Add CI actions

.github/workflows/ci.yml

@@ -0,0 +1,69 @@
+#
+# SPDX-License-Identifier: Apache-2.0
+# SPDX-FileCopyrightText: Huawei Inc.
+#
+name: CI
+
+# Controls when the action will run.
+on:
+  # Run this workflow every time a new commit push to the repository
+  pull_request:
+    branches: ['main']
+  push:
+    branches: ['main']
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: ">=1.18"
+      - run: go version
+      - name: Build
+        run: make build
+      - name: Vet
+        run: make test
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v4
+        with:
+          go-version: '1.20'
+          cache: false
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          # Require: The version of golangci-lint to use.
+          # When `install-mode` is `binary` (default) the value can be v1.2 or v1.2.3 or `latest` to use the latest version.
+          # When `install-mode` is `goinstall` the value can be v1.2.3, `latest`, or the hash of a commit.
+          version: v1.54
+
+          # Optional: working directory, useful for monorepos
+          # working-directory: somedir
+
+          # Optional: golangci-lint command line arguments.
+          #
+          # Note: By default, the `.golangci.yml` file should be at the root of the repository.
+          # The location of the configuration file can be changed by using `--config=`
+          # args: --timeout=30m --config=/my/path/.golangci.yml --issues-exit-code=0
+
+          # Optional: show only new issues if it's a pull request. The default value is `false`.
+          # only-new-issues: true
+
+          # Optional: if set to true, then all caching functionality will be completely disabled,
+          #           takes precedence over all other caching options.
+          # skip-cache: true
+
+          # Optional: if set to true, then the action won't cache or restore ~/go/pkg.
+          # skip-pkg-cache: true
+
+          # Optional: if set to true, then the action won't cache or restore ~/.cache/go-build.
+          # skip-build-cache: true
+
+          # Optional: The mode to install golangci-lint. It can be 'binary' or 'goinstall'.
+          # install-mode: "goinstall"

main.go

@@ -28,7 +28,8 @@ func main() {
 	go func() {
 		err := server.RunHTTPServer(ctx, cfg)
 		if err != nil {
-
+			log.Errorf("run http server failed: %v", err)
+			return
 		}
 	}()
 

server/handle_policy_eval.go

@@ -20,10 +20,6 @@ import (
 	"strings"
 )
 
-type evalRego struct {
-	Policy string `json:"policy" binding:"required"`
-}
-
 type evalCmd struct {
 	Policy string `json:"policy" binding:"required"`
 	Input  string `json:"input" binding:"required"`
@@ -70,7 +66,6 @@ func policiesEvaluateHandler(_ *config.Conf) gin.HandlerFunc {
 		c.JSON(200, evalResult{
 			IsSuccessful: true,
 		})
-		return
 	}
 }
 
@@ -94,15 +89,14 @@ func policyEvaluateHandler(_ *config.Conf) gin.HandlerFunc {
 		c.JSON(200, evalResult{
 			IsSuccessful: decision,
 		})
-		return
 	}
 }
 
 func policyQuery(policyRego string, input interface{}) (decision bool, err error) {
 
 	policyRegoFixed := removePackageAtTheBeginning(policyRego)
 	policyRegoEx := fmt.Sprintf("package policyman.auth\n\n%v", policyRegoFixed)
-	policyQuery := fmt.Sprintf("data.policyman.auth")
+	policyQuery := "data.policyman.auth"
 	return policyEval(policyRegoEx, policyQuery, input)
 }
 

server/handle_policy_eval_test.go

@@ -28,7 +28,7 @@ allow if is_admin
 
 is_admin if "admin" in input.subject.groups
 `
-	query := "data.example.auth.allow"
+	query := "data.example.auth"
 
 	input := map[string]interface{}{
 		"method": "GET",