sneak
/
styleguide
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
styleguide/README.md

726 lines
27 KiB
Markdown
Raw Permalink Blame History

# sneak/styleguide
The following is the first released version of my personal code styleguide.
There are many like it, but this one is mine.
Only the Go portion is "complete". The others are mostly just
placeholders.
Feedback and suggestions are not only welcome but explicitly encouraged.
[sneak@sneak.berlin](mailto:sneak@sneak.berlin)
# My 2024 Code Styleguide
## All
1. Every project/repo should have a `Makefile` in the root. At a minimum,
`make clean`, `make run`, `make fmt`, and `make test` should work. Choose
a sane default target (`test` for libraries, `run` or `publish` for
binaries). `fmt` should invoke the appropriate formatters for the files
in the repo, such as `go fmt`, `prettier`, `black`, etc. Other standard
`Makefile` targets include `deploy`, `lint`. Consider the `Makefile` the
official documentation about how to operate the repository.
1. If it's possible to write a `Dockerfile`, include at least a simple one.
It should be possible to build and run the project with `docker build .`.
1. For F/OSS-licensed software, try to include the full source code of the
current version (and any dependencies, such as vendored dependencies) in
the docker image. They're small and should be included with the binary.
1. Under no circumstances should any credentials or secrets ever be
committed to any repository, even private ones. Store secrets in
environment variables, and if they are absolutely required, check on
startup to make sure they are set/non-default and complain loudly if not.
Exception, sometimes: public keys. (Public keys can still sometimes be
secrets for operational security reasons.)
1. Avoid nesting `if` statements. If you have more than one level of
nesting, consider inverting the condition and using `return` to exit
early.
1. Almost all services/servers should accept their configuration via
environment variables. Only go full config file if absolutely necessary.
1. For services/servers, log JSON to stdout. This makes it easier to parse
and aggregate logs when run under `docker`. Use structured logging
whenever possible. You may detect if the output is a terminal and
pretty-print the logs in that case.
1. Debug mode is enabled by setting the environment variable `DEBUG` to a
non-empty string. This should enable verbose logging and such. It will
never be enabled in prod.
1. For services/servers, make a healthcheck available at
`/.well-known/healthcheck`. This is out of spec but it is my personal
standard. This should return a 200 OK if the service is healthy, along
with a JSON object containing the service's name, uptime, and any other
relevant information, and a key of "status" with a value of "ok" if the
service is healthy. Make sure that in the event of a failure, the service
returns a 5xx status code for that route.
1. If possible, for services/servers, include a /metrics endpoint that
returns Prometheus-formatted metrics. This is not required for all
services, but is a nice-to-have.
## Bash / Shell
1. Use `[[` instead of `[` for conditionals. It's a shell builtin and
doesn't have to execute a separate process.
1. Use `$( )` instead of backticks. It's easier to read and nest.
1. Use `#!/usr/bin/env bash` as the shebang line. This allows the script to
be run on systems where `bash` is not in `/bin`.
1. Use `set -euo pipefail` at the top of every script. This will cause the
script to exit if any command fails, and will cause the script to exit if
any variable is used before it is set.
1. Use `pv` for progress bars when piping data through a command. This makes
it easier to see how much data has been processed.
1. Put all code in functions, even a main function. Define all functions
then call main at the bottom of the file.
## JavaScript / ECMAScript / ES6
1. Use `const` for everything. If you need to reassign, use `let`. Never
use `var`.
1. Use yarn for package management, avoid using npm.
1. Use LTS node versions.
1. Use `prettier` for code formatting, with four spaces for indentation.
1. At a minimum, `npm run test` and `npm run build` should work (complete
the appropriate scripts in `package.json`). The `Makefile` should call
these, do not duplicate the scripts in the `Makefile`.
## Docker Containers (for services)
1. Use `runit` with `runsvinit` as the entrypoint for all containers. This
allows for easy service management and logging. In startup scripts
(`/etc/service/*/run`) in the container, put a `sleep 1` at the top of
the script to avoid spiking the cpu in the case of a fast-exiting process
(such as in an error condition). This also limits the maximum number of
error messages in logs to 86400/day.
## Python
1. Format all code with `black`, with four space indents.
2. Put all code in functions. If you are writing a script, put the script
in a function called `main` and call `main()` at the end of the script
using the standard invocation:
```python
if __name__ == "__main__":
main()
```
## Golang
1. Try to hard wrap long lines at 77 characters or less.
1. Don't commit anything that hasn't been `go fmt`'d. The only exception is
when committing things that aren't yet syntactically valid, which should
only happen pre-v0.0.1 or on a non-`main` branch.
1. Even if you are planning to deal with only positive integers, use
`int`/`int64` types instead of `uint`/`uint64` types. This is for
consistency and compatibility with the standard library; it's better
than casting all the time.
1. Any project that has more than 2 or 3 modules should use the
`go.uber.org/fx` dependency injection framework to keep things tidy.
1. If you have to choose between readable and clever, opt for readable.
It's ok to make the code less concise or slightly less idiomatic if you
can keep it dead simple.
1. Embed the git commit hash into the binary and include it in startup logs
and in health check output. This is to make it easier to correlate
running instances with their code. Do not include build time or build
user, as these will make the build nondeterministic.
Example relevant Makefile sections:
Given a `main.go` like:
```go
package main
import (
"fmt"
)
var (
Version string
Buildarch string
)
func main() {
fmt.Printf("Version: %s\n", Version)
fmt.Printf("Buildarch: %s\n", Buildarch)
}
```
```make
VERSION := $(shell git describe --always --dirty)
BUILDARCH := $(shell uname -m)
GOLDFLAGS += -X main.Version=$(VERSION)
GOLDFLAGS += -X main.Buildarch=$(BUILDARCH)
# osx can't statically link apparently?!
ifeq ($(UNAME_S),Darwin)
GOFLAGS := -ldflags "$(GOLDFLAGS)"
endif
ifneq ($(UNAME_S),Darwin)
GOFLAGS = -ldflags "-linkmode external -extldflags -static $(GOLDFLAGS)"
endif
./httpd: ./pkg/*/*.go ./internal/*/*.go cmd/httpd/*.go
go build -o $@ $(GOFLAGS) ./cmd/httpd/*.go
```
1. Avoid obvious footguns. For example, use range instead of for loops for
iterating.
1. Try to use zerolog for logging. It's fast and has a nice API. For
smaller/quick projects, the standard library's `log` package (and
specifically `log/slog`) is fine. In that case, log structured logs
whenever possible, and import `sneak.berlin/go/simplelog` to configure
it appropriately. Example:
```go
package main
import (
"log/slog"
_ "sneak.berlin/go/simplelog"
)
func main() {
slog.Info("Starting up")
}
```
1. Commit at least a single test file to check compilation. The test file
can be empty, but it should exist. This is to ensure that `go test
./...` will always function as a syntax check at a minimum.
1. Full TDD and coverage isn't that important, but when fixing a specific
bug, try to write a test that reproduces the bug before fixing it. This
will help ensure that the bug doesn't come back later, and crystallizes
the experience of discovering the bug and the resulting fix into the
repository's history.
1. For anything beyond a simple script or tool, or anything that is going to
run in any sort of "production" anywhere, make sure it passes
`golangci-lint`.
1. Write a `Dockerfile` for every repo, even if it only runs the tests and
linting. `docker build .` should always make sure that the code is in an
able-to-be-compiled state, linted, and any tests run. The Docker build
should fail if linting doesn't pass.
1. Include a `Makefile` with targets for at least `clean` and `test`. If
there are multiple binaries, include a target for each binary. If there
are multiple binaries, include a target for `all` that builds all
binaries.
1. If you are writing a single-module library, `.go` files are okay in the
repo root.
1. If you are writing a multi-module project, put all `.go` files in a
`pkg/` or `internal/` subdirectory. `internal/` is for modules used
only by the current repo, and `pkg/` is for modules that can be consumed
externally. This is to keep the repo root as clean as possible.
1. Binaries go in `cmd/` directories. Each binary should have its own
directory. This is to keep the root clean and to make it easier to see
what is a library and what is a binary. Only package `main` files
should be in `cmd/*` directories.
1. Keep the `main()` function as small as possible.
1. Keep the `main` package as small as possible. Move as much code as is
feasible to a library package, even if it's an internal one. `main` is
just an entrypoint to your code, not a place for implementations.
Exception: single-file scripts.
1. HTTP HandleFuncs should be returned from methods or functions that need
to handle HTTP requests. Don't use methods or our top level functions
as handlers.
1. Provide a .gitignore file that ignores at least `*.log`, `*.out`, and
`*.test` files, as well as any binaries.
1. Constructors should be called `New()` whenever possible.
`modulename.New()` works great if you name the packages properly.
1. Don't make packages too big. Break them up.
1. Don't make functions or methods too big. Break them up.
1. Use descriptive names for functions and methods. Don't be afraid to
make them a bit long.
1. Use descriptive names for modules and filenames. Avoid generic names
like `server`. `util` is banned.
1. Constructors should take a Params struct if they need more than 1-2
arguments. Positional arguments are an endless source of bugs and
should be avoided whenever possible.
1. Use `context.Context` for all functions that need it. If you don't need
it, you can pass `context.Background()`. Anything long-running should
get and abide by a Context. A context does not count against your
number of function or method arguments for purposes of calculating
whether or not you need a Params struct, because the `ctx` is always
first.
1. Contexts are always named `ctx`.
1. Use `context.WithTimeout` or `context.WithDeadline` for any function
that could potentially run for a long time. This is especially true for
any function that makes a network call. Sane timeouts are essential.
1. If a structure/type is only used in one function or method, define it
there. If it's used in more than one, define it in the package. Keep it
close to its usages. For example:
```go
func (m *Mothership) tvPost() http.HandlerFunc {
type MSTVRequest struct {
URL string `json:"URL"`
}
type MSTVResponse struct {
}
return func(w http.ResponseWriter, r *http.Request) {
// parse json from request
var reqParsed MSTVRequest
err = json.NewDecoder(r.Body).Decode(&reqParsed)
...
if err != nil {
SendErrorResponse(w, MSGenericError)
return
}
log.Info().Msgf("Casting to %s: %s", tvName, streamURL)
SendSuccessResponse(w, &MSTVResponse{})
}
}
```
1. Avoid global state, especially global variables. If you need to store
state that is global to your launch or application instance, use a
package `globals` or `appstate` with a struct and a constructor and
require it as a dependency in your constructors. This will allow
consumers to be more easily testable and will make it easier to reason
about the state of your application. Alternately, if your dependency
graph allows for it, put it in the main struct/object of your
application, but remember that this harms testability.
1. Package-global "variables" are ok if they are constants, such as static
strings or integers or errors.
1. Whenever possible, avoid hardcoding numbers or values in your code. Use
descriptively-named constants instead. Recall the famous SICP quote:
"Programs must be written for people to read, and only incidentally for
machines to execute." Rather than comments, a descriptive constant name
is much cleaner.
Example:
```go
const jsonContentType = "application/json; charset=utf-8"
func (s *Handlers) respondJSON(w http.ResponseWriter, r *http.Request, data interface{}, status int) {
w.WriteHeader(status)
w.Header().Set("Content-Type", jsonContentType)
...
}
```
1. Define your struct types near their constructors.
1. Define your interface types near the functions that use them, or if you
have multiple conformant types, put the interface(s) in their own file.
1. Define errors as package-level variables. Use a descriptive name for the
error. Use `errors.New` to create the error. If you need to include
additional information in the error, use a struct that implements the
`error` interface.
1. Use lowerCamelCase for local function/variable names. Use UpperCamelCase
for type names, and exported function/variable names. Use snake_case for
JSON keys. Use lowercase for filenames.
1. Explicitly specify UTC for datetimes unless you have a very good reason
not to. Use `time.Now().UTC()` to get the current time in UTC.
1. String dates should always be ISO8601 formatted. Use `time.Time.Format`
with `time.RFC3339` to get the correct format.
1. Use `time.Time` for all date and time values. Do not use `int64` or
`string` for dates or times internally.
1. When using `time.Time` in a struct, use a pointer to `time.Time` so that
you can differentiate between a zero value and a null value.
1. Use `time.Duration` for all time durations. Do not use `int64` or
`string` for durations internally.
1. When using `time.Duration` in a struct, use a pointer to `time.Duration`
so that you can differentiate between a zero value and a null value.
1. Whenever possible, in argument types and return types, try to use
standard library interfaces instead of concrete types. For example, use
`io.Reader` instead of `*os.File`. Tailor these to the needs of the
specific function or method. Examples:
- **`io.Reader`** instead of `*os.File`:
- `io.Reader` is a common interface for reading data, which can be
implemented by many types, including `*os.File`, `bytes.Buffer`,
`strings.Reader`, and network connections like `net.Conn`.
- **`io.Writer`** instead of `*os.File` or `*bytes.Buffer`:
- `io.Writer` is used for writing data. It can be implemented by
`*os.File`, `bytes.Buffer`, `net.Conn`, and more.
- **`io.ReadWriter`** instead of `*os.File`:
- `io.ReadWriter` combines `io.Reader` and `io.Writer`. It is often
used for types that can both read and write, such as `*os.File`
and `net.Conn`.
- **`io.Closer`** instead of `*os.File` or `*net.Conn`:
- `io.Closer` is used for types that need to be closed, including
`*os.File`, `net.Conn`, and other resources that require cleanup.
- **`io.ReadCloser`** instead of `*os.File` or `http.Response.Body`:
- `io.ReadCloser` combines `io.Reader` and `io.Closer`, and is
commonly used for types like `*os.File` and `http.Response.Body`.
- **`io.WriteCloser`** instead of `*os.File` or `*gzip.Writer`:
- `io.WriteCloser` combines `io.Writer` and `io.Closer`. It is used
for types like `*os.File` and `gzip.Writer`.
- **`io.ReadWriteCloser`** instead of `*os.File` or `*net.TCPConn`:
- `io.ReadWriteCloser` combines `io.Reader`, `io.Writer`, and
`io.Closer`. Examples include `*os.File` and `net.TCPConn`.
- **`fmt.Stringer`** instead of implementing a custom `String` method:
- `fmt.Stringer` is an interface for types that can convert
themselves to a string. Any type that implements the `String()
string` method satisfies this interface.
- **`error`** instead of custom error types:
- The `error` interface is used for representing errors. Instead of
defining custom error types, you can use the `errors.New`
function or the `fmt.Errorf` function to create errors.
- **`net.Conn`** instead of `*net.TCPConn` or `*net.UDPConn`:
- `net.Conn` is a generic network connection interface that can be
implemented by TCP, UDP, and other types of network connections.
- **`http.Handler`** instead of custom HTTP handlers:
- `http.Handler` is an interface for handling HTTP requests.
Instead of creating custom handler types, you can use types that
implement the `ServeHTTP(http.ResponseWriter, *http.Request)`
method.
- **`http.HandlerFunc`** instead of creating a new type:
- `http.HandlerFunc` is a type that allows you to use functions as
HTTP handlers by implementing the `http.Handler` interface.
- **`encoding.BinaryMarshaler` and `encoding.BinaryUnmarshaler`**
instead of custom marshal/unmarshal methods:
- These interfaces are used for binary serialization and
deserialization. Implementing these interfaces allows types to
be encoded and decoded in a standard way.
- **`encoding.TextMarshaler` and `encoding.TextUnmarshaler`** instead
of custom text marshal/unmarshal methods:
- These interfaces are used for text-based serialization and
deserialization. They are useful for types that need to be
represented as text.
- **`sort.Interface`** instead of custom sorting logic:
- `sort.Interface` is an interface for sorting collections. By
implementing the `Len`, `Less`, and `Swap` methods, you can sort
any collection using the `sort.Sort` function.
- **`flag.Value`** instead of custom flag parsing:
- `flag.Value` is an interface for defining custom command-line
flags. Implementing the `String` and `Set` methods allows you to
use custom types with the `flag` package.
1. Avoid using `panic` in library code. Instead, return errors to allow
the caller to handle them. Reserve `panic` for truly exceptional
conditions.
1. Use `defer` to ensure resources are properly cleaned up, such as
closing files or network connections. Place `defer` statements
immediately after resource acquisition.
1. When calling a function with `go`, wrap the function call in an
anonymous function to ensure it runs in the new goroutine context:
Right:
```go
go func() {
someFunction(arg1, arg2)
}()
```
Wrong:
```go
go someFunction(arg1, arg2)
```
1. Use `iota` to define enumerations in a type-safe way. This ensures that
the constants are properly grouped and reduces the risk of errors.
Example:
```go
type HandScore int
const (
ScoreHighCard = HandScore(iota * 100_000_000_000)
ScorePair
ScoreTwoPair
ScoreThreeOfAKind
ScoreStraight
ScoreFlush
ScoreFullHouse
ScoreFourOfAKind
ScoreStraightFlush
ScoreRoyalFlush
)
```
Example 2:
```go
type ByteSize float64
const (
_ = iota // ignore first value by assigning to blank identifier
KB ByteSize = 1 << (10 * iota)
MB
GB
TB
PB
EB
ZB
YB
)
```
1. Don't hardcode big lists of things in your normal code. Either isolate
lists in their own module/package and write some getters, or use a third
party library. For example, if you need a list of country codes, you can
use
[https://github.com/emvi/iso-639-1](https://github.com/emvi/iso-639-1).
It's okay to embed a data file (use `go embed`) in your binary if you
need to, but make sure you parse it once as a singleton and don't read
it from disk every time you need it. Don't use too much memory for
this, embedding anything more than perhaps 25MiB (uncompressed) is
probably too much. Compress the file before embedding and uncompress
during the reading/parsing step for efficiency.
1. When storing numeric values that represent a number of units, either
include the unit in the variable name (e.g. `uptimeSeconds`,
`delayMsec`, `coreTemperatureCelsius`), or use a type alias (that
includes the unit name), or use a 3p library such as
[github.com/alecthomas/units](https://github.com/alecthomas/units) for
SI/IEC byte units, or
[github.com/bcicen/go-units](https://github.com/bcicen/go-units) for
temperatures (and others). The type system is your friend, use it.
1. Once you have a working program, run `go mod tidy` to clean up your
`go.mod` and `go.sum` files. Tag a v0.0.1 or v1.0.0. Push your `main`
branch and tag(s). Subsequent work should happen on branches so that
`main` is "always releasable". "Releasable" in this context means that
it builds and functions as expected, and that all tests and linting
passes.
## Other Golang Tips and Best Practices (Optional)
1. For any internet-facing http server, set appropriate timeouts and limits
to protect against slowloris attacks or huge uploads that can consume
server resources even without authentication.
Example to limit request body size:
```go
package main
import (
"fmt"
"net/http"
)
func main() {
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
// Limit the request body to 10MB
r.Body = http.MaxBytesReader(w, r.Body, 10<<20)
if err := r.ParseForm(); err != nil {
http.Error(w, "Request body too large", http.StatusRequestEntityTooLarge)
return
}
fmt.Fprintf(w, "Hello, World!")
})
http.ListenAndServe(":8080", nil)
}
```
Example to set appropriate timeouts:
```go
package main
import (
"net/http"
"time"
)
func main() {
server := &http.Server{
Addr: ":8080",
ReadTimeout: 5 * time.Second,
WriteTimeout: 10 * time.Second,
Handler: http.DefaultServeMux,
}
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "Hello, World!")
})
server.ListenAndServe()
}
```
1. When passing channels to goroutines, use read-only (`<-chan`) or
write-only (`chan<-`) channels to communicate the direction of data flow
clearly.
1. Use `io.MultiReader` to concatenate multiple readers and
`io.MultiWriter` to duplicate writes to multiple writers. This can
simplify the handling of multiple data sources or destinations.
1. For simple counters and flags, use the `sync/atomic` package to avoid
the overhead of mutexes.
1. When using mutexes, minimize the scope of locking to reduce contention
and potential deadlocks. Prefer to lock only the critical sections of
code. Try to encapsulate the critical section in its own function or
method. Acquire the lock as the first line of the function, defer
release of the lock as the second line of the function, and lines 3-5
should perform the task. Try to keep it as short as possible. Avoid
using mutexes in the middle of a function. In short, build atomic
functions.
1. Design types to be immutable where possible. This can help avoid issues
with concurrent access and make the code easier to reason about.
1. Global state can lead to unpredictable behavior and makes the code
harder to test. Use dependency injection to manage state.
1. Avoid using `init` functions unless absolutely necessary as they can
lead to unpredictable initialization order and make the code harder to
understand.
1. Provide comments for all public interfaces explaining what they do and
how they should be used. This helps other developers understand the
intended use.
1. Be mindful of resource leaks when using `time.Timer` and `time.Ticker`.
Always stop them when they are no longer needed.
1. Use `sync.Pool` to manage a pool of reusable objects, which can help
reduce GC overhead and improve performance in high-throughput scenarios.
1. Avoid using large buffer sizes for channels. Unbounded channels can
lead to memory leaks. Use appropriate buffer sizes based on the
application's needs.
1. Always handle the case where a channel might be closed. This prevents
panic and ensures graceful shutdowns.
1. For small structs, use value receivers to avoid unnecessary heap
allocations. Use pointer receivers for large structs or when mutating
the receiver.
1. Only use goroutines when necessary. Excessive goroutines can lead to
high memory consumption and increased complexity.
1. Use `sync.Cond` for more complex synchronization needs that cannot be
met with simple mutexes and channels.
1. Reflection is powerful but should be used sparingly as it can lead to
code that is hard to understand and maintain. Prefer type-safe
solutions.
1. Avoid storing large or complex data in context. Context should be used
for request-scoped values like deadlines, cancellation signals, and
authentication tokens.
1. Use `runtime.Callers` and `runtime.CallersFrames` to capture stack
traces for debugging and logging purposes.
1. Use the `testing.TB` interface to write helper functions that can be
used with both `*testing.T` and `*testing.B`.
1. Use struct embedding to reuse code across multiple structs. This is a
form of composition that can simplify code reuse.
1. Prefer defining explicit interfaces in your packages rather than
relying on implicit interfaces. This makes the intended use of
interfaces clearer and the code more maintainable.
# Author
[@sneak](https://sneak.berlin) &lt;[sneak@sneak.berlin](mailto:sneak@sneak.berlin)&gt;
# License
[WTFPL](./LICENSE)
Do with it what you will. There is no warranty, express or implied,
including but not limited to merchantability or fitness for a particular
purpose. Use at your own risk.
# Credit
Reference in New Issue View Git Blame Copy Permalink