Fix CI

.devcontainer/.env

@@ -0,0 +1,30 @@
+# spicedb container config
+SPICEDB_GRPC_PRESHARED_KEY=infradev
+SPICEDB_DATASTORE_CONN_URI=postgresql://root:@crdb:26257/spicedb?sslmode=disable
+SPICEDB_DATASTORE_ENGINE=cockroachdb
+SPICEDB_LOG_LEVEL=info
+SPICEDB_LOG_FORMAT=console
+SPICEDB_OTEL_PROVIDER=jaeger
+SPICEDB_OTEL_INSECURE=true
+SPICEDB_OTEL_ENDPOINT=http://app:14268/api/traces
+
+# zed CLI tool config
+ZED_ENDPOINT=spicedb:50051
+ZED_INSECURE=true
+ZED_TOKEN=infradev
+
+IDENTITYAPI_TRACING_ENABLED=true
+IDENTITYAPI_TRACING_PROVIDER=jaeger
+IDENTITYAPI_TRACING_JAEGER_ENDPOINT=http://localhost:14268/api/traces
+IDENTITYAPI_CRDB_URI="postgresql://root@crdb:26257/identityapi_dev?sslmode=disable"
+
+PERMISSIONAPI_TRACING_ENABLED=true
+PERMISSIONAPI_TRACING_PROVIDER=jaeger
+PERMISSIONAPI_TRACING_JAEGER_ENDPOINT=http://localhost:14268/api/traces
+PERMISSIONAPI_SPICEDB_ENDPOINT=spicedb:50051
+PERMISSIONAPI_SPICEDB_KEY=$SPICEDB_GRPC_PRESHARED_KEY
+PERMISSIONAPI_SPICEDB_INSECURE=true
+
+# cockroachdb container config
+COCKROACH_INSECURE=true
+COCKROACH_HOST=crdb:26257

.devcontainer/Dockerfile

@@ -15,6 +15,8 @@ RUN curl https://binaries.cockroachdb.com/cockroach-v22.1.8.linux-amd64.tgz | ta
     && sudo cp -i cockroach-v22.1.8.linux-amd64/cockroach /usr/local/bin/ \
     && rm -rf cockroach-v*
 
+WORKDIR /workspace
+
 # [Optional] Uncomment the next lines to use go get to install anything else you need
 # USER vscode
 # RUN go get -x <your-dependency-or-tool>

.devcontainer/devcontainer.json

@@ -1,30 +1,40 @@
-# spicedb container config
-SPICEDB_GRPC_PRESHARED_KEY=infradev
-SPICEDB_DATASTORE_CONN_URI=postgresql://root:@crdb:26257/spicedb?sslmode=disable
-SPICEDB_DATASTORE_ENGINE=cockroachdb
-SPICEDB_LOG_LEVEL=info
-SPICEDB_LOG_FORMAT=console
-SPICEDB_OTEL_PROVIDER=jaeger
-SPICEDB_OTEL_INSECURE=true
-SPICEDB_OTEL_ENDPOINT=http://app:14268/api/traces
+// Config reference, https://containers.dev/implementors/json_reference/
+{
+	"name": "permissions-api",
+	"dockerComposeFile":"docker-compose.yml",
+	"service": "app",
+	"workspaceFolder": "/workspace",
+	"shutdownAction": "stopCompose",
+	// Configure tool-specific properties.
+	"customizations": {
+		// Configure properties specific to VS Code.
+		"vscode": {
+			// Set *default* container specific settings.json values on container create.
+			"settings": {
+				"go.toolsManagement.checkForUpdates": "local",
+				"go.useLanguageServer": true,
+				"go.gopath": "/go"
+			},
 
-# zed CLI tool config
-ZED_ENDPOINT=spicedb:50051
-ZED_INSECURE=true
-ZED_TOKEN=infradev
+			// Add the IDs of extensions you want installed when the container is created.
+			"extensions": [
+				"2gua.rainbow-brackets",
+				"golang.Go",
+				"mutantdino.resourcemonitor",
+				"oderwat.indent-rainbow",
+				"ms-azuretools.vscode-docker",
+				"RemiMarche.cspell-tech",
+				"streetsidesoftware.code-spell-checker"
+			]
+		}
+	},
 
-IDENTITYAPI_TRACING_ENABLED=true
-IDENTITYAPI_TRACING_PROVIDER=jaeger
-IDENTITYAPI_TRACING_JAEGER_ENDPOINT=http://localhost:14268/api/traces
-IDENTITYAPI_CRDB_URI="postgresql://root@crdb:26257/identityapi_dev?sslmode=disable"
-
-PERMISSIONAPI_TRACING_ENABLED=true
-PERMISSIONAPI_TRACING_PROVIDER=jaeger
-PERMISSIONAPI_TRACING_JAEGER_ENDPOINT=http://localhost:14268/api/traces
-PERMISSIONAPI_SPICEDB_ENDPOINT=spicedb:50051
-PERMISSIONAPI_SPICEDB_KEY=$SPICEDB_GRPC_PRESHARED_KEY
-PERMISSIONAPI_SPICEDB_INSECURE=true
-
-# cockroachdb container config
-COCKROACH_INSECURE=true
-COCKROACH_HOST=crdb:26257
+	// Comment out to connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
+	"remoteUser": "vscode",
+	"remoteEnv": {
+		"PATH": "${containerEnv:PATH}:/home/vscode/.nsccli/bin"
+	},
+	"features": {
+		"git": "latest"
+	}
+}

.devcontainer/docker-compose.yml

@@ -28,13 +28,14 @@ services:
 
   # Environment setup
   create_databases:
-    image: cockroachdb/cockroach:latest-v22.1
+    image: cockroachdb/cockroach:v22.2.5
     restart: on-failure:5
     command: "sql --insecure -e 'CREATE DATABASE IF NOT EXISTS spicedb;'"
     env_file:
       - .env
     depends_on:
-      - crdb
+      crdb:
+        condition: service_healthy
     networks:
       - infradev
 
@@ -45,13 +46,14 @@ services:
     env_file:
       - .env
     depends_on:
-      - "create_databases"
+      create_databases:
+        condition: service_completed_successfully
     networks:
       - infradev
 
   # Required services (databases, etc)
   crdb:
-    image: cockroachdb/cockroach:latest-v22.1
+    image: cockroachdb/cockroach:v22.2.5
     command: start-single-node --insecure
     restart: unless-stopped
     volumes:
@@ -74,7 +76,8 @@ services:
     env_file:
       - .env
     depends_on:
-      - migrate_spicedb
+      migrate_spicedb:
+        condition: service_completed_successfully
     networks:
       - infradev
 

.github/workflows/test.yaml

@@ -35,6 +35,9 @@ jobs:
         with:
           go-version: '1.20'
 
+      - name: Setup compose environment
+        run: cd .devcontainer && docker compose up -d --wait && cd ..
+
       - name: Run go tests
         run: make test
 

Makefile

@@ -2,7 +2,7 @@ BIN?=permissions-api
 
 # Utility settings
 TOOLS_DIR := .tools
-GOLANGCI_LINT_VERSION = v1.50.1
+GOLANGCI_LINT_VERSION = v1.51.2
 
 # Container build settings
 CONTAINER_BUILD_CMD?=docker build
@@ -28,7 +28,7 @@ build:  ## Builds permissions-api binary.
 .PHONY: test
 test:  ## Runs unit tests.
 	@echo Running unit tests...
-	@go test -timeout 30s -cover -short  -tags testtools ./...
+	@docker exec devcontainer-app-1 go test -timeout 30s -cover -short  -tags testtools ./...
 
 .PHONY: coverage
 coverage:  ## Generates a test coverage report.
@@ -65,6 +65,16 @@ gci: | gci-diff gci-write  ## Outputs and corrects all improper go import orderi
 image:  ## Builds all docker images.
 	$(CONTAINER_BUILD_CMD) -f Dockerfile . -t $(PERMISSIONS_API_CONTAINER_IMAGE_NAME):$(CONTAINER_TAG)
 
+.PHONY: dev-infra-up
+dev-infra-up:  ## Starts local services to simplify local development.
+	@echo Starting services
+	@pushd .devcontainer && docker compose up -d --wait && popd
+
+.PHONY: dev-infra-down
+dev-infra-down:  ## Stops local services used for local development.
+	@echo Stopping services
+	@pushd .devcontainer && docker compose down && popd
+
 # Tools setup
 $(TOOLS_DIR):
 	mkdir -p $(TOOLS_DIR)

internal/api/pagination.go

@@ -77,14 +77,14 @@ func parseLimit(l int) int {
 	return limit
 }
 
-func (p *Pagination) offset() int {
-	page := p.Page
-	if page == 0 {
-		page = 1
-	}
-
-	return (page - 1) * p.Limit
-}
+// func (p *Pagination) offset() int {
+// 	page := p.Page
+// 	if page == 0 {
+// 		page = 1
+// 	}
+//
+// 	return (page - 1) * p.Limit
+// }
 
 func (p *Pagination) SetHeaders(c *gin.Context, count int) {
 	c.Header("Pagination-Count", strconv.Itoa(count))

pkg/pubsubx/worker.go

@@ -46,10 +46,10 @@ type SubscriptionOptions struct {
 	Queue string
 }
 
-type Publisher struct {
-	topic  *pubsub.Topic
-	logger *zap.SugaredLogger
-}
+// type Publisher struct {
+// 	topic *pubsub.Topic
+// 	logger *zap.SugaredLogger
+// }
 
 func NewSubscription(ctx context.Context, psURL string, logger *zap.SugaredLogger, opts ...SubscriptionOption) (*Subscription, error) {
 	u, err := url.Parse(psURL)
@@ -90,6 +90,7 @@ func (s *Subscription) StartListening(ctx context.Context, st *query.Stores) err
 	// if err != nil {
 	// 	return fmt.Errorf("could not open topic subscription: %v", err)
 	// }
+	//nolint:errcheck // TODO: figure out how to handle this error
 	defer s.sub.Shutdown(ctx)
 
 	fmt.Println("Starting to listen for a messages")
@@ -147,6 +148,8 @@ func HackySendMsg(ctx context.Context, t string, msg *Message) error {
 	if err != nil {
 		return err
 	}
+
+	// nolint:errcheck // TODO: figure out how to handle this error
 	defer topic.Shutdown(ctx)
 
 	return SendMsg(topic, msg)
@@ -171,7 +174,7 @@ func (s *Subscription) Receive(ctx context.Context, st *query.Stores) error {
 	if err != nil {
 		// Errors from Receive indicate that Receive will no longer succeed.
 		log.Printf("Receiving message: %v", err)
-		return err
+		return fmt.Errorf("failed to receive message: %w", err)
 	}
 	// Do work based on the message, for example:
 	// fmt.Printf("Got message: %q\n", msg.Body)
@@ -180,10 +183,13 @@ func (s *Subscription) Receive(ctx context.Context, st *query.Stores) error {
 
 	err = json.Unmarshal(msg.Body, &em)
 	if err != nil {
-		return err
+		return fmt.Errorf("failed to unmarshal message: %w", err)
 	}
 
-	s.ProcessMessage(ctx, st, em)
+	err = s.ProcessMessage(ctx, st, em)
+	if err != nil {
+		return fmt.Errorf("failed to process message: %w", err)
+	}
 
 	// Messages must always be acknowledged with Ack.
 	msg.Ack()