From f12aff562c41f5f7c3f411ec77a4ad70b3733cb4 Mon Sep 17 00:00:00 2001 From: wineandchord Date: Fri, 20 Oct 2023 09:52:02 +0800 Subject: [PATCH] merge main into r1.0 (#8) * rename slime README_zh_CN.md to README.zh_CN.md (#4) * docs: update readme (#5) * filter: add github actions (#6) * validation: fix err type conversion (#7) * validation: fix err type conversion * add changelog --------- Co-authored-by: Bo Yan --- .github/typosconfig.toml | 14 +++++++++ .github/workflows/cla.yml | 32 ++++++++++++++++++++ .github/workflows/debuglog.yml | 25 +++++++++++++++ .github/workflows/degrade.yml | 25 +++++++++++++++ .github/workflows/filterextensions.yml | 25 +++++++++++++++ .github/workflows/hystrix.yml | 25 +++++++++++++++ .github/workflows/jwt.yml | 25 +++++++++++++++ .github/workflows/masking.yml | 25 +++++++++++++++ .github/workflows/mock.yml | 25 +++++++++++++++ .github/workflows/recovery.yml | 25 +++++++++++++++ .github/workflows/referer.yml | 25 +++++++++++++++ .github/workflows/slime.yml | 25 +++++++++++++++ .github/workflows/transinfo-blocker.yml | 25 +++++++++++++++ .github/workflows/tvar.yml | 25 +++++++++++++++ .github/workflows/validation.yml | 25 +++++++++++++++ README.md | 20 +++++++++++- README.zh_CN.md | 19 ++++++++++++ debuglog/{README_ZH.md => README.zh_CN.md} | 0 recovery/{README_ZH.md => README.zh_CN.md} | 0 slime/{README_zh_CN.md => README.zh_CN.md} | 0 transinfo-blocker/README.md | 1 - validation/CHANGELOG.md | 9 ++++++ validation/README.md | 4 +-- validation/{README_ZH.md => README.zh_CN.md} | 10 +++--- validation/validation.go | 4 +-- 25 files changed, 427 insertions(+), 11 deletions(-) create mode 100644 .github/typosconfig.toml create mode 100644 .github/workflows/cla.yml create mode 100644 .github/workflows/debuglog.yml create mode 100644 .github/workflows/degrade.yml create mode 100644 .github/workflows/filterextensions.yml create mode 100644 .github/workflows/hystrix.yml create mode 100644 .github/workflows/jwt.yml create mode 100644 .github/workflows/masking.yml create mode 100644 .github/workflows/mock.yml create mode 100644 .github/workflows/recovery.yml create mode 100644 .github/workflows/referer.yml create mode 100644 .github/workflows/slime.yml create mode 100644 .github/workflows/transinfo-blocker.yml create mode 100644 .github/workflows/tvar.yml create mode 100644 .github/workflows/validation.yml create mode 100644 README.zh_CN.md rename debuglog/{README_ZH.md => README.zh_CN.md} (100%) rename recovery/{README_ZH.md => README.zh_CN.md} (100%) rename slime/{README_zh_CN.md => README.zh_CN.md} (100%) create mode 100644 validation/CHANGELOG.md rename validation/{README_ZH.md => README.zh_CN.md} (79%) diff --git a/.github/typosconfig.toml b/.github/typosconfig.toml new file mode 100644 index 0000000..9278b26 --- /dev/null +++ b/.github/typosconfig.toml @@ -0,0 +1,14 @@ +[default] +extend-ignore-identifiers-re = [ + "AttributeID.*Supress.*", +] + +[default.extend-identifiers] +AttributeIDSupressMenu = "AttributeIDSupressMenu" + +[default.extend-words] +WRONLY = "WRONLY" +guage = "guage" + +[files] +extend-exclude = ["install/submodules/*"] diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml new file mode 100644 index 0000000..e842c6c --- /dev/null +++ b/.github/workflows/cla.yml @@ -0,0 +1,32 @@ +name: "CLA Assistant" +on: + issue_comment: + types: [created] + pull_request_target: + types: [opened, synchronize, reopened] + +# explicitly configure permissions, in case your GITHUB_TOKEN workflow permissions are set to read-only in repository settings +permissions: + actions: write + contents: write + pull-requests: write + statuses: write + +jobs: + CLAAssistant: + runs-on: ubuntu-latest + steps: + - name: "CLA Assistant" + if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' + uses: contributor-assistant/github-action@v2.3.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_DATABASE_ACCESS_TOKEN }} + with: + remote-organization-name: trpc-group + remote-repository-name: cla-database + path-to-signatures: 'signatures/${{ github.event.repository.name }}-${{ github.repository_id }}/cla.json' + path-to-document: 'https://github.com/trpc-group/cla-database/blob/main/Tencent-Contributor-License-Agreement.md' + # branch should not be protected + branch: 'main' + allowlist: bot* \ No newline at end of file diff --git a/.github/workflows/debuglog.yml b/.github/workflows/debuglog.yml new file mode 100644 index 0000000..9c8df25 --- /dev/null +++ b/.github/workflows/debuglog.yml @@ -0,0 +1,25 @@ +name: debuglog Pull Request Check +on: + pull_request: + paths: + - 'debuglog/**' + push: + paths: + - 'debuglog/**' + workflow_dispatch: +permissions: + contents: read +jobs: + build: + name: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: 1.19 + - name: Build + run: cd debuglog && go build -v ./... + - name: Test + run: cd debuglog && go test -v -gcflags=all=-l ./... + \ No newline at end of file diff --git a/.github/workflows/degrade.yml b/.github/workflows/degrade.yml new file mode 100644 index 0000000..d62c7dc --- /dev/null +++ b/.github/workflows/degrade.yml @@ -0,0 +1,25 @@ +name: degrade Pull Request Check +on: + pull_request: + paths: + - 'degrade/**' + push: + paths: + - 'degrade/**' + workflow_dispatch: +permissions: + contents: read +jobs: + build: + name: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: 1.19 + - name: Build + run: cd degrade && go build -v ./... + - name: Test + run: cd degrade && go test -v -gcflags=all=-l ./... + \ No newline at end of file diff --git a/.github/workflows/filterextensions.yml b/.github/workflows/filterextensions.yml new file mode 100644 index 0000000..8ad7a09 --- /dev/null +++ b/.github/workflows/filterextensions.yml @@ -0,0 +1,25 @@ +name: filterextensions Pull Request Check +on: + pull_request: + paths: + - 'filterextensions/**' + push: + paths: + - 'filterextensions/**' + workflow_dispatch: +permissions: + contents: read +jobs: + build: + name: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: 1.19 + - name: Build + run: cd filterextensions && go build -v ./... + - name: Test + run: cd filterextensions && go test -v -gcflags=all=-l ./... + \ No newline at end of file diff --git a/.github/workflows/hystrix.yml b/.github/workflows/hystrix.yml new file mode 100644 index 0000000..ede9a01 --- /dev/null +++ b/.github/workflows/hystrix.yml @@ -0,0 +1,25 @@ +name: hystrix Pull Request Check +on: + pull_request: + paths: + - 'hystrix/**' + push: + paths: + - 'hystrix/**' + workflow_dispatch: +permissions: + contents: read +jobs: + build: + name: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: 1.19 + - name: Build + run: cd hystrix && go build -v ./... + - name: Test + run: cd hystrix && go test -v -gcflags=all=-l ./... + \ No newline at end of file diff --git a/.github/workflows/jwt.yml b/.github/workflows/jwt.yml new file mode 100644 index 0000000..ac5e0a8 --- /dev/null +++ b/.github/workflows/jwt.yml @@ -0,0 +1,25 @@ +name: jwt Pull Request Check +on: + pull_request: + paths: + - 'jwt/**' + push: + paths: + - 'jwt/**' + workflow_dispatch: +permissions: + contents: read +jobs: + build: + name: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: 1.19 + - name: Build + run: cd jwt && go build -v ./... + - name: Test + run: cd jwt && go test -v -gcflags=all=-l ./... + \ No newline at end of file diff --git a/.github/workflows/masking.yml b/.github/workflows/masking.yml new file mode 100644 index 0000000..5dcc384 --- /dev/null +++ b/.github/workflows/masking.yml @@ -0,0 +1,25 @@ +name: masking Pull Request Check +on: + pull_request: + paths: + - 'masking/**' + push: + paths: + - 'masking/**' + workflow_dispatch: +permissions: + contents: read +jobs: + build: + name: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: 1.19 + - name: Build + run: cd masking && go build -v ./... + - name: Test + run: cd masking && go test -v -gcflags=all=-l ./... + \ No newline at end of file diff --git a/.github/workflows/mock.yml b/.github/workflows/mock.yml new file mode 100644 index 0000000..3bc944e --- /dev/null +++ b/.github/workflows/mock.yml @@ -0,0 +1,25 @@ +name: mock Pull Request Check +on: + pull_request: + paths: + - 'mock/**' + push: + paths: + - 'mock/**' + workflow_dispatch: +permissions: + contents: read +jobs: + build: + name: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: 1.19 + - name: Build + run: cd mock && go build -v ./... + - name: Test + run: cd mock && go test -v -gcflags=all=-l ./... + \ No newline at end of file diff --git a/.github/workflows/recovery.yml b/.github/workflows/recovery.yml new file mode 100644 index 0000000..8f6d276 --- /dev/null +++ b/.github/workflows/recovery.yml @@ -0,0 +1,25 @@ +name: recovery Pull Request Check +on: + pull_request: + paths: + - 'recovery/**' + push: + paths: + - 'recovery/**' + workflow_dispatch: +permissions: + contents: read +jobs: + build: + name: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: 1.19 + - name: Build + run: cd recovery && go build -v ./... + - name: Test + run: cd recovery && go test -v -gcflags=all=-l ./... + \ No newline at end of file diff --git a/.github/workflows/referer.yml b/.github/workflows/referer.yml new file mode 100644 index 0000000..7eec229 --- /dev/null +++ b/.github/workflows/referer.yml @@ -0,0 +1,25 @@ +name: referer Pull Request Check +on: + pull_request: + paths: + - 'referer/**' + push: + paths: + - 'referer/**' + workflow_dispatch: +permissions: + contents: read +jobs: + build: + name: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: 1.19 + - name: Build + run: cd referer && go build -v ./... + - name: Test + run: cd referer && go test -v -gcflags=all=-l ./... + \ No newline at end of file diff --git a/.github/workflows/slime.yml b/.github/workflows/slime.yml new file mode 100644 index 0000000..a06454d --- /dev/null +++ b/.github/workflows/slime.yml @@ -0,0 +1,25 @@ +name: slime Pull Request Check +on: + pull_request: + paths: + - 'slime/**' + push: + paths: + - 'slime/**' + workflow_dispatch: +permissions: + contents: read +jobs: + build: + name: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: 1.19 + - name: Build + run: cd slime && go build -v ./... + - name: Test + run: cd slime && go test -v -gcflags=all=-l ./... + \ No newline at end of file diff --git a/.github/workflows/transinfo-blocker.yml b/.github/workflows/transinfo-blocker.yml new file mode 100644 index 0000000..d4e0b41 --- /dev/null +++ b/.github/workflows/transinfo-blocker.yml @@ -0,0 +1,25 @@ +name: transinfo-blocker Pull Request Check +on: + pull_request: + paths: + - 'transinfo-blocker/**' + push: + paths: + - 'transinfo-blocker/**' + workflow_dispatch: +permissions: + contents: read +jobs: + build: + name: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: 1.19 + - name: Build + run: cd transinfo-blocker && go build -v ./... + - name: Test + run: cd transinfo-blocker && go test -v -gcflags=all=-l ./... + \ No newline at end of file diff --git a/.github/workflows/tvar.yml b/.github/workflows/tvar.yml new file mode 100644 index 0000000..40232cd --- /dev/null +++ b/.github/workflows/tvar.yml @@ -0,0 +1,25 @@ +name: tvar Pull Request Check +on: + pull_request: + paths: + - 'tvar/**' + push: + paths: + - 'tvar/**' + workflow_dispatch: +permissions: + contents: read +jobs: + build: + name: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: 1.19 + - name: Build + run: cd tvar && go build -v ./... + - name: Test + run: cd tvar && go test -v -gcflags=all=-l ./... + \ No newline at end of file diff --git a/.github/workflows/validation.yml b/.github/workflows/validation.yml new file mode 100644 index 0000000..6d3b37c --- /dev/null +++ b/.github/workflows/validation.yml @@ -0,0 +1,25 @@ +name: validation Pull Request Check +on: + pull_request: + paths: + - 'validation/**' + push: + paths: + - 'validation/**' + workflow_dispatch: +permissions: + contents: read +jobs: + build: + name: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: 1.19 + - name: Build + run: cd validation && go build -v ./... + - name: Test + run: cd validation && go test -v -gcflags=all=-l ./... + \ No newline at end of file diff --git a/README.md b/README.md index 7de4a82..7e2a4c1 100644 --- a/README.md +++ b/README.md @@ -1 +1,19 @@ -# trpc-go-filter +English | [中文](README.zh_CN.md) + +# go-filter + +This repository provides several commonly used trpc-go filters, including: + +* debuglog: Automatically logs the requests and responses of client/server interfaces. +* degrade: Server-side circuit breaker and rate limiter. +* filterextensions: Interceptor function extensions that support granularity down to the method level. +* hystrix: Server-side circuit breaker and rate limiter based on the open-source hystrix library by Netflix. +* jwt: User authentication interceptor. +* masking: Sensitive data masking module. +* mock: Fault simulation. +* recovery: Server-side panic automatic recovery plugin. +* referer: Web referer validation. +* slime: Retry/compensation request plugin. +* transinfo-blocker: Transparent parameter security plugin to prevent sensitive information leakage. +* tvar: Monitoring item statistics reporting. +* validation: Automatic parameter validation plugin. diff --git a/README.zh_CN.md b/README.zh_CN.md new file mode 100644 index 0000000..caf350f --- /dev/null +++ b/README.zh_CN.md @@ -0,0 +1,19 @@ +[English](README.md) | 中文 + +# go-filter + +本仓库提供了一些常用的 trpc-go 拦截器,如: + +* debuglog: 自动打印客户端/服务端接口的请求和响应 +* degrade: 服务端熔断限流器 +* filterextensions: 拦截器功能扩展,支持到 method 粒度 +* hystrix: 基于 Netflix 开源的 hystrix 实现的服务端熔断限流器 +* jwt: 用户身份验证拦截器 +* masking: 敏感数据脱敏模块 +* mock: 故障模拟 +* recovery: 服务端 panic 自动捕获插件 +* referer: web referer 验证 +* slime: 重试/对冲请求插件 +* transinfo-blocker: 透传参数安全插件,避免敏感信息泄露 +* tvar: 监控项统计上报 +* validation: 参数自动校验插件 diff --git a/debuglog/README_ZH.md b/debuglog/README.zh_CN.md similarity index 100% rename from debuglog/README_ZH.md rename to debuglog/README.zh_CN.md diff --git a/recovery/README_ZH.md b/recovery/README.zh_CN.md similarity index 100% rename from recovery/README_ZH.md rename to recovery/README.zh_CN.md diff --git a/slime/README_zh_CN.md b/slime/README.zh_CN.md similarity index 100% rename from slime/README_zh_CN.md rename to slime/README.zh_CN.md diff --git a/transinfo-blocker/README.md b/transinfo-blocker/README.md index d4cd590..a4f4930 100644 --- a/transinfo-blocker/README.md +++ b/transinfo-blocker/README.md @@ -1,7 +1,6 @@ # transinfo blocker - trpc 框架下透传字段安全插件, 用于屏蔽调用下游的字段,避免登录态及其他敏感信息泄露问题。 -- PCG-社交基础技术部-安全中心持续维护中, 欢迎联系沟通最佳实践。 ## 使用说明 diff --git a/validation/CHANGELOG.md b/validation/CHANGELOG.md new file mode 100644 index 0000000..edd68c8 --- /dev/null +++ b/validation/CHANGELOG.md @@ -0,0 +1,9 @@ +# Change Log + +# v1.0.1 2023-10-20 + +- validation: fix err type conversion (#7) + +# v1.0.0 2023-10-17 + +- initial release diff --git a/validation/README.md b/validation/README.md index a3be960..14820f9 100644 --- a/validation/README.md +++ b/validation/README.md @@ -8,7 +8,7 @@ Import this plugin in your code. ```golang import ( - _ "trpc.group/trpc-go/trpc-filter/validation" + _ "trpc.group/trpc-go/trpc-filter/validation" ) ``` @@ -64,7 +64,7 @@ syntax = "proto3"; package trpc.test.helloworld; -import "trpc/common/validate.proto"; +import "validate/validate.proto"; option go_package="trpc.group/trpcprotocol/test/helloworld"; diff --git a/validation/README_ZH.md b/validation/README.zh_CN.md similarity index 79% rename from validation/README_ZH.md rename to validation/README.zh_CN.md index ff72492..6e4f7b4 100644 --- a/validation/README_ZH.md +++ b/validation/README.zh_CN.md @@ -8,11 +8,11 @@ ```golang import ( - _ "trpc.group/trpc-go/trpc-filter/validation" + _ "trpc.group/trpc-go/trpc-filter/validation" ) ``` -配置trpc-go框架配置文件。在server的filter配置中,按如下方法开启validation拦截器,自动校验req请求参数。 +配置 trpc-go 框架配置文件。在 server 的 filter 配置中,按如下方法开启 validation 拦截器,自动校验 req 请求参数。 ```yaml server: @@ -22,7 +22,7 @@ server: - validation ``` -配置trpc-go框架配置文件。在client的filter配置中,按如下方法开启validation拦截器,自动校验rsp请求参数。 +配置 trpc-go 框架配置文件。在 client 的 filter 配置中,按如下方法开启 validation 拦截器,自动校验 rsp 请求参数。 ```yaml client: @@ -57,14 +57,14 @@ plugins: client_validate_err_code: 100102 ``` -## 编写proto协议文件 +## 编写 proto 协议文件 ```protobuf syntax = "proto3"; package trpc.test.helloworld; -import "trpc/common/validate.proto"; +import "validate/validate.proto"; option go_package="trpc.group/trpcprotocol/test/helloworld"; diff --git a/validation/validation.go b/validation/validation.go index 98a54bc..35ed149 100644 --- a/validation/validation.go +++ b/validation/validation.go @@ -31,8 +31,8 @@ func init() { var defaultOptions = options{ LogFile: nil, EnableErrorLog: false, - ServerValidateErrCode: errs.RetServerValidateFail, - ClientValidateErrCode: errs.RetClientValidateFail, + ServerValidateErrCode: int(errs.RetServerValidateFail), + ClientValidateErrCode: int(errs.RetClientValidateFail), } // options is the options for parameter validation.