '{ "branch": "master", "parameters": { "branch": "'"$REF"'", "commit": "${{ github.event.pull_request.head.sha || github.sha }}" } }' \
+            https://circleci.com/api/v2/project/gh/netlify/gotrue-ci/pipeline

Dockerfile

@@ -1,15 +1,19 @@
-FROM golang:1.13-alpine as build
+FROM golang:1.15-alpine as build
 ENV GO111MODULE=on
 ENV CGO_ENABLED=0
 ENV GOOS=linux
 
 RUN apk add --no-cache make git
 
 WORKDIR /go/src/github.com/netlify/gotrue
-COPY . /go/src/github.com/netlify/gotrue
 
-RUN make deps build
+# Pulling dependencies
+COPY ./Makefile ./go.* ./
+RUN make deps
 
+# Building stuff
+COPY . /go/src/github.com/netlify/gotrue
+RUN make build
 
 FROM alpine:3.7
 RUN adduser -D -u 1000 netlify

Makefile

@@ -10,8 +10,8 @@ build: ## Build the binary.
 	go build -ldflags "-X github.com/netlify/gotrue/cmd.Version=`git rev-parse HEAD`"
 
 deps: ## Install dependencies.
-	@go get -u github.com/gobuffalo/pop/soda
-	@go get -u golang.org/x/lint/golint
+	@go install github.com/gobuffalo/pop/v5/soda
+	@go install golang.org/x/lint/golint
 	@go mod download
 
 image: ## Build the Docker image.

README.md

@@ -1,7 +1,9 @@
-# GoTrue - User management for APIs
+![GoTrue](gotrue.png)
 
-GoTrue is a small open-source API written in golang, that can act as a self-standing
-API service for handling user registration and authentication for JAM projects.
+<p align="center">User management for APIs</p>
+
+GoTrue is a small open-source API written in Golang, that can act as a self-standing
+API service for handling user registration and authentication for Jamstack projects.
 
 It's based on OAuth2 and JWT and will handle user signup, authentication and custom
 user data.
@@ -13,7 +15,7 @@ environment variables, or a combination of both. Environment variables are prefi
 
 ### Top-Level
 
-```
+```properties
 GOTRUE_SITE_URL=https://example.netlify.com/
 ```
 
@@ -36,7 +38,7 @@ Header on which to rate limit the `/token` endpoint.
 
 ### API
 
-```
+```properties
 GOTRUE_API_HOST=localhost
 PORT=9999
 ```
@@ -59,7 +61,7 @@ If you wish to inherit a request ID from the incoming request, specify the name
 
 ### Database
 
-```
+```properties
 GOTRUE_DB_DRIVER=mysql
 DATABASE_URL=root@localhost/gotrue
 ```
@@ -86,7 +88,7 @@ you've built gotrue.
 
 ### Logging
 
-```
+```properties
 LOG_LEVEL=debug # available without GOTRUE prefix (exception)
 GOTRUE_LOG_FILE=/var/log/go/gotrue.log
 ```
@@ -99,9 +101,40 @@ Controls what log levels are output. Choose from `panic`, `fatal`, `error`, `war
 
 If you wish logs to be written to a file, set `log_file` to a valid file path.
 
-### JSON Web Tokens (JWT)
+### Opentracing
+Currently, only the Datadog tracer is supported.
 
+```properties
+GOTRUE_TRACING_ENABLED=true
+GOTRUE_TRACING_HOST=127.0.0.1
+GOTRUE_TRACING_PORT=8126
+GOTRUE_TRACING_TAGS="tag1:value1,tag2:value2"
+GOTRUE_SERVICE_NAME="gotrue"
 ```
+
+`TRACING_ENABLED` - `bool`
+
+Whether tracing is enabled or not. Defaults to `false`.
+
+`TRACING_HOST` - `bool`
+
+The tracing destination.
+
+`TRACING_PORT` - `bool`
+
+The port for the tracing host.
+
+`TRACING_TAGS` - `string`
+
+A comma separated list of key:value pairs. These key value pairs will be added as tags to all opentracing spans.
+
+`SERVICE_NAME` - `string`
+
+The name to use for the service.
+
+### JSON Web Tokens (JWT)
+
+```properties
 GOTRUE_JWT_SECRET=supersecretvalue
 GOTRUE_JWT_EXP=3600
 GOTRUE_JWT_AUD=netlify
@@ -132,7 +165,7 @@ The default group to assign all new users to.
 We support `bitbucket`, `github`, `gitlab`, and `google` for external authentication.
 Use the names as the keys underneath `external` to configure each separately.
 
-```
+```properties
 GOTRUE_EXTERNAL_GITHUB_CLIENT_ID=myappclientid
 GOTRUE_EXTERNAL_GITHUB_SECRET=clientsecretvaluessssh
 ```
@@ -164,7 +197,7 @@ The base URL used for constructing the URLs to request authorization and access
 Sending email is not required, but highly recommended for password recovery.
 If enabled, you must provide the required values below.
 
-```
+```properties
 GOTRUE_SMTP_HOST=smtp.mandrillapp.com
 GOTRUE_SMTP_PORT=587
 GOTRUE_SMTP_USER[email protected]
@@ -289,6 +322,27 @@ Default Content (if template is unavailable):
 <p><a href="{{ .ConfirmationURL }}">Change Email</a></p>
 ```
 
+`WEBHOOK_URL` - `string`
+
+Url of the webhook receiver endpoint. This will be called when events like `validate`, `signup` or `login` occur.
+
+`WEBHOOK_SECRET` - `string`
+
+Shared secret to authorize webhook requests. This secret signs the [JSON Web Signature](https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-41) of the request. You *should* use this to verify the integrity of the request. Otherwise others can feed your webhook receiver with fake data.
+
+`WEBHOOK_RETRIES` - `number`
+
+How often GoTrue should try a failed hook.
+
+`WEBHOOK_TIMEOUT_SEC` - `number`
+
+Time between retries (in seconds).
+
+`WEBHOOK_EVENTS` - `list`
+
+Which events should trigger a webhook. You can provide a comma separated list.
+For example to listen to all events, provide the values `validate,signup,login`.
+
 ## Endpoints
 
 GoTrue exposes the following endpoints:
@@ -368,7 +422,7 @@ GoTrue exposes the following endpoints:
     "password": "12345abcdef"
   }
   ```
-  
+
   `password` is required for signup verification if no existing password exists.
 
   Returns:
@@ -478,7 +532,7 @@ GoTrue exposes the following endpoints:
   Logout a user (Requires authentication).
 
   This will revoke all refresh tokens for the user. Remember that the JWT tokens
-  will still be valid for stateless auth until they expires.
+  will still be valid for stateless auth until they expire.
 
 ## TODO
 

api/admin.go

@@ -6,7 +6,7 @@ import (
 	"net/http"
 
 	"github.com/go-chi/chi"
-	"github.com/gobuffalo/uuid"
+	"github.com/gofrs/uuid"
 	"github.com/yext/gotrue/models"
 	"github.com/yext/gotrue/storage"
 )