DEV Community 👩‍💻👨‍💻

Arseny Zinchenko
Arseny Zinchenko

Posted on • Originally published at rtfm.co.ua on

Jenkins: a job to check a Github organization’s public repositories list

Proceeding with a Github repositories checker.

To recall: the idea is to have such a check in case if somebody from developers accidentally will share our project’s private repository as public, or will create a public repository instead of making it as a private one – we will get a Slack alarm about such a new repository.

The tool to check and send Slack notification was written in the Go: checking public repositories list in Github. Go slices comparison. The first Golang experience post.

In this post – will create a Docker image and a Jenkin’s job which will be running each night to execute check.

Dockerfile

Create a Dockerfile.

Use golang:alpine and:

  1. copy the utility’s source file
  2. install Go’s dependencies
  3. build a binary to the /go/bin directory as github-checker executable file
  4. add default action – run /go/bin/github-checker

The file:

# alpine as mininal image
FROM golang:alpine
# git for go get
RUN apk update && apk add --no-cache git
# copy source from a current dir
COPY go-github-public-repos-checker.go .
# install deps
RUN go get -d -v
# build to /go/bin
RUN go build -o /go/bin/github-checker
# set default entrypoint
CMD ["/go/bin/github-checker"]

Read more about CMD vs ENTRYPOINT here>>>.

Build an image:

$ docker build -t projectname/projectname-github-checker:1.0 .

Check it.

Set environment variables:

$ export GITHUB_ORG_NAME="rtfmorg"
$ export ALLOWED_REPOS="org-repo-1-pub org-repo-2-pub"
$ export SLACK_CHANNEL="#general"
$ export SLACK_URL="https://hooks.slack.com/services/T16***WRE"

Run container passing variables with the -e:

$ docker run -ti -e GITHUB_ORG_NAME=${GITHUB_ORG_NAME} -e ALLOWED_REPOS="${ALLOWED_REPOS}" -e SLACK_CHANNEL=${SLACK_CHANNEL} -e SLACK_URL=${SLACK_URL} projectname/projectname-github-checker:1.0
Checking org-repo-1-pub
OK: repo org-repo-1-pub found in Allowed
Checking org-repo-2-pub
OK: repo org-repo-2-pub found in Allowed

Push to the DockerHub:

$ docker push projectname/projectname-github-checker:1.0

Jenkins

Create a new job and start Docker via Pipeline script:

The script itself:

node {
    stage('Check repositories') {
        docker.image('projectname/projectname-github-checker:1.0').run("-e GITHUB_ORG_NAME=${GITHUB_ORG_NAME} \
        -e ALLOWED_REPOS=${ALLOWED_REPOS} \
        -e SLACK_CHANNEL=${SLACK_CHANNEL} \
        -e SLACK_URL=${SLACK_URL}")
    }
}

Add parameters which will be passed to the container.

SLACK_URL contains token so set it as Password Parameter.

ALLOWED_REPOS contains a list to be parsed by Go in the utility, so set in the quotes:

Add schedule, the crontab.guru can be used:

Run job, for testing – without one of our public repository in the ALLOWED_REPOS parameter:

Done.

Similar posts

Top comments (2)

Collapse
 
dmfay profile image
Dian Fay

Neat idea! Are you using Jenkins over cron/SystemD timers just to keep things centralized or is there another reason?

Collapse
 
setevoy profile image
Arseny Zinchenko

Jenkins used for a lot of things - build, deploy applications (both mobile Android/iOS and PHP for our backend).
Also, we have CloudFormation and Ansible jobs in there for AWS services provisioning, etc.

And I have just a dedicated folder in Jenkins with few cronjobs to be running to keep them in Jenkins instead of using some Linux host with usual cronjobs, like creating AWS EBS backups from a Docker with AWS CLI and so on (although our latest EBS backups are created using the AWS DLM.

So basically - Jenkins is also used as such a "management unit".

Timeless DEV post...

Git Concepts I Wish I Knew Years Ago

The most used technology by developers is not Javascript.

It's not Python or HTML.

It hardly even gets mentioned in interviews or listed as a pre-requisite for jobs.

I'm talking about Git and version control of course.

One does not simply learn git