Golang project starter with Fiber Framework, jwt-auth, email service and soft delete schema to build a robust RestAPI Backend Application.

Techs and tools were used in this project:

• Fiber Framework → Framework for routing & HTTP handler.
• GORM → Database logics & queries.
• PostgreSQL @ Supabase → Free database.
• Github CLI → Github repository's management.
• Github Action → Automated testing and building across multiple versions of Go.
• Snyk → Dependency scanning.
• SonarLint as VSCode ext. → Detects & highlights issues that can lead to bugs & vulnerabilities.
• GoLint → CLI static code analytic for code-styling & many more.

1. Clone project

git clone https://github.com/Lukmanern/gost your_project && cd your_project

2. Delete the .git directory to prevent repository cloning. The .git directory is not visible, you can try with rm -rf .git command.

3. Rename or copy the file .env.example to .env

4. For a quick setup, I suggest using Supabase for the database and Gmail for the system email. Then, fill all the values in the .env file.

5. Create keys directory, then generate keys.

mkdir keys

# unix
openssl req -x509 -newkey rsa:2048 -keyout keys/private.key -out keys/publickey.crt -days 365 -nodes -subj "/CN=localhost"
# windows: using openssl.exe
"C:\Program Files\Git\usr\bin\openssl.exe" req -x509 -newkey rsa:2048 -keyout keys/private.key -out keys/publickey.crt -days 365 -nodes -subj "/CN=localhost"

6. Download all dependencies, turn on Redis, and then test the connections to the databases (DB and Redis).

go get -v ./... && go test ./database/...

7. Run the project and try to hit hello endpoints : /hello and /hello/your-name

go run .

8. Command list :

# db-tables drop and re-create
go run ./database/migration/.

# db connections test
go test ./database/...

# Generate keys
# unix
openssl req -x509 -newkey rsa:2048 -keyout keys/private.key -out keys/publickey.crt -days 365 -nodes -subj "/CN=localhost"
# windows: using openssl.exe
"C:\Program Files\Git\usr\bin\openssl.exe" req -x509 -newkey rsa:2048 -keyout keys/private.key -out keys/publickey.crt -days 365 -nodes -subj "/CN=localhost"

# Test
go test -race -cover ./...

# Download all package
go mod download
go get -d -v ./...
go install -v ./...

1. Create a repository on GitHub, but don't push initially. Ensure to add the Repository Secrets for GitHub Actions (SNYK_TOKEN and ENV).

2. Log in to Snyk, get the account token, and then add the token in the GitHub Repository Secret (named: SNYK_TOKEN) of the repository you created.

3. Also, add all .env values to the GitHub Repository Secret (named: ENV) for the repository. If you need a different database for GitHub Actions testing, you can modify the values.

4. Before committing and pushing, take a few minutes to review the GitHub Actions workflow at: ./.github/workflows/*.yml

5. Search/find and replace github.com/Lukmanern/gost with your project name.

6. Commit and push!

1. You can use Github-CLI to set, remove, or update your GitHub Repository Secret.

> gh secret list
NAME        UPDATED
ENV         about 1 month ago
SNYK_TOKEN  about 3 months ago

2. You can receive advice from SonarLint and Golint. You don't always need to activate SonarLint; just enable it after ensuring your code runs normally. Then, commit the changes and do some code-finishing using SonarLint.

> golint ./...
domain\entity\role.go:6:6: exported type Role should have comment or be unexported
domain\entity\role.go:13:1: exported method Role.TableName should have comment or be unexported
domain\entity\user.go:10:6: exported type User should have comment or be unexported
domain\entity\user.go:20:1: exported method User.TableName should have comment or be unexported

...

3. Go to Web Snyk Dashboard, then you can add all your projects from Github and other platforms. Snyk will scan your project for potential security vulnerabilities and dependencies issues. It analyzes the codebase and dependencies, providing insights into known vulnerabilities, outdated packages, and best practices for secure coding.

• Database Connection Configuration
• Go-Fiber Testing
• Production Checklist 1
• Production Checklist 2
• Production Checklist 3
• Deployment Checklist
• CI with Github Actions
• RestAPI Security Checklist

This project is under license from MIT. For more details, see the LICENSE file.