Merge branch 'build' into master

Author: Dlorite

.github/dependabot.yml

@@ -0,0 +1,14 @@
+version: 2
+registries:
+  docker-registry-quay-io:
+    type: docker-registry
+    url: https://quay.io
+    username: "${{secrets.DEPENDABOT_USER}}"
+    password: "${{secrets.DEPENDABOT_PASS}}"
+updates:
+- package-ecosystem: "docker"
+  directory: "/"
+  schedule:
+    interval: "daily"
+  registries:
+  - docker-registry-quay-io

.github/workflows/image-builder-workflow.yaml

@@ -0,0 +1,79 @@
+name: Build and scan
+
+# Controls when the action will run. Triggers the workflow on push or pull request
+# events but only for the master branch
+on:
+  push:
+    branches: [ build ]
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  build:
+    env:
+      VERSION: latest
+      EXPORTER_NAME: elasticsearch-exporter
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      - name: Login to Artifactory
+        uses: docker/login-action@v1 
+        with:
+          registry: artifactory.internal.sysdig.com
+          username: [email protected]
+          password: ${{ secrets.ARTI_TOKEN }}
+      - name: Increase version and build
+        run: |
+          docker pull artifactory.internal.sysdig.com/$EXPORTER_NAME:$VERSION
+          export RELEASE=$(docker inspect --format '{{ index .Config.Labels "release" }}' artifactory.internal.sysdig.com/$EXPORTER_NAME:$VERSION)
+          docker build --label release=$RELEASE -f Dockerfile -t $EXPORTER_NAME:$VERSION --target scratch .
+          docker build --label version=$RELEASE -f Dockerfile -t $EXPORTER_NAME:$VERSION-ubi --target ubi .  
+
+      - name: Scan local image
+        id: scan-local
+        uses: sysdiglabs/scan-action@v3
+        with:
+          image-tag: "elasticsearch-exporter:latest"
+          sysdig-secure-token: ${{ secrets.SYSDIG_SECURE_TOKEN }}
+          ignore-failed-scan: true
+          input-type: docker-daemon
+          run-as-user: root
+      - name: Scan local image 2
+        id: scan-local2
+        uses: sysdiglabs/scan-action@v3
+        with:
+          image-tag: "elasticsearch-exporter:latest-ubi"
+          sysdig-secure-token: ${{ secrets.SYSDIG_SECURE_TOKEN }}
+          ignore-failed-scan: true
+          input-type: docker-daemon
+          run-as-user: root
+
+      - name: Sarif report
+        uses: github/codeql-action/upload-sarif@v1  
+        if: always()
+        with:
+          sarif_file: ${{ steps.scan-local.outputs.sarifReport }}
+
+      - name: Change the tag of the image
+        run: |
+          docker tag $EXPORTER_NAME:$VERSION artifactory.internal.sysdig.com/$EXPORTER_NAME:$VERSION
+          docker tag $EXPORTER_NAME:$VERSION-ubi artifactory.internal.sysdig.com/$EXPORTER_NAME:$VERSION-ubi
+
+      - name: Push the image
+        run: |
+          docker push artifactory.internal.sysdig.com/$EXPORTER_NAME:$VERSION
+          docker push artifactory.internal.sysdig.com/$EXPORTER_NAME:$VERSION-ubi
+
+      - name: Fake Upload master to Quay.io
+        uses: fjogeleit/http-request-action@master
+        with:
+          url: 'https://sysdig-jenkins.internal.sysdig.com/view/Integrations/job/integrations-elasticsearch-exporter/buildWithParameters?token=${{ secrets.JENKINS_PROMCAT_LAUNCH_TOKEN }}&EXPORTER=elasticsearch-exporter&DRY_RUN=true'
+          method: 'POST'
+          username: [email protected]
+          password: ${{ secrets.JENKINS_PROMCAT_API_TOKEN }}

.github/workflows/release.yaml

@@ -0,0 +1,38 @@
+on:
+  release:
+    types: [released]
+name: Build, test and publish
+jobs:
+  buildDockerImage:
+    env:
+      EXPORTER_NAME: elasticsearch-exporter
+    name: Build docker image
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@master
+    - name: Login to Artifactory
+      uses: docker/login-action@v1 
+      with:
+        registry: artifactory.internal.sysdig.com
+        username: [email protected]
+        password: ${{ secrets.ARTI_TOKEN }}
+    - name: Release if tagged
+      if: "!startswith(github.ref, 'refs/tags/v')"
+      run: exit 78
+    - name: Build image
+      run: |
+        docker build --label release=${{ github.event.release.tag_name }} -f Dockerfile --target scratch -t artifactory.internal.sysdig.com/$EXPORTER_NAME:latest .
+        docker build --label release=${{ github.event.release.tag_name }} -f Dockerfile --target ubi -t artifactory.internal.sysdig.com/$EXPORTER_NAME:${{ github.event.release.tag_name }}-ubi .
+    - name: Publish docker image
+      run: |
+        docker tag artifactory.internal.sysdig.com/$EXPORTER_NAME:latest artifactory.internal.sysdig.com/$EXPORTER_NAME:${{ github.event.release.tag_name }}
+        docker push artifactory.internal.sysdig.com/$EXPORTER_NAME:${{ github.event.release.tag_name }}
+        docker push artifactory.internal.sysdig.com/$EXPORTER_NAME:${{ github.event.release.tag_name }}-ubi
+        docker push artifactory.internal.sysdig.com/$EXPORTER_NAME:latest
+    - name: Upload master to Quay.io
+      uses: fjogeleit/http-request-action@master
+      with:
+        url: 'https://sysdig-jenkins.internal.sysdig.com/view/Integrations/job/integrations-elasticsearch-exporter/buildWithParameters?token=${{ secrets.JENKINS_PROMCAT_LAUNCH_TOKEN }}&EXPORTER=elasticsearch-exporter&DRY_RUN=false'
+        method: 'POST'
+        username: [email protected]
+        password: ${{ secrets.JENKINS_PROMCAT_API_TOKEN }}

.gometalinter.json

@@ -0,0 +1,10 @@
+{
+  "Cyclo": 40,
+  "Deadline": "6m",
+  "EnableGC": true,
+  "Exclude": ["TLS InsecureSkipVerify set true.",
+    "Potential file inclusion via variable",
+    "Errors unhandled.,LOW,HIGH"
+  ],
+  "Sort": ["linter", "severity", "path", "line"]
+}

.idea/.gitignore

@@ -0,0 +1,15 @@
+language: go
+
+go:
+  - 1.16.x
+  - tip
+
+script:
+  - make style
+  - make vet
+  - make build
+  - make test
+
+matrix:
+  allow_failures:
+    - go: tip