a57a73e94e
All checks were successful
check / check (push) Successful in 2m19s
Security: - Add channel membership check before PRIVMSG (prevents non-members from sending) - Add membership check on history endpoint (channels require membership, DMs scoped to own nick) - Enforce MaxBytesReader on all POST request bodies - Fix rand.Read error being silently ignored in token generation Data integrity: - Fix TOCTOU race in GetOrCreateChannel using INSERT OR IGNORE + SELECT Build: - Add CGO_ENABLED=0 to golangci-lint install in Dockerfile (fixes alpine build) Linting: - Strict .golangci.yml: only wsl disabled (deprecated in v2) - Re-enable exhaustruct, depguard, godot, wrapcheck, varnamelen - Fix linters-settings -> linters.settings for v2 config format - Fix ALL lint findings in actual code (no linter config weakening) - Wrap all external package errors (wrapcheck) - Fill struct fields or add targeted nolint:exhaustruct where appropriate - Rename short variables (ts->timestamp, n->bufIndex, etc.) - Add depguard deny policy for io/ioutil and math/rand - Exclude G704 (SSRF) in gosec config (CLI client takes user-configured URLs) Tests: - Add security tests (TestNonMemberCannotSend, TestHistoryNonMember) - Split TestInsertAndPollMessages for reduced complexity - Fix parallel test safety (viper global state prevents parallelism) - Use t.Context() instead of context.Background() in tests Docker build verified passing locally.
85 lines
2.1 KiB
Go
85 lines
2.1 KiB
Go
// Package healthcheck provides health status reporting for the server.
|
|
package healthcheck
|
|
|
|
import (
|
|
"context"
|
|
"log/slog"
|
|
"time"
|
|
|
|
"git.eeqj.de/sneak/chat/internal/config"
|
|
"git.eeqj.de/sneak/chat/internal/db"
|
|
"git.eeqj.de/sneak/chat/internal/globals"
|
|
"git.eeqj.de/sneak/chat/internal/logger"
|
|
"go.uber.org/fx"
|
|
)
|
|
|
|
// Params defines the dependencies for creating a Healthcheck.
|
|
type Params struct {
|
|
fx.In
|
|
|
|
Globals *globals.Globals
|
|
Config *config.Config
|
|
Logger *logger.Logger
|
|
Database *db.Database
|
|
}
|
|
|
|
// Healthcheck tracks server uptime and provides health status.
|
|
type Healthcheck struct {
|
|
// StartupTime records when the server started.
|
|
StartupTime time.Time
|
|
|
|
log *slog.Logger
|
|
params *Params
|
|
}
|
|
|
|
// New creates a new Healthcheck instance.
|
|
func New(
|
|
lifecycle fx.Lifecycle, params Params,
|
|
) (*Healthcheck, error) {
|
|
hcheck := &Healthcheck{ //nolint:exhaustruct // StartupTime set in OnStart
|
|
params: ¶ms,
|
|
log: params.Logger.Get(),
|
|
}
|
|
|
|
lifecycle.Append(fx.Hook{
|
|
OnStart: func(_ context.Context) error {
|
|
hcheck.StartupTime = time.Now()
|
|
|
|
return nil
|
|
},
|
|
OnStop: func(_ context.Context) error {
|
|
return nil
|
|
},
|
|
})
|
|
|
|
return hcheck, nil
|
|
}
|
|
|
|
// Response is the JSON response returned by the health endpoint.
|
|
type Response struct {
|
|
Status string `json:"status"`
|
|
Now string `json:"now"`
|
|
UptimeSeconds int64 `json:"uptimeSeconds"`
|
|
UptimeHuman string `json:"uptimeHuman"`
|
|
Version string `json:"version"`
|
|
Appname string `json:"appname"`
|
|
Maintenance bool `json:"maintenanceMode"`
|
|
}
|
|
|
|
// Healthcheck returns the current health status of the server.
|
|
func (hcheck *Healthcheck) Healthcheck() *Response {
|
|
return &Response{
|
|
Status: "ok",
|
|
Now: time.Now().UTC().Format(time.RFC3339Nano),
|
|
UptimeSeconds: int64(hcheck.uptime().Seconds()),
|
|
UptimeHuman: hcheck.uptime().String(),
|
|
Appname: hcheck.params.Globals.Appname,
|
|
Version: hcheck.params.Globals.Version,
|
|
Maintenance: hcheck.params.Config.MaintenanceMode,
|
|
}
|
|
}
|
|
|
|
func (hcheck *Healthcheck) uptime() time.Duration {
|
|
return time.Since(hcheck.StartupTime)
|
|
}
|