Proceeding with a Github repositories checker.
To recall: the idea is to have such a check in case if somebody from developers accidentally will share our project’s private repository as public, or will create a public repository instead of making it as a private one – we will get a Slack alarm about such a new repository.
The tool to check and send Slack notification was written in the Go: checking public repositories list in Github. Go slices comparison. The first Golang experience post.
In this post – will create a Docker image and a Jenkin’s job which will be running each night to execute check.
Dockerfile
Create a Dockerfile.
Use golang:alpine and:
- copy the utility’s source file
- install Go’s dependencies
- build a binary to the
/go/bindirectory asgithub-checkerexecutable file - add default action – run
/go/bin/github-checker
The file:
# alpine as mininal image
FROM golang:alpine
# git for go get
RUN apk update && apk add --no-cache git
# copy source from a current dir
COPY go-github-public-repos-checker.go .
# install deps
RUN go get -d -v
# build to /go/bin
RUN go build -o /go/bin/github-checker
# set default entrypoint
CMD ["/go/bin/github-checker"]
Read more about CMD vs ENTRYPOINT here>>>.
Build an image:
$ docker build -t projectname/projectname-github-checker:1.0 .
Check it.
Set environment variables:
$ export GITHUB_ORG_NAME="rtfmorg"
$ export ALLOWED_REPOS="org-repo-1-pub org-repo-2-pub"
$ export SLACK_CHANNEL="#general"
$ export SLACK_URL="https://hooks.slack.com/services/T16***WRE"
Run container passing variables with the -e:
$ docker run -ti -e GITHUB_ORG_NAME=${GITHUB_ORG_NAME} -e ALLOWED_REPOS="${ALLOWED_REPOS}" -e SLACK_CHANNEL=${SLACK_CHANNEL} -e SLACK_URL=${SLACK_URL} projectname/projectname-github-checker:1.0
Checking org-repo-1-pub
OK: repo org-repo-1-pub found in Allowed
Checking org-repo-2-pub
OK: repo org-repo-2-pub found in Allowed
Push to the DockerHub:
$ docker push projectname/projectname-github-checker:1.0
Jenkins
Create a new job and start Docker via Pipeline script:
The script itself:
node {
stage('Check repositories') {
docker.image('projectname/projectname-github-checker:1.0').run("-e GITHUB_ORG_NAME=${GITHUB_ORG_NAME} \
-e ALLOWED_REPOS=${ALLOWED_REPOS} \
-e SLACK_CHANNEL=${SLACK_CHANNEL} \
-e SLACK_URL=${SLACK_URL}")
}
}
Add parameters which will be passed to the container.
SLACK_URL contains token so set it as Password Parameter.
ALLOWED_REPOS contains a list to be parsed by Go in the utility, so set in the quotes:
Add schedule, the crontab.guru can be used:
Run job, for testing – without one of our public repository in the ALLOWED_REPOS parameter:
Done.
Similar posts
- 04/13/2019 Go: checking public repositories list in Github. Go slices comparison. The first Golang experience. (0)
- 02/09/2017 Azure: подключение дополнительного диска к VM и миграция Jenkins (0)
- 02/24/2017 Jenkins: pipeline плагин и триггер билда через Github webhook (1)
- 03/15/2019 Jenkins: jenkins.model.RunIdMigrator doMigrate WARNING: found unexpected dir lastSuccessfulBuil (0)
Top comments (2)
Neat idea! Are you using Jenkins over cron/SystemD timers just to keep things centralized or is there another reason?
Jenkins used for a lot of things - build, deploy applications (both mobile Android/iOS and PHP for our backend).
Also, we have CloudFormation and Ansible jobs in there for AWS services provisioning, etc.
And I have just a dedicated folder in Jenkins with few cronjobs to be running to keep them in Jenkins instead of using some Linux host with usual cronjobs, like creating AWS EBS backups from a Docker with AWS CLI and so on (although our latest EBS backups are created using the AWS DLM.
So basically - Jenkins is also used as such a "management unit".