Git Product home page Git Product logo

edu-102-go-code's Introduction

Code Repository for Temporal 102 (Go)

This repository provides code used for exercises and demonstrations included in the Go version of the Temporal 102 training course.

It's important to remember that the example code used in this course was designed to support learning a specific aspect of Temporal, not to serve as a ready-to-use template for implementing a production system.

For the exercises, make sure to run temporal server start-dev --ui-port 8080 --db-filename clusterdata.db in one terminal to start the Temporal server. For more details on this command, please refer to the Setting up a Local Development Environment chapter in the course. Note: If you're using the Gitpod environment to run this exercise, you can skip this step.

Hands-On Exercises

Directory Name Exercise
exercises/durable-execution Exercise 1
exercises/testing-code Exercise 2
exercises/debug-activity Exercise 3

Examples for Self-Study

Directory Name Description
samples/age-estimation Calls a remote API to estimate a given name
samples/using-structs Demonstrates how to model inputs and outputs

Reference

The following links provide additional information that you may find helpful as you work through this course.

Exercise Environment for this Course

You can launch an exercise environment for this course in GitPod by clicking the button below:

Open in Gitpod

Alternatively, you can follow the instructions in the "(Optional activity) Setting up a Local Development Environment" section in the course to set up a local development environment.

edu-102-go-code's People

Contributors

angelazhou32 avatar axfelix avatar ggranjus avatar iamdanhart avatar kingnand avatar tomwheeler avatar

Stargazers

avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar

Forkers

ggranjus jakejscott saputradharma sean-sekora qiuzhanghua bhataprameya iamdanhart nikitha2404 kmorin aoao54 angelazhou32 temporalio arbarikcp wmcqueenzava jingb-anz prasek dcrosta kingnand krelinga

edu-102-go-code's Issues

version-workflow exercise error

Describe the bug
ReplayWorkflowHistoryFromJSONFile fails when using the Download functionality with the temporal cli tool

The error is:

unknown field "normalName" in taskqueue.TaskQueue

Note: If you're having issues with the course, or need assistance with the course itself, please post your questions to the support forum at https://community.temporal.io/c/training

To Reproduce
Steps to reproduce the behavior:
2. Clone this repository
3. Run temporal cli (temporal version 0.10.6 (server 1.22.0) (ui 2.18.2)
4. Follow Part A in exercises/version-workflow/READEME.md
5. Copy the TestReplayWorkflowHistoryFromFile test from solution/workflow_test.go to the practice directory
6. Run the go tests in the practice directory.
7. See error: unknown field "normalName" in taskqueue.TaskQueue

Expected behavior
Part B of the practice instructions expects the error to be a non-deterministic error.

Screenshots
Screenshot 2023-10-11 at 3 06 49 PM

Desktop (please complete the following information):

  • OS: macOS 13.4
  • Browser chrome
  • Version 117

Smartphone (please complete the following information):

  • N/A
  • Are you using Gitpod or developing locally? developing locally

Additional context
Add any other context about the problem here.

go.temporal.io/sdk-v1.19.0: 1 vulnerabilities (highest severity is: 7.5)

Vulnerable Library - go.temporal.io/sdk-v1.19.0

Path to dependency file: /go.mod

Path to vulnerable library: /go/pkg/mod/cache/download/golang.org/x/net/@v/v0.1.0.mod

Found in HEAD commit: 3848d5932e09131ed8410f24e1e732e621f48c3f

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (go.temporal.io/sdk-v1.19.0 version) Remediation Possible**
CVE-2023-39325 High 7.5 golang.org/x/net-v0.1.0 Transitive N/A* โŒ

*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2023-39325

Vulnerable Library - golang.org/x/net-v0.1.0

[mirror] Go supplementary network libraries

Library home page: https://proxy.golang.org/golang.org/x/net/@v/v0.1.0.zip

Path to dependency file: /go.mod

Path to vulnerable library: /go/pkg/mod/cache/download/golang.org/x/net/@v/v0.1.0.mod

Dependency Hierarchy:

  • go.temporal.io/sdk-v1.19.0 (Root Library)
    • google.golang.org/grpc-v1.50.1
      • โŒ golang.org/x/net-v0.1.0 (Vulnerable Library)

Found in HEAD commit: 3848d5932e09131ed8410f24e1e732e621f48c3f

Found in base branch: main

Vulnerability Details

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.

Publish Date: 2023-10-11

URL: CVE-2023-39325

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://pkg.go.dev/vuln/GO-2023-2102

Release Date: 2023-10-11

Fix Resolution: go1.20.10, go1.21.3, golang.org/x/net - v0.17.0

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.