From e4ec84ea31bbece2916c947153d0b614b3e1819b Mon Sep 17 00:00:00 2001 From: gyurix Date: Sun, 12 Apr 2026 09:56:54 +0200 Subject: [PATCH] Refactor CI/CD pipeline and Dockerfile structure; remove obsolete build.yml and multi-stage Dockerfile, add default configuration for monitoring --- .drone.yml | 121 ++++++++++++------------------------- .gitea/workflows/build.yml | 111 ---------------------------------- Dockerfile | 84 ++++++++++++++++++++++--- Dockerfile.multi-stage | 39 ------------ default_config.hcl | 28 +++++++++ 5 files changed, 142 insertions(+), 241 deletions(-) delete mode 100644 .gitea/workflows/build.yml delete mode 100644 Dockerfile.multi-stage create mode 100644 default_config.hcl diff --git a/.drone.yml b/.drone.yml index 4dcd36e..635c346 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,100 +1,53 @@ ---- kind: pipeline -name: test +type: kubernetes +name: default -steps: - - name: test - image: golang:1.21 - environment: - VERSION: ${DRONE_TAG:-${DRONE_COMMIT}} - commands: - - make test - - - name: check - image: iamthefij/drone-pre-commit:personal - ---- -kind: pipeline -name: publish - -depends_on: - - test +node_selector: + zone: dev trigger: event: - push - tag - refs: - - refs/heads/master - - refs/tags/v* + +workspace: + path: /drone/src steps: - - name: build all binaries - image: golang:1.21 - environment: - VERSION: ${DRONE_TAG:-${DRONE_COMMIT}} - commands: - - make all - - - name: compress binaries for release - image: ubuntu - commands: - - find ./dist -type f -executable -execdir tar -czvf {}.tar.gz {} \; - when: - event: tag - - - name: upload gitea release - image: plugins/gitea-release + - name: pull image to dockerhub + image: docker.io/owncloudci/drone-docker-buildx:4 + privileged: true settings: - title: ${DRONE_TAG} - files: dist/*.tar.gz - checksum: - - md5 - - sha1 - - sha256 - - sha512 - base_url: - from_secret: gitea_base_url - api_key: - from_secret: gitea_token - when: - event: tag - - - name: Build and publish docker images - image: thegeeklab/drone-docker-buildx - settings: - repo: iamthefij/minitor-go - auto_tag: true + cache-from: [ "safebox/minitor" ] + repo: safebox/minitor + tags: latest + username: + from_secret: dockerhub-username + password: + from_secret: dockerhub-password platforms: - linux/amd64 - linux/arm64 - - linux/arm - username: - from_secret: docker_username - password: - from_secret: docker_password + when: + event: + - tag ---- -kind: pipeline -name: notify - -depends_on: - - test - - publish - -trigger: - status: - - failure - -steps: - - - name: notify - image: drillster/drone-email + - name: build multiarch from dev + image: docker.io/owncloudci/drone-docker-buildx:4 + privileged: true settings: - host: - from_secret: SMTP_HOST # pragma: whitelist secret + cache-from: [ "registry.dev.format.hu/minitor" ] + registry: registry.dev.format.hu + repo: registry.dev.format.hu/minitor + tags: latest + dockerfile: Dockerfile username: - from_secret: SMTP_USER # pragma: whitelist secret - password: - from_secret: SMTP_PASS # pragma: whitelist secret - from: drone@iamthefij.com + from_secret: dev-hu-registry-username + password: + from_secret: dev-hu-registry-password + platforms: + - linux/amd64 + - linux/arm64 + when: + event: + - push \ No newline at end of file diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml deleted file mode 100644 index 22408bc..0000000 --- a/.gitea/workflows/build.yml +++ /dev/null @@ -1,111 +0,0 @@ -name: ci -on: - push: - branches: - - main - tags: - - "v*" - pull_request: - branches: - - main - -jobs: - tests: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v6 - - - name: Set up Go - uses: actions/setup-go@v6 - with: - go-version-file: go.mod - - - name: Run tests - run: make test - - lint: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v6 - - - name: Set up Go - uses: actions/setup-go@v6 - with: - go-version-file: go.mod - - - name: Set up Python - uses: actions/setup-python@v6 - - - name: Run pre-commit - uses: https://git.iamthefij.com/iamthefij/pre-commit-action@v3.0.2 - - release: - runs-on: ubuntu-latest - needs: test - if: "${{ github.event_name != 'pull_request' }}" - steps: - - uses: actions/checkout@v6 - - - name: Set up Go - uses: actions/setup-go@v6 - with: - go-version-file: go.mod - - - name: Build binaries - env: - VERSION: "${{ github.REF_NAME }}" - run: make all - - # Package binaries and create release if this is a tagged build - - name: Compress binaries - if: "${{ github.ref_type == 'tag' }}" - run: find ./dist -type f -executable -execdir tar -czvf {}.tar.gz {} \; - - - name: Upload release - uses: https://gitea.com/actions/gitea-release-action@v1 - if: "${{ github.ref_type == 'tag' }}" - with: - files: |- - dist/*.tar.gz - md5sum: true - sha256sum: true - - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - # list of Docker images to use as base name for tags - images: | - ${{ github.REPOSITORY }} - # generate Docker tags based on the following events/attributes - tags: | - type=ref,event=branch - type=ref,event=pr - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - type=semver,pattern={{major}} - - - name: Login to Docker Hub - uses: docker/login-action@v3 - if: "${{ github.event_name != 'pull_request' }}" - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Build and push - uses: docker/build-push-action@v6 - with: - # Use path context so we can access pre-compiled binaries - context: . - push: ${{ github.event_name != 'pull_request' }} - platforms: | - linux/amd64 - linux/arm64 - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} diff --git a/Dockerfile b/Dockerfile index 9717b82..f500ee6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,82 @@ -FROM alpine:3.23 +FROM golang:1.25 AS gomail-builder +ARG TARGETARCH=amd64 +ARG TARGETOS=linux +WORKDIR /gomail +RUN { \ + echo 'package main'; \ + echo ''; \ + echo 'import ('; \ + echo ' "flag"'; \ + echo ' "fmt"'; \ + echo ' "io"'; \ + echo ' "net/smtp"'; \ + echo ' "os"'; \ + echo ')'; \ + echo ''; \ + echo 'func main() {'; \ + echo ' from := flag.String("f", "minitor@localhost", "envelope sender")'; \ + echo ' flag.Parse()'; \ + echo ' recipients := flag.Args()'; \ + echo ''; \ + echo ' if len(recipients) == 0 {'; \ + echo ' fmt.Fprintln(os.Stderr, "usage: sendmail [-f sender] recipient...")'; \ + echo ' os.Exit(1)'; \ + echo ' }'; \ + echo ''; \ + echo ' body, err := io.ReadAll(os.Stdin)'; \ + echo ' if err != nil {'; \ + echo ' fmt.Fprintln(os.Stderr, err)'; \ + echo ' os.Exit(1)'; \ + echo ' }'; \ + echo ''; \ + echo ' relay := os.Getenv("SMTP_RELAY")'; \ + echo ' if relay == "" {'; \ + echo ' relay = "172.17.0.2"'; \ + echo ' }'; \ + echo ''; \ + echo ' port := os.Getenv("SMTP_PORT")'; \ + echo ' if port == "" {'; \ + echo ' port = "25"'; \ + echo ' }'; \ + echo ''; \ + echo ' sender := os.Getenv("SMTP_SENDER")'; \ + echo ' if sender == "" {'; \ + echo ' sender = *from'; \ + echo ' }'; \ + echo ''; \ + echo ' if err = smtp.SendMail(relay+":"+port, nil, sender, recipients, body); err != nil {'; \ + echo ' fmt.Fprintln(os.Stderr, err)'; \ + echo ' os.Exit(1)'; \ + echo ' }'; \ + echo '}'; \ + } > main.go +RUN go mod init gomail && \ + CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -o /usr/local/bin/sendmail . + +FROM golang:1.25 AS builder +WORKDIR /app +COPY ./go.mod ./go.sum /app/ +RUN go mod download +COPY ./*.go /app/ +RUN rm -f /app/gomail.go + +ARG TARGETARCH=amd64 +ARG TARGETOS=linux +ARG VERSION=dev +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-X main.version=${VERSION}" -a -installsuffix nocgo -o minitor . + + +FROM alpine:3.23 RUN mkdir /app WORKDIR /app/ +# Copy minitor in +COPY --from=builder /app/minitor . + +# Copy sendmail (gomail) in +COPY --from=gomail-builder /usr/local/bin/sendmail /usr/local/bin/sendmail + # Add common checking tools # hadolint ignore=DL3018 RUN apk --no-cache add bash=~5 curl=~8 jq=~1 bind-tools=~9 tzdata @@ -12,14 +86,10 @@ RUN addgroup -S minitor && adduser -S minitor -G minitor # Copy scripts COPY ./scripts /app/scripts +COPY default_config.hcl /app/config.hcl RUN chmod -R 755 /app/scripts -# Copy minitor in -ARG TARGETOS -ARG TARGETARCH -COPY ./dist/minitor-${TARGETOS}-${TARGETARCH} ./minitor - # Drop to non-root user USER minitor -ENTRYPOINT [ "./minitor" ] +ENTRYPOINT [ "./minitor" ] \ No newline at end of file diff --git a/Dockerfile.multi-stage b/Dockerfile.multi-stage deleted file mode 100644 index 36ebff7..0000000 --- a/Dockerfile.multi-stage +++ /dev/null @@ -1,39 +0,0 @@ -FROM golang:1.25 AS builder - -WORKDIR /app - -COPY ./go.mod ./go.sum /app/ -RUN go mod download - -COPY ./*.go /app/ - -ARG TARGETOS -ARG TARGETARCH -ARG VERSION=dev -ENV CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=${TARGETARCH} -RUN go build -ldflags "-X main.version=${VERSION}" -a -installsuffix nocgo -o minitor . - -FROM alpine:3.23 -RUN mkdir /app -WORKDIR /app/ - -# Copy minitor in -COPY --from=builder /app/minitor . - -# Add common checking tools -# hadolint ignore=DL3018 -RUN apk --no-cache add bash=~5 curl=~8 jq=~1 bind-tools=~9 tzdata - -# Add minitor user for running as non-root -RUN addgroup -S minitor && adduser -S minitor -G minitor - -# Copy scripts -COPY ./scripts /app/scripts -RUN chmod -R 755 /app/scripts - -# Drop to non-root user -USER minitor - -ENTRYPOINT [ "./minitor" ] - -# vim: set filetype=dockerfile: diff --git a/default_config.hcl b/default_config.hcl new file mode 100644 index 0000000..5fe74b8 --- /dev/null +++ b/default_config.hcl @@ -0,0 +1,28 @@ +check_interval = "1s" + +monitor "mdstat_raid" { + command = [ + "sh", + "-c", + "grep -q '\\[U_\\|_U\\]' /host_proc/mdstat && exit 1 || exit 0" + ] + check_interval = "30s" + alert_after = 1 + + alert_down = ["email_alert"] + alert_up = ["email_recovery"] +} +alert "email_alert" { + command = [ + "sh", + "-c", + "EMAIL=$EMAIL_RECIPIENT; printf 'Subject: RAID ALERT\nTo: %s\n\nRAID degraded\n' \"$EMAIL\" | sendmail -t || true" + ] +} +alert "email_recovery" { + command = [ + "sh", + "-c", + "EMAIL=$EMAIL_RECIPIENT; printf 'Subject: RAID ALERT\nTo: %s\n\nRAID clean\n' \"$EMAIL\" | sendmail -t || true" + ] +} \ No newline at end of file