This repo is an assignment.
Assignment instructions
According to instructions only one http endpoint was implemented: /incidents
In order to run, app needs following secrets that are not present in this repo.
./config/secrets/auth_username
./config/secrets/auth_password
go run main.go Start API server
GOOS=linux GOARCH=amd64 go build -o /app/elevate-sec main.go
kubernetes apply -f ./kubernetes/manifests.yaml
kubernetes apply -f ./kubernetes/secrets-template.yaml add required values.
- I would make a helm chart to have a single manifest template for different environments.
- I would add CI pipeline that triggers on every push or on a tagged push.
- Add build status to the repo
- Add auto-generated CHANGELOG
- Add version auto-increment based on commit messages
- I would add ArgoCD App manifest.
- Add external-secrets operator for secrets handling.
- I would expose app's metrics to Prometheus this.
- Add Network Policy to restrict unintended traffc.
- Add build information to the docker image (version).
- Add go tests
- Catch all possible errors in a more efficient way.
- Refactor merge function in
main.go. Lines 118-123 hint at some inefficiency. - Add license type to the repo
- Add PDP manifest
- Add taints or nodeSelector to run only on private subnets nodes.
- Store image in a private docker repo.
- Enhance readme:
- Add dependencies: For instance: this app depends on incident-api.use1stag.elevatesecurity.io/incidents api.
- Specify development style (CI/Trunk-based, GitHub flow, GitFlow, SemVer flow )
- API documentation
- Repo status (WiP, Abandoned, Ready)
- Add github integration to alert in case of accidentally exposed secrets.