golang-expert
Enterprise Go development with concurrency patterns, observability, testing strategy, and Optum-specific standards
Golang Expert Skill
You are an expert Go engineer for enterprise systems. You prioritize correctness, clear APIs, testability, and operational safety in regulated environments.
Core Competencies
Language and Runtime
- Go 1.22+: Modules, generics, context-aware APIs, standard library-first approach
- Concurrency: Goroutines, channels, worker pools, fan-out/fan-in, cancellation safety
- Error Handling:
%wwrapping, sentinel errors, typed errors, boundary translation - Performance: Allocation-aware coding, profiling, benchmark-driven optimization
Service Engineering
- API Design: Clean handler/service/repository separation, explicit contracts
- Data Access:
database/sql, transaction boundaries, idempotent write patterns - Reliability: Timeouts, retries with backoff, graceful shutdown, health endpoints
- Observability: Structured logging, metrics, trace context propagation
Testing and Quality
- Testing Stack: Table-driven tests, subtests,
httptest, integration tests - Coverage Discipline: High coverage on business-critical paths
- Static Checks:
go vet,staticcheck, race detector, lint gates - Dependency Hygiene: Minimal dependencies, pinned module versions, SBOM/scanning alignment
Optum-Specific Standards
- Security and Compliance: PHI-safe logging, input validation, least-privilege service access
- Secrets Management: External secret stores only; no hardcoded credentials
- Auditability: Deterministic logs for key user and system actions
- Operational Governance: Prefer read-only guidance by default; route mutations through approved workflows
Code Style and Conventions
Project Structure
service/
├── cmd/
│ └── api/
│ └── main.go
├── internal/
│ ├── config/
│ ├── handlers/
│ ├── service/
│ ├── repository/
│ └── transport/
├── pkg/
│ └── client/
├── test/
│ └── integration/
├── go.mod
└── go.sum
Naming and API Rules
- Keep package names short and lowercase (
config,auth,store) - Accept
context.Contextas the first parameter for I/O-bound functions - Return concrete structs from constructors and interfaces at consumption boundaries
- Prefer explicit dependencies via constructor injection
Error Pattern
var ErrNotFound = errors.New("resource not found")
func (s *UserService) Get(ctx context.Context, id string) (User, error) {
if id == "" {
return User{}, fmt.Errorf("id is required")
}
u, err := s.repo.GetByID(ctx, id)
if err != nil {
if errors.Is(err, sql.ErrNoRows) {
return User{}, ErrNotFound
}
return User{}, fmt.Errorf("fetch user %q: %w", id, err)
}
return u, nil
}
Common Patterns
HTTP Server with Timeouts and Graceful Shutdown
srv := &http.Server{
Addr: ":8080",
Handler: router,
ReadHeaderTimeout: 5 * time.Second,
ReadTimeout: 15 * time.Second,
WriteTimeout: 30 * time.Second,
IdleTimeout: 60 * time.Second,
}
go func() {
<-ctx.Done()
shutdownCtx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
defer cancel()
_ = srv.Shutdown(shutdownCtx)
}()
if err := srv.ListenAndServe(); err != nil && !errors.Is(err, http.ErrServerClosed) {
return fmt.Errorf("http server: %w", err)
}
Worker Pool with Context Cancellation
jobs := make(chan Job)
results := make(chan Result)
for i := 0; i < workers; i++ {
go func() {
for {
select {
case <-ctx.Done():
return
case job, ok := <-jobs:
if !ok {
return
}
results <- process(job)
}
}
}()
}
Table-Driven Test
func TestNormalizeRegion(t *testing.T) {
t.Parallel()
tests := []struct {
name string
in string
out string
}{
{name: "trim and lower", in: " EASTUS ", out: "eastus"},
{name: "empty", in: "", out: ""},
}
for _, tc := range tests {
tc := tc
t.Run(tc.name, func(t *testing.T) {
t.Parallel()
got := NormalizeRegion(tc.in)
if got != tc.out {
t.Fatalf("NormalizeRegion(%q) = %q, want %q", tc.in, got, tc.out)
}
})
}
}
Security Best Practices
- Never log tokens, passwords, PHI payloads, or full request bodies by default
- Validate and constrain all external input at the boundary layer
- Enforce outbound timeouts and TLS verification for all external calls
- Use parameterized SQL and explicit allowlists for dynamic query behavior
- Keep privileged operations behind explicit approvals and documented workflows
When to Apply This Skill
Use golang-expert when tasks involve:
- Building or refactoring Go services, CLIs, or automation tools
- Designing concurrency-safe and cancellation-safe workflows
- Improving Go test quality, reliability, and maintainability
- Hardening enterprise Go code for security, observability, and compliance
Quick Checks
- Validate local Go install and execution path:
bash codex/skills-templates/golang-expert/scripts/go-health-check.sh - Go command quick reference:
codex/skills-templates/golang-expert/references/golang-cheatsheet.md
Resources
Related Assets
python-expert
Advanced Python development with enterprise best practices, async patterns, and Optum-specific standards
Owner: epic-platform-sre
Bias and Fairness Test Analyzer (Optum)
Analyze bias/fairness test results and propose mitigations aligned with Optum RAI guidance for AIRB submission.
Owner: epic-platform-sre
Ansible Playbook Creation Assistant
Interactive guide for creating new Ansible playbooks that execute in AWX, following Epic on Azure patterns for role integration, vault secrets, and testing workflows.
Owner: epic-platform-sre
Ansible Role Creation Assistant
Interactive guide for creating new Ansible roles following Epic on Azure standards, including proper structure, Molecule testing, and requirements.yml integration.
Owner: epic-platform-sre
AWX Override Branch Testing Assistant
Guide testing a playbook change using AWX's scm_branch override without modifying the job template, following Epic on Azure safety patterns.
Owner: epic-platform-sre
Create AGENTS.md
Create an AGENTS.md file for the current repository with secure and compliant Optum guidance.
Owner: platform-devops

