Development using goa and golang on Pacificporter inc.

HARUYAMA Seigo(@haruyama)

API library before using goa

We adopted and use ant0ine/go-json-rest

We have some problems

Routing
Validation
…

goa testing

We do not use “github.com/goadesign/goa/goatest”.

We use “github.com/ivpusic/httpcheck”.

goa + swagger-ui

swagger-api/swagger-ui

func MountController(service *goa.Service) error {
    uiPath := filepath.Join(system.RelaxBasePath, "apiserver/swaggerui/dist")
    uiIndex := filepath.Join(uiPath, "index.html")

    if err := service.ServeFiles("/swagger-ui/", uiIndex); err != nil {
        return err
    }
    return service.ServeFiles("/swagger-ui/*filepath", uiPath)
}

goa + HTTP Security Headers

var xFrameOptions = http.CanonicalHeaderKey("X-Frame-Options")
var xXSSProtection = http.CanonicalHeaderKey("X-XSS-Protection")
var xContentTypeOptions = http.CanonicalHeaderKey("X-Content-Type-Options")
var contentSecurityPolicy = http.CanonicalHeaderKey("Content-Security-Policy")

func SecurityHeaders() goa.Middleware {
    return func(h goa.Handler) goa.Handler {
        return func(ctx context.Context, rw http.ResponseWriter, r *http.Request) error {
            rw.Header().Set(xFrameOptions, "DENY")
            rw.Header().Set(xXSSProtection, "1; mode=block")
            rw.Header().Set(xContentTypeOptions, "nosniff")
            rw.Header().Set(contentSecurityPolicy, "default-src 'self'; script-src 'self' 'unsafe-eval' 
                'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data:;")
            return h(ctx, rw, r)
        }
    }
}

goa + AWS ELB

based on zenzen/goji:/web/middleware/realip.go

func RealIP() goa.Middleware {
    return func(h goa.Handler) goa.Handler {
        return func(ctx context.Context, rw http.ResponseWriter, r *http.Request) error {
            if rip := realIP(r); rip != "" {
                r.RemoteAddr = rip
            }
            return h(ctx, rw, r)
        }
    }
}

CI

We use Wercker.

pacificporter/box-golang-docker:Dockerfile

Package management

We use glide.

We used tools/godep: dependency tool for go before using vendoring.

Static code analysis tools

We use following tools:

golintx

haruyama/golintx

Differences from original golint

Support per-directory config files
exit(1) if any problem exists
Support multi directories on command line
- ex: golintx $(glide novendor)

DB libraries

DB migration tools

Other libraries

zenazn/goji
- New project: goji/goji
jmcvetta/napping: Golang HTTP client library
- “Package napping is a Go client library for interacting with RESTful APIs”
pacificporter/surf
- Original: headzoo/surf

Other tools

pacificporter/goshim
- Original: Songmu/goshim
- Add -v, -f flags