rameshsunkara/go-rest-api-examplePublic template

NotificationsYou must be signed in to change notification settings
Fork34
Star288

Enterprise ready REST API microservice in golang

License

MIT license

288 stars 34 forks Branches Tags Activity

Star

Notifications

You must be signed in to change notification settings

Branches Tags

Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 35 Commits
.github		.github
.idea		.idea
.vscode		.vscode
internal		internal
localDevelopment		localDevelopment
pkg		pkg
.env		.env
.gitignore		.gitignore
.golangci.yml		.golangci.yml
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
CONTRIBUTING.md		CONTRIBUTING.md
Dockerfile		Dockerfile
LICENSE		LICENSE
Makefile		Makefile
OpenApi-v1.postman_collection.json		OpenApi-v1.postman_collection.json
OpenApi-v1.yaml		OpenApi-v1.yaml
README.md		README.md
SECURITY.md		SECURITY.md
codecov.yml		codecov.yml
docker-compose.yaml		docker-compose.yaml
go-rest-api-example-local.postman_environment.json		go-rest-api-example-local.postman_environment.json
go-rest-api-example.iml		go-rest-api-example.iml
go-rest-api.svg		go-rest-api.svg
go.mod		go.mod
go.sum		go.sum
main.go		main.go
main_test.go		main_test.go

Repository files navigation

REST API microservice in Go

Why this?

Offered Features

API Features

OWASP Compliant Open API 3 Specification: Refer toOpenApi-v1.yaml for details.
Production-Ready Health Checks:
- /healthz endpoint with proper HTTP status codes (204/424)
- Database connectivity validation
- Dependency health monitoring
Comprehensive Middleware Stack:
- Request Logging: Structured logging with request correlation
- Authentication: Multi-tier auth (external/internal APIs)
- Request ID Tracing: End-to-end request tracking
- Panic Recovery: Graceful error handling and recovery
- Security Headers: OWASP-compliant security header injection
- Query Validation: Input validation and sanitization
- Compression: Automatic response compression (gzip)
Standardized Error Handling: Consistent error response format across all endpoints
API Versioning: URL-based versioning with backward compatibility
Internal vs External APIs: Separate authentication and access controls
Model Separation: Clear distinction between internal and external data representations

Go Application Features

Configuration Management: Environment-based configuration with validation
Graceful Shutdown: Proper signal handling with resource cleanup and connection draining
Production-Ready MongoDB Integration:
- Connection pooling and health checks
- Functional options pattern for flexible configuration
- SRV and replica set support
- Credential management via sidecar files
- Query logging for debugging
Comprehensive Health Checks:/healthz endpoint with database connectivity validation
Structured Logging: Zero-allocation JSON logging with request tracing
Secrets Management: Secure credential loading from sidecar files
Effective Mocking: Interface-based design enabling comprehensive unit testing
Database Indexing: Automatic index creation for optimal query performance
Idiomatic Go Architecture: Clean separation of concerns with dependency injection
Parallel Testing: Race condition detection with atomic coverage reporting
Context-Aware Operations: Proper context propagation for cancellation and timeouts
Resource Management: Automatic cleanup of connections and resources

Tooling

Dockerized Environment: Facilitates service deployment using DOCKER_BUILDKIT.
Makefile: Automates common tasks for developers.
GitHub Actions: Automates building, testing, code coverage reporting, and enforces the required test coverage threshold.
Multi-Stage Docker Build: Accelerates build processes.

Folder Structure

go-rest-api-example/├── main.go├── internal/           # Private application code│   ├── config/         # Configuration management│   ├── db/             # Database repositories and data access│   ├── errors/         # Application error definitions│   ├── handlers/       # HTTP request handlers│   ├── middleware/     # HTTP middleware components│   ├── models/         # Domain models and data structures│   ├── server/         # HTTP server setup and lifecycle│   ├── utilities/      # Internal utilities│   └── mockData/       # Test and development data├── pkg/                # Public packages (can be imported)│   ├── logger/         # Structured logging utilities│   └── mongodb/        # MongoDB connection management├── localDevelopment/   # Local dev setup (DB init scripts, etc.)├── Makefile            # Development automation├── Dockerfile          # Container image definition├── docker-compose.yaml # Local development services├── OpenApi-v1.yaml     # API specification└── OpenApi-v1.postman_collection.json

Control Flow

flowchart LR   Request e1@==> Server   e1@{ animate: true }   Server e2@==> Router   e2@{ animate: true }   M@{ shape: processes, label: "Middlewares" }   Router e3@==> M   e3@{ animate: true }   C@{ shape: processes, label: "Handlers" }   M e4@==> C   e4@{ animate: true }   R@{ shape: processes, label: "Repos(DAO)" }   C e5@==> R   e5@{ animate: true }   id1[(Database)]   R e6@==> id1   e6@{ animate: true }

Request: Server receives the incoming request.
Server: Server processes the request and forwards it to the router.
Router: Router directs the request to the appropriate middleware(s).
Middlewares: The middlewares handle various tasks such as logging, authentication, security headers, tracing etc.,
Handlers: The request is passed to the appropriate handler, which validates the request and forwards it to the repository layer.
Repos(DAO): The repository layer communicates with the database to perform CRUD operations.

Get Started

git clone https://github.com/rameshsunkara/go-rest-api-example.gitcd go-rest-api-examplemake start

Your API is now running athttp://localhost:8080

Try it out:

curl http://localhost:8080/api/v1/healthzcurl http://localhost:8080/api/v1/orders

QuickStart

Pre-requisites

Frequently used commands

start                          Start all necessary services and API serverrun                            Run the API serversetup                          Start only dependenciestest                           Run tests with coverage

Development commands

lint                           Run the linterlint-fix                       Run the linter and fix issuesclean                          Clean all Docker resources (keeps database data)clean-all                      Clean all Docker resources including volumes (removes database data)clean-volumes                  Remove only the docker-compose volumes (database data)coverage                       Generate and display the code coverage reportgo-work                        Generate Go work fileowasp-report                   Generate OWASP reporttidy                           Tidy Go modules

CI commands

build                          Build the API server binaryci-coverage                    Check if test coverage meets the thresholdformat                         Format Go codeversion                        Display the current version of the API server

Docker commands

docker-build                   Build the Docker imagedocker-build-debug             Build the Docker image without cachedocker-clean                   Clean all Docker resourcesdocker-clean-build-images      Remove build imagesdocker-compose-up              Start docker-compose servicesdocker-compose-down            Stop docker-compose servicesdocker-compose-down-volumes    Stop docker-compose services and remove volumesdocker-remove                  Remove Docker images and containersdocker-run                     Run the Docker containerdocker-start                   Build and run the Docker containerdocker-stop                    Stop the Docker container

Tools

Routing -Gin
Logging -zerolog
Database -MongoDB
Container -Docker

TODO

Add comprehensive API documentation with examples
Implement database migration system
Add distributed tracing (OpenTelemetry integration)
Implement circuit breaker pattern for external dependencies
Add metrics collection and Prometheus integration
Implement rate limiting middleware
Add comprehensive integration tests
Add git hooks for pre-commit and pre-push
Implement all remaining OWASP security checks
Add Kubernetes deployment manifests

Good to have

Enhanced Data Models: Add validation, relationships, and business logic
Cloud Deployment: Kubernetes manifests and Helm charts
Advanced Monitoring: APM integration, alerting, and dashboards
Caching Layer: Redis integration for performance optimization
Event Sourcing: Event-driven architecture with message queues
Multi-database Support: PostgreSQL, CockroachDB adapters
Advanced Security: JWT tokens, OAuth2, RBAC implementation
Performance Testing: Load testing scenarios and benchmarks
Documentation: Auto-generated API docs and architectural decision records

References

Contribute

Please feel free to Open PRs
Please create issues with any problem you noticed
Please suggest any improvements

Why this?

I embarked on the endeavor of crafting my own open-source boilerplate repository for several reasons:

After years of developing Full Stack applications using ReactJS and JVM-based languages, I observed that existingboilerplates tended to be either excessive or insufficient for my needs.Consequently, I resolved to construct my own, while adhering rigorously to the principles and guidelines of Go.While similarities with popular Go boilerplate templates may be evident,I have customized this repository to better align with my preferences and accumulated experiences.(My apologies if I inadvertently overlooked crediting any existing templates.)

I yearned for the autonomy to meticulously select the tools for fundamental functionalities such as Routing, Logging,and Configuration Management, ensuring seamless alignment with my personal preferences and specific requirements.

What this is not?

This isn't a complete solution for all your needs. It's more like a basic template to kickstart your project.
This isn't the best place to begin if you want to make an online store. What I've provided is just a simple tool for managing data through an API.