From c1f31cf2b864bba9a833846b987c8ff1da7bcc37 Mon Sep 17 00:00:00 2001
From: Josef Vyhnanek <josef@vyhnanek.eu>
Date: Thu, 30 Jan 2025 18:21:06 +0100
Subject: [PATCH 1/6] Added style job to GH Workflow

---
 .github/workflows/ci.yml | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 4a755c53de..d464a5f110 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -5,6 +5,22 @@ on:
     branches: [main]
 
 jobs:
+  style:
+    name: Style
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.23.0"
+
+      - name: Style
+        run: test -z $(go fmt ./...)
+
   tests:
     name: Tests
     runs-on: ubuntu-latest
@@ -18,6 +34,6 @@ jobs:
         with:
           go-version: "1.23.0"
 
-      - name: Force Failure
+      - name: Tests & Code coverage
         run: go test --cover ./...
 

From bc59835d046d6f959c2daee5619d673641546e4b Mon Sep 17 00:00:00 2001
From: Josef Vyhnanek <josef@vyhnanek.eu>
Date: Fri, 31 Jan 2025 23:43:28 +0100
Subject: [PATCH 2/6] Added staticcheck to GH workflow

---
 .github/workflows/ci.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index d464a5f110..45e37a254a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -18,6 +18,12 @@ jobs:
         with:
           go-version: "1.23.0"
 
+      - name: Install staticcheck
+        run: go install honnef.co/go/tools/cmd/staticcheck@latest
+
+      - name: Run staticcheck
+        run: test -z $(staticcheck ./...)
+
       - name: Style
         run: test -z $(go fmt ./...)
 

From ccdd4c456e11ca2345f1e8c1a9375bc97cf5be7b Mon Sep 17 00:00:00 2001
From: Josef Vyhnanek <josef@vyhnanek.eu>
Date: Fri, 31 Jan 2025 23:51:24 +0100
Subject: [PATCH 3/6] Added gosec to GH workflow

---
 .github/workflows/ci.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 45e37a254a..90c3fc0abc 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -43,3 +43,9 @@ jobs:
       - name: Tests & Code coverage
         run: go test --cover ./...
 
+      - name: Install gosec
+        run: go install github.com/securego/gosec/v2/cmd/gosec@latest
+
+      - name: Check code security through gosec
+        run: gosec ./...
+

From 2de5b23edc32ffe9887a50ed4cfc9bfe28b9cc4b Mon Sep 17 00:00:00 2001
From: Josef Vyhnanek <josef@vyhnanek.eu>
Date: Fri, 31 Jan 2025 23:59:06 +0100
Subject: [PATCH 4/6] Fixed gosec errors

---
 json.go | 7 ++++++-
 main.go | 6 ++++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/json.go b/json.go
index e346ef4093..47ca47546d 100644
--- a/json.go
+++ b/json.go
@@ -27,5 +27,10 @@ func respondWithJSON(w http.ResponseWriter, code int, payload interface{}) {
 		return
 	}
 	w.WriteHeader(code)
-	w.Write(dat)
+	_, err = w.Write(dat)
+	if err != nil {
+		log.Printf("Could not write response: %v", err)
+		w.WriteHeader(500)
+		return
+	}
 }
diff --git a/main.go b/main.go
index 19d7366c5f..15ee531c5d 100644
--- a/main.go
+++ b/main.go
@@ -7,6 +7,7 @@ import (
 	"log"
 	"net/http"
 	"os"
+	"time"
 
 	"github.com/go-chi/chi"
 	"github.com/go-chi/cors"
@@ -89,8 +90,9 @@ func main() {
 
 	router.Mount("/v1", v1Router)
 	srv := &http.Server{
-		Addr:    ":" + port,
-		Handler: router,
+		Addr:              ":" + port,
+		Handler:           router,
+		ReadHeaderTimeout: 5 * time.Second,
 	}
 
 	log.Printf("Serving on port: %s\n", port)

From 1d6fc4060b5733d3c89fbd90353c8ba90213bdca Mon Sep 17 00:00:00 2001
From: Josef Vyhnanek <josef@vyhnanek.eu>
Date: Mon, 3 Feb 2025 22:26:27 +0100
Subject: [PATCH 5/6] Fixed error handling of closing file

---
 main.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/main.go b/main.go
index 15ee531c5d..77ca190ee8 100644
--- a/main.go
+++ b/main.go
@@ -71,7 +71,12 @@ func main() {
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
-		defer f.Close()
+		defer func() {
+			if err := f.Close(); err != nil {
+				log.Fatal(err)
+			}
+		}()
+
 		if _, err := io.Copy(w, f); err != nil {
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 		}

From 13a1d80a89501bd9ccdf3f7bb3fdc8233317be11 Mon Sep 17 00:00:00 2001
From: Josef Vyhnanek <josef@vyhnanek.eu>
Date: Mon, 3 Feb 2025 22:26:40 +0100
Subject: [PATCH 6/6] Added CD workflow

---
 .github/workflows/cd.yml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 .github/workflows/cd.yml

diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
new file mode 100644
index 0000000000..22e8377b70
--- /dev/null
+++ b/.github/workflows/cd.yml
@@ -0,0 +1,23 @@
+name: cd
+
+on:
+  push:
+    branches: [main]
+
+jobs:
+  deploy:
+    name: Deploy
+    runs-on: ubuntu-latest
+
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.23.0"
+
+      - name: Build App
+        run: ./scripts/buildprod.sh
\ No newline at end of file