Fix checking current version since semantic versioning adoption (v7.0.0)

.forgejo/workflows/tests.yaml

@@ -16,6 +16,6 @@ jobs:
           DEBIAN_FRONTEND: noninteractive
         run: |
           apt-get update
-          apt-get -y install --no-install-recommends python3-requests python3-xmltodict
+          apt-get -y install --no-install-recommends python3-requests
       - name: Run pre-commit
         run: pre-commit run --all-files

.pre-commit-config.yaml

@@ -6,25 +6,24 @@ repos:
     rev: v0.1.6
     hooks:
       - id: ruff
-        args:
+        args: ["--fix"]
-          - --fix
   - repo: https://github.com/asottile/pyupgrade
-    rev: v3.3.1
+    rev: v3.15.0
     hooks:
       - id: pyupgrade
         args: ["--keep-percent-format", "--py37-plus"]
   - repo: https://github.com/psf/black
-    rev: 22.12.0
+    rev: 23.11.0
     hooks:
       - id: black
         args: ["--target-version", "py37", "--line-length", "100"]
   - repo: https://github.com/PyCQA/isort
-    rev: 5.11.5
+    rev: 5.12.0
     hooks:
       - id: isort
         args: ["--profile", "black", "--line-length", "100"]
   - repo: https://github.com/PyCQA/flake8
-    rev: 6.0.0
+    rev: 6.1.0
     hooks:
       - id: flake8
         args: ["--max-line-length=100"]
@@ -36,6 +35,8 @@ repos:
           - --ignore-words-list=fro,hass
           - --skip="./.*,*.csv,*.json,*.ambr"
           - --quiet-level=2
+          - --ignore-regex=.*codespell-ignore$
+          # - --write-changes  # Uncomment to write changes
         exclude_types: [csv, json]
   - repo: https://github.com/adrienverge/yamllint
     rev: v1.32.0
@@ -46,6 +47,7 @@ repos:
     rev: v2.7.1
     hooks:
       - id: prettier
+        args: ["--print-width", "100"]
   - repo: local
     hooks:
       - id: pylint
@@ -54,14 +56,15 @@ repos:
         language: system
         types: [python]
         require_serial: true
-  - repo: https://github.com/Lucas-C/pre-commit-hooks-bandit
+  - repo: https://github.com/PyCQA/bandit
-    rev: v1.0.5
+    rev: 1.7.5
     hooks:
-      - id: python-bandit-vulnerability-check
+      - id: bandit
-        name: bandit
+        args: [--skip, "B101", --recursive]
-        args: [--skip, "B101", --recursive, mylib]
+
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v4.4.0
     hooks:
       - id: check-executables-have-shebangs
         stages: [manual]
+minimum_pre_commit_version: 3.2.0

README.md

@@ -5,7 +5,7 @@ This Icinga/Nagios check plugin permit to check Forgejo instance upgrade status
 ## Installation
 
 ```
-apt install git python3-requests python3-xmltodict
+apt install git python3-requests
 git clone https://gitea.zionetrix.net/bn8/check_forgejo_upgrade.git /usr/local/src/check_forgejo_upgrade
 mkdir -p /usr/local/lib/nagios/plugins
 ln -s /usr/local/src/check_forgejo_upgrade/check_forgejo_upgrade /usr/local/lib/nagios/plugins/
@@ -18,20 +18,22 @@ service nagios-nrpe-server reload
 ## Usage
 
 ```
-usage: check_forgejo_upgrade [-h] [-d] [-p PATH] [-U URL] [--rc]
+usage: check_forgejo_upgrade [-h] [-d] [-p PATH] [-U URL] [--pre-release] [--draft] [-t TIMEOUT]
 
-optional arguments:
+options:
   -h, --help            show this help message and exit
   -d, --debug
   -p PATH, --path PATH  Forgejo bin path
-  -U URL, --url URL     Forgejo releases RSS URL
+  -U URL, --url URL     Forgejo releases URL
-  --rc                  Allow release candidate (default: only stable release are
+  --pre-release         Allow pre-release (default: only stable release are considered)
-                        considered)
+  --draft               Allow draft release (default: only stable release are considered)
+  -t TIMEOUT, --timeout TIMEOUT
+                        Specify timeout for HTTP requests (default: 20)
 ```
 
 ## Copyright
 
-Copyright (c) 2023 Benjamin Renard <brenard@zionetrix.net>
+Copyright (c) 2023-2024 Benjamin Renard <brenard@zionetrix.net>
 
 ## License
 

check_forgejo_upgrade

@@ -25,7 +25,6 @@ import subprocess  # nosec
 import sys
 
 import requests
-import xmltodict
 
 parser = argparse.ArgumentParser()
 
@@ -35,14 +34,18 @@ parser.add_argument(
     "-U",
     "--url",
     type=str,
-    help="Forgejo releases RSS URL",
+    help="Forgejo releases URL",
-    default="https://forgejo.org/releases/rss.xml",
+    default="https://codeberg.org/api/v1/repos/forgejo/forgejo/releases",
 )
 parser.add_argument(
-    "--rc",
+    "--pre-release",
     action="store_true",
-    dest="include_rc",
+    help="Allow pre-release (default: only stable release are considered)",
-    help="Allow release candidate (default: only stable release are considered)",
+)
+parser.add_argument(
+    "--draft",
+    action="store_true",
+    help="Allow draft release (default: only stable release are considered)",
 )
 parser.add_argument(
     "-t", "--timeout", type=int, help="Specify timeout for HTTP requests (default: 20)", default=20
@@ -61,7 +64,7 @@ EXCEPTION = None
 try:
     OUTPUT = subprocess.check_output(cmd)  # nosec
     logging.debug("Output:\n%s", OUTPUT)
-    m = re.search("version ([^ ]+) built", OUTPUT.decode("utf8", errors="ignore"))
+    m = re.search(r"version ([^ ]+)(\+gitea-| built)", OUTPUT.decode("utf8", errors="ignore"))
     if m:
         CURRENT = m.group(1)
 except Exception as err:  # pylint: disable=broad-except
@@ -81,45 +84,43 @@ CURRENT = CURRENT.replace("+", "-")
 logging.debug("Cleaned current version: %s", CURRENT)
 
 LATEST = None
-LATEST_INT = None
+LATEST_NAME = None
 try:
-    logging.debug("Get releases RSS feed from %s...", options.url)
+    logging.debug("Get releases from %s...", options.url)
     r = requests.get(options.url, timeout=options.timeout)
-    logging.debug("Data retrieve:\n%s", r.text)
+    data = r.json()
-    data = xmltodict.parse(r.text)
+    logging.debug("Data retrieve:\n%s", data)
-    versions = {}
+    for item in data:
-    for item in data["rss"]["channel"]["item"]:
+        if not options.pre_release and item["prerelease"]:
-        version = re.sub("^v", "", item["title"])
+            logging.debug("Ignore pre-release %s", item["name"])
-        if not options.include_rc and "-rc" in version:
-            logging.debug("Ignore release candidate %s", version)
             continue
-        version_int = int(re.sub(r"[\.-]", "000", version))
+        if not options.draft and item["draft"]:
-        logging.debug("Found version %s (%s)", version, version_int)
+            logging.debug("Ignore draft release %s", item["name"])
-        if not LATEST_INT or LATEST_INT < version_int:
+            continue
-            if LATEST:
+        LATEST = item
-                logging.debug(
+        LATEST_NAME = re.sub("^v", "", item["name"])
-                    "Version %s considered as newer than %s, override latest version",
+        break
-                    version,
-                    LATEST,
-                )
-            LATEST = version
-            LATEST_INT = version_int
-        else:
-            logging.debug("Version %s considered as oldest than %s", version, LATEST)
 except Exception:  # pylint: disable=broad-except  # nosec
     pass
-logging.debug("Latest version: %s", LATEST)
 
 if not LATEST:
     print("UNKNOWN - Fail to retrieve latest Forgejo release from the project RSS feed")
     print(f"Current version: {CURRENT}")
     sys.exit(3)
 
-if LATEST == CURRENT:
+logging.debug("Latest version is %s", LATEST_NAME)
-    print(f"OK - The latest release of Forgejo is currently used ({LATEST})")
+
+if LATEST_NAME == CURRENT:
+    print(
+        f"OK - The latest release of Forgejo is currently used "
+        f"({LATEST_NAME}, published on {LATEST['published_at']})"
+    )
     sys.exit(0)
 
 print(
-    "WARNING - The version of Forgejo currently used is not the latest " f"({CURRENT} vs {LATEST})"
+    "WARNING - The version of Forgejo currently used is not the latest "
+    f"({CURRENT} vs {LATEST_NAME}), published on {LATEST['published_at']})"
 )
+print(LATEST["body"])
+print(f"URL: {LATEST['html_url']}")
 sys.exit(1)

debian/control

@@ -7,7 +7,7 @@ Standards-Version: 3.9.6
 
 Package: check-forgejo-upgrade
 Architecture: all
-Depends: ${misc:Depends}, python3, python3-requests, python3-xmltodict
+Depends: ${misc:Depends}, python3, python3-requests
 Description: Monitoring plugin to check Forgejo instance upgrade status
  This Icinga/Nagios check plugin permit to check Forgejo instance upgrade
  status by comparing the local forgejo binary version against the latest