Pantry API
Pantry API is a GraphQL application which is used to aid in managing inventory for a pantry. This application utilizes Postgres and Elasticsearch as its data backend. The application is designed to run in a Docker container.
Running
This application requires the following services to run:
In order to set up connections, check the configurations section below for environment variable configurations.
The docker image is built at https://hub.docker.com/r/mikeyglitz/pantry-api.
docker run -p 8080:8080 -e KEYCLOAK_CLIENT_ID=... mikeyglitz/pantry-api
Configuration
The configuration for this application is managed through environment variables
| Variable | Description |
|---|---|
| SVC_HOST | The hostname that the service will listen on |
| SVC_PORT | The port that the service will listen on |
| SVC_PATH | The path that exposes the graphql endpoint |
| SVC_PLAYGROUNDPATH | The path that exposes the GraphQL Playground endpoint |
| SVC_ISPLAYGROUNDENABLED | Flag to enable GraphQL Playground |
| SVC_LOG_LEVEL | The level for which to display the logs |
| KEYCLOAK_CLIENT_ID | The Keycloak client ID for authentication |
| KEYCLOAK_CLIENT_SECRET | The Keycloak client secret used for authentication |
| KEYCLOAK_REALM_NAME | The Keycloak realm name |
| KEYCLOAK_ENDPOINT | The address where the Keycloak server is listening on |
| ES_USERNAME | The OpenSearch username |
| ES_PASSWORD | The OpenSearch password |
| ES_CERTIFICATE_PATH | The CA cert used to verify the OpenSearch SSL endpoints |
| ES_ADDRESSES | A comma-separate list of OpenSearch server URLs |
| DB_PORT | The port that the Postgres database is listening on |
| DB_HOST | The host where the Postgres database is listening on |
| DB_USERNAME | The username used to login to Postgres |
| DB_PASSWORD | The password used to login to Postgres |
| DB_NAME | The name of the database to connect to |
OpenSearch Role
This application requires a user account and role to be created in OpenSearch with the following permissions:
Cluster-Level Permissions
cluster:monitor/healthcluster:monitor/mainindices:data/read/scroll/clear
Index-Level Permissions
Indices - ingredients, users, and pantries
create_indexindices:data/read/searchindices:data/write/delete/byqueryindices:admin/getindices:admin/aliases/existsindices:data/write/update/byqueryindices:data/read/getindices:admin/createindices:data/write/indexindices:admin/mapping/putindices:data/read/scroll/clearindices:data/write/bulk*
Endpoints
The API provided by this application exposes the following endpoints:
| Endpoint | Description |
|---|---|
| /actuator/* | Exposes the actuator endpoints |
| /playground | Exposes the GraphQL Playground UI |
| /graphql | Exposes the graphql API |
The /playground and /graphql endpoints can be configured by the SVC_PLAYGROUNDPATH
and SVC_PATH environment variables respectively
Project Structure
This project utilizes the Go standard project layout.
test- stores integration tests utilizing testcontainerspkg- contains the root application server bootstrapping codecmd- contains the main class -- the application entrypointinternal- majority of the business logic is hereinternal/config- configuration functions and interfacesinternal/database- database driver, models, and migration logicinternal/index- OpenSearch driver and interfacesinternal/dataloaders- dataloader interfacesinternal/handlers- gin rest handlersinternal/middleware- middleware used to enhance the request context (i.e. authentication)internal/graph- GraphQL resolversinternal/graph/services- database service layer - utilized primarily to supply data to GraphQL resolversinternal/graph/schema- GraphQL schemas -- written in the GraphQL DSL
⚠
internal/graph/model,internal/graph/generated, andmocksall contain generated code
Roadmap
- Implement configuration
- Implement Elasticsearch driver
- Implement ORM
- Implement GraphQL schema
- Separate GraphQL schema into separate files/resolvers
- Break database/elasticsearch code into services and dataloaders
- Validate auth token with Keycloak
- Refactor to supply services and user using middleware
- Create validation directive
- Create user permissions directive
References
- gormigrate - https://github.com/go-gormigrate/gormigrate
- testcontainers with elasticsearch - https://riferrei.com/using-testcontainers-go-with-elasticsearch/
- Keycloak golang webservices - https://mikebolshakov.medium.com/keycloak-with-go-web-services-why-not-f806c0bc820a
- Opinionated graphql server with go - https://dev.to/cmelgarejo/creating-an-opinionated-graphql-server-with-go-part-1-3g3l
- Custom GraphQL validation - https://david-yappeter.medium.com/gqlgen-custom-data-validation-part-1-7de8ef92de4c
- Custom error types with go - https://klotzandrew.com/blog/error-handling-in-golang
Docker Pull Command
docker pull mikeyglitz/pantry-api