Merge branch 'build' into master

Author: Dlorite

.github/dependabot.yml

@@ -1,6 +1,14 @@
 version: 2
+registries:
+  docker-registry-quay-io:
+    type: docker-registry
+    url: https://quay.io
+    username: "${{secrets.DEPENDABOT_USER}}"
+    password: "${{secrets.DEPENDABOT_PASS}}"
 updates:
-  - package-ecosystem: "gomod"
-    directory: "/"
-    schedule:
-      interval: "monthly"
+- package-ecosystem: "docker"
+  directory: "/"
+  schedule:
+    interval: "daily"
+  registries:
+  - docker-registry-quay-io

.github/workflows/build.yaml

@@ -0,0 +1,29 @@
+name: Build
+
+# Controls when the action will run. Triggers the workflow on push or pull request
+# events but only for the master branch
+on:
+  push:
+    branches: [ build ]
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  build:
+    strategy:
+      matrix:
+        docker: ['scratch','ubi']
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+    name: ${{ matrix.docker }}
+    steps:
+    - name: build
+      uses: sysdiglabs/[email protected]
+      with:
+        exporter: postgresql-exporter
+        artifactory_token: ${{ secrets.ARTI_TOKEN }}
+        artifactory_username: [email protected]
+        sysdig_secure_token: ${{ secrets.SYSDIG_SECURE_TOKEN }}
+        tag_name: dev
+        target: ${{ matrix.docker }}
+        repository: artifactory.internal.sysdig.com

.github/workflows/push.yaml

@@ -0,0 +1,23 @@
+name: Push
+
+# Controls when the action will run. Triggers the workflow on push or pull request
+# events but only for the master branch
+on:
+  workflow_run:
+    workflows: [Release]
+    types: [completed]
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  on-success:
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+    steps:
+    - name: Upload master to Quay.io
+      uses: fjogeleit/http-request-action@master
+      with:
+        url: 'https://sysdig-jenkins.internal.sysdig.com/view/Integrations/job/integrations-postgresql-exporter/buildWithParameters?token=${{ secrets.JENKINS_PROMCAT_LAUNCH_TOKEN }}&EXPORTER=postgresql-exporter&DRY_RUN=false'
+        method: 'POST'
+        username: [email protected]
+        password: ${{ secrets.JENKINS_PROMCAT_API_TOKEN }}

.github/workflows/release.yaml

@@ -0,0 +1,24 @@
+name: Release
+on:
+  release:
+    types: [released]
+jobs:
+  buildDockerImage:
+    strategy:
+      matrix:
+        docker: ['scratch','ubi']
+    name: Build docker image ${{ matrix.docker }}
+    runs-on: ubuntu-latest
+    steps:
+    - name: Release if tagged
+      if: "!startswith(github.ref, 'refs/tags/v')"
+      run: exit 78
+    - name: build
+      uses: sysdiglabs/[email protected]
+      with:
+        exporter: postgresql-exporter
+        artifactory_token: ${{ secrets.ARTI_TOKEN }}
+        artifactory_username: [email protected]
+        tag_name: ${{ github.event.release.tag_name }}
+        target: ${{ matrix.docker }}
+        repository: artifactory.internal.sysdig.com

Dockerfile

@@ -1,12 +1,29 @@
-ARG ARCH="amd64"
-ARG OS="linux"
-FROM quay.io/prometheus/busybox-${OS}-${ARCH}:latest
-LABEL maintainer="The Prometheus Authors <[email protected]>"
+FROM golang:1.17.2 as base
+ARG VERSION
+ARG GIT_COMMIT
+ARG DATE
+ARG TARGETARCH
 
-ARG ARCH="amd64"
-ARG OS="linux"
-COPY .build/${OS}-${ARCH}/postgres_exporter /bin/postgres_exporter
+WORKDIR /go/src/github.com/prometheus-community/postgres_exporter
 
+FROM base as builder
+COPY go.mod go.sum ./
+RUN go mod download
+COPY cmd ./cmd
+COPY .promu.yml .promu.yml
+COPY Makefile Makefile
+COPY Makefile.common Makefile.common
+RUN make build
+RUN cp postgres_exporter /bin/postgres_exporter
+
+FROM scratch as scratch
+COPY --from=builder /bin/postgres_exporter /bin/postgres_exporter
 EXPOSE     9187
-USER       nobody
+USER       59000:59000
 ENTRYPOINT [ "/bin/postgres_exporter" ]
+
+FROM quay.io/sysdig/sysdig-mini-ubi:1.3.1 as ubi
+COPY --from=builder /bin/postgres_exporter /bin/postgres_exporter
+EXPOSE     9187
+USER       59000:59000
+ENTRYPOINT [ "/bin/postgres_exporter" ]

build/Jenkinsfile

@@ -0,0 +1,56 @@
+string projectName = "prometheus-integrations"
+
+pipeline {
+    agent none
+
+
+    options {
+        skipDefaultCheckout()
+    }
+
+    environment {
+        registryCredential = 'jenkins-artifactory'
+        ARTIFACTORY_URL = 'docker.internal.sysdig.com'
+    }
+
+    parameters {
+        booleanParam(name: 'DRY_RUN', defaultValue: true, description: 'Perform a dry run (does not push images)')
+        string(name: 'EXPORTER', defaultValue: "exporter", description: 'Exporter name')
+    }
+    
+    stages {
+        stage('Pull image from artifactory') {
+            agent any
+            steps {
+                script {
+                    docker.withRegistry("https://${env.ARTIFACTORY_URL}",  registryCredential) {        
+                        sh """docker pull ${env.ARTIFACTORY_URL}/${env.EXPORTER}:latest"""
+                        env.VERSION = sh(script:"""docker inspect --format '{{ index .Config.Labels "release" }}' ${env.ARTIFACTORY_URL}/${env.EXPORTER}:latest""", returnStdout: true).trim()
+                        echo "VERSION = ${env.VERSION}"
+                        sh """docker pull ${env.ARTIFACTORY_URL}/${env.EXPORTER}:${env.VERSION}"""
+                        sh """docker pull ${env.ARTIFACTORY_URL}/${env.EXPORTER}:${env.VERSION}-ubi"""
+                    }
+                }
+            }
+        }
+        stage('Push image to Quay'){
+            agent any
+            steps {
+                script {
+                    if (params.DRY_RUN) {
+                        echo "docker push quay.io/sysdig/${env.EXPORTER}:${env.VERSION}"
+                    } else {
+                    docker.withRegistry("https://quay.io", "QUAY") {
+                        sh """docker tag ${env.ARTIFACTORY_URL}/${env.EXPORTER}:${env.VERSION} quay.io/sysdig/${env.EXPORTER}:${env.VERSION}"""
+                        sh """docker tag ${env.ARTIFACTORY_URL}/${env.EXPORTER}:${env.VERSION} quay.io/sysdig/${env.EXPORTER}:latest"""
+                        sh """docker tag ${env.ARTIFACTORY_URL}/${env.EXPORTER}:${env.VERSION}-ubi quay.io/sysdig/${env.EXPORTER}:${env.VERSION}-ubi"""
+                        sh """docker push quay.io/sysdig/${env.EXPORTER}:${env.VERSION}"""
+                        sh """docker push quay.io/sysdig/${env.EXPORTER}:latest"""
+                        sh """docker push quay.io/sysdig/${env.EXPORTER}:${env.VERSION}-ubi"""
+                        }
+                    }
+                }
+            }
+        }
+    } //stages
+}