v0.0.1-beta (#1)

v0.0.1-beta

.dockerignore

@@ -0,0 +1,13 @@
+.github/
+config/
+docs/
+examples/
+pkg/
+test/
+terraform/
+
+*.md
+
+.dockerignore
+.git
+.gitignore

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,45 @@
+name: Bug Report
+description: File a Bug Report
+title: "[Bug]: "
+labels: ["bug", "triage"]
+assignees:
+  - yangkenneth
+body:
+  - type: input
+    id: contact
+    attributes:
+      label: Contact Details
+      description: How can we get in touch with you if we need more info?
+      placeholder: ex. email@example.com
+    validations:
+      required: false
+  - type: textarea
+    id: explanation
+    attributes:
+      label: What happened?
+      description: Also tell us, what did you expect to happen?
+      placeholder: Tell us what you see!
+    validations:
+      required: true
+  - type: input
+    id: version
+    attributes:
+      label: Version
+      description: What release of baseca are you running?
+      placeholder: ex. 1.0.0
+    validations:
+      required: true
+  - type: textarea
+    id: logs
+    attributes:
+      label: Relevant Log Output
+      description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+  - type: checkboxes
+    id: terms
+    attributes:
+      label: Code of Conduct
+      description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/coinbase/code-of-conduct)
+      options:
+        - label: I agree to follow this project's Code of Conduct
+          required: true

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,54 @@
+name: Feature Request
+description: Request a Feature
+title: "[Feature]: "
+labels: ["enhancement"]
+assignees:
+  - yangkenneth
+body:
+  - type: input
+    id: contact
+    attributes:
+      label: Contact Details
+      description: How can we get in touch with you if we need more info?
+      placeholder: ex. email@example.com
+    validations:
+      required: false
+  - type: textarea
+    id: background
+    attributes:
+      label: Background
+      description: Is your feature request related to a problem? Please describe.
+      placeholder: A clear and concise description of what the problem is.
+    validations:
+      required: true
+  - type: textarea
+    id: description
+    attributes:
+      label: Description
+      description: Describe the solution that you'd like implemented.
+      placeholder: A clear and concise description of what you want to happen.
+    validations:
+      required: true
+  - type: textarea
+    id: alternate
+    attributes:
+      label: Alternative Solution
+      description: Describe any alternatives that you've considered.
+      placeholder: A clear and concise description of any alternative solutions or features you've considered.
+    validations:
+      required: false
+  - type: textarea
+    id: addition
+    attributes:
+      label: Additional Context
+      description: Add any other context or screenshots about the feature request here.
+    validations:
+      required: false
+  - type: checkboxes
+    id: terms
+    attributes:
+      label: Code of Conduct
+      description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/coinbase/code-of-conduct)
+      options:
+        - label: I agree to follow this project's Code of Conduct
+          required: true

.github/workflows/pr_build.yml

@@ -0,0 +1,33 @@
+name: PR Build
+
+on: 
+  pull_request: {}
+
+
+jobs:
+  unit-test:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Setup Golang
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.19'
+
+      - name: Install Dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y make
+
+      - name: Build baseca Executable
+        run: make build
+
+      - name: baseca Unit Test
+        run: make test
+
+      - name: Build baseca Container
+        run: docker build -f Dockerfile -t baseca .

.github/workflows/release_build.yml

@@ -0,0 +1,60 @@
+name: Release Build
+
+on:
+  push:
+    tags: [ 'v*' ]
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      # Workaround: https://github.com/docker/build-push-action/issues/461
+      - name: Setup Docker buildx
+        uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
+
+      # Login against a Docker registry except on PR
+      # https://github.com/docker/login-action
+      - name: Log into registry ${{ env.REGISTRY }}
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker Metadata
+        id: meta
+        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=sha
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and Push Docker Image
+        id: build-and-push
+        uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

CONTRIBUTING.md

@@ -0,0 +1,53 @@
+# Contributing to baseca
+
+## Code of Conduct
+
+All interactions with this project follow our [Code of Conduct][code-of-conduct].
+By participating, you are expected to honor this code. Violators can be banned
+from further participation in this project, or potentially all Coinbase projects.
+
+[code-of-conduct]: https://github.com/coinbase/code-of-conduct
+
+## Bug Reports
+
+* Ensure your issue [has not already been reported][1]. It may already be fixed!
+* Include the steps you carried out to produce the problem.
+* Include the behavior you observed along with the behavior you expected, and
+  why you expected it.
+* Include any relevant stack traces or debugging output.
+
+## Feature Requests
+
+We welcome feedback with or without pull requests. If you have an idea for how
+to improve the project, great! All we ask is that you take the time to write a
+clear and concise explanation of what need you are trying to solve. If you have
+thoughts on _how_ it can be solved, include those too!
+
+The best way to see a feature added, however, is to submit a pull request.
+
+## Pull Requests
+
+* Before creating your pull request, it's usually worth asking if the code
+  you're planning on writing will actually be considered for merging. You can
+  do this by [opening an issue][1] and asking. It may also help give the
+  maintainers context for when the time comes to review your code.
+
+* Ensure your [commit messages are well-written][2]. This can double as your
+  pull request message, so it pays to take the time to write a clear message.
+
+* Add tests for your feature. You should be able to look at other tests for
+  examples. If you're unsure, don't hesitate to [open an issue][1] and ask!
+
+* Submit your pull request!
+
+## Support Requests
+
+For security reasons, any communication referencing support tickets for Coinbase
+products will be ignored. The request will have its content redacted and will
+be locked to prevent further discussion.
+
+All support requests must be made via [our support team][3].
+
+[1]: https://github.com/coinbase/baseca/issues
+[2]: https://medium.com/brigade-engineering/the-secrets-to-great-commit-messages-106fc0a92a25
+[3]: https://support.coinbase.com/customer/en/portal/articles/2288496-how-can-i-contact-coinbase-support

Dockerfile

@@ -0,0 +1,25 @@
+# Build Image
+FROM golang:1.20 as builder
+
+ENV CGO_ENABLED=0
+WORKDIR /baseca
+COPY . /baseca
+RUN apt update && apt clean && make build
+
+# Deploy Image
+FROM alpine:3.17
+
+RUN adduser --home /home/baseca baseca --gecos "baseca" --disabled-password && \
+    apk --no-cache add ca-certificates && \
+    rm -rf /var/cache/apk/*
+
+COPY --from=builder /baseca/target/bin/linux/baseca /home/baseca/baseca
+COPY --from=builder /baseca/internal/authorization/casbin /home/baseca/internal/authorization/casbin
+COPY --from=builder /baseca/internal/attestor/aws_iid/certificate /home/baseca/internal/attestor/aws_iid/certificate
+
+RUN chown -R baseca:baseca /home/baseca
+
+USER baseca
+WORKDIR /home/baseca
+
+CMD ["/home/baseca/baseca"]