From ef50722621ce087490877a7f8eeeb246982eb04d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Finw=C3=AB?= Date: Sat, 29 Jan 2022 09:40:09 +0100 Subject: [PATCH] CI (#6) * change: unit test should use Error instead of Fatal * CHANGELOG: update * README: update * add: first draft for the CI * ci: add a releaser, more tests and code analysis * add precommit and fix all the warnings * github: add gosec automated scan * github: add golangci linting * try to avoid duplicated workflows --- .github/workflows/codeql.yml | 70 +++++++++++++++++++ .github/workflows/release.yml | 30 ++++++++ .github/workflows/security.yml | 27 +++++++ .github/workflows/test.yml | 56 +++++++++++++++ .pre-commit-config.yaml | 31 ++++++++ CHANGELOG.md | 32 ++++----- README.md | 4 +- collectors.go | 8 ++- dedibox-exporter.go | 21 ++++-- go.mod | 2 +- go.sum | 4 ++ .../testdata}/fixtures/abuses.json | 0 .../testdata}/fixtures/backup-1234.json | 0 .../testdata}/fixtures/backup-5678.json | 0 .../testdata}/fixtures/ddos.json | 0 .../testdata}/fixtures/plans.json | 0 .../testdata}/fixtures/servers.json | 0 online/testutil/api.go | 16 ++++- 18 files changed, 273 insertions(+), 28 deletions(-) create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/release.yml create mode 100644 .github/workflows/security.yml create mode 100644 .github/workflows/test.yml create mode 100644 .pre-commit-config.yaml rename {testdata => online/testdata}/fixtures/abuses.json (100%) rename {testdata => online/testdata}/fixtures/backup-1234.json (100%) rename {testdata => online/testdata}/fixtures/backup-5678.json (100%) rename {testdata => online/testdata}/fixtures/ddos.json (100%) rename {testdata => online/testdata}/fixtures/plans.json (100%) rename {testdata => online/testdata}/fixtures/servers.json (100%) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..8be0695 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,70 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" + +on: + push: + branches: [ master ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ master ] + schedule: + - cron: '39 13 * * 5' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'go' ] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] + # Learn more about CodeQL language support at https://git.io/codeql-language-support + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # queries: ./path/to/local/query, your-org/your-repo/queries@main + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..5304066 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,30 @@ +name: goreleaser + +on: + push: + tags: + - '*' + branches: + - master + +jobs: + goreleaser: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Set up Go + uses: WillAbides/setup-go-faster@v1.7.0 + with: + go-version: 1.17 + + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v2 + with: + version: latest + args: release --rm-dist + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 0000000..b198097 --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,27 @@ +name: "Security Scan" + +# Run workflow each time code is pushed to your repository and on a schedule. +# The scheduled workflow runs every at 00:00 on Sunday UTC time. +on: + push: + schedule: + - cron: '3 4 * * 0' + +jobs: + tests: + runs-on: ubuntu-latest + env: + GO111MODULE: on + steps: + - name: Checkout Source + uses: actions/checkout@v2 + - name: Run Gosec Security Scanner + uses: securego/gosec@master + with: + # we let the report trigger content trigger a failure using the GitHub Security features. + args: '-no-fail -fmt sarif -out results.sarif ./...' + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v1 + with: + # Path to SARIF file relative to the root of the repository + sarif_file: results.sarif diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..3b9a2a7 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,56 @@ +--- +name: gotest +on: push + +jobs: + gotest: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Set up Go + uses: WillAbides/setup-go-faster@v1.7.0 + with: + go-version: 1.17 + + - name: Test Go Code + run: "go test ./..." + + - name: Run Go Vet + run: "go vet ./..." + + - name: Run StaticCheck + uses: dominikh/staticcheck-action@v1.1.0 + with: + version: "2021.1.1" + install-go: false + + golangci: + name: lint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: golangci-lint + uses: golangci/golangci-lint-action@v2 + with: + # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version + version: latest + + # Optional: working directory, useful for monorepos + # working-directory: somedir + + # Optional: golangci-lint command line arguments. + # args: --issues-exit-code=0 + + # Optional: show only new issues if it's a pull request. The default value is `false`. + # only-new-issues: true + + # Optional: if set to true then the action will use pre-installed Go. + # skip-go-installation: true + + # Optional: if set to true then the action don't cache or restore ~/go/pkg. + # skip-pkg-cache: true + + # Optional: if set to true then the action don't cache or restore ~/.cache/go-build. + # skip-build-cache: true diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..ea9c2b5 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,31 @@ +# See https://pre-commit.com for more information +# See https://pre-commit.com/hooks.html for more hooks +--- +ci: + autofix_prs: true + skip: [] + submodules: false +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v3.2.0 + hooks: + - id: trailing-whitespace + - id: end-of-file-fixer + - id: check-yaml + - repo: https://github.com/compilerla/conventional-pre-commit + rev: v1.2.0 + hooks: + - id: conventional-pre-commit + stages: [commit-msg] + - repo: https://github.com/golangci/golangci-lint + rev: v1.44.0 # Keep this in-sync with `.tool-versions` + hooks: + - id: golangci-lint + - repo: https://github.com/tekwizely/pre-commit-golang + rev: v1.0.0-beta.5 + hooks: + - id: go-fmt + - id: go-fmt-repo + - id: go-sec-mod + - id: go-build-mod + - id: go-mod-tidy diff --git a/CHANGELOG.md b/CHANGELOG.md index c11217a..bb162d3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,19 +9,19 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 added: unit tests around the whole project changed: `collectors` package now use the API client changed: `online` package now provide an API client -changed: replaced `used` by `usage` in dedibackup usage metrics -changed: removed labels `id` and `sender` on dedibox_pending_abuse metrics -changed: removed label `id` on dedibox_ddos metric -changed: dedibox_ddos_count_total is now named dedibox_ddos_count -changed: dedibox_abuse_count_total is now named dedibox_pending_abuse_count -changed: dedibox_abuse is now named dedibox_pending_abuse -fixed: don't dynamically guess the abuse status as we're only retrieving pending abuses now -added: create a CHANGELOG file -fixed: metrics description consistency through the collectors and the README -added: command line flag to manage log level -changed: logging is now done through `sirupsen/logrus` -added: command line flag to select collectors to enable -added: metrics on ddos attacks -added: total abuse count metric -added: parse URL before querying it in the `online` module -changed: only fetch unresolved abuses +changed: replaced `used` by `usage` in dedibackup usage metrics +changed: removed labels `id` and `sender` on dedibox_pending_abuse metrics +changed: removed label `id` on dedibox_ddos metric +changed: dedibox_ddos_count_total is now named dedibox_ddos_count +changed: dedibox_abuse_count_total is now named dedibox_pending_abuse_count +changed: dedibox_abuse is now named dedibox_pending_abuse +fixed: don't dynamically guess the abuse status as we're only retrieving pending abuses now +added: create a CHANGELOG file +fixed: metrics description consistency through the collectors and the README +added: command line flag to manage log level +changed: logging is now done through `sirupsen/logrus` +added: command line flag to select collectors to enable +added: metrics on ddos attacks +added: total abuse count metric +added: parse URL before querying it in the `online` module +changed: only fetch unresolved abuses diff --git a/README.md b/README.md index 1015125..b2c1720 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ A Prometheus Exporter for the [Dedibox API](https://console.online.net/fr/api/) ## Metrics -Note: for metrics like `abuse` or `ddos`, only the first page (latest infos) is fetched from the API to avoid overloading it. +Note: for metrics like `abuse` or `ddos`, only the first page (latest infos) is fetched from the API to avoid overloading it. The goal of this exporter is to create alerts on new DDoS attacks or unresolved abuses, not provide advanced statistic on your account. | Name | Description | Labels | @@ -31,5 +31,5 @@ Require `ONLINE_API_TOKEN` to be set with your Online.net's API token. | metric-path | /metrics | Path under which to expose metrics | ## Issues & Contribution -All bug report, packaging requests, features requests or PR are accepted. +All bug report, packaging requests, features requests or PR are accepted. I mainly created this exporter for my personal usage but I'll be happy to hear about your needs. diff --git a/collectors.go b/collectors.go index a8e2b87..7996b53 100644 --- a/collectors.go +++ b/collectors.go @@ -3,6 +3,8 @@ package main import ( "fmt" "strings" + + log "github.com/sirupsen/logrus" ) var validCollectors = []string{"abuse", "ddos", "plan", "dedibackup"} @@ -44,5 +46,9 @@ func (cs *collectorSlice) Set(cltr string) error { } func (cs *collectorSlice) SetDefaultCollector() { - cs.Set(validCollectors[0]) + err := cs.Set(validCollectors[0]) + if err != nil { + log.Debug(err) + log.WithField("collectors", validCollectors[0]).Fatal("unable to set default collector") + } } diff --git a/dedibox-exporter.go b/dedibox-exporter.go index 86a435a..6544f7d 100644 --- a/dedibox-exporter.go +++ b/dedibox-exporter.go @@ -69,13 +69,20 @@ func main() { }).Info("Starting Dedibox Exporter") http.Handle(metricsPath, promhttp.Handler()) http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { - w.Write([]byte(` - Dedibox Exporter - -

Dedibox Exporter

-

Metrics

- - `)) + _, err := w.Write( + []byte( + ` + Dedibox Exporter + +

Dedibox Exporter

+

Metrics

+ + `, + )) + if err != nil { + log.Debug(err) + log.WithField("path", "/").Error("unable to show the page") + } }) log.Fatal(http.ListenAndServe(listenAddress, nil)) } diff --git a/go.mod b/go.mod index 0bb6377..614fff8 100644 --- a/go.mod +++ b/go.mod @@ -3,6 +3,7 @@ module github.com/FinweVI/dedibox-exporter go 1.17 require ( + github.com/gofrs/uuid v4.2.0+incompatible github.com/mitchellh/mapstructure v1.4.3 github.com/prometheus/client_golang v1.12.0 github.com/sirupsen/logrus v1.8.1 @@ -11,7 +12,6 @@ require ( require ( github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.1.2 // indirect - github.com/gofrs/uuid v4.2.0+incompatible // indirect github.com/golang/protobuf v1.5.2 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect github.com/prometheus/client_model v0.2.0 // indirect diff --git a/go.sum b/go.sum index 627ee26..6d5d2c5 100644 --- a/go.sum +++ b/go.sum @@ -52,6 +52,7 @@ github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMn github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= @@ -156,6 +157,7 @@ github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRW github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= @@ -189,6 +191,7 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -458,6 +461,7 @@ gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/testdata/fixtures/abuses.json b/online/testdata/fixtures/abuses.json similarity index 100% rename from testdata/fixtures/abuses.json rename to online/testdata/fixtures/abuses.json diff --git a/testdata/fixtures/backup-1234.json b/online/testdata/fixtures/backup-1234.json similarity index 100% rename from testdata/fixtures/backup-1234.json rename to online/testdata/fixtures/backup-1234.json diff --git a/testdata/fixtures/backup-5678.json b/online/testdata/fixtures/backup-5678.json similarity index 100% rename from testdata/fixtures/backup-5678.json rename to online/testdata/fixtures/backup-5678.json diff --git a/testdata/fixtures/ddos.json b/online/testdata/fixtures/ddos.json similarity index 100% rename from testdata/fixtures/ddos.json rename to online/testdata/fixtures/ddos.json diff --git a/testdata/fixtures/plans.json b/online/testdata/fixtures/plans.json similarity index 100% rename from testdata/fixtures/plans.json rename to online/testdata/fixtures/plans.json diff --git a/testdata/fixtures/servers.json b/online/testdata/fixtures/servers.json similarity index 100% rename from testdata/fixtures/servers.json rename to online/testdata/fixtures/servers.json diff --git a/online/testutil/api.go b/online/testutil/api.go index b05ac77..73eea1d 100644 --- a/online/testutil/api.go +++ b/online/testutil/api.go @@ -5,12 +5,26 @@ import ( "io/ioutil" "net/http" "net/http/httptest" + "path" + "path/filepath" + "runtime" "strconv" "strings" ) +func RootDir() string { + _, b, _, _ := runtime.Caller(0) + d := path.Join(path.Dir(b)) + return filepath.Dir(d) +} + func fixture(path string) string { - b, err := ioutil.ReadFile("../testdata/fixtures/" + path) + filePath := filepath.Join( + RootDir(), + "/testdata/fixtures/", + path, + ) + b, err := ioutil.ReadFile(filepath.Clean(filePath)) if err != nil { panic(err) }