From 043ade4ec5e8d86132c0f51459882f8f4532fd5c Mon Sep 17 00:00:00 2001 From: Peiman Jafari Date: Wed, 28 Oct 2020 00:03:27 -0700 Subject: [PATCH] Initial Commit --- CHANGELOG.md | 4 +++ Dockerfile | 9 +++++ README.md | 53 ++++++++++++++++++++++++++++++ action.yml | 19 +++++++++++ entrypoint.sh | 4 +++ src/amtool_check_config.sh | 45 +++++++++++++++++++++++++ src/main.sh | 67 ++++++++++++++++++++++++++++++++++++++ 7 files changed, 201 insertions(+) create mode 100644 CHANGELOG.md create mode 100644 Dockerfile create mode 100644 README.md create mode 100644 action.yml create mode 100755 entrypoint.sh create mode 100755 src/amtool_check_config.sh create mode 100755 src/main.sh diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..e0bfc78 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,4 @@ +# Changelog + +## v0.0.1 +Initial release. diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..a336aa7 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,9 @@ +FROM alpine:3 + +RUN ["/bin/sh", "-c", "apk add --update --no-cache bash ca-certificates curl git jq openssh"] + +RUN ["bin/sh", "-c", "mkdir -p /src"] + +COPY ["src", "/src/"] + +ENTRYPOINT ["/src/main.sh"] diff --git a/README.md b/README.md new file mode 100644 index 0000000..0a847b5 --- /dev/null +++ b/README.md @@ -0,0 +1,53 @@ +# amomtool GitHub Actions + +amomtool GitHub Actions allow you to check Prometheus Alertmanager config within GitHub Actions. + +The output of the actions can be viewed from the Actions tab in the main repository view. If the actions are executed on a pull request event, a comment may be posted on the pull request. + +## Success Criteria + +An exit code of `0` is considered a successful execution. + +## Usage + +amomtool GitHub Actions are a single GitHub Action that executes amtool check-config subcommand. + +```yaml +name: Check Prometheus Alertmanager Config + +on: + pull_request: + paths: + - 'alertmanager/config.yml' + +jobs: + on-pull-request: + name: On Pull Request + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@master + + - name: Check Prometheus Alertmanager Config + uses: peimanja/amtool-github-actions@master + with: + amtool_actions_config: 'alertmanager/config.yml' + amtool_actions_version: '0.21.0' + amtool_actions_comment: true + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +``` + +## Inputs + +Inputs configure amtool GitHub Actions to perform different actions. + +* `amtool_actions_config` - (Required) Path to Alertmanager config file. +* `amtool_actions_version` - (Optional) amtool version to install and execute (Alertmanager bundle version). The default is set to `latest` and the latest stable version will be pulled down automatically. +* `amtool_actions_comment` - (Optional) Whether or not to comment on GitHub pull requests. Defaults to `true`. + +## Secrets + +Secrets are similar to inputs except that they are encrypted and only used by GitHub Actions. It's a convenient way to keep sensitive data out of the GitHub Actions workflow YAML file. + +* `GITHUB_TOKEN` - (Optional) The GitHub API token used to post comments to pull requests. Not required if the `amtool_actions_comment` input is set to `false`. diff --git a/action.yml b/action.yml new file mode 100644 index 0000000..662fec9 --- /dev/null +++ b/action.yml @@ -0,0 +1,19 @@ +name: 'amtool GitHub Actions' +description: 'Runs Prometheus Alertmanager amtool commands via GitHub Actions.' +author: 'Peiman Jafari' +branding: + icon: 'terminal' + color: 'purple' +inputs: + amtool_actions_config: + description: 'Path to Alertmanager config file.' + required: true + amtool_actions_version: + description: 'amtool version to install.' + default: 'latest' + amtool_actions_comment: + description: 'Whether or not to comment on pull requests.' + default: true +runs: + using: 'docker' + image: './Dockerfile' diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100755 index 0000000..cb4cede --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,4 @@ +#!/bin/sh -l + +amtool check-config $1 + diff --git a/src/amtool_check_config.sh b/src/amtool_check_config.sh new file mode 100755 index 0000000..2f4320c --- /dev/null +++ b/src/amtool_check_config.sh @@ -0,0 +1,45 @@ +#!/bin/bash + +function amtoolCheckConfig { + echo "info: checking if Alertmanager config files are valid or not" + checkconfigOut=$(amtool check-config ${amConfig} ${*} 2>&1) + checkconfigExitCode=${?} + + # Exit code of 0 indicates success. Print the output and exit. + if [ ${checkconfigExitCode} -eq 0 ]; then + echo "checkconfig: info: Alertmanager config files ${amConfig} are valid." + echo "${checkconfigOut}" + echo + checkconfigCommentStatus="Success" + fi + + # Exit code of !0 indicates failure. + if [ ${checkconfigExitCode} -ne 0 ]; then + echo "checkconfig: error: Alertmanager config files ${amConfig} are invalid." + echo "${checkconfigOut}" + echo + checkconfigCommentStatus="Failed" + fi + + # Comment on the pull request if necessary. + if [ "$GITHUB_EVENT_NAME" == "pull_request" ] && [ "${amtoolComment}" == "1" ]; then + checkconfigCommentWrapper="#### \`amtool check-config\` ${checkconfigCommentStatus} +
Show Output + +\`\`\` +${checkconfigOut} +\`\`\` + +
+ +*Workflow: \`${GITHUB_WORKFLOW}\`, Action: \`${GITHUB_ACTION}\`, Files: \`${amConfig}\`*" + + echo "checkconfig: info: creating JSON" + checkconfigPayload=$(echo "${checkconfigCommentWrapper}" | jq -R --slurp '{body: .}') + checkconfigCommentsURL=$(cat ${GITHUB_EVENT_PATH} | jq -r .pull_request.comments_url) + echo "checkconfig: info: commenting on the pull request" + echo "${checkconfigPayload}" | curl -s -S -H "Authorization: token ${GITHUB_TOKEN}" --header "Content-Type: application/json" --data @- "${checkconfigCommentsURL}" > /dev/null + fi + + exit ${checkconfigExitCode} +} diff --git a/src/main.sh b/src/main.sh new file mode 100755 index 0000000..e5aa70a --- /dev/null +++ b/src/main.sh @@ -0,0 +1,67 @@ +#!/bin/bash + +function parseInputs { + # Required inputs + if [ "${INPUT_AMTOOL_ACTIONS_CONFIG}" != "" ]; then + amConfig=${INPUT_AMTOOL_ACTIONS_CONFIG} + else + echo "Input amtool_files cannot be empty" + exit 1 + fi + + # Optional inputs + amtoolVersion="latest" + if [ "${INPUT_AMTOOL_ACTIONS_VERSION}" != "" ] || [ "${INPUT_AMTOOL_ACTIONS_VERSION}" != "latest" ]; then + amtoolVersion=${INPUT_AMTOOL_ACTIONS_VERSION} + fi + + amtoolComment=0 + if [ "${INPUT_AMTOOL_ACTIONS_COMMENT}" == "1" ] || [ "${INPUT_AMTOOL_ACTIONS_COMMENT}" == "true" ]; then + amtoolComment=1 + fi +} + + +function installAmtool { + if [[ "${amtoolVersion}" == "latest" ]]; then + echo "Checking the latest version of Amtool" + amtoolVersion=$(git ls-remote --tags --refs --sort="v:refname" git://github.com/prometheus/alertmanager | grep -v '[-].*' | tail -n1 | sed 's/.*\///' | cut -c 2-) + if [[ -z "${amtoolVersion}" ]]; then + echo "Failed to fetch the latest version" + exit 1 + fi + fi + + + url="https://github.com/prometheus/alertmanager/releases/download/v${amtoolVersion}/alertmanager-${amtoolVersion}.linux-amd64.tar.gz" + + echo "Downloading Amtool v${amtoolVersion}" + curl -s -S -L -o /tmp/amtool_${amtoolVersion} ${url} + if [ "${?}" -ne 0 ]; then + echo "Failed to download Amtool v${amtoolVersion}" + exit 1 + fi + echo "Successfully downloaded Amtool v${amtoolVersion}" + + echo "Unzipping Amtool v${amtoolVersion}" + tar -zxf /tmp/amtool_${amtoolVersion} --strip-components=1 --directory /usr/local/bin &> /dev/null + if [ "${?}" -ne 0 ]; then + echo "Failed to unzip Amtool v${amtoolVersion}" + exit 1 + fi + echo "Successfully unzipped Amtool v${amtoolVersion}" +} + +function main { + # Source the other files to gain access to their functions + scriptDir=$(dirname ${0}) + source ${scriptDir}/amtool_check_config.sh + + parseInputs + cd ${GITHUB_WORKSPACE} + installAmtool + amtoolCheckConfig ${*} + esac +} + +main "${*}"