dilly/gitlab-opreate-interview
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init: technical take home for gitlab operate

Browse Source
This commit is contained in:
uhryniuk
2026-01-15 20:18:23 -06:00
commit a9a7e13bbe
149 changed files with 1812 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

117
README.md Normal file
View File

@@ -0,0 +1,117 @@
# gl-operate-go-k8s
Go HTTP server for a Gitlab Interview
## Requirements
- Go 1.23+
- Docker (optional)
- Helm 4.0+ (optional)
## Quick Start
Build and run:
```bash
go build -o interview-server .
./interview-server
```
Server starts on `http://localhost:8080`
## Configuration
You can configure the server using environment variables or a JSON config file. Environment variables take precedence.
**Environment variables:**
- `SERVER_PORT` - Port to listen on (default: 8080)
- `SERVER_HOST` - Host to bind to (default: 0.0.0.0)
- `SERVER_ROOT_PATH` - Directory to serve files from (default: current directory)
- `SERVER_AUTH_SECRET` - Bearer token for API authentication
- `CONFIG_FILE` - Path to config file
**Example:**
```bash
export SERVER_PORT=3000
export SERVER_ROOT_PATH=/var/www
export SERVER_AUTH_SECRET=my-secret-token
./interview-server
```
**Config file:**
```bash
./interview-server -config config.json
```
The config file is JSON:
```json
{
"port": 8080,
"host": "0.0.0.0",
"root_path": "/app/data",
"auth_secret": "your-secret-token"
}
```
## Docker
Build:
```bash
docker build -t interview-service:latest .
```
Run:
```bash
docker run -p 8080:8080 -e SERVER_AUTH_SECRET=mysecret interview-service:latest
```
## Kubernetes
Install with Helm:
```bash
helm install interview-server ./helm
```
Port forward to access locally:
```bash
kubectl port-forward svc/interview-server-interview-server 8080:8080
```
## Testing
```bash
go test -v
```
## How it works
The server has two main parts:
- `/` - Serves static files from the configured root path
- `/api/*` - Protected endpoint that requires authentication
For `/api/*` routes, you need to send a Bearer token that matches `SERVER_AUTH_SECRET`:
```bash
curl -H "Authorization: Bearer my-secret-token" http://localhost:8080/api/test
```
Logs are JSON formatted and go to stdout. The app handles SIGTERM/SIGINT for graceful shutdown.
## Deployment notes
The application is stateless and can be scaled horizontally. It runs as a non-root user (UID 1000) in the container.
Resource usage is minimal - 50m CPU and 64Mi memory is enough for most workloads. Recommended limits are 100m CPU and 128Mi memory.
The server doesn't do TLS, so you'll want a reverse proxy or ingress controller in production for HTTPS.
Store `SERVER_AUTH_SECRET` in Kubernetes Secrets, not in plain text config.