Add PR Workflow, makefile, fix linter bug

.github/workflows/build.yaml

@@ -0,0 +1,47 @@
+name: Create and publish a Docker image
+on:
+  push:
+    tags:
+      - '**'
+  workflow_dispatch:
+  pull_request:
+    branches:
+      - main
+
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-latest
+    name: Build and Push
+
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      - name: Log in to the Container registry
+        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.1.1
+        with:
+          images: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}"
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/pr.yml

@@ -0,0 +1,34 @@
+name: Pull request
+on:
+  pull_request:
+    branches:
+    - main
+
+jobs:
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 2
+      - uses: actions/setup-go@v5
+        with:
+          go-version-file: 'go.mod'
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v4
+        with:
+          version: v1.55.2
+
+  test:
+    name: Unit Test
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v4
+        with:
+          go-version-file: 'go.mod'
+      - name: Install dependencies
+        run: go mod download
+      - name: Run Tests
+        run: go test -cover `go list ./... | grep -v 'pkg/client'`

Dockerfile

@@ -0,0 +1,30 @@
+FROM golang:1.22-alpine3.19 as builder
+
+RUN apk update && \
+    apk add bash jq alpine-sdk sed gawk git ca-certificates curl && \
+    apk add --no-cache gcc musl-dev
+
+# WORKDIR /go/src/
+
+# get dependencies
+COPY go.mod go.sum ./
+RUN go mod download
+
+# copy code
+COPY . .
+
+# Build project
+RUN CGO_ENABLED=0 GOOS=linux go build -ldflags "-s -w" -a -installsuffix cgo -o /radix-oauth-guard
+
+RUN addgroup -S -g 1000 guard
+RUN adduser -S -u 1000 -G guard guard
+
+FROM scratch
+
+COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+COPY --from=builder /etc/passwd /etc/passwd
+COPY --from=builder /radix-oauth-guard /radix-oauth-guard
+
+EXPOSE 8000
+USER 1000
+ENTRYPOINT ["/radix-oauth-guard"]

Makefile

@@ -0,0 +1,29 @@
+DOCKER_REGISTRY=radixdev.azurecr.io
+VERSION=latest
+BRANCH := $(shell git rev-parse --abbrev-ref HEAD)
+IMAGE_NAME=$(DOCKER_REGISTRY)/radix-oauth-guard:$(BRANCH)-$(VERSION)
+
+.PHONY: build
+build:
+	docker build -t $(IMAGE_NAME) .
+
+.PHONY: push
+push:
+	az acr login -n $(DOCKER_REGISTRY)
+	docker push $(IMAGE_NAME)
+
+.PHONY: test
+test:
+	go test -cover `go list ./... | grep -v 'pkg/client'`
+
+.PHONY: lint
+lint: bootstrap
+	golangci-lint run --max-same-issues 0
+
+
+HAS_GOLANGCI_LINT := $(shell command -v golangci-lint;)
+
+bootstrap:
+ifndef HAS_GOLANGCI_LINT
+	curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.55.2
+endif

auth.go

@@ -55,7 +55,6 @@ func AuthHandler(subjects []string, verifier Verifier) http.Handler {
 		w.WriteHeader(http.StatusOK)
 		_, _ = w.Write([]byte("OK"))
 		log.Info().Dur("latency", time.Since(t)).Int("status", http.StatusOK).Str("sub", subject).Msg("Authorized")
-		return
 	})
 }