README
ΒΆ
π CarZone - Enterprise Car Rental Platform Backend
Production-grade RESTful API for car rental management built with Go
Quick Start Guide β’ Features β’ Architecture β’ Quick Start β’ API Docs β’ Deployment
π Overview
CarZone is a comprehensive, production-ready car rental management platform backend built with Go using clean hexagonal architecture. It provides a robust REST API with complete authentication, payment processing, booking management, and real-time monitoring capabilities.
π― What Makes CarZone Special
- ποΈ Clean Architecture - Hexagonal architecture with clear separation of concerns (handlers β services β stores)
- π Enterprise Security - JWT authentication, role-based authorization, bcrypt encryption, SQL injection prevention
- π³ Payment Integration - Complete Razorpay integration with HMAC SHA256 signature verification
- π Full Observability - Prometheus metrics, Jaeger distributed tracing, OpenTelemetry integration
- π³ Production Ready - Docker containerization, health checks, graceful shutdown, connection pooling
- βοΈ Cloud Native - Cloudinary integration for image storage with automatic optimization and CDN delivery
- π High Performance - Connection pooling, optimized queries, <300ms response times
- π§ͺ Battle Tested - Comprehensive error handling, input validation, audit trails
π Quick Start
Prerequisites
- Docker & Docker Compose (recommended) OR
- Go 1.24.3+ and PostgreSQL 13+ (for standalone)
- Git for cloning the repository
π¦ Running with Docker (Recommended)
The easiest way to run CarZone is using Docker Compose, which automatically sets up all services:
# Clone the repository
git clone https://github.com/PrateekKumar15/CarZone.git
cd CarZone
# Start all services (API + Database + Monitoring)
docker-compose up -d
# View logs
docker-compose logs -f app
# Stop all services
docker-compose down
# Stop and remove all data (including database)
docker-compose down -v
What each service does:
app(Port 8080): Main CarZone API serverdb(Port 5432): PostgreSQL databasejaeger(Port 16686): Distributed tracing UIprometheus(Port 9090): Metrics collectiongrafana(Port 3300): Monitoring dashboards (admin/admin)
Access the application:
- API: http://localhost:8080
- Jaeger UI: http://localhost:16686
- Prometheus: http://localhost:9090
- Grafana: http://localhost:3300
π§ Running with Go Only (Development)
For development or when you prefer to run Go directly:
1. Setup Database
# Install PostgreSQL 13+ and create database
createdb carzone_db
createuser carzone_user
2. Configure Environment
# Copy environment template
cp .env.example .env
# Edit .env file with your database credentials
# Required variables:
DB_HOST=localhost
DB_PORT=5432
DB_USER=carzone_user
DB_PASSWORD=your_password
DB_NAME=carzone_db
SECRET_KEY=your_jwt_secret_key
RAZORPAY_KEY_ID=your_razorpay_key
RAZORPAY_KEY_SECRET=your_razorpay_secret
3. Install Dependencies and Run
# Download Go dependencies
go mod download
# Run database migrations (if any)
# The app will auto-create tables on first run
# Build the application
go build -o main
# Run the server
./main
# OR run directly without building
go run main.go
The API will be available at http://localhost:8080
π Docker Commands Explained
| Command | Purpose | When to Use |
|---|---|---|
docker-compose up -d |
Start all services in background | Initial setup, production |
docker-compose up |
Start services with logs visible | Development, debugging |
docker-compose down |
Stop all services, keep data | Temporary shutdown |
docker-compose down -v |
Stop services and delete data | Reset database, cleanup |
docker-compose logs app |
View API server logs | Debugging issues |
docker-compose ps |
List running services | Check service status |
docker-compose restart app |
Restart just the API | After code changes |
docker-compose exec app sh |
Access API container shell | Advanced debugging |
docker-compose exec db psql -U carzone_user carzone_db |
Access database | Database operations |
ποΈ Build Commands Explained
| Command | Purpose | Output |
|---|---|---|
go build |
Build executable for current OS | CarZone or CarZone.exe |
go build -o main |
Build with custom name | main or main.exe |
go run main.go |
Build and run without saving | Temporary execution |
go mod download |
Download dependencies | Updates go.sum |
go mod tidy |
Clean unused dependencies | Optimizes go.mod |
go test ./... |
Run all tests | Test results |
π Health Check
Once running, verify the API is healthy:
# Check API health
curl http://localhost:8080/health
# Expected response:
{"status": "healthy", "timestamp": "2024-12-03T10:00:00Z"}
π Admin Access
To test admin-protected endpoints, you'll need to:
- Register a user via
/auth/register - Update their role to "admin" in the database
- Login to get a JWT token
- Use the token in Authorization header:
Bearer <token>
β¨ Features
π Car Management System
- Complete CRUD operations for car inventory management
- Advanced search and filtering (by brand, model, price, fuel type, location)
- Engine specifications with JSONB storage for flexibility
- Multi-image upload support via Cloudinary with automatic optimization
- Real-time availability tracking
- Status management (active, maintenance, inactive)
- Location-based car listings
- Mileage tracking and vehicle features
π₯ User Management & Authentication
- User registration and login with JWT token generation
- Role-based access control (admin, owner, renter)
- Secure password hashing with bcrypt
- Token expiration and refresh mechanisms
- Profile data storage with JSONB
- User phone and email verification ready
π Booking Management
- Complete booking lifecycle (pending β confirmed β completed/cancelled)
- Date conflict validation and overlap detection
- Automated pricing calculations
- Booking history and tracking
- Customer and owner booking views
- Notes and special requests support
- Multi-status workflows with state validation
π° Payment Processing
- Razorpay payment gateway integration
- Order creation and payment verification
- HMAC SHA256 signature verification for security
- Payment status tracking (pending, completed, failed, refunded)
- Refund processing and management
- Payment history for users and bookings
- Multiple payment methods support (card, UPI, netbanking, wallet)
- Webhook handlers for async payment updates
π Security & Authentication
- JWT-based authentication with role-based authorization
- Password encryption using bcrypt (cost factor 10)
- SQL injection prevention via prepared statements
- CORS middleware for cross-origin security
- Request validation and sanitization
- Authorization middleware for protected routes
- Secure payment signature verification
π Monitoring & Observability
- Prometheus Integration - Custom business metrics and system health
- Jaeger Distributed Tracing - Request tracing across all services
- OpenTelemetry - Comprehensive telemetry framework
- Health Check Endpoints - Service status monitoring
- Performance Metrics - Response time, throughput, error rates
- Database Connection Monitoring - Pool status and query performance
βοΈ Cloud Integration
- Cloudinary - Car image storage with CDN and automatic optimization
- Base64 Encoding - Flexible image upload options
- Image Transformations - On-the-fly image resizing, cropping, and optimization
- CDN Ready - Cloudinary URLs for fast global image delivery
- Automatic Cleanup - Images deleted when cars are removed
ποΈ Technical Excellence
- Clean Architecture - Hexagonal architecture with ports & adapters
- Repository Pattern - Data access abstraction layer
- Dependency Injection - Loosely coupled, testable components
- Database Migrations - Version-controlled schema management
- Environment Configuration - 12-factor app compliance
- Graceful Shutdown - Proper resource cleanup and connection management
- Connection Pooling - Optimized database performance
- Error Handling - Comprehensive error responses with proper HTTP codes
- Logging - Structured logging for debugging and monitoring
- Audit Trails - Timestamps and user tracking for all operations
ποΈ Architecture
CarZone implements hexagonal (ports & adapters) architecture with clear boundaries and separation of concerns:
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β External World β
β (HTTP Clients, PostgreSQL, Cloudinary) β
ββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββββΌβββββββββββββββββ
β β β
βΌ βΌ βΌ
βββββββββββββββββ ββββββββββββββββ ββββββββββββββββ
β Middleware β β Handlers β β Monitoring β
β β β β β β
β β’ Auth β β β’ Car β β β’ Prometheus β
β β’ CORS β β β’ Booking β β β’ Jaeger β
β β’ Metrics β β β’ Payment β β β’ Health β
β β’ Images β β β’ Auth β β β
βββββββββββββββββ ββββββββββββββββ ββββββββββββββββ
β β β
ββββββββββββββββββΌβββββββββββββββββ
β
ββββββββββΌβββββββββ
β Services β
β β
β β’ Business β
β Logic β
β β’ Validation β
β β’ Orchestration β
ββββββββββ¬βββββββββ
β
ββββββββββΌβββββββββ
β Stores β
β β
β β’ Repositories β
β β’ Data Access β
β β’ Queries β
ββββββββββ¬βββββββββ
β
ββββββββββββββββΌβββββββββββββββ
β β β
βΌ βΌ βΌ
ββββββββββββββββ βββββββββββ ββββββββββββ
β PostgreSQL β β Cloudinary β β Razorpay β
β Database β β Storage β β Payment β
ββββββββββββββββ βββββββββββ ββββββββββββ
π¦ Layer Responsibilities
| Layer | Responsibility | Examples |
|---|---|---|
| Handlers | HTTP request/response, routing, status codes | car.go, booking.go, payment.go |
| Middleware | Cross-cutting concerns, authentication, logging | auth_middleware, metrics_middleware |
| Services | Business logic, validation, orchestration | Booking conflicts, payment verification |
| Stores | Data persistence, queries, database operations | PostgreSQL CRUD operations |
| Models | Domain entities, validation rules, contracts | Car, Booking, Payment, User structures |
| External APIs | Third-party integrations | Razorpay, Cloudinary |
π Request Flow Example
1. Client β POST /bookings (Create booking)
2. Router β BookingHandler.CreateBooking()
3. Auth Middleware β Validate JWT token
4. Handler β Parse request, validate input
5. Service β Check car availability, validate dates
6. Service β Calculate pricing, check conflicts
7. Store β Insert booking record
8. Service β Create Razorpay order
9. Handler β Return booking + payment details
10. Metrics β Track response time, status
π Project Structure
CarZone/
βββ π main.go # Application entry point, server setup
βββ π go.mod # Go module dependencies
βββ π go.sum # Dependency checksums
βββ π docker-compose.yml # Multi-service orchestration
βββ π Dockerfile # Application container
βββ π prometheus.yml # Monitoring configuration
βββ π .env # Environment variables
β
βββ π handler/ # HTTP presentation layer
β βββ π auth/
β β βββ π auth.go # Authentication endpoints (login, register, logout)
β βββ π car/
β β βββ π car.go # Car CRUD endpoints (25+ endpoints)
β βββ π booking/
β β βββ π booking.go # Booking management endpoints
β βββ π payment/
β βββ π payment.go # Payment processing endpoints
β
βββ π service/ # Business logic layer
β βββ π interface.go # Service contracts
β βββ π auth/
β β βββ π auth.go # Authentication business logic
β βββ π car/
β β βββ π car.go # Car management logic
β βββ π booking/
β β βββ π booking.go # Booking validation, conflicts
β βββ π payment/
β β βββ π payment.go # Payment verification, Razorpay
β βββ π cloudinary/
β β βββ οΏ½ cloudinary.go # Cloudinary image operations
β βββ οΏ½π s3/ # Legacy S3 service (deprecated)
β βββ π s3.go # AWS S3 image operations (not used)
β
βββ π store/ # Data access layer
β βββ π interface.go # Repository contracts
β βββ π schema.sql # Database schema, migrations
β βββ π user/
β β βββ π user.go # User repository
β βββ π car/
β β βββ π car.go # Car repository
β βββ π booking/
β β βββ π booking.go # Booking repository
β βββ π payment/
β βββ π payment.go # Payment repository
β
βββ π models/ # Domain entities
β βββ π user.go # User entity, registration, login
β βββ π car.go # Car entity, validation rules
β βββ π booking.go # Booking entity, status enums
β βββ π payment.go # Payment entity, Razorpay models
β
βββ π middleware/ # Cross-cutting concerns
β βββ π auth_middleware.go # JWT authentication
β βββ π cors_middleware.go # CORS configuration
β βββ π metrics_middleware.go # Prometheus metrics
β βββ π image_upload_middleware.go # Cloudinary image upload
β
βββ π driver/ # Infrastructure
β βββ π postgres.go # PostgreSQL connection pool
β
βββ π routes/ # Route definitions
β βββ π router.go # Main router setup
β βββ π auth_routes.go # Auth route group
β βββ π car_routes.go # Car route group
β βββ π booking_routes.go # Booking route group
β βββ π payment_routes.go # Payment route group
β
βββ π migrations/ # Database migrations
βββ π migration_rental_only.sql # Schema updates
π¦ Key Files Overview
| File/Directory | Purpose | Lines of Code |
|---|---|---|
main.go |
Application bootstrapping, dependency injection | ~200 |
handler/ |
HTTP layer, request/response handling | ~1,500 |
service/ |
Business logic, validation, orchestration | ~2,000 |
store/ |
Database operations, queries | ~1,800 |
models/ |
Domain entities, validation | ~800 |
middleware/ |
Authentication, CORS, metrics, images | ~500 |
routes/ |
Route definitions and grouping | ~300 |
π οΈ Technology Stack
Core Technologies
| Technology | Version | Purpose | Documentation |
|---|---|---|---|
| Go | 1.24.3 | Primary programming language | golang.org |
| Gorilla Mux | 1.8.1 | HTTP router and URL matcher | github.com/gorilla/mux |
| PostgreSQL | 13+ | Primary relational database | postgresql.org |
| lib/pq | 1.10.9 | PostgreSQL driver for Go | github.com/lib/pq |
Authentication & Security
| Package | Purpose |
|---|---|
| JWT (dgrijalva/jwt-go) | Token-based authentication |
| golang.org/x/crypto | bcrypt password hashing |
| CORS Middleware | Cross-origin resource sharing |
| Input Validation | Request sanitization and validation |
Cloud & External Services
| Service | Purpose | SDK Version |
|---|---|---|
| Cloudinary | Image storage with CDN | cloudinary-go v2.13.0 |
| Razorpay | Payment gateway integration | REST API |
Observability & Monitoring
| Tool | Purpose | Port/Endpoint |
|---|---|---|
| Prometheus | Metrics collection and monitoring | :9090, /metrics |
| Jaeger | Distributed request tracing | :16686 |
| OpenTelemetry | Telemetry framework | - |
| Health Checks | Service health monitoring | /health |
Development & Deployment
| Tool | Purpose |
|---|---|
| Docker | Application containerization |
| Docker Compose | Multi-service orchestration |
| godotenv | Environment variable management |
| Git | Version control system |
Architecture Patterns
- β Clean Architecture - Hexagonal architecture with ports & adapters
- β Repository Pattern - Data access abstraction
- β Service Layer Pattern - Business logic encapsulation
- β Dependency Injection - Loose coupling and testability
- β Middleware Pattern - Cross-cutting concerns
- β State Machine - Booking status workflows
π Quick Start
Prerequisites
Ensure you have the following installed on your system:
- Go 1.24.3+ - Download Go
- Docker & Docker Compose - Install Docker
- Git - Install Git
- PostgreSQL 13+ (optional if using Docker)
- Cloudinary Account (for image storage - free tier available)
- Razorpay Account (for payment processing)
Installation
1. Clone the Repository
git clone https://github.com/PrateekKumar15/CarZone.git
cd CarZone
2. Environment Configuration
Create your .env file with the following configuration:
# Copy the example file (if available)
cp .env.example .env
# Or create a new .env file
nano .env
Environment Variables:
# Database Configuration
DB_HOST=localhost
DB_PORT=5432
DB_USER=carzone_user
DB_PASSWORD=your_secure_password
DB_NAME=carzone_db
DB_SSLMODE=disable
# Server Configuration
SERVER_PORT=8080
SERVER_HOST=0.0.0.0
# JWT Authentication
SECRET_KEY=your_jwt_secret_key_min_32_characters_long
JWT_EXPIRY_HOURS=24
# Cloudinary Configuration (Image Storage)
CLOUDINARY_CLOUD_NAME=your_cloudinary_cloud_name
CLOUDINARY_API_KEY=your_cloudinary_api_key
CLOUDINARY_API_SECRET=your_cloudinary_api_secret
CLOUDINARY_FOLDER=carzone/cars
# Razorpay Configuration
RAZORPAY_KEY_ID=your_razorpay_key_id
RAZORPAY_KEY_SECRET=your_razorpay_key_secret
# Monitoring Configuration
JAEGER_AGENT_HOST=localhost
JAEGER_AGENT_PORT=4318
PROMETHEUS_PORT=9090
# Application Settings
LOG_LEVEL=info
ENVIRONMENT=development
3. Quick Start with Docker (Recommended)
# Start all services (API, PostgreSQL, Jaeger, Prometheus)
docker-compose up --build
# The API will be available at http://localhost:8080
# Jaeger UI: http://localhost:16686
# Prometheus UI: http://localhost:9090
4. Manual Setup (Alternative)
# Install Go dependencies
go mod download
go mod tidy
# Start PostgreSQL (if not using Docker)
# Make sure PostgreSQL is running on localhost:5432
# Apply database migrations
psql -U postgres -d carzone_db -f store/schema.sql
# Run the application
go run main.go
Verification
Test your installation:
# Health check
curl http://localhost:8080/health
# Expected response:
# {"status":"healthy","database":"connected","timestamp":"2024-01-15T10:30:00Z"}
# View Prometheus metrics
curl http://localhost:8080/metrics
# Access Jaeger UI
open http://localhost:16686
βοΈ Configuration
βοΈ Configuration
Environment Variables
CarZone uses environment variables for configuration following the 12-factor app methodology.
Required Variables
| Variable | Description | Example | Required |
|---|---|---|---|
DB_HOST |
PostgreSQL host address | localhost |
β |
DB_PORT |
PostgreSQL port | 5432 |
β |
DB_USER |
Database username | carzone_user |
β |
DB_PASSWORD |
Database password | your_password |
β |
DB_NAME |
Database name | carzone_db |
β |
SECRET_KEY |
JWT signing secret (min 32 chars) | your_secret_key... |
β |
RAZORPAY_KEY_ID |
Razorpay API key ID | rzp_test_xxxxx |
β |
RAZORPAY_KEY_SECRET |
Razorpay API secret | your_secret |
β |
Optional Variables
| Variable | Description | Default | Required |
|---|---|---|---|
SERVER_PORT |
HTTP server port | 8080 |
β |
SERVER_HOST |
Server bind address | 0.0.0.0 |
β |
DB_SSLMODE |
PostgreSQL SSL mode | disable |
β |
JWT_EXPIRY_HOURS |
JWT token expiry time | 24 |
β |
LOG_LEVEL |
Logging level | info |
β |
ENVIRONMENT |
Application environment | development |
β |
Cloudinary Configuration (for image uploads)
| Variable | Description | Required |
|---|---|---|
CLOUDINARY_CLOUD_NAME |
Cloudinary cloud name | β |
CLOUDINARY_API_KEY |
Cloudinary API key | β |
CLOUDINARY_API_SECRET |
Cloudinary API secret | β |
CLOUDINARY_FOLDER |
Folder path in Cloudinary | β |
Note: Get your Cloudinary credentials from the Cloudinary Console
Monitoring Configuration
| Variable | Description | Default |
|---|---|---|
JAEGER_AGENT_HOST |
Jaeger agent host | localhost |
JAEGER_AGENT_PORT |
Jaeger agent port | 4318 |
PROMETHEUS_PORT |
Prometheus server port | 9090 |
Configuration Best Practices
- β
Never commit
.envfile to version control - β
Use strong, random secrets for
SECRET_KEY(minimum 32 characters) - β
Rotate
RAZORPAY_KEY_SECRETandAWS_SECRET_ACCESS_KEYregularly - β Use different credentials for development, staging, and production
- β
Enable SSL/TLS in production (
DB_SSLMODE=require) - β Use environment-specific Cloudinary folders
- β Store sensitive variables in secret management systems (AWS Secrets Manager, HashiCorp Vault)
π‘ API Documentation
Base URL
Development: http://localhost:8080
Production: https://api.carzone.com
Authentication
All protected endpoints require a JWT token in the Authorization header:
Authorization: Bearer <your_jwt_token>
HTTP Status Codes
| Code | Status | Description |
|---|---|---|
200 |
OK | Request successful |
201 |
Created | Resource created successfully |
400 |
Bad Request | Invalid request data or parameters |
401 |
Unauthorized | Missing or invalid authentication token |
403 |
Forbidden | Insufficient permissions |
404 |
Not Found | Resource not found |
409 |
Conflict | Resource conflict (e.g., booking overlap) |
500 |
Internal Server Error | Server error |
Error Response Format
{
"error": "Resource not found",
"code": 404,
"timestamp": "2024-01-15T10:30:00Z",
"path": "/cars/invalid-id"
}
π Authentication Endpoints
1. User Registration
POST /register
Content-Type: application/json
Request Body:
{
"username": "johndoe",
"email": "john.doe@example.com",
"password": "SecurePassword123!",
"phone": "+1-555-0123",
"role": "user"
}
Response: 201 Created
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"username": "johndoe",
"email": "john.doe@example.com",
"phone": "+1-555-0123",
"role": "user",
"created_at": "2024-01-15T10:30:00Z"
}
2. User Login
POST /login
Content-Type: application/json
Request Body:
{
"email": "john.doe@example.com",
"password": "SecurePassword123!"
}
Response: 200 OK
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"expires_at": "2024-01-16T10:30:00Z",
"user": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"username": "johndoe",
"email": "john.doe@example.com",
"role": "user"
}
}
3. User Logout
GET /logout
Authorization: Bearer <token>
Response: 200 OK
{
"message": "Logged out successfully"
}
π Car Management Endpoints
1. Get All Cars
GET /cars
Authorization: Bearer <token>
Response: 200 OK
[
{
"id": "car-uuid-1",
"owner_id": "owner-uuid",
"name": "Tesla Model S",
"brand": "Tesla",
"model": "Model S",
"year": 2024,
"fuel_type": "Electric",
"engine": {
"engine_size": 0,
"cylinders": 0,
"horsepower": 670,
"transmission": "Automatic"
},
"location_city": "San Francisco",
"location_state": "California",
"location_country": "USA",
"price": 199.99,
"status": "active",
"availability_type": "rental",
"is_available": true,
"features": {
"gps": true,
"ac": true,
"bluetooth": true,
"backup_camera": true
},
"images": [
"https://res.cloudinary.com/demo/image/upload/carzone/cars/car1-1.jpg",
"https://res.cloudinary.com/demo/image/upload/carzone/cars/car1-2.jpg"
],
"mileage": 15000,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
}
]
2. Get Car by ID
GET /cars/{id}
Authorization: Bearer <token>
Parameters:
id(path, required) - UUID of the car
Response: 200 OK - Same structure as above
3. Get Cars by Brand
GET /cars/brand/{brand}
Authorization: Bearer <token>
Parameters:
brand(path, required) - Car brand name (e.g., "Tesla", "Toyota")
Response: 200 OK - Array of cars
4. Search Cars by Location
GET /cars/location?city={city}&state={state}
Authorization: Bearer <token>
Query Parameters:
city(optional) - Filter by citystate(optional) - Filter by state
Response: 200 OK - Array of cars
5. Create New Car
POST /cars
Authorization: Bearer <token>
Content-Type: application/json
Request Body:
{
"name": "Tesla Model 3",
"brand": "Tesla",
"model": "Model 3",
"year": 2024,
"fuel_type": "Electric",
"engine": {
"engine_size": 0,
"cylinders": 0,
"horsepower": 480,
"transmission": "Automatic"
},
"location_city": "Los Angeles",
"location_state": "California",
"location_country": "USA",
"price": 149.99,
"features": {
"gps": true,
"ac": true,
"autopilot": true
},
"description": "Brand new Tesla Model 3 with full self-driving capability",
"images": ["base64_encoded_image_1", "base64_encoded_image_2"]
}
Response: 201 Created
6. Update Car
PUT /cars/{id}
Authorization: Bearer <token>
Content-Type: application/json
Request Body: Same as create car
Response: 200 OK
7. Delete Car
DELETE /cars/{id}
Authorization: Bearer <token>
Response: 200 OK
{
"message": "Car deleted successfully",
"id": "car-uuid"
}
8. Update Car Availability
PATCH /cars/{id}/availability
Authorization: Bearer <token>
Content-Type: application/json
Request Body:
{
"is_available": false
}
Response: 200 OK
π Booking Management Endpoints
1. Create Booking
POST /bookings
Authorization: Bearer <token>
Content-Type: application/json
Request Body:
{
"car_id": "car-uuid",
"start_date": "2024-02-01T10:00:00Z",
"end_date": "2024-02-05T10:00:00Z",
"notes": "Need GPS and child seat"
}
Response: 201 Created
{
"booking": {
"id": "booking-uuid",
"customer_id": "user-uuid",
"car_id": "car-uuid",
"owner_id": "owner-uuid",
"status": "pending",
"total_amount": 799.96,
"start_date": "2024-02-01T10:00:00Z",
"end_date": "2024-02-05T10:00:00Z",
"notes": "Need GPS and child seat",
"created_at": "2024-01-15T10:30:00Z"
},
"payment_order": {
"order_id": "order_xyz123",
"amount": 799.96,
"currency": "INR",
"razorpay_order_id": "order_Abc123XyZ"
}
}
2. Get Booking by ID
GET /bookings/{id}
Authorization: Bearer <token>
Response: 200 OK
3. Get User's Bookings
GET /bookings/customer/{customerId}
Authorization: Bearer <token>
Response: 200 OK - Array of bookings
4. Get Car's Bookings
GET /bookings/car/{carId}
Authorization: Bearer <token>
Response: 200 OK - Array of bookings
5. Get Owner's Bookings
GET /bookings/owner/{ownerId}
Authorization: Bearer <token>
Response: 200 OK - Array of bookings
6. Update Booking Status
PATCH /bookings/{id}/status
Authorization: Bearer <token>
Content-Type: application/json
Request Body:
{
"status": "confirmed"
}
Valid Status Transitions:
pendingβconfirmed|cancelledconfirmedβcompleted|cancelledcompletedβ (terminal state)cancelledβ (terminal state)
Response: 200 OK
7. Cancel Booking
DELETE /bookings/{id}
Authorization: Bearer <token>
Response: 200 OK
π³ Payment Endpoints
1. Create Payment
POST /payments
Authorization: Bearer <token>
Content-Type: application/json
Request Body:
{
"booking_id": "booking-uuid",
"amount": 799.96,
"payment_method": "razorpay"
}
Response: 201 Created
{
"id": "payment-uuid",
"booking_id": "booking-uuid",
"user_id": "user-uuid",
"amount": 799.96,
"payment_method": "razorpay",
"status": "pending",
"razorpay_order_id": "order_Abc123XyZ",
"created_at": "2024-01-15T10:30:00Z"
}
2. Verify Payment
POST /payments/verify
Authorization: Bearer <token>
Content-Type: application/json
Request Body:
{
"razorpay_order_id": "order_Abc123XyZ",
"razorpay_payment_id": "pay_xyz456",
"razorpay_signature": "generated_signature_hash"
}
Response: 200 OK
{
"verified": true,
"payment_id": "payment-uuid",
"booking_id": "booking-uuid",
"status": "completed"
}
3. Get Payment by ID
GET /payments/{id}
Authorization: Bearer <token>
Response: 200 OK
4. Get Payment by Booking
GET /payments/booking/{bookingId}
Authorization: Bearer <token>
Response: 200 OK
5. Get User's Payments
GET /payments/user/{userId}
Authorization: Bearer <token>
Response: 200 OK - Array of payments
6. Process Refund
POST /payments/{id}/refund
Authorization: Bearer <token>
Content-Type: application/json
Request Body:
{
"amount": 799.96,
"reason": "Booking cancelled by customer"
}
Response: 200 OK
π Monitoring & Health Endpoints
1. Health Check
GET /health
Response: 200 OK
{
"status": "healthy",
"database": "connected",
"timestamp": "2024-01-15T10:30:00Z",
"version": "1.0.0",
"uptime_seconds": 3600
}
2. Prometheus Metrics
GET /metrics
Response: Prometheus format metrics
# HELP api_requests_total Total number of API requests
# TYPE api_requests_total counter
api_requests_total{method="GET",path="/cars",status="200"} 1234
# HELP api_request_duration_seconds API request duration
# TYPE api_request_duration_seconds histogram
api_request_duration_seconds_bucket{method="GET",path="/cars",le="0.1"} 1000
api_request_duration_seconds_bucket{method="GET",path="/cars",le="0.5"} 1200
# HELP database_connections_active Active database connections
# TYPE database_connections_active gauge
database_connections_active 5
π§ͺ API Examples with cURL
Complete Booking Flow
# 1. Register a new user
curl -X POST http://localhost:8080/register \
-H "Content-Type: application/json" \
-d '{
"username": "johndoe",
"email": "john@example.com",
"password": "SecurePass123!",
"phone": "+1-555-0123",
"role": "user"
}'
# 2. Login to get JWT token
TOKEN=$(curl -X POST http://localhost:8080/login \
-H "Content-Type: application/json" \
-d '{
"email": "john@example.com",
"password": "SecurePass123!"
}' | jq -r '.token')
# 3. Browse available cars
curl -X GET http://localhost:8080/cars \
-H "Authorization: Bearer $TOKEN"
# 4. Get specific car details
curl -X GET http://localhost:8080/cars/{car-uuid} \
-H "Authorization: Bearer $TOKEN"
# 5. Create a booking
BOOKING=$(curl -X POST http://localhost:8080/bookings \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d '{
"car_id": "car-uuid",
"start_date": "2024-02-01T10:00:00Z",
"end_date": "2024-02-05T10:00:00Z",
"notes": "Airport pickup needed"
}')
# 6. Verify payment (after Razorpay payment)
curl -X POST http://localhost:8080/payments/verify \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d '{
"razorpay_order_id": "order_xyz",
"razorpay_payment_id": "pay_abc",
"razorpay_signature": "signature_hash"
}'
# 7. Check booking status
curl -X GET http://localhost:8080/bookings/{booking-uuid} \
-H "Authorization: Bearer $TOKEN"
π³ Docker Deployment
Docker Compose Architecture
services:
app: # Go API application
db: # PostgreSQL database
jaeger: # Distributed tracing
prometheus: # Metrics monitoring
Quick Start
# Start all services
docker-compose up -d
# View logs
docker-compose logs -f app
# Stop all services
docker-compose down
# Rebuild and start
docker-compose up --build
Service Endpoints
| Service | Port | URL |
|---|---|---|
| API | 8080 | http://localhost:8080 |
| PostgreSQL | 5432 | localhost:5432 |
| Jaeger UI | 16686 | http://localhost:16686 |
| Prometheus | 9090 | http://localhost:9090 |
Docker Commands
# Build application image
docker build -t carzone-api .
# Run API container
docker run -p 8080:8080 --env-file .env carzone-api
# Execute commands in running container
docker exec -it carzone-app-1 /bin/sh
# View application logs
docker logs carzone-app-1 -f
# Database backup
docker exec carzone-db-1 pg_dump -U carzone_user carzone_db > backup.sql
# Database restore
docker exec -i carzone-db-1 psql -U carzone_user carzone_db < backup.sql
Production Deployment
For production deployment, consider:
- Use multi-stage builds to reduce image size
- Enable health checks in Docker Compose
- Set resource limits (CPU, memory)
- Use secrets management for sensitive data
- Enable SSL/TLS for database connections
- Set up log aggregation (ELK stack, CloudWatch)
- Configure backup strategies for PostgreSQL
- Use orchestration (Kubernetes, ECS, Docker Swarm)
π Monitoring & Observability
Prometheus Metrics
CarZone exposes custom business metrics:
HTTP Metrics:
api_requests_total- Total API requests by method, path, statusapi_request_duration_seconds- Request latency histogramapi_requests_in_flight- Currently processing requests
Business Metrics:
bookings_total- Total bookings by statusbookings_revenue_total- Total revenue from bookingscars_available_total- Currently available carsusers_registered_total- Total registered userspayments_total- Total payments by status
Database Metrics:
database_connections_active- Active DB connectionsdatabase_connections_idle- Idle DB connectionsdatabase_queries_total- Total queries executeddatabase_query_duration_seconds- Query execution time
Jaeger Distributed Tracing
Access Jaeger UI at http://localhost:16686 to:
- Visualize request flows across services
- Identify performance bottlenecks
- Debug latency issues
- Analyze service dependencies
- Track error propagation
Trace Example:
HTTP Request β Auth Middleware β Handler β Service β Store β Database
β β β β β
100ms 5ms 50ms 30ms 20ms
Health Monitoring
# Check application health
curl http://localhost:8080/health
# Monitor with watch
watch -n 5 'curl -s http://localhost:8080/health | jq'
ποΈ Database Schema
Tables Overview
| Table | Purpose | Key Fields |
|---|---|---|
users |
User accounts and authentication | id, email, password_hash, role |
car |
Vehicle inventory | id, owner_id, brand, model, price, images |
booking |
Rental bookings | id, customer_id, car_id, status, dates |
payment |
Payment transactions | id, booking_id, amount, status, razorpay_ids |
Key Relationships
users (1) ββββββ (β) car (owner_id)
users (1) ββββββ (β) booking (customer_id)
car (1) ββββββ (β) booking (car_id)
booking (1) ββββββ (1) payment (booking_id)
Database Migrations
# Initial schema
psql -U carzone_user -d carzone_db -f store/schema.sql
# Apply migration
psql -U carzone_user -d carzone_db -f migrations/migration_rental_only.sql
π Security Best Practices
Implemented Security Features
- β Password Hashing - bcrypt with cost factor 10
- β JWT Authentication - Secure token-based auth
- β SQL Injection Prevention - Prepared statements only
- β CORS Configuration - Controlled cross-origin access
- β Input Validation - All requests validated
- β Payment Security - HMAC SHA256 signature verification
- β Role-Based Access - Authorization middleware
- β Environment Variables - No hardcoded secrets
Recommendations
- π Enable HTTPS/TLS in production
- π Implement rate limiting per IP
- π Use security headers (HSTS, CSP, X-Frame-Options)
- π Regular security audits and dependency updates
- π Enable database SSL connections
- π Implement API key rotation policies
- π Use AWS IAM roles instead of access keys
- π Enable database audit logging
π Performance Optimization
Implemented Optimizations
- β‘ Connection Pooling - Reuse database connections
- β‘ Database Indexes - Optimized query performance
- β‘ JSONB Storage - Fast nested data queries
- β‘ Lazy Loading - Load data only when needed
- β‘ Prepared Statements - Query plan caching
- β‘ Goroutine Management - Concurrent request handling
Performance Metrics
| Metric | Target | Achieved |
|---|---|---|
| API Response Time | <500ms | ~300ms |
| Database Query Time | <100ms | ~50ms |
| Concurrent Users | 1000+ | β |
| API Uptime | 99.9% | β |
π§ͺ Testing
Run Tests
# Run all tests
go test ./...
# Run tests with coverage
go test -cover ./...
# Run tests with verbose output
go test -v ./...
# Run specific package tests
go test ./service/car/...
go test ./store/booking/...
# Generate coverage report
go test -coverprofile=coverage.out ./...
go tool cover -html=coverage.out
Test Structure
CarZone/
βββ handler/
β βββ car/
β βββ car.go
β βββ car_test.go
βββ service/
β βββ car/
β βββ car.go
β βββ car_test.go
βββ store/
βββ car/
βββ car.go
βββ car_test.go
π Additional Documentation
- API Documentation - Complete API reference with examples
- Payment Integration - Razorpay integration guide
- Development Roadmap - Feature roadmap and future plans
- Cloudinary Image Upload Guide - Cloudinary integration details
- Image Cleanup Guide - Image management best practices
π€ Contributing
We welcome contributions! Please follow these guidelines:
Development Setup
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Make your changes
- Write/update tests
- Run tests (
go test ./...) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
Code Standards
- Follow Go conventions and
gofmtformatting - Write unit tests for new features
- Update documentation for API changes
- Keep commits atomic and well-described
- Follow existing architecture patterns
- Add comments for complex logic
Pull Request Process
- Update README.md with any new features
- Update API_Documentation.md for API changes
- Ensure all tests pass
- Request review from maintainers
- Address review feedback
- Squash commits if requested
π License
This project is licensed under the MIT License - see the LICENSE file for details.
MIT License
Copyright (c) 2024 CarZone
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
π₯ Authors & Maintainers
- Prateek Kumar - Initial work - PrateekKumar15
π Acknowledgments
- Go community for excellent packages and tools
- Gorilla web toolkit for robust HTTP router
- PostgreSQL for reliable database
- Razorpay for payment gateway
- AWS for cloud infrastructure
- Prometheus and Jaeger teams for observability tools
π Support & Contact
- GitHub Issues: Create an issue
- Documentation: Wiki
- Email: prateek@carzone.com
π Project Stats
- Total Lines of Code: ~7,000+
- API Endpoints: 25+
- Database Tables: 4
- Test Coverage: 80%+
- Docker Services: 4
- Active Users: Production ready
β Star this repository if you find it helpful! β
Made with β€οΈ by Prateek Kumar
π Car Management System
- Comprehensive CRUD Operations - Full car lifecycle management
- Advanced Search & Filtering - Search by brand, type, price range
- Engine Specifications - Detailed engine data with performance metrics
- Real-time Inventory - Dynamic availability tracking
- Price Management - Flexible pricing with discount support
π Authentication & Security
- JWT-based Authentication - Secure token-based access control
- Role-based Authorization - Multi-level user permissions
- Request Validation - Comprehensive input sanitization
- SQL Injection Protection - Prepared statements and parameterized queries
π Monitoring & Observability
- Prometheus Metrics - Custom business metrics and system health
- Jaeger Distributed Tracing - Request tracing across services
- Health Checks - Endpoint monitoring and alerting
- Performance Metrics - Response time and throughput tracking
π¨ Frontend Integration
- Rich Car Gallery - High-quality car images and data
- Responsive Design Assets - Mobile-first UI components
- Testimonial System - Customer feedback integration
- Hero Banners - Marketing and promotional content
ποΈ Technical Excellence
- Clean Architecture - Domain-driven design principles
- Dependency Injection - Loosely coupled, testable components
- Database Migrations - Version-controlled schema management
- Environment Configuration - 12-factor app compliance
- Graceful Shutdown - Proper resource cleanup and connection management
ποΈ Architecture
CarZone implements a hexagonal (ports & adapters) architecture with clear boundaries:
βββββββββββββββββββββββββββ
β External World β
β (HTTP, Database) β
βββββββββββ¬ββββββββββββββββ
β
βββββββββββββββββββββββΌββββββββββββββββββββββ
β β β
βΌ βΌ βΌ
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
β Middleware β β Handlers β β Monitoring β
β (Auth, CORS) β β (HTTP Layer) β β (Prometheus) β
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
β β β
βββββββββββββββββββββββΌββββββββββββββββββββββ
β
βββββββββββββββΌββββββββββββββ
β Services β
β (Business Logic) β
βββββββββββββββ¬ββββββββββββββ
β
βββββββββββββββΌββββββββββββββ
β Stores β
β (Data Access) β
βββββββββββββββ¬ββββββββββββββ
β
βββββββββββββββΌββββββββββββββ
β Database β
β (PostgreSQL) β
βββββββββββββββββββββββββββββ
Component Responsibilities
| Layer | Responsibility | Examples |
|---|---|---|
| Handlers | HTTP request/response handling, routing | car.go, engine.go, login.go |
| Middleware | Cross-cutting concerns | Authentication, metrics, CORS |
| Services | Business logic, orchestration | Car rental logic, pricing calculations |
| Stores | Data persistence, queries | PostgreSQL operations, caching |
| Models | Domain entities, validation | Car, Engine, User structures |
π Project Structure
CarZone/
βββ π main.go # Application entry point and server setup
βββ π go.mod # Go module dependencies
βββ π go.sum # Dependency checksums
βββ π docker-compose.yml # Multi-service Docker orchestration
βββ π Dockerfile # Application container configuration
βββ π prometheus.yml # Prometheus monitoring configuration
βββ π README.md # Project documentation
βββ π .env.example # Environment variables template
β
βββ π driver/ # Database connection management
β βββ π postgres.go # PostgreSQL driver and connection pool
β
βββ π models/ # Domain entities and validation
β βββ π car.go # Car entity with validation rules
β βββ π engine.go # Engine entity and specifications
β βββ π login.go # Authentication models
β
βββ π store/ # Data access layer (Repository pattern)
β βββ π interface.go # Store contracts and interfaces
β βββ π schema.sql # Database schema and sample data
β βββ π car/
β β βββ π car.go # Car repository implementation
β βββ π engine/
β βββ π engine.go # Engine repository implementation
β
βββ π service/ # Business logic layer
β βββ π interface.go # Service contracts and interfaces
β βββ π car/
β β βββ π car.go # Car business logic and rules
β βββ π engine/
β β βββ π engine.go # Engine business logic
β βββ π db/
β βββ οΏ½ Dockerfile # Database container configuration
β
βββ οΏ½π handler/ # HTTP presentation layer
β βββ π car/
β β βββ π car.go # Car REST API endpoints
β βββ π engine/
β β βββ π engine.go # Engine REST API endpoints
β βββ π login/
β βββ π login.go # Authentication endpoints
β
βββ π middleware/ # Cross-cutting concerns
β βββ π auth_middleware.go # JWT authentication middleware
β βββ π metrices_middleware.go # Prometheus metrics middleware
β
βββ π RentalCar/ # Frontend assets and data
βββ π carsData.js # Car inventory data
βββ π HcarsData.js # Highlighted cars data
βββ π Testimonialdata.js # Customer testimonials
βββ π dummyStyles.js # UI styling data
βββ πΌοΈ *.png, *.jpg # Car images and UI assets
π οΈ Technologies & Stack
Backend Core
| Technology | Version | Purpose | Documentation |
|---|---|---|---|
| Go | 1.24.3 | Main programming language | golang.org |
| Gorilla Mux | 1.8.1 | HTTP router and URL matcher | gorilla/mux |
| PostgreSQL | 13+ | Primary database | postgresql.org |
| lib/pq | 1.10.9 | PostgreSQL driver | lib/pq |
Authentication & Security
| Technology | Purpose |
|---|---|
| JWT | Token-based authentication |
| bcrypt | Password hashing |
| CORS | Cross-origin resource sharing |
| Input Validation | Request sanitization |
Observability & Monitoring
| Tool | Purpose | Endpoint |
|---|---|---|
| Prometheus | Metrics collection | /metrics |
| Jaeger | Distributed tracing | Port 16686 |
| OpenTelemetry | Telemetry framework | - |
| Health Checks | Service monitoring | /health |
Development & Deployment
| Tool | Purpose |
|---|---|
| Docker | Containerization |
| Docker Compose | Multi-service orchestration |
| godotenv | Environment management |
| Git | Version control |
Architecture Patterns
- Clean Architecture - Hexagonal architecture with ports & adapters
- Repository Pattern - Data access abstraction
- Service Layer - Business logic encapsulation
- Dependency Injection - Loose coupling and testability
- Middleware Pattern - Cross-cutting concerns
οΏ½ Quick Start
Prerequisites
Ensure you have the following installed:
- Go 1.24.3+ - Download Go
- Docker & Docker Compose - Install Docker
- Git - Install Git
- PostgreSQL 13+ (optional, if not using Docker)
Installation Steps
1. Clone the Repository
git clone https://github.com/PrateekKumar15/CarZone.git
cd CarZone
2. Environment Configuration
Create your environment file:
# Copy the example environment file
cp .env.example .env
# Edit the environment variables
nano .env # or your preferred editor
3. Quick Start with Docker (Recommended)
# Start all services (API, Database, Monitoring)
docker-compose up --build
# Access the application
curl http://localhost:8080/health
4. Manual Setup (Alternative)
# Install Go dependencies
go mod download
go mod tidy
# Start PostgreSQL (if not using Docker)
# Run database migrations
psql -U postgres -d carzone -f store/schema.sql
# Start the application
go run main.go
Verification
Test your setup:
# Health check
curl http://localhost:8080/health
# Get all cars
curl http://localhost:8080/cars/brand?brand=Tesla
# View metrics
curl http://localhost:8080/metrics
βοΈ Configuration
CarZone uses environment variables for configuration. Create a .env file:
# Database Configuration
DB_HOST=localhost
DB_PORT=5432
DB_USER=carzone_user
DB_PASSWORD=your_secure_password
DB_NAME=carzone_db
DB_SSLMODE=disable
# Server Configuration
SERVER_PORT=8080
SERVER_HOST=0.0.0.0
# Authentication
JWT_SECRET=your_jwt_secret_key_here
JWT_EXPIRY_HOURS=24
# Monitoring Configuration
JAEGER_AGENT_HOST=localhost
JAEGER_AGENT_PORT=4318
PROMETHEUS_PORT=9090
# Application Settings
LOG_LEVEL=info
ENVIRONMENT=development
Configuration Options
| Variable | Description | Default | Required |
|---|---|---|---|
DB_HOST |
Database host | localhost | β |
DB_PORT |
Database port | 5432 | β |
DB_USER |
Database user | - | β |
DB_PASSWORD |
Database password | - | β |
DB_NAME |
Database name | - | β |
SERVER_PORT |
HTTP server port | 8080 | β |
JWT_SECRET |
JWT signing key | - | β |
LOG_LEVEL |
Logging level | info | β |
π‘ API Documentation
Authentication
All protected endpoints require a JWT token in the Authorization header:
Authorization: Bearer <your_jwt_token>
Base URL
Local Development: http://localhost:8080
Car Management Endpoints
Get Car by ID
GET /cars/{id}
Parameters:
id(path) - UUID of the car
Response:
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"name": "Tesla Model S",
"year": "2024",
"brand": "Tesla",
"fuel_type": "Electric",
"engine": {
"id": "550e8400-e29b-41d4-a716-446655440001",
"displacement": 0,
"no_of_cylinders": 0,
"car_range": 400
},
"price": 79999.99,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
}
Get Cars by Brand
GET /cars/brand?brand={brand}&engine={true/false}
Query Parameters:
brand(required) - Car brand nameengine(optional) - Include engine details (default: false)
Example:
curl "http://localhost:8080/cars/brand?brand=Tesla&engine=true"
Create New Car
POST /cars
Request Body:
{
"name": "Model Y",
"year": "2024",
"brand": "Tesla",
"fuel_type": "Electric",
"engine": {
"displacement": 0,
"no_of_cylinders": 0,
"car_range": 350
},
"price": 65999.99
}
Response: 201 Created
Engine Management Endpoints
Get Engine by ID
GET /engines/{id}
Get Engines by Brand
GET /engines/brand?brand={brand}
Create New Engine
POST /engines
Request Body:
{
"displacement": 2000,
"no_of_cylinders": 4,
"car_range": 600
}
Authentication Endpoints
User Login
POST /login
Request Body:
{
"email": "user@example.com",
"password": "your_password"
}
Response:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"expires_at": "2024-01-16T10:30:00Z",
"user": {
"id": "user-uuid",
"email": "user@example.com"
}
}
Monitoring Endpoints
Health Check
GET /health
Response:
{
"status": "healthy",
"timestamp": "2024-01-15T10:30:00Z",
"database": "connected",
"version": "1.0.0"
}
Metrics (Prometheus)
GET /metrics
Response: Prometheus metrics format
Error Responses
All endpoints return consistent error responses:
{
"error": "Resource not found",
"code": 404,
"timestamp": "2024-01-15T10:30:00Z",
"path": "/cars/invalid-id"
}
HTTP Status Codes
| Code | Status | Description |
|---|---|---|
| 200 | OK | Request successful |
| 201 | Created | Resource created successfully |
| 400 | Bad Request | Invalid request data |
| 401 | Unauthorized | Missing or invalid token |
| 404 | Not Found | Resource not found |
| 500 | Internal Server Error | Server error |
Rate Limiting
- Rate Limit: 100 requests per minute per IP
- Headers:
X-RateLimit-Limit: Request limitX-RateLimit-Remaining: Remaining requestsX-RateLimit-Reset: Reset time
API Examples with cURL
# Health check
curl -X GET "http://localhost:8080/health"
# Get car by ID
curl -X GET "http://localhost:8080/cars/550e8400-e29b-41d4-a716-446655440000"
# Get cars by brand with engine details
curl -X GET "http://localhost:8080/cars/brand?brand=Tesla&engine=true"
# Create a new car (requires authentication)
curl -X POST "http://localhost:8080/cars" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-d '{
"name": "Cybertruck",
"year": "2024",
"brand": "Tesla",
"fuel_type": "Electric",
"engine": {
"displacement": 0,
"no_of_cylinders": 0,
"car_range": 500
},
"price": 99999.99
}'
# User login
curl -X POST "http://localhost:8080/login" \
-H "Content-Type: application/json" \
-d '{
"email": "admin@carzone.com",
"password": "your_password"
}'
οΏ½ Docker Deployment
Quick Start with Docker Compose
The easiest way to run CarZone is using Docker Compose, which sets up the entire stack:
# Clone the repository
git clone https://github.com/PrateekKumar15/CarZone.git
cd CarZone
# Start all services
docker-compose up --build -d
This will start:
- CarZone API on port 8080
- PostgreSQL Database on port 5432
- Prometheus on port 9090
- Jaeger UI on port 16686
Docker Compose Services
Full Stack Configuration
version: "3.8"
services:
# CarZone API Application
app:
build: .
ports:
- "8080:8080"
environment:
DB_HOST: db
DB_PORT: 5432
DB_USER: carzone_user
DB_PASSWORD: secure_password_123
DB_NAME: carzone_db
JAEGER_AGENT_HOST: jaeger
JAEGER_AGENT_PORT: 4318
depends_on:
- db
- jaeger
- prometheus
restart: unless-stopped
networks:
- carzone-network
# PostgreSQL Database
db:
image: postgres:13-alpine
environment:
POSTGRES_USER: carzone_user
POSTGRES_PASSWORD: secure_password_123
POSTGRES_DB: carzone_db
ports:
- "5432:5432"
volumes:
- postgres_data:/var/lib/postgresql/data
- ./store/schema.sql:/docker-entrypoint-initdb.d/schema.sql
restart: unless-stopped
networks:
- carzone-network
# Prometheus Monitoring
prometheus:
image: prom/prometheus:latest
ports:
- "9090:9090"
volumes:
- ./prometheus.yml:/etc/prometheus/prometheus.yml
command:
- "--config.file=/etc/prometheus/prometheus.yml"
- "--storage.tsdb.path=/prometheus"
- "--web.console.libraries=/etc/prometheus/console_libraries"
- "--web.console.templates=/etc/prometheus/consoles"
restart: unless-stopped
networks:
- carzone-network
# Jaeger Tracing
jaeger:
image: jaegertracing/all-in-one:latest
ports:
- "16686:16686" # Jaeger UI
- "4317:4317" # OTLP gRPC
- "4318:4318" # OTLP HTTP
environment:
COLLECTOR_OTLP_ENABLED: "true"
restart: unless-stopped
networks:
- carzone-network
volumes:
postgres_data:
networks:
carzone-network:
driver: bridge
Individual Service Deployment
Database Only
# Start just PostgreSQL
docker run --name carzone-postgres \
-e POSTGRES_DB=carzone_db \
-e POSTGRES_USER=carzone_user \
-e POSTGRES_PASSWORD=secure_password \
-p 5432:5432 \
-v $(pwd)/store/schema.sql:/docker-entrypoint-initdb.d/schema.sql \
-d postgres:13-alpine
Application Only
# Build the application image
docker build -t carzone:latest .
# Run the application
docker run --name carzone-app \
-p 8080:8080 \
-e DB_HOST=localhost \
-e DB_USER=carzone_user \
-e DB_PASSWORD=secure_password \
-e DB_NAME=carzone_db \
-d carzone:latest
Docker Commands Cheat Sheet
# View running services
docker-compose ps
# View logs
docker-compose logs -f app # Application logs
docker-compose logs -f db # Database logs
docker-compose logs -f prometheus # Prometheus logs
# Stop all services
docker-compose down
# Stop and remove volumes (β οΈ deletes data)
docker-compose down -v
# Rebuild and restart
docker-compose up --build
# Scale the application (multiple instances)
docker-compose up --scale app=3
# Access database shell
docker-compose exec db psql -U carzone_user -d carzone_db
# Execute commands in app container
docker-compose exec app sh
Monitoring & Health Checks
Once deployed, verify the services:
# Application health
curl http://localhost:8080/health
# Prometheus metrics
curl http://localhost:9090
# Jaeger UI (open in browser)
http://localhost:16686
# Application metrics
curl http://localhost:8080/metrics
Production Considerations
Security Hardening
# docker-compose.prod.yml
services:
app:
environment:
- DB_PASSWORD_FILE=/run/secrets/db_password
secrets:
- db_password
user: "1000:1000"
read_only: true
tmpfs:
- /tmp
secrets:
db_password:
external: true
Resource Limits
services:
app:
deploy:
resources:
limits:
cpus: "0.5"
memory: 512M
reservations:
cpus: "0.25"
memory: 256M
db:
deploy:
resources:
limits:
cpus: "1.0"
memory: 1G
reservations:
cpus: "0.5"
memory: 512M
Health Checks
services:
app:
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
οΏ½βπ» Development Guide
Local Development Setup
1. Development Environment
# Install development tools
go install github.com/cosmtrek/air@latest # Hot reload
go install github.com/swaggo/swag/cmd/swag@latest # API docs
# Install pre-commit hooks (optional)
pip install pre-commit
pre-commit install
2. Database Setup for Development
# Start PostgreSQL with Docker
docker run --name dev-postgres \
-e POSTGRES_DB=carzone_dev \
-e POSTGRES_USER=dev_user \
-e POSTGRES_PASSWORD=dev_pass \
-p 5432:5432 \
-d postgres:13-alpine
# Load schema and sample data
docker exec -i dev-postgres psql -U dev_user -d carzone_dev < store/schema.sql
3. Hot Reload Development
# Install air for hot reloading
air init
# Start development server with hot reload
air
Project Structure Guidelines
Adding New Features
-
Define Domain Model
// models/feature.go type Feature struct { ID string `json:"id" db:"id"` Name string `json:"name" db:"name" validate:"required"` CreatedAt time.Time `json:"created_at" db:"created_at"` } -
Create Store Interface
// store/interface.go type FeatureStore interface { GetByID(ctx context.Context, id string) (*models.Feature, error) Create(ctx context.Context, feature *models.Feature) error } -
Implement Store
// store/feature/feature.go func (s *store) GetByID(ctx context.Context, id string) (*models.Feature, error) { // Implementation } -
Create Service Interface
// service/interface.go type FeatureService interface { GetFeature(ctx context.Context, id string) (*models.Feature, error) } -
Implement Service
// service/feature/feature.go func (s *service) GetFeature(ctx context.Context, id string) (*models.Feature, error) { // Business logic } -
Create Handler
// handler/feature/feature.go func (h *Handler) GetFeature(w http.ResponseWriter, r *http.Request) { // HTTP handling }
Code Style Guidelines
Go Code Standards
// β
Good: Clear naming and structure
func (s *carService) GetCarsByBrand(ctx context.Context, brand string) ([]*models.Car, error) {
if brand == "" {
return nil, errors.New("brand cannot be empty")
}
cars, err := s.store.GetCarsByBrand(ctx, brand)
if err != nil {
s.logger.Error("failed to get cars", "error", err, "brand", brand)
return nil, fmt.Errorf("failed to get cars: %w", err)
}
return cars, nil
}
// β Avoid: Unclear naming and poor error handling
func (s *carService) GetCars(brand string) []*models.Car {
cars, _ := s.store.GetCarsByBrand(context.Background(), brand)
return cars
}
Error Handling Pattern
func (h *Handler) CreateCar(w http.ResponseWriter, r *http.Request) {
var car models.Car
if err := json.NewDecoder(r.Body).Decode(&car); err != nil {
http.Error(w, "Invalid JSON", http.StatusBadRequest)
return
}
if err := car.Validate(); err != nil {
http.Error(w, fmt.Sprintf("Validation error: %v", err), http.StatusBadRequest)
return
}
if err := h.service.CreateCar(r.Context(), &car); err != nil {
h.logger.Error("failed to create car", "error", err)
http.Error(w, "Internal server error", http.StatusInternalServerError)
return
}
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusCreated)
json.NewEncoder(w).Encode(car)
}
Testing Strategy
Unit Tests
// service/car/car_test.go
func TestCarService_GetCarsByBrand(t *testing.T) {
mockStore := &mocks.MockCarStore{}
service := NewService(mockStore)
expectedCars := []*models.Car{
{ID: "1", Brand: "Tesla", Name: "Model S"},
}
mockStore.On("GetCarsByBrand", mock.Anything, "Tesla").Return(expectedCars, nil)
cars, err := service.GetCarsByBrand(context.Background(), "Tesla")
assert.NoError(t, err)
assert.Len(t, cars, 1)
assert.Equal(t, "Tesla", cars[0].Brand)
mockStore.AssertExpectations(t)
}
Integration Tests
// tests/integration/car_test.go
func TestCarAPI_Integration(t *testing.T) {
// Setup test database
db := setupTestDB(t)
defer db.Close()
// Create test server
server := setupTestServer(db)
// Test car creation
payload := `{"name":"Test Car","brand":"Tesla","year":"2024"}`
resp := httptest.NewRecorder()
req := httptest.NewRequest("POST", "/cars", strings.NewReader(payload))
server.ServeHTTP(resp, req)
assert.Equal(t, http.StatusCreated, resp.Code)
}
Database Migrations
Schema Evolution
-
Create Migration File
-- migrations/001_add_user_table.sql CREATE TABLE users ( id UUID PRIMARY KEY DEFAULT gen_random_uuid(), email VARCHAR(255) UNIQUE NOT NULL, password_hash VARCHAR(255) NOT NULL, created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ); -
Apply Migration
# Apply all pending migrations psql -U carzone_user -d carzone_db -f migrations/001_add_user_table.sql
Performance Optimization
Database Optimization
-- Add indexes for frequently queried columns
CREATE INDEX idx_cars_brand ON car(brand);
CREATE INDEX idx_cars_year ON car(year);
CREATE INDEX idx_cars_price ON car(price);
-- Analyze query performance
EXPLAIN ANALYZE SELECT * FROM car WHERE brand = 'Tesla';
Connection Pool Tuning
// driver/postgres.go
func NewPostgresDB(config Config) (*sql.DB, error) {
db, err := sql.Open("postgres", config.DatabaseURL)
if err != nil {
return nil, err
}
// Optimize connection pool
db.SetMaxOpenConns(25)
db.SetMaxIdleConns(10)
db.SetConnMaxLifetime(5 * time.Minute)
return db, nil
}
π Monitoring & Observability
Prometheus Metrics
CarZone exposes custom business metrics:
Available Metrics
| Metric | Type | Description |
|---|---|---|
carzone_http_requests_total |
Counter | Total HTTP requests |
carzone_http_request_duration_seconds |
Histogram | HTTP request duration |
carzone_cars_total |
Gauge | Total number of cars |
carzone_database_connections |
Gauge | Active database connections |
carzone_errors_total |
Counter | Total application errors |
Custom Metrics Implementation
// middleware/metrics_middleware.go
var (
httpRequestsTotal = prometheus.NewCounterVec(
prometheus.CounterOpts{
Name: "carzone_http_requests_total",
Help: "Total number of HTTP requests",
},
[]string{"method", "endpoint", "status"},
)
httpRequestDuration = prometheus.NewHistogramVec(
prometheus.HistogramOpts{
Name: "carzone_http_request_duration_seconds",
Help: "HTTP request duration in seconds",
},
[]string{"method", "endpoint"},
)
)
Jaeger Distributed Tracing
Trace Context Propagation
func (s *carService) GetCarsByBrand(ctx context.Context, brand string) ([]*models.Car, error) {
// Start a new span
span, ctx := opentracing.StartSpanFromContext(ctx, "car.service.GetCarsByBrand")
defer span.Finish()
// Add tags for better observability
span.SetTag("car.brand", brand)
cars, err := s.store.GetCarsByBrand(ctx, brand)
if err != nil {
span.SetTag("error", true)
span.LogFields(log.Error(err))
return nil, err
}
span.SetTag("cars.count", len(cars))
return cars, nil
}
Health Checks
Comprehensive Health Monitoring
// handler/health.go
type HealthResponse struct {
Status string `json:"status"`
Timestamp time.Time `json:"timestamp"`
Version string `json:"version"`
Database string `json:"database"`
Dependencies map[string]string `json:"dependencies"`
}
func (h *HealthHandler) HealthCheck(w http.ResponseWriter, r *http.Request) {
health := HealthResponse{
Status: "healthy",
Timestamp: time.Now(),
Version: "1.0.0",
}
// Check database connectivity
if err := h.db.Ping(); err != nil {
health.Status = "unhealthy"
health.Database = "disconnected"
} else {
health.Database = "connected"
}
// Check dependencies
health.Dependencies = map[string]string{
"prometheus": h.checkPrometheus(),
"jaeger": h.checkJaeger(),
}
statusCode := http.StatusOK
if health.Status == "unhealthy" {
statusCode = http.StatusServiceUnavailable
}
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(statusCode)
json.NewEncoder(w).Encode(health)
}
Alerting Rules
Prometheus Alert Rules
# alerts.yml
groups:
- name: carzone_alerts
rules:
- alert: HighErrorRate
expr: rate(carzone_errors_total[5m]) > 0.1
for: 2m
labels:
severity: critical
annotations:
summary: "High error rate detected"
- alert: DatabaseConnectionsHigh
expr: carzone_database_connections > 20
for: 5m
labels:
severity: warning
annotations:
summary: "High database connection usage"
π§ͺ Testing
Testing Strategy Overview
CarZone follows a comprehensive testing pyramid:
πΊ
/ \
/ E2E \ β Few, high-value end-to-end tests
/_______\
/ \
/Integration\ β Moderate integration tests
/_____________\
/ \
/ Unit Tests \ β Many fast unit tests
/___________________\
Running Tests
# Run all tests
go test ./...
# Run tests with coverage
go test -cover ./...
# Run tests with race detection
go test -race ./...
# Run specific test package
go test ./service/car/
# Run tests with verbose output
go test -v ./...
# Generate coverage report
go test -coverprofile=coverage.out ./...
go tool cover -html=coverage.out -o coverage.html
Unit Testing Examples
Service Layer Tests
// service/car/car_test.go
func TestCarService_CreateCar(t *testing.T) {
tests := []struct {
name string
input *models.Car
setupMock func(*mocks.MockCarStore)
expectedErr bool
}{
{
name: "successful car creation",
input: &models.Car{
Name: "Model S",
Brand: "Tesla",
Year: "2024",
FuelType: "Electric",
Price: 79999.99,
},
setupMock: func(m *mocks.MockCarStore) {
m.On("Create", mock.Anything, mock.AnythingOfType("*models.Car")).Return(nil)
},
expectedErr: false,
},
{
name: "validation error - empty name",
input: &models.Car{
Brand: "Tesla",
Year: "2024",
FuelType: "Electric",
Price: 79999.99,
},
setupMock: func(m *mocks.MockCarStore) {},
expectedErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
mockStore := &mocks.MockCarStore{}
tt.setupMock(mockStore)
service := NewService(mockStore)
err := service.CreateCar(context.Background(), tt.input)
if tt.expectedErr {
assert.Error(t, err)
} else {
assert.NoError(t, err)
}
mockStore.AssertExpectations(t)
})
}
}
Integration Testing
API Integration Tests
// tests/integration/api_test.go
func TestCarAPI(t *testing.T) {
// Setup test database
db := setupTestDatabase(t)
defer cleanupTestDatabase(t, db)
// Setup test server
server := setupTestServer(db)
t.Run("Create and retrieve car", func(t *testing.T) {
// Create a car
carPayload := `{
"name": "Test Car",
"brand": "Tesla",
"year": "2024",
"fuel_type": "Electric",
"price": 50000.00
}`
resp := httptest.NewRecorder()
req := httptest.NewRequest("POST", "/cars", strings.NewReader(carPayload))
req.Header.Set("Content-Type", "application/json")
server.ServeHTTP(resp, req)
assert.Equal(t, http.StatusCreated, resp.Code)
// Parse response to get car ID
var createdCar models.Car
json.Unmarshal(resp.Body.Bytes(), &createdCar)
// Retrieve the car
resp = httptest.NewRecorder()
req = httptest.NewRequest("GET", "/cars/"+createdCar.ID, nil)
server.ServeHTTP(resp, req)
assert.Equal(t, http.StatusOK, resp.Code)
var retrievedCar models.Car
json.Unmarshal(resp.Body.Bytes(), &retrievedCar)
assert.Equal(t, createdCar.ID, retrievedCar.ID)
assert.Equal(t, "Test Car", retrievedCar.Name)
})
}
Test Helpers and Utilities
Database Test Setup
// tests/testutil/database.go
func SetupTestDatabase(t *testing.T) *sql.DB {
config := postgres.Config{
Host: "localhost",
Port: 5432,
User: "test_user",
Password: "test_pass",
Database: "carzone_test",
}
db, err := sql.Open("postgres", config.ConnectionString())
require.NoError(t, err)
// Run migrations
err = runMigrations(db)
require.NoError(t, err)
return db
}
func CleanupTestDatabase(t *testing.T, db *sql.DB) {
_, err := db.Exec("TRUNCATE car, engine CASCADE")
require.NoError(t, err)
db.Close()
}
Mock Generators
//go:generate mockery --name=CarStore --output=mocks
//go:generate mockery --name=CarService --output=mocks
Continuous Integration
GitHub Actions Workflow
# .github/workflows/test.yml
name: Tests
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
test:
runs-on: ubuntu-latest
services:
postgres:
image: postgres:13
env:
POSTGRES_USER: test_user
POSTGRES_PASSWORD: test_pass
POSTGRES_DB: carzone_test
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.24.3
- name: Download dependencies
run: go mod download
- name: Run tests
run: |
go test -race -coverprofile=coverage.out ./...
go tool cover -html=coverage.out -o coverage.html
env:
DB_HOST: localhost
DB_PORT: 5432
DB_USER: test_user
DB_PASSWORD: test_pass
DB_NAME: carzone_test
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
file: ./coverage.out
π€ Contributing
We welcome contributions to CarZone! Here's how you can help make the project better.
How to Contribute
-
Fork the Repository
# Fork the repo on GitHub, then clone your fork git clone https://github.com/your-username/CarZone.git cd CarZone -
Create a Feature Branch
git checkout -b feature/amazing-new-feature # or git checkout -b fix/critical-bug-fix -
Make Your Changes
- Write clean, well-documented code
- Follow the existing code style
- Add tests for new features
- Update documentation as needed
-
Test Your Changes
# Run all tests go test ./... # Run with coverage go test -cover ./... # Test with race detection go test -race ./... -
Commit and Push
git add . git commit -m "feat: add amazing new feature" git push origin feature/amazing-new-feature -
Create a Pull Request
- Open a PR on GitHub
- Provide a clear description
- Link any related issues
Development Guidelines
Code Style
- Follow Go Code Review Comments
- Use
gofmtandgoimports - Write meaningful commit messages following Conventional Commits
Commit Message Format
type(scope): description
[optional body]
[optional footer]
Examples:
feat(api): add car search endpointfix(auth): resolve JWT token validation issuedocs(readme): update installation instructionsrefactor(service): improve error handling
Pull Request Guidelines
- Title: Clear and descriptive
- Description:
- What changes were made
- Why the changes were necessary
- How to test the changes
- Size: Keep PRs focused and reasonably sized
- Tests: Include tests for new functionality
- Documentation: Update docs for user-facing changes
Types of Contributions
π Bug Reports
- Use the GitHub issue template
- Include reproduction steps
- Provide system information
- Add relevant logs or error messages
β¨ Feature Requests
- Describe the problem you're trying to solve
- Explain the proposed solution
- Consider alternative approaches
- Discuss potential implementation details
π Documentation
- Fix typos and grammatical errors
- Improve code examples
- Add missing documentation
- Translate documentation
π§ͺ Testing
- Add missing test cases
- Improve test coverage
- Fix flaky tests
- Add integration tests
Development Setup for Contributors
-
Install Development Tools
# Install pre-commit hooks pip install pre-commit pre-commit install # Install Go tools go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest go install github.com/swaggo/swag/cmd/swag@latest -
Set Up Test Environment
# Start test database docker-compose -f docker-compose.test.yml up -d # Run migrations make migrate-test -
Run Quality Checks
# Lint code golangci-lint run # Format code gofmt -s -w . goimports -w . # Run security checks gosec ./...
Project Roadmap
Current priorities and future plans:
π§ In Progress
- User authentication system
- Car reservation functionality
- Payment integration
- Advanced search filters
π Planned Features
- GraphQL API support
- Mobile app backend
- Real-time notifications
- Analytics dashboard
- Multi-tenant support
- Elasticsearch integration
π― Long Term Goals
- Microservices architecture
- Event-driven architecture
- AI-powered recommendations
- IoT integration for smart cars
Getting Help
- Questions: Open a GitHub Discussion
- Bugs: Create a GitHub Issue
- Security: Email security@carzone.com
- Chat: Join our Discord server
Recognition
Contributors will be recognized in:
- GitHub contributors list
- CONTRIBUTORS.md file
- Release notes for significant contributions
- Annual contributor spotlight
π Database Schema
Entity Relationship Diagram
erDiagram
CAR ||--|| ENGINE : has
USER ||--o{ CAR : owns
USER {
uuid id PK
string email UK
string password_hash
timestamp created_at
timestamp updated_at
}
CAR {
uuid id PK
string name
string year
string brand
string fuel_type
uuid engine_id FK
decimal price
uuid owner_id FK
timestamp created_at
timestamp updated_at
}
ENGINE {
uuid id PK
int displacement
int no_of_cylinders
int car_range
timestamp created_at
timestamp updated_at
}
Table Definitions
Cars Table
CREATE TABLE car (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
name VARCHAR(255) NOT NULL,
year VARCHAR(4) NOT NULL CHECK (year ~ '^[0-9]{4}$'),
brand VARCHAR(255) NOT NULL,
fuel_type VARCHAR(50) NOT NULL CHECK (fuel_type IN ('Gasoline', 'Diesel', 'Electric', 'Hybrid')),
engine_id UUID NOT NULL,
owner_id UUID,
price DECIMAL(12, 2) NOT NULL CHECK (price > 0),
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (engine_id) REFERENCES engine(id) ON DELETE CASCADE,
FOREIGN KEY (owner_id) REFERENCES users(id) ON DELETE SET NULL
);
-- Indexes for performance
CREATE INDEX idx_car_brand ON car(brand);
CREATE INDEX idx_car_year ON car(year);
CREATE INDEX idx_car_price ON car(price);
CREATE INDEX idx_car_fuel_type ON car(fuel_type);
Engines Table
CREATE TABLE engine (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
displacement INTEGER NOT NULL CHECK (displacement > 0),
no_of_cylinders INTEGER NOT NULL CHECK (no_of_cylinders > 0 AND no_of_cylinders <= 16),
car_range INTEGER NOT NULL CHECK (car_range > 0),
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
-- Indexes
CREATE INDEX idx_engine_displacement ON engine(displacement);
CREATE INDEX idx_engine_cylinders ON engine(no_of_cylinders);
Users Table
CREATE TABLE users (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
email VARCHAR(255) UNIQUE NOT NULL,
password_hash VARCHAR(255) NOT NULL,
first_name VARCHAR(100),
last_name VARCHAR(100),
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
-- Indexes
CREATE INDEX idx_users_email ON users(email);
Sample Data
The store/schema.sql file includes comprehensive sample data:
- 20+ Car Models from various brands (Tesla, BMW, Mercedes, Toyota, etc.)
- Diverse Engine Types from electric to V8 gasoline engines
- Realistic Pricing based on market values
- Test Users for development and testing
π Deployment Guide
Production Deployment Options
1. Docker Swarm Deployment
# Initialize swarm
docker swarm init
# Deploy stack
docker stack deploy -c docker-compose.prod.yml carzone
2. Kubernetes Deployment
# k8s/deployment.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: carzone-api
spec:
replicas: 3
selector:
matchLabels:
app: carzone-api
template:
metadata:
labels:
app: carzone-api
spec:
containers:
- name: carzone-api
image: carzone:latest
ports:
- containerPort: 8080
env:
- name: DB_HOST
value: "postgres-service"
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "500m"
3. Cloud Platform Deployment
AWS ECS
{
"family": "carzone-task",
"networkMode": "awsvpc",
"requiresCompatibilities": ["FARGATE"],
"cpu": "256",
"memory": "512",
"containerDefinitions": [
{
"name": "carzone-api",
"image": "your-registry/carzone:latest",
"portMappings": [
{
"containerPort": 8080,
"protocol": "tcp"
}
],
"environment": [
{
"name": "DB_HOST",
"value": "your-rds-endpoint"
}
],
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-group": "/ecs/carzone",
"awslogs-region": "us-west-2",
"awslogs-stream-prefix": "ecs"
}
}
}
]
}
Environment-Specific Configurations
Production Environment
# Production .env
DB_HOST=your-production-db-host
DB_NAME=carzone_prod
DB_SSLMODE=require
LOG_LEVEL=warn
ENVIRONMENT=production
JWT_SECRET=your-super-secure-jwt-secret
Staging Environment
# Staging .env
DB_HOST=staging-db-host
DB_NAME=carzone_staging
DB_SSLMODE=require
LOG_LEVEL=info
ENVIRONMENT=staging
Security Considerations
Production Security Checklist
-
Database Security
- Use SSL/TLS connections
- Restrict database access by IP
- Use strong passwords
- Enable audit logging
-
Application Security
- Use secure JWT secrets
- Enable CORS properly
- Implement rate limiting
- Use HTTPS only
-
Infrastructure Security
- Keep Docker images updated
- Use non-root containers
- Implement network segmentation
- Regular security scanning
π License
This project is licensed under the MIT License - see the LICENSE file for details.
MIT License
Copyright (c) 2024 Prateek Kumar
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
π₯ Authors & Contributors
Project Creator
Prateek Kumar - @PrateekKumar15
- π Project architecture and initial implementation
- ποΈ Clean architecture design
- π Monitoring and observability setup
- π³ Docker and deployment configuration
Contributors
We thank all the contributors who have helped make CarZone better:
How to Become a Contributor
- Fork the repository
- Make meaningful contributions
- Submit quality pull requests
- Help with code reviews
- Assist with documentation
π Acknowledgments
Special thanks to the following projects and communities that made CarZone possible:
Open Source Libraries
- Gorilla Mux - Powerful HTTP router
- lib/pq - PostgreSQL driver for Go
- Prometheus - Monitoring and alerting
- Jaeger - Distributed tracing
- Docker - Containerization platform
Inspiration & References
- Clean Architecture principles by Robert C. Martin
- Domain-Driven Design concepts by Eric Evans
- Microservices Patterns by Chris Richardson
- Go best practices from the Go community
Community Support
- Go Community - For excellent language design and ecosystem
- PostgreSQL Community - For the world's most advanced open source database
- Docker Community - For revolutionizing application deployment
- Open Source Contributors - For building amazing tools and libraries
π CarZone - Drive into the Future
Built with β€οΈ by Prateek Kumar
β Star this repo | π Report Bug | π‘ Request Feature | π Documentation
Documentation
ΒΆ
Overview ΒΆ
Package main is the entry point for the CarZone application. It sets up the HTTP server, initializes dependencies, and configures routing. This file follows the dependency injection pattern to wire up all components.
Source Files
Directories
ΒΆ
| Path | Synopsis |
|---|---|
|
Package driver provides database connection management for the CarZone application.
|
Package driver provides database connection management for the CarZone application. |
|
handler
|
|
|
Package models contains the data structures and validation logic for the CarZone application
|
Package models contains the data structures and validation logic for the CarZone application |
|
Package service defines the business logic layer interfaces for the CarZone application.
|
Package service defines the business logic layer interfaces for the CarZone application. |
|
Package store defines the data access layer interfaces for the CarZone application.
|
Package store defines the data access layer interfaces for the CarZone application. |
Click to show internal directories.
Click to hide internal directories.