Skip to content

feat: update #42

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
AndrewHanasiro merged 4 commits into from
Dec 11, 2025
Merged

feat: update #42

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
8f073de
feat: update
AndrewSpreed Dec 10, 2025
e6eaca8
fix sonar
AndrewSpreed Dec 10, 2025
1f529ec
fix: PR suggestions
AndrewSpreed Dec 11, 2025
860b7f7
chore: skip for now
AndrewSpreed Dec 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 8 additions & 15 deletions .github/workflows/continuous_integration.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,35 +26,28 @@ jobs:
TWILIO_AUTH_TOKEN: ${{ secrets.TWILIO_AUTH_TOKEN }}
steps:
- name: Checkout repo
uses: actions/checkout@v4
uses: actions/checkout@v6
Copy link

@coderabbitai coderabbitai bot Dec 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🌐 Web query:

actions/checkout v6 breaking changes compared to v4

💡 Result:

Short summary — main breaking changes in actions/checkout@v6 vs v4:

  • persist-credentials behavior changed: credentials are no longer written directly into .git/config; they are stored in a separate file under $RUNNER_TEMP. This affects any workflow that relied on the token being present in the repo’s git config. [1][2]

  • Docker/container workflow note: running authenticated git commands from inside a Docker container action now requires a newer Actions Runner (minimum v2.329.0) to access the persisted credentials. If your runners are older, container-based authenticated git commands may fail. [1][2]

  • Runtime / runner compatibility: newer releases (v5→v6) moved action runtimes (node24) and introduced minimum runner versions for compatibility; while v6 itself emphasizes the credential change, you should confirm your self-hosted/enterprise runner versions when upgrading from v4. [1][3]

  • No other workflow changes required for normal checkout/fetch/push semantics — fetch-depth, ref, repository, token, etc. remain supported, but some edge cases around credential location and Git/runner version (Git behavior changes on runners) may require adjustments. [1][4]

Sources:
[1] actions/checkout README (v6 notes).
[2] GitHub Marketplace checkout listing (v6 release notes).
[3] actions/checkout commit updating refs to v6.
[4] Community/issue reports re: git/runner interactions with checkout v4/v6.

🌐 Web query:

actions/checkout v6 fetch-depth parameter support

💡 Result:

Yes — actions/checkout@v6 supports the fetch-depth input. Default is 1 (single commit); set fetch-depth: 0 to fetch full history (or any integer >1 to fetch that many commits). [1][2]

Sources:

  • actions/checkout README (inputs & examples). [1]
  • GitHub Marketplace checkout v6 notes (examples showing fetch-depth). [2]

Review the persist-credentials behavior change in actions/checkout@v6.

The upgrade from v4 to v6 introduces a breaking change: credentials are no longer written directly into .git/config but instead stored in a separate file under $RUNNER_TEMP. This affects workflows that rely on the token being present in the repo's git config. The fetch-depth: 0 setting on line 31 remains fully supported with no changes. However, if using container-based authenticated git commands, confirm your runners are at least v2.329.0 to access the persisted credentials.

Also applies to: 59-59, 69-69

🤖 Prompt for AI Agents 
.github/workflows/continuous_integration.yml lines 29 (and also check lines 59
and 69): upgrading actions/checkout@v4→@v6 changes persist-credentials behavior
so tokens are no longer written to .git/config but stored under $RUNNER_TEMP;
update the workflow to explicitly set persist-credentials: true or false as
appropriate and/or adjust any steps that expect credentials in .git/config to
instead read credentials from the RUNNER_TEMP location or use the checkout
action output; if you need container-based authenticated git commands, ensure
the runner version is >= v2.329.0 and document this requirement in the workflow
comments.

with:
fetch-depth: 0
- name: Use right version of golang
uses: actions/setup-go@v5
uses: actions/setup-go@v6
with:
go-version: "^1.23.1"
go-version: "1.24.0"
- name: Create service-account file [TODO:REMOVE]
run: |
touch $GOOGLE_APPLICATION_CREDENTIALS
echo "$SA_CONTENT" > $GOOGLE_APPLICATION_CREDENTIALS
cat $GOOGLE_APPLICATION_CREDENTIALS
- name: Execute test
run: go test ./... -coverpkg=./... -coverprofile=c.out
- name: Code Climate Scan
uses: paambaati/codeclimate-action@v9.0.0
env:
CC_TEST_REPORTER_ID: ${{ secrets.CODECLIMATE_TOKEN }}
with:
coverageLocations: ${{github.workspace}}/*.out:gocov
prefix: auth-plus-notification
- name: Codacy Scan
uses: codacy/codacy-coverage-reporter-action@v1.3.0
with:
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
force-coverage-parser: go
coverage-reports: c.out
- name: SonarCloud Scan
uses: sonarsource/sonarcloud-github-action@master
uses: SonarSource/sonarqube-scan-action@v6
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
Expand All @@ -63,7 +56,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4
uses: actions/checkout@v6
- name: Run Revive Action by pulling pre-built image
uses: docker://morphy/revive-action:v2
- name: Run Revive Action by building from repository
Expand All @@ -73,10 +66,10 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4
uses: actions/checkout@v6
- name: Use right version of golang
uses: actions/setup-go@v5
uses: actions/setup-go@v6
with:
go-version: "^1.23.1"
go-version: "1.24.0"
- name: Checking if build
run: go build -o ./build/server ./cmd/http/http_server.go
4 changes: 2 additions & 2 deletions .github/workflows/manual_deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4
uses: actions/checkout@v6
- name: Use right version of golang
uses: actions/setup-go@v2
uses: actions/setup-go@v6
with:
go-version: "^1.19"
Copy link

@coderabbitai coderabbitai bot Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

find . -name "continuous_integration.yml" -o -name "ci.yml" -o -name "*ci*.yml" | grep -E "workflows|github" | head -20

Repository: auth-plus/auth-plus-notification

Length of output: 122

🏁 Script executed:

cat -n ./.github/workflows/continuous_integration.yml | grep -A 2 -B 2 "go-version"

Repository: auth-plus/auth-plus-notification

Length of output: 475

Align Go version constraint with CI workflow.

The manual deploy workflow specifies Go ^1.19, but the continuous integration workflow has been upgraded to Go 1.24.0. This version mismatch could cause inconsistent builds between manual deployments and CI, especially given that dependencies have been bumped in this PR.

Update the Go version constraint:

         with:
-          go-version: "^1.19"
+          go-version: "1.24.0"
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
go-version: "^1.19"
go-version: "1.24.0"
🤖 Prompt for AI Agents 
.github/workflows/manual_deploy.yml around line 13: the Go version constraint is
^1.19 which mismatches the CI workflow (Go 1.24.0); update the go-version entry
to match CI by replacing ^1.19 with 1.24.0 (or the same exact version string
used in CI) so manual deploy uses the same Go toolchain as CI.

- name: Set up Cloud SDK
Expand Down
4 changes: 2 additions & 2 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM golang:1.23-alpine AS builder
FROM golang:1.24-alpine AS builder
RUN apk --update add build-base
WORKDIR /app
COPY ./api ./api
Expand All @@ -13,7 +13,7 @@ RUN go mod download
RUN go build -tags netgo -a -v -o ./build/http_server ./cmd/http/http_server.go
RUN go build -tags netgo -a -v -o ./build/kafka_server ./cmd/kafka/kafka_server.go

FROM alpine:3.16.2 AS deploy
FROM alpine:3.23.0 AS deploy
RUN apk --no-cache add ca-certificates
RUN addgroup -S nonroot \
&& adduser -S nonroot -G nonroot
Expand Down
2 changes: 0 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,6 @@

[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=auth-plus_auth-plus-notification&metric=coverage)](https://sonarcloud.io/summary/new_code?id=auth-plus_auth-plus-notification)

[![Test Coverage](https://api.codeclimate.com/v1/badges/7747782d29adc97edda2/test_coverage)](https://codeclimate.com/github/auth-plus/auth-plus-notification/test_coverage)

[![Codacy Badge](https://app.codacy.com/project/badge/Coverage/870535e320a4452eac49e677bd5025de)](https://www.codacy.com/gh/auth-plus/auth-plus-notification/dashboard?utm_source=github.com&utm_medium=referral&utm_content=auth-plus/auth-plus-notification&utm_campaign=Badge_Coverage)

This project it's a sample for notification system.
Expand Down
135 changes: 90 additions & 45 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,76 +1,121 @@
module auth-plus-notification

go 1.23

toolchain go1.23.0
go 1.24.0

require (
github.com/aws/aws-sdk-go v1.55.5
github.com/bxcodec/faker v2.0.1+incompatible
github.com/gin-contrib/cors v1.7.2
github.com/gin-gonic/gin v1.10.0
firebase.google.com/go/v4 v4.18.0
github.com/aws/aws-sdk-go v1.55.8
github.com/bxcodec/faker v1.5.0
github.com/gin-contrib/cors v1.7.6
github.com/gin-gonic/gin v1.11.0
github.com/go-telegram-bot-api/telegram-bot-api/v5 v5.5.1
github.com/prometheus/client_golang v1.20.5
github.com/segmentio/kafka-go v0.4.47
github.com/stretchr/testify v1.10.0
github.com/twilio/twilio-go v1.23.8
go.opentelemetry.io/otel v1.33.0
go.opentelemetry.io/otel/exporters/zipkin v1.33.0
go.opentelemetry.io/otel/sdk v1.33.0
go.uber.org/zap v1.27.0
golang.org/x/oauth2 v0.24.0
github.com/prometheus/client_golang v1.23.2
github.com/segmentio/kafka-go v0.4.49
github.com/stretchr/testify v1.11.1
github.com/twilio/twilio-go v1.28.8
go.opentelemetry.io/otel v1.39.0
go.opentelemetry.io/otel/exporters/zipkin v1.39.0
go.opentelemetry.io/otel/sdk v1.39.0
go.uber.org/zap v1.27.1
google.golang.org/api v0.231.0
gopkg.in/h2non/gock.v1 v1.1.2
)

require (
cloud.google.com/go/compute/metadata v0.3.0 // indirect
cel.dev/expr v0.23.1 // indirect
cloud.google.com/go v0.121.0 // indirect
cloud.google.com/go/auth v0.16.1 // indirect
cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect
cloud.google.com/go/compute/metadata v0.9.0 // indirect
cloud.google.com/go/firestore v1.18.0 // indirect
cloud.google.com/go/iam v1.5.2 // indirect
cloud.google.com/go/longrunning v0.6.7 // indirect
cloud.google.com/go/monitoring v1.24.2 // indirect
cloud.google.com/go/storage v1.53.0 // indirect
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.27.0 // indirect
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.51.0 // indirect
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.51.0 // indirect
github.com/MicahParks/keyfunc v1.9.0 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/bytedance/sonic v1.11.6 // indirect
github.com/bytedance/sonic/loader v0.1.1 // indirect
github.com/bytedance/gopkg v0.1.3 // indirect
github.com/bytedance/sonic v1.14.1 // indirect
github.com/bytedance/sonic/loader v0.3.0 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/cloudwego/base64x v0.1.4 // indirect
github.com/cloudwego/iasm v0.2.0 // indirect
github.com/cloudwego/base64x v0.1.6 // indirect
github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/gabriel-vasile/mimetype v1.4.3 // indirect
github.com/gin-contrib/sse v0.1.0 // indirect
github.com/go-logr/logr v1.4.2 // indirect
github.com/envoyproxy/go-control-plane/envoy v1.32.4 // indirect
github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/gabriel-vasile/mimetype v1.4.10 // indirect
github.com/gin-contrib/sse v1.1.0 // indirect
github.com/go-jose/go-jose/v4 v4.0.5 // indirect
github.com/go-logr/logr v1.4.3 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-playground/locales v0.14.1 // indirect
github.com/go-playground/universal-translator v0.18.1 // indirect
github.com/go-playground/validator/v10 v10.20.0 // indirect
github.com/goccy/go-json v0.10.2 // indirect
github.com/go-playground/validator/v10 v10.28.0 // indirect
github.com/goccy/go-json v0.10.5 // indirect
github.com/goccy/go-yaml v1.18.0 // indirect
github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
github.com/golang-jwt/jwt/v5 v5.3.0 // indirect
github.com/golang/mock v1.6.0 // indirect
github.com/golang/protobuf v1.5.4 // indirect
github.com/google/s2a-go v0.1.9 // indirect
github.com/google/uuid v1.6.0 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect
github.com/googleapis/gax-go/v2 v2.14.1 // indirect
github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/klauspost/compress v1.17.9 // indirect
github.com/klauspost/cpuid/v2 v2.2.7 // indirect
github.com/klauspost/compress v1.18.1 // indirect
github.com/klauspost/cpuid/v2 v2.3.0 // indirect
github.com/leodido/go-urn v1.4.0 // indirect
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/openzipkin/zipkin-go v0.4.3 // indirect
github.com/pelletier/go-toml/v2 v2.2.2 // indirect
github.com/pierrec/lz4/v4 v4.1.21 // indirect
github.com/pelletier/go-toml/v2 v2.2.4 // indirect
github.com/pierrec/lz4/v4 v4.1.22 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/prometheus/client_model v0.6.1 // indirect
github.com/prometheus/common v0.55.0 // indirect
github.com/prometheus/procfs v0.15.1 // indirect
github.com/stretchr/objx v0.5.2 // indirect
github.com/prometheus/client_model v0.6.2 // indirect
github.com/prometheus/common v0.67.1 // indirect
github.com/prometheus/procfs v0.18.0 // indirect
github.com/quic-go/qpack v0.5.1 // indirect
github.com/quic-go/quic-go v0.55.0 // indirect
github.com/spiffe/go-spiffe/v2 v2.5.0 // indirect
github.com/stretchr/objx v0.5.3 // indirect
github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
github.com/ugorji/go/codec v1.2.12 // indirect
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
go.opentelemetry.io/otel/metric v1.33.0 // indirect
go.opentelemetry.io/otel/trace v1.33.0 // indirect
go.uber.org/multierr v1.10.0 // indirect
golang.org/x/arch v0.8.0 // indirect
golang.org/x/crypto v0.24.0 // indirect
golang.org/x/net v0.26.0 // indirect
golang.org/x/sys v0.28.0 // indirect
golang.org/x/text v0.16.0 // indirect
google.golang.org/protobuf v1.34.2 // indirect
github.com/ugorji/go/codec v1.3.0 // indirect
github.com/zeebo/errs v1.4.0 // indirect
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
go.opentelemetry.io/contrib/detectors/gcp v1.35.0 // indirect
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect
go.opentelemetry.io/otel/metric v1.39.0 // indirect
go.opentelemetry.io/otel/sdk/metric v1.39.0 // indirect
go.opentelemetry.io/otel/trace v1.39.0 // indirect
go.uber.org/mock v0.6.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
go.yaml.in/yaml/v2 v2.4.3 // indirect
golang.org/x/arch v0.22.0 // indirect
golang.org/x/crypto v0.43.0 // indirect
golang.org/x/mod v0.29.0 // indirect
golang.org/x/net v0.46.0 // indirect
golang.org/x/oauth2 v0.34.0 // indirect
golang.org/x/sync v0.17.0 // indirect
golang.org/x/sys v0.39.0 // indirect
golang.org/x/text v0.30.0 // indirect
golang.org/x/time v0.11.0 // indirect
golang.org/x/tools v0.38.0 // indirect
google.golang.org/appengine/v2 v2.0.6 // indirect
google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20250505200425-f936aa4a68b2 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20250505200425-f936aa4a68b2 // indirect
google.golang.org/grpc v1.72.0 // indirect
google.golang.org/protobuf v1.36.10 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
Loading