setup project structure

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,7 @@
+# Checklist
+- [ ] I adhere the [trunk-based workflow](https://www.atlassian.com/continuous-delivery/continuous-integration/trunk-based-development)
+- [ ] I verify that the `CHANGELOG.md` includes comprehensive documentation for the implemented features or fixed bugs. Increment the minor version such as `from 0.1.0 to 0.2.0` for implemented features and increment the patch version `from 0.1.0 to 0.1.1` for bug fixes. If any breaking changes occur, increment the major version, like `from 0.1.0 to 1.0.0`. Also see [Semantic Versioning 2.0.0](https://semver.org/lang/de/)
+- [ ] I ensure that all merge conflicts are resolved before asking for a PR reviewer
+- [ ] To ensure the success of all pull request workflows, I run [the auto-formatting and linting script](../scripts/format-and-lint.sh).
+
+# Reference/Link to the issue solved with this PR (if any)

.github/workflows/pr.yml

@@ -0,0 +1,16 @@
+name: Pull request
+
+on:
+  pull_request:
+    branches: [main]
+
+jobs:
+  test-build-push:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Echo
+        run: echo "TBD"
+

.github/workflows/release.yml

@@ -0,0 +1,28 @@
+name: Pull request
+
+on:
+  push:
+    branches: [main]
+
+jobs:
+  test-build-push:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Echo
+        run: echo "TBD"
+
+  # create-git-tags-from-version-file:
+  #   runs-on: ubuntu-latest
+  #   needs: [test-build-push]
+  #   steps:
+
+  #     - name: Checkout code
+  #       uses: actions/checkout@v3
+
+  #     - name: Create git tag from version file
+  #       uses: MGTheTrain/public-github-actions/.github/actions/create-git-tag-from-version-file@main
+  #       with:
+  #         GH_TOKEN: ${{ secrets.GH_TOKEN }}

.github/workflows/validate.yml

@@ -0,0 +1,25 @@
+name: Check Git diffs
+
+on:
+  pull_request:
+    branches: [main]
+
+jobs:
+  check-diffs:
+    runs-on: ubuntu-latest
+
+    steps:
+
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    - name: Echo
+      run: echo "TBD"
+
+    # - name: Check diffs
+    #   run: |
+    #     status=$(git status --porcelain=v1)
+    #     if [[ -n "$status" ]]; then
+    #       git diff
+    #       exit 1
+    #     fi

README.md

@@ -19,15 +19,14 @@ TBD
 
 ### Functional
 
-- [ ] **Provide RESTful API for cryptographic operations**: Expose endpoints for generating, encrypting, decrypting and verifying cryptographic material.
+- [ ] **Provide RESTful API for cryptographic operations**: Expose endpoints for managing cryptographic material and securing files at rest.
 - [ ] **Asymmetric encryption and decryption**: Support RSA, ECC and other asymmetric encryption algorithms for data protection.
-- [ ] **Symmetric encryption**: Implement support for symmetric key encryption (e.g. AES) for file-level security.
+- [ ] **Symmetric encryption**: Support for symmetric key encryption (e.g. AES) for data protection.
 - [ ] **Manage cryptographic material**: Enable management of X.509 certificates, private/public key pairs and symmetric keys (generation, import/export, rotation, etc.).
 - [ ] **Hashing and signature verification**: Support hashing algorithms (e.g. SHA-256, SHA-512) and verify signatures using asymmetric keys (RSA, ECDSA, etc.).
-- [ ] **File encryption and decryption**: Provide endpoints to encrypt and decrypt files using the supported cryptographic algorithms, with support for large file handling.
 - [ ] **Key management lifecycle**: Implement key lifecycle management (generation, rotation, revocation, expiration).
 - [ ] **Secure file storage integration**: Provide mechanisms to securely store encrypted files in BLOB storage (e.g. AWS S3, Azure Blob Storage, Google Cloud Storage).
-- [ ] **Access control**: Implement role-based access control (RBAC) for APIs and encrypted files, ensuring that only authorized users can perform operations on cryptographic material.
+- [ ] **Access control**: Implement role-based access control (RBAC) for APIs ensuring that only authorized users can perform operations on cryptographic material.
 
 ### Non-functional
 
@@ -39,7 +38,6 @@ TBD
 - [ ] **Security**: Ensure all cryptographic material is securely stored and encrypted, protect APIs with authentication (e.g. OAuth2, JWT) and follow best practices for handling sensitive data.
 - [ ] **Documentation**: Provide clear API documentation (e.g. Swagger/OpenAPI) for ease of integration by other developers.
 - [ ] **Versioning**: Implement proper API versioning to maintain backward compatibility as the API evolves.
-- [ ] **Internationalization and localization**: Support multiple languages or regional settings for global use (optional).
 - [ ] **Audit logging**: Maintain logs of all cryptographic operations and key management activities for compliance and auditing purposes.
 
 

go.mod

@@ -0,0 +1,3 @@
+module crypto_vault_service
+
+go 1.21.6