This commit is contained in:
commit
2034766ca1
13 changed files with 415 additions and 0 deletions
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
*~
|
||||||
|
.*.swp
|
||||||
|
/dist
|
67
.pre-commit-config.yaml
Normal file
67
.pre-commit-config.yaml
Normal file
|
@ -0,0 +1,67 @@
|
||||||
|
# Pre-commit hooks to run tests and ensure code is cleaned.
|
||||||
|
# See https://pre-commit.com for more information
|
||||||
|
---
|
||||||
|
repos:
|
||||||
|
- repo: https://github.com/astral-sh/ruff-pre-commit
|
||||||
|
rev: v0.1.6
|
||||||
|
hooks:
|
||||||
|
- id: ruff
|
||||||
|
args:
|
||||||
|
- --fix
|
||||||
|
- repo: https://github.com/asottile/pyupgrade
|
||||||
|
rev: v3.3.1
|
||||||
|
hooks:
|
||||||
|
- id: pyupgrade
|
||||||
|
args: ["--keep-percent-format", "--py37-plus"]
|
||||||
|
- repo: https://github.com/psf/black
|
||||||
|
rev: 22.12.0
|
||||||
|
hooks:
|
||||||
|
- id: black
|
||||||
|
args: ["--target-version", "py37", "--line-length", "100"]
|
||||||
|
- repo: https://github.com/PyCQA/isort
|
||||||
|
rev: 5.11.5
|
||||||
|
hooks:
|
||||||
|
- id: isort
|
||||||
|
args: ["--profile", "black", "--line-length", "100"]
|
||||||
|
- repo: https://github.com/PyCQA/flake8
|
||||||
|
rev: 6.0.0
|
||||||
|
hooks:
|
||||||
|
- id: flake8
|
||||||
|
args: ["--max-line-length=100"]
|
||||||
|
- repo: https://github.com/codespell-project/codespell
|
||||||
|
rev: v2.2.2
|
||||||
|
hooks:
|
||||||
|
- id: codespell
|
||||||
|
args:
|
||||||
|
- --ignore-words-list=fro,hass
|
||||||
|
- --skip="./.*,*.csv,*.json,*.ambr"
|
||||||
|
- --quiet-level=2
|
||||||
|
exclude_types: [csv, json]
|
||||||
|
- repo: https://github.com/adrienverge/yamllint
|
||||||
|
rev: v1.32.0
|
||||||
|
hooks:
|
||||||
|
- id: yamllint
|
||||||
|
args: ["-d {extends: relaxed, rules: {line-length: disable}}", "-s"]
|
||||||
|
- repo: https://github.com/pre-commit/mirrors-prettier
|
||||||
|
rev: v2.7.1
|
||||||
|
hooks:
|
||||||
|
- id: prettier
|
||||||
|
- repo: local
|
||||||
|
hooks:
|
||||||
|
- id: pylint
|
||||||
|
name: pylint
|
||||||
|
entry: pylint
|
||||||
|
language: system
|
||||||
|
types: [python]
|
||||||
|
require_serial: true
|
||||||
|
- repo: https://github.com/Lucas-C/pre-commit-hooks-bandit
|
||||||
|
rev: v1.0.5
|
||||||
|
hooks:
|
||||||
|
- id: python-bandit-vulnerability-check
|
||||||
|
name: bandit
|
||||||
|
args: [--skip, "B101", --recursive, mylib]
|
||||||
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||||
|
rev: v4.4.0
|
||||||
|
hooks:
|
||||||
|
- id: check-executables-have-shebangs
|
||||||
|
stages: [manual]
|
67
.woodpecker.yml
Normal file
67
.woodpecker.yml
Normal file
|
@ -0,0 +1,67 @@
|
||||||
|
clone:
|
||||||
|
git:
|
||||||
|
image: woodpeckerci/plugin-git
|
||||||
|
tags: true
|
||||||
|
|
||||||
|
steps:
|
||||||
|
tests:
|
||||||
|
image: brenard/python-pre-commit:latest
|
||||||
|
commands:
|
||||||
|
- DEBIAN_FRONTEND=noninteractive apt-get -qq update < /dev/null > /dev/null
|
||||||
|
- DEBIAN_FRONTEND=noninteractive apt-get -qq -y install --no-install-recommends python3-requests < /dev/null > /dev/null
|
||||||
|
- pre-commit run --all-files
|
||||||
|
|
||||||
|
build:
|
||||||
|
image: brenard/debian-python-deb
|
||||||
|
when:
|
||||||
|
event: tag
|
||||||
|
depends_on: [tests]
|
||||||
|
commands:
|
||||||
|
- echo "$GPG_KEY"|base64 -d|gpg --import
|
||||||
|
- ./build.sh --quiet
|
||||||
|
secrets: [maintainer_name, maintainer_email, gpg_key, debian_codename]
|
||||||
|
|
||||||
|
publish-dryrun:
|
||||||
|
group: publish
|
||||||
|
image: alpine
|
||||||
|
when:
|
||||||
|
event: tag
|
||||||
|
depends_on: [build]
|
||||||
|
commands:
|
||||||
|
- ls dist/* dist/check-woodpecker-upgrade-*/check_woodpecker_upgrade
|
||||||
|
|
||||||
|
publish-gitea:
|
||||||
|
group: publish
|
||||||
|
image: plugins/gitea-release
|
||||||
|
when:
|
||||||
|
event: tag
|
||||||
|
depends_on: [build]
|
||||||
|
settings:
|
||||||
|
api_key:
|
||||||
|
from_secret: gitea_token
|
||||||
|
base_url: https://gitea.zionetrix.net
|
||||||
|
note: dist/release_notes.md
|
||||||
|
files:
|
||||||
|
- dist/check-woodpecker-upgrade-*/check_woodpecker_upgrade
|
||||||
|
- dist/*.deb
|
||||||
|
checksum:
|
||||||
|
- md5
|
||||||
|
- sha512
|
||||||
|
|
||||||
|
publish-apt:
|
||||||
|
group: publish
|
||||||
|
image: brenard/aptly-publish
|
||||||
|
when:
|
||||||
|
event: tag
|
||||||
|
depends_on: [build]
|
||||||
|
settings:
|
||||||
|
api_url:
|
||||||
|
from_secret: apt_api_url
|
||||||
|
api_username:
|
||||||
|
from_secret: apt_api_username
|
||||||
|
api_password:
|
||||||
|
from_secret: apt_api_password
|
||||||
|
repo_name:
|
||||||
|
from_secret: apt_repo_name
|
||||||
|
path: dist
|
||||||
|
source_name: check-woodpecker-upgrade
|
44
README.md
Normal file
44
README.md
Normal file
|
@ -0,0 +1,44 @@
|
||||||
|
# Monitoring plugin to check Woodpecker CI instance upgrade status
|
||||||
|
|
||||||
|
This Icinga/Nagios check plugin permit to check Woodpecker CI instance upgrade status by comparing the local woodpecker-server binary version against the latest stable release.
|
||||||
|
|
||||||
|
## Installation
|
||||||
|
|
||||||
|
```
|
||||||
|
apt install git python3-requests
|
||||||
|
git clone https://gitea.zionetrix.net/bn8/check_woodpecker_upgrade.git /usr/local/src/check_woodpecker_upgrade
|
||||||
|
mkdir -p /usr/local/lib/nagios/plugins
|
||||||
|
ln -s /usr/local/src/check_woodpecker_upgrade/check_woodpecker_upgrade /usr/local/lib/nagios/plugins/
|
||||||
|
echo "nagios ALL=NOPASSWD: /usr/local/lib/nagios/plugins/check_woodpecker_upgrade" > /etc/sudoers.d/nagios-woodpecker
|
||||||
|
chmod 0400 /etc/sudoers.d/nagios-woodpecker
|
||||||
|
echo "command[check_woodpecker_upgrade]=sudo /usr/local/lib/nagios/plugins/check_woodpecker_upgrade" > /etc/nagios/nrpe.d/woodpecker.cfg
|
||||||
|
service nagios-nrpe-server reload
|
||||||
|
```
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
```
|
||||||
|
usage: check_woodpecker_upgrade [-h] [-d] [-p PATH] [-U URL] [--pre-release] [--draft] [-t TIMEOUT]
|
||||||
|
|
||||||
|
options:
|
||||||
|
-h, --help show this help message and exit
|
||||||
|
-d, --debug
|
||||||
|
-p PATH, --path PATH Woodpecker CI bin path
|
||||||
|
-U URL, --url URL Woodpecker CI releases URL
|
||||||
|
--pre-release Allow pre-release (default: only stable release are considered)
|
||||||
|
--draft Allow draft release (default: only stable release are considered)
|
||||||
|
-t TIMEOUT, --timeout TIMEOUT
|
||||||
|
Specify timeout for HTTP requests (default: 20)
|
||||||
|
```
|
||||||
|
|
||||||
|
## Copyright
|
||||||
|
|
||||||
|
Copyright (c) 2024 Benjamin Renard <brenard@zionetrix.net>
|
||||||
|
|
||||||
|
## License
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 3 as published by the Free Software Foundation.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
62
build.sh
Executable file
62
build.sh
Executable file
|
@ -0,0 +1,62 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
QUIET_ARG=""
|
||||||
|
[ "$1" == "--quiet" ] && QUIET_ARG="--quiet"
|
||||||
|
|
||||||
|
# Enter source directory
|
||||||
|
cd $( dirname $0 )
|
||||||
|
|
||||||
|
echo "Clean previous build..."
|
||||||
|
rm -fr dist
|
||||||
|
|
||||||
|
echo "Detect version using git describe..."
|
||||||
|
VERSION="$( git describe --tags|sed 's/^[^0-9]*//' )"
|
||||||
|
|
||||||
|
echo "Create building environemt..."
|
||||||
|
BDIR=dist/check-woodpecker-upgrade-$VERSION
|
||||||
|
mkdir -p $BDIR
|
||||||
|
[ -z "$QUIET_ARG" ] && RSYNC_ARG="-v" || RSYNC_ARG=""
|
||||||
|
rsync -a $RSYNC_ARG debian/ $BDIR/debian/
|
||||||
|
cp check_woodpecker_upgrade $BDIR/
|
||||||
|
|
||||||
|
echo "Set VERSION=$VERSION in gitdch using sed..."
|
||||||
|
sed -i "s/^VERSION *=.*$/VERSION = '$VERSION'/" $BDIR/check_woodpecker_upgrade
|
||||||
|
|
||||||
|
if [ -z "$DEBIAN_CODENAME" ]
|
||||||
|
then
|
||||||
|
echo "Retrieve debian codename using lsb_release..."
|
||||||
|
DEBIAN_CODENAME=$( lsb_release -c -s )
|
||||||
|
else
|
||||||
|
echo "Use debian codename from environment ($DEBIAN_CODENAME)"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Generate debian changelog using gitdch..."
|
||||||
|
GITDCH_ARGS=('--verbose')
|
||||||
|
[ -n "$QUIET_ARG" ] && GITDCH_ARGS=('--warning')
|
||||||
|
if [ -n "$MAINTAINER_NAME" ]
|
||||||
|
then
|
||||||
|
echo "Use maintainer name from environment ($MAINTAINER_NAME)"
|
||||||
|
GITDCH_ARGS+=("--maintainer-name" "${MAINTAINER_NAME}")
|
||||||
|
fi
|
||||||
|
if [ -n "$MAINTAINER_EMAIL" ]
|
||||||
|
then
|
||||||
|
echo "Use maintainer email from environment ($MAINTAINER_EMAIL)"
|
||||||
|
GITDCH_ARGS+=("--maintainer-email" "$MAINTAINER_EMAIL")
|
||||||
|
fi
|
||||||
|
gitdch \
|
||||||
|
--package-name check-woodpecker-upgrade \
|
||||||
|
--version "${VERSION}" \
|
||||||
|
--code-name $DEBIAN_CODENAME \
|
||||||
|
--output $BDIR/debian/changelog \
|
||||||
|
--release-notes dist/release_notes.md \
|
||||||
|
"${GITDCH_ARGS[@]}"
|
||||||
|
|
||||||
|
if [ -n "$MAINTAINER_NAME" -a -n "$MAINTAINER_EMAIL" ]
|
||||||
|
then
|
||||||
|
echo "Set Maintainer field in debian control file ($MAINTAINER_NAME <$MAINTAINER_EMAIL>)..."
|
||||||
|
sed -i "s/^Maintainer: .*$/Maintainer: $MAINTAINER_NAME <$MAINTAINER_EMAIL>/" $BDIR/debian/control
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Build debian package..."
|
||||||
|
cd $BDIR
|
||||||
|
dpkg-buildpackage
|
129
check_woodpecker_upgrade
Executable file
129
check_woodpecker_upgrade
Executable file
|
@ -0,0 +1,129 @@
|
||||||
|
#!/usr/bin/python3
|
||||||
|
"""
|
||||||
|
Icinga/Nagios plugin to check Woodpecker CI instance upgrade status.
|
||||||
|
|
||||||
|
Copyright (c) 2024 Benjamin Renard <brenard@zionetrix.net>
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or
|
||||||
|
modify it under the terms of the GNU General Public License version 3
|
||||||
|
as published by the Free Software Foundation.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program; if not, write to the Free Software
|
||||||
|
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||||
|
"""
|
||||||
|
|
||||||
|
import argparse
|
||||||
|
import logging
|
||||||
|
import re
|
||||||
|
import subprocess
|
||||||
|
import sys
|
||||||
|
import traceback
|
||||||
|
|
||||||
|
import requests
|
||||||
|
|
||||||
|
parser = argparse.ArgumentParser()
|
||||||
|
|
||||||
|
parser.add_argument("-d", "--debug", action="store_true")
|
||||||
|
parser.add_argument(
|
||||||
|
"-p", "--path", type=str, help="Woodpecker CI bin path", default="woodpecker-server"
|
||||||
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
"-U",
|
||||||
|
"--url",
|
||||||
|
type=str,
|
||||||
|
help="Woodpecker CI releases URL",
|
||||||
|
default="https://api.github.com/repos/woodpecker-ci/woodpecker/releases",
|
||||||
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
"--pre-release",
|
||||||
|
action="store_true",
|
||||||
|
help="Allow pre-release (default: only stable release are considered)",
|
||||||
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
"--draft",
|
||||||
|
action="store_true",
|
||||||
|
help="Allow draft release (default: only stable release are considered)",
|
||||||
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
"-t", "--timeout", type=int, help="Specify timeout for HTTP requests (default: 20)", default=20
|
||||||
|
)
|
||||||
|
|
||||||
|
options = parser.parse_args()
|
||||||
|
|
||||||
|
logging.basicConfig(level=logging.DEBUG if options.debug else logging.WARNING)
|
||||||
|
|
||||||
|
CURRENT = None
|
||||||
|
|
||||||
|
cmd = [options.path, "--version"]
|
||||||
|
logging.debug("Command use to retrieve current version of Woodpecker CI: %s", " ".join(cmd))
|
||||||
|
OUTPUT = None
|
||||||
|
EXCEPTION = None
|
||||||
|
try:
|
||||||
|
OUTPUT = subprocess.check_output(cmd)
|
||||||
|
logging.debug("Output:\n%s", OUTPUT)
|
||||||
|
m = re.search("version ([^ ]+)$", OUTPUT.decode("utf8", errors="ignore"))
|
||||||
|
if m:
|
||||||
|
CURRENT = m.group(1).strip()
|
||||||
|
except Exception as err: # pylint: disable=broad-except
|
||||||
|
EXCEPTION = err
|
||||||
|
logging.debug("Current version: %s", CURRENT)
|
||||||
|
|
||||||
|
if not CURRENT:
|
||||||
|
print("UNKNOWN - Fail to retrieve current Woodpecker CI")
|
||||||
|
print(f'Command: {" ".join(cmd)}')
|
||||||
|
print("Output:")
|
||||||
|
print(OUTPUT if OUTPUT else "")
|
||||||
|
print("Exception:")
|
||||||
|
print(EXCEPTION if EXCEPTION else "")
|
||||||
|
sys.exit(3)
|
||||||
|
|
||||||
|
CURRENT = CURRENT.replace("+", "-")
|
||||||
|
logging.debug("Cleaned current version: %s", CURRENT)
|
||||||
|
|
||||||
|
LATEST = None
|
||||||
|
try:
|
||||||
|
logging.debug("Get releases from %s...", options.url)
|
||||||
|
r = requests.get(options.url, timeout=options.timeout)
|
||||||
|
data = r.json()
|
||||||
|
logging.debug("Data retrieve:\n%s", data)
|
||||||
|
for item in data:
|
||||||
|
if not options.pre_release and item["prerelease"]:
|
||||||
|
logging.debug("Ignore pre-release %s", item["name"])
|
||||||
|
continue
|
||||||
|
if not options.draft and item["draft"]:
|
||||||
|
logging.debug("Ignore draft release %s", item["name"])
|
||||||
|
continue
|
||||||
|
LATEST = item
|
||||||
|
break
|
||||||
|
except Exception: # pylint: disable=broad-except
|
||||||
|
logging.debug(
|
||||||
|
"Exception occurred retrieving latest Woodpecker CI release from the Github API:\n%s",
|
||||||
|
traceback.format_exc(),
|
||||||
|
)
|
||||||
|
|
||||||
|
if LATEST is None:
|
||||||
|
print("UNKNOWN - Fail to retrieve latest Woodpecker CI release from the Github API")
|
||||||
|
print(f"Current version: {CURRENT}")
|
||||||
|
sys.exit(3)
|
||||||
|
|
||||||
|
logging.debug("Latest version is %s", LATEST["name"])
|
||||||
|
|
||||||
|
if LATEST["name"] == CURRENT:
|
||||||
|
print(
|
||||||
|
f"OK - The latest release of Woodpecker CI is currently used "
|
||||||
|
f"({LATEST['name']}, published on {LATEST['published_at']})"
|
||||||
|
)
|
||||||
|
sys.exit(0)
|
||||||
|
|
||||||
|
print(
|
||||||
|
"WARNING - The version of Woodpecker CI currently used is not the latest "
|
||||||
|
f"('{CURRENT}' vs '{LATEST['name']}', published on {LATEST['published_at']})"
|
||||||
|
)
|
||||||
|
print(f"URL: {LATEST['html_url']}")
|
||||||
|
sys.exit(1)
|
1
debian/compat
vendored
Normal file
1
debian/compat
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
11
|
15
debian/control
vendored
Normal file
15
debian/control
vendored
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
Source: check-woodpecker-upgrade
|
||||||
|
Section: admin
|
||||||
|
Priority: optional
|
||||||
|
Maintainer: Debian Zionetrix - check-woodpecker-upgrade <debian+check-woodpecker-upgrade@zionetrix.net>
|
||||||
|
Build-Depends: debhelper (>> 11.0.0)
|
||||||
|
Standards-Version: 3.9.6
|
||||||
|
|
||||||
|
Package: check-woodpecker-upgrade
|
||||||
|
Architecture: all
|
||||||
|
Depends: ${misc:Depends}, python3, python3-requests
|
||||||
|
Description: Monitoring plugin to check Woodpecker CI instance upgrade status
|
||||||
|
This Icinga/Nagios check plugin permit to check Woodpecker CI instance upgrade
|
||||||
|
status by comparing the local woodpecker-server binary version against the latest
|
||||||
|
stable release.
|
||||||
|
|
20
debian/copyright
vendored
Normal file
20
debian/copyright
vendored
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
This package was written by Benjamin Renard <brenard@zionetrix.net>.
|
||||||
|
|
||||||
|
Copyright (C) 2023 Benjamin Renard <brenard@zionetrix.net>
|
||||||
|
|
||||||
|
check-woodpecker-upgrade is licensed under the GNU general public license, version 3.
|
||||||
|
|
||||||
|
check-woodpecker-upgrade is free software; you can redistribute it and/or modify it under
|
||||||
|
the terms of the GNU General Public License as published by the Free Software
|
||||||
|
Foundation; either version 3, or (at your option) any later version.
|
||||||
|
|
||||||
|
check-woodpecker-upgrade is distributed in the hope that it will be useful, but WITHOUT ANY
|
||||||
|
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||||
|
PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License along with
|
||||||
|
check-woodpecker-upgrade; see the file COPYING. If not, write to the Free Software
|
||||||
|
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
|
||||||
|
|
||||||
|
On Debian systems, a copy of the GNU General Public License is available in
|
||||||
|
/usr/share/common-licenses/GPL-3 as part of the base-files package.
|
1
debian/dirs
vendored
Normal file
1
debian/dirs
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
usr/lib/nagios/plugins
|
1
debian/install
vendored
Normal file
1
debian/install
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
check_woodpecker_upgrade usr/lib/nagios/plugins
|
4
debian/rules
vendored
Executable file
4
debian/rules
vendored
Executable file
|
@ -0,0 +1,4 @@
|
||||||
|
#!/usr/bin/make -f
|
||||||
|
#export DH_VERBOSE=1
|
||||||
|
%:
|
||||||
|
dh $@
|
1
debian/source/format
vendored
Normal file
1
debian/source/format
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
1.0
|
Loading…
Reference in a new issue