Proceeding with a Github repositories checker.
To recall: the idea is to have such a check in case if somebody from developers accidentally will share our project’s private repository as public, or will create a public repository instead of making it as a private one – we will get a Slack alarm about such a new repository.
The tool to check and send Slack notification was written in the Go: checking public repositories list in Github. Go slices comparison. The first Golang experience post.
In this post – will create a Docker image and a Jenkin’s job which will be running each night to execute check.
Contents
Dockerfile
Create a Dockerfile
.
Use golang:alpine
and:
- copy the utility’s source file
- install Go’s dependencies
- build a binary to the
/go/bin
directory asgithub-checker
executable file - add default action – run
/go/bin/github-checker
The file:
# alpine as mininal image FROM golang:alpine # git for go get RUN apk update && apk add --no-cache git # copy source from a current dir COPY go-github-public-repos-checker.go . # install deps RUN go get -d -v # build to /go/bin RUN go build -o /go/bin/github-checker # set default entrypoint CMD ["/go/bin/github-checker"]
Read more about CMD
vs ENTRYPOINT
here>>>.
Build an image:
[simterm]
$ docker build -t projectname/projectname-github-checker:1.0 .
[/simterm]
Check it.
Set environment variables:
[simterm]
$ export GITHUB_ORG_NAME="rtfmorg" $ export ALLOWED_REPOS="org-repo-1-pub org-repo-2-pub" $ export SLACK_CHANNEL="#general" $ export SLACK_URL="https://hooks.slack.com/services/T16***WRE"
[/simterm]
Run container passing variables with the -e
:
[simterm]
$ docker run -ti -e GITHUB_ORG_NAME=${GITHUB_ORG_NAME} -e ALLOWED_REPOS="${ALLOWED_REPOS}" -e SLACK_CHANNEL=${SLACK_CHANNEL} -e SLACK_URL=${SLACK_URL} projectname/projectname-github-checker:1.0 Checking org-repo-1-pub OK: repo org-repo-1-pub found in Allowed Checking org-repo-2-pub OK: repo org-repo-2-pub found in Allowed
[/simterm]
Push to the DockerHub:
[simterm]
root@jenkins-production:/home/admin# docker push projectname/projectname-github-checker:1.0
[/simterm]
Jenkins
Create a new job and start Docker via Pipeline script:
The script itself:
node { stage('Check repositories') { docker.image('projectname/projectname-github-checker:1.0').run("-e GITHUB_ORG_NAME=${GITHUB_ORG_NAME} \ -e ALLOWED_REPOS=${ALLOWED_REPOS} \ -e SLACK_CHANNEL=${SLACK_CHANNEL} \ -e SLACK_URL=${SLACK_URL}") } }
Add parameters which will be passed to the container.
SLACK_URL
contains token so set it as Password Parameter.
ALLOWED_REPOS
contains a list to be parsed by Go in the utility, so set in the quotes:
Add schedule, the crontab.guru can be used:
Run job, for testing – without one of our public repository in the ALLOWED_REPOS
parameter:
Done.