diff --git a/zabbix-alpine-builder/.gitea/workflows/build.yml b/zabbix-alpine-builder/.gitea/workflows/build.yml deleted file mode 100644 index 127af18..0000000 --- a/zabbix-alpine-builder/.gitea/workflows/build.yml +++ /dev/null @@ -1,207 +0,0 @@ -name: Build Zabbix APK on New Release - -# Trigger the workflow on schedule (daily at 2 AM UTC) and manual dispatch -on: - schedule: - - cron: '0 2 * * *' # Daily at 2 AM UTC - workflow_dispatch: # Allow manual triggering - -jobs: - build: - name: Build Zabbix APK Packages - runs-on: ubuntu-latest - container: - image: alpine:latest - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - token: ${{ secrets.GITHUB_TOKEN }} - fetch-depth: 0 - - - name: Install dependencies - run: | - apk update - apk add --no-cache \ - alpine-sdk \ - git \ - curl \ - bash \ - grep \ - sed \ - coreutils - - - name: Check for new Zabbix version - id: version_check - run: | - echo "Checking for new Zabbix 7.4.x versions..." - - # Install jq for JSON parsing - apk add --no-cache jq - - # Fetch the latest stable version from Zabbix Bitbucket API (stable releases only) - LATEST_VERSION=$(curl -s "https://git.zabbix.com/rest/api/1.0/projects/ZBX/repos/zabbix/tags?limit=100" | \ - jq -r '.values[].displayId' | \ - grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | \ - grep -v 'rc\|beta\|alpha' | \ - sort -V | \ - tail -1) - - # Validate version format - if [[ ! "$LATEST_VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then - echo "Error: Invalid version format detected: $LATEST_VERSION" - exit 1 - fi - - echo "Latest upstream version: $LATEST_VERSION" - - # Extract current version from APKBUILD - CURRENT_VERSION=$(grep '^pkgver=' zabbix/APKBUILD | cut -d'=' -f2) - echo "Current package version: $CURRENT_VERSION" - - # Compare versions - if [ "$LATEST_VERSION" = "$CURRENT_VERSION" ]; then - echo "No new version available. Current version $CURRENT_VERSION is up to date." - echo "new_version_available=false" >> $GITHUB_OUTPUT - else - echo "New version available: $LATEST_VERSION" - echo "new_version_available=true" >> $GITHUB_OUTPUT - echo "latest_version=$LATEST_VERSION" >> $GITHUB_OUTPUT - echo "current_version=$CURRENT_VERSION" >> $GITHUB_OUTPUT - fi - - - name: Update APKBUILD with new version - if: steps.version_check.outputs.new_version_available == 'true' - run: | - echo "Updating APKBUILD with version ${{ steps.version_check.outputs.latest_version }}" - - # Update package version in APKBUILD - sed -i "s/^pkgver=.*/pkgver=${{ steps.version_check.outputs.latest_version }}/" zabbix/APKBUILD - - # Reset package release number for new version - sed -i "s/^pkgrel=.*/pkgrel=0/" zabbix/APKBUILD - - echo "APKBUILD updated successfully" - - - name: Create build user and setup environment - if: steps.version_check.outputs.new_version_available == 'true' - run: | - echo "Setting up build environment..." - - # Create build user - adduser -D -s /bin/bash builder - addgroup builder abuild - - # Setup abuild directories - mkdir -p /home/builder/.abuild - chown -R builder:builder /home/builder - - # Generate signing key for builder user - su - builder -c "abuild-keygen -a -n" - - # Copy project files to builder's workspace - cp -r /github/workspace /home/builder/workspace - chown -R builder:builder /home/builder/workspace - - - name: Update checksums - if: steps.version_check.outputs.new_version_available == 'true' - run: | - echo "Updating checksums for new version..." - cd /home/builder/workspace/zabbix - - # First, fetch the source to calculate checksums - su - builder -c "cd /home/builder/workspace/zabbix && abuild fetch" - - # Update checksums in APKBUILD - su - builder -c "cd /home/builder/workspace/zabbix && abuild checksum" - - # Copy updated APKBUILD back to workspace - cp /home/builder/workspace/zabbix/APKBUILD /github/workspace/zabbix/APKBUILD - - echo "Checksums updated successfully" - - - name: Build packages - if: steps.version_check.outputs.new_version_available == 'true' - run: | - echo "Building Zabbix packages..." - cd /home/builder/workspace - su - builder -c "cd /home/builder/workspace && ./build.sh" - - - name: Collect build artifacts - if: steps.version_check.outputs.new_version_available == 'true' - run: | - echo "Collecting build artifacts..." - - # Create artifacts directory - mkdir -p /github/workspace/artifacts - - # Copy generated packages - if [ -d "/home/builder/packages" ]; then - find /home/builder/packages -name "zabbix*.apk" -type f -exec cp {} /github/workspace/artifacts/ \; - echo "Artifacts collected:" - ls -la /github/workspace/artifacts/ - else - echo "No packages found in /home/builder/packages" - fi - - - name: Archive build artifacts - if: steps.version_check.outputs.new_version_available == 'true' - uses: actions/upload-artifact@v4 - with: - name: zabbix-apk-packages-${{ steps.version_check.outputs.latest_version }} - path: artifacts/*.apk - retention-days: 30 - - - name: Commit and push changes - if: steps.version_check.outputs.new_version_available == 'true' - run: | - echo "Committing and pushing changes..." - - # Configure git - git config --global user.name "Zabbix APK Builder Bot" - git config --global user.email "builder@example.com" - git config --global --add safe.directory /github/workspace - - # Add changes - git add zabbix/APKBUILD - - # Check if there are changes to commit - if git diff --staged --quiet; then - echo "No changes to commit" - else - # Commit changes - git commit -m "Update Zabbix to version ${{ steps.version_check.outputs.latest_version }} - - - Updated pkgver from ${{ steps.version_check.outputs.current_version }} to ${{ steps.version_check.outputs.latest_version }} - - Reset pkgrel to 0 for new version - - Updated checksums for new source package - - Built packages: - - zabbix-agent-${{ steps.version_check.outputs.latest_version }}-r0.apk - - zabbix-proxy-${{ steps.version_check.outputs.latest_version }}-r0.apk" - - # Push to test branch (create if doesn't exist) - git checkout -B test - git push origin test --force-with-lease - - echo "Changes committed and pushed to test branch successfully" - fi - - - name: Build summary - if: always() - run: | - echo "## Build Summary" >> $GITHUB_STEP_SUMMARY - - if [ "${{ steps.version_check.outputs.new_version_available }}" = "true" ]; then - echo "✅ **New version detected and built successfully**" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "- **Previous version:** ${{ steps.version_check.outputs.current_version }}" >> $GITHUB_STEP_SUMMARY - echo "- **New version:** ${{ steps.version_check.outputs.latest_version }}" >> $GITHUB_STEP_SUMMARY - echo "- **Build artifacts:** Available in workflow artifacts" >> $GITHUB_STEP_SUMMARY - echo "- **Repository:** Changes pushed to \`test\` branch" >> $GITHUB_STEP_SUMMARY - else - echo "ℹ️ **No new version available**" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "The current version is up to date with the latest upstream release." >> $GITHUB_STEP_SUMMARY - fi diff --git a/zabbix-alpine-builder/README.md b/zabbix-alpine-builder/README.md deleted file mode 100644 index e1c09e0..0000000 --- a/zabbix-alpine-builder/README.md +++ /dev/null @@ -1,174 +0,0 @@ -# Zabbix 7.4 APK Builder for Alpine Linux - -## Overview - -This project provides an automated solution for building Zabbix Agent and Proxy packages (.apk files) for Alpine Linux. The system automatically monitors the official Zabbix repository for new 7.4.x releases and builds updated packages when new versions are detected. - -The project creates two separate packages from a single APKBUILD: -- **zabbix-agent**: Lightweight monitoring agent for data collection -- **zabbix-proxy**: Monitoring proxy with SQLite 3 support for distributed monitoring - -## File Structure - -``` -/home/mbuz/zabbix-git/zabbix-alpine-builder/ -├── .gitea/ -│ └── workflows/ -│ └── build.yml # Gitea Actions CI/CD workflow -├── zabbix/ -│ └── APKBUILD # Alpine package build specification -├── build.sh # Local build script for testing -├── test-version-check.sh # Version check validation script -└── README.md # This documentation file -``` - -## Prerequisites - -For local building, you need the following Alpine Linux packages: - -```bash -sudo apk add alpine-sdk git -``` - -The `alpine-sdk` package includes: -- `abuild` - Alpine package builder -- `build-base` - Essential build tools -- Development headers and libraries - -## Manual Build - -To build the packages locally for testing: - -1. **Clone or navigate to the project directory:** - ```bash - cd /home/mbuz/zabbix-git/zabbix-alpine-builder - ``` - -2. **Run the build script:** - ```bash - ./build.sh - ``` - -3. **The script will:** - - Check for required dependencies - - Set up the abuild environment (create signing keys if needed) - - Navigate to the `zabbix/` directory - - Download Zabbix source code - - Update checksums automatically - - Build both agent and proxy packages - - Create a local package repository - -4. **Generated packages will be available in:** - ``` - ~/packages/zabbix-agent-7.4.x-r0.apk - ~/packages/zabbix-proxy-7.4.x-r0.apk - ``` - -## Testing Version Check - -To validate the version checking logic without running a full build: - -```bash -./test-version-check.sh -``` - -This script tests the same version detection logic used by the CI/CD workflow and reports whether a build would be triggered. - -## CI/CD Automation - -The project includes automated package building through Gitea Actions: - -### Workflow Configuration - -The workflow file `.gitea/workflows/build.yml` provides: - -- **Scheduled Execution**: Runs daily at 2:00 AM UTC to check for new versions -- **Manual Triggering**: Can be triggered manually via the Gitea Actions interface -- **Alpine Container**: Builds packages in a clean Alpine Linux environment - -### Automated Process - -1. **Version Detection**: - - Uses the Zabbix Bitbucket REST API for accurate version detection - - Filters out release candidates, beta, and alpha versions - - Only considers stable releases matching the pattern `X.Y.Z` - - Compares with the current version in `APKBUILD` - -2. **Build Trigger**: - - Only proceeds if a newer version is detected - - Gracefully stops if no update is needed - -3. **Package Building**: - - Updates `pkgver` in the `APKBUILD` file - - Fetches source code using `abuild fetch` - - Recalculates source checksums using `abuild checksum` - - Builds both agent and proxy packages - - Validates the build process - -4. **Version Control**: - - Commits the updated `APKBUILD` with new version information - - Pushes changes to the `test` branch - - Includes detailed commit messages with version changes - -5. **Artifact Management**: - - Archives generated `.apk` files as build artifacts - - Provides downloadable packages for 30 days - - Generates build summary reports - -### Build Artifacts - -Successful builds produce: -- `zabbix-agent-{version}-r0.apk` - Monitoring agent package -- `zabbix-proxy-{version}-r0.apk` - Monitoring proxy package with SQLite support - -## Package Details - -### Zabbix Agent Package -- **Binary**: `/usr/sbin/zabbix_agentd` -- **Configuration**: `/etc/zabbix/zabbix_agentd.conf` -- **Runtime Dependencies**: pcre2, libevent, openssl, net-snmp, curl -- **Log Directory**: `/var/log/zabbix/agent` -- **Data Directory**: `/var/lib/zabbix/agent` - -### Zabbix Proxy Package -- **Binary**: `/usr/sbin/zabbix_proxy` -- **Configuration**: `/etc/zabbix/zabbix_proxy.conf` -- **Runtime Dependencies**: pcre2, libevent, openssl, net-snmp, curl, sqlite, libxml2 -- **Database Support**: SQLite 3 -- **Log Directory**: `/var/log/zabbix/proxy` -- **Data Directory**: `/var/lib/zabbix/proxy` - -## Security Considerations - -- Packages run under a dedicated `zabbix` user account -- Configuration files have restricted permissions (640) -- Service directories are owned by the zabbix user -- Signing keys are automatically generated for package integrity - -## Troubleshooting - -### Local Build Issues - -1. **Missing dependencies**: Ensure `alpine-sdk` and `git` are installed -2. **Permission errors**: Don't run the build script as root -3. **Signing key errors**: The script will automatically generate keys on first run -4. **Network issues**: Ensure internet access for downloading Zabbix sources - -### CI/CD Issues - -1. **Build failures**: Check the workflow logs in Gitea Actions -2. **Version detection**: Verify access to the upstream Zabbix repository -3. **Push failures**: Ensure proper repository permissions for the bot account - -## Contributing - -To contribute to this project: - -1. Test local builds before submitting changes -2. Update version numbers appropriately -3. Maintain compatibility with Alpine Linux packaging standards -4. Document any significant changes in commit messages - -## License - -This project follows the same licensing as Zabbix (AGPL-3.0-only for versions 7.0+) for package building scripts. The generated packages contain Zabbix software under its original license terms. diff --git a/zabbix-alpine-builder/build.sh b/zabbix-alpine-builder/build.sh deleted file mode 100755 index 070aa52..0000000 --- a/zabbix-alpine-builder/build.sh +++ /dev/null @@ -1,153 +0,0 @@ -#!/bin/bash - -# Zabbix APK Builder - Local Build Script -# This script performs a local build of the Zabbix packages for testing purposes - -set -euo pipefail - -# Script configuration -SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -ZABBIX_DIR="$SCRIPT_DIR/zabbix" - -# Colors for output -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -NC='\033[0m' # No Color - -# Logging functions -log_info() { - echo -e "${GREEN}[INFO]${NC} $1" -} - -log_warn() { - echo -e "${YELLOW}[WARN]${NC} $1" -} - -log_error() { - echo -e "${RED}[ERROR]${NC} $1" -} - -# Check if we're running as root (required for abuild) -check_root() { - if [[ $EUID -eq 0 ]]; then - log_error "This script should not be run as root" - log_info "Please run as a regular user with sudo access" - exit 1 - fi -} - -# Check dependencies -check_dependencies() { - log_info "Checking build dependencies..." - - if ! command -v abuild &> /dev/null; then - log_error "abuild not found. Please install alpine-sdk:" - log_info " sudo apk add alpine-sdk" - exit 1 - fi - - if ! command -v git &> /dev/null; then - log_error "git not found. Please install git:" - log_info " sudo apk add git" - exit 1 - fi - - log_info "Dependencies check passed" -} - -# Setup abuild environment -setup_abuild() { - log_info "Setting up abuild environment..." - - # Create abuild config if it doesn't exist - if [[ ! -f "$HOME/.abuild/abuild.conf" ]]; then - log_info "Creating abuild configuration..." - mkdir -p "$HOME/.abuild" - echo "PACKAGER_PRIVKEY=\"$HOME/.abuild/$(whoami)-$(date +%Y%m%d).rsa\"" > "$HOME/.abuild/abuild.conf" - fi - - # Generate signing key if it doesn't exist - if [[ ! -f "$HOME/.abuild/$(whoami)-"*".rsa" ]]; then - log_info "Generating abuild signing key..." - abuild-keygen -a -i - fi -} - -# Main build function -build_packages() { - log_info "Starting Zabbix package build..." - - # Navigate to the zabbix directory containing APKBUILD - if [[ ! -d "$ZABBIX_DIR" ]]; then - log_error "Zabbix directory not found: $ZABBIX_DIR" - exit 1 - fi - - cd "$ZABBIX_DIR" - - # Check if APKBUILD exists - if [[ ! -f "APKBUILD" ]]; then - log_error "APKBUILD file not found in $ZABBIX_DIR" - exit 1 - fi - - log_info "Building packages with abuild..." - - # Clean any previous builds - abuild clean || true - - # Fetch sources and verify checksums - log_info "Fetching sources..." - abuild fetch - - # Update checksums if needed (important for new versions) - log_info "Updating checksums..." - abuild checksum - - # Build the packages and create local repository index - # -r flag creates a local repository with package index - log_info "Building packages and creating repository index..." - abuild -r - - if [[ $? -eq 0 ]]; then - log_info "Build completed successfully!" - log_info "Generated packages can be found in ~/packages/" - - # List generated packages - if [[ -d "$HOME/packages" ]]; then - log_info "Generated APK files:" - find "$HOME/packages" -name "zabbix*.apk" -type f -exec basename {} \; | sort - fi - else - log_error "Build failed!" - exit 1 - fi -} - -# Cleanup function -cleanup() { - log_info "Cleaning up build artifacts..." - cd "$ZABBIX_DIR" - abuild clean || true -} - -# Main execution -main() { - log_info "Zabbix APK Builder - Local Build Script" - log_info "========================================" - - check_root - check_dependencies - setup_abuild - - # Trap cleanup on exit - trap cleanup EXIT - - build_packages - - log_info "Build process completed!" -} - -# Run main function -main "$@" diff --git a/zabbix-alpine-builder/test-version-check.sh b/zabbix-alpine-builder/test-version-check.sh deleted file mode 100755 index 917ca8e..0000000 --- a/zabbix-alpine-builder/test-version-check.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash - -# Test script for version checking logic -# This script simulates the version check workflow to ensure it works correctly - -set -euo pipefail - -echo "=== Zabbix Version Check Test ===" - -# Test the API endpoint and version extraction -echo "Testing version check API..." - -LATEST_VERSION=$(curl -s "https://git.zabbix.com/rest/api/1.0/projects/ZBX/repos/zabbix/tags?limit=100" | \ - jq -r '.values[].displayId' | \ - grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | \ - grep -v 'rc\|beta\|alpha' | \ - sort -V | \ - tail -1) - -# Validate version format -if [[ ! "$LATEST_VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then - echo "❌ Error: Invalid version format detected: $LATEST_VERSION" - exit 1 -fi - -echo "✅ Latest upstream version: $LATEST_VERSION" - -# Extract current version from APKBUILD -CURRENT_VERSION=$(grep '^pkgver=' zabbix/APKBUILD | cut -d'=' -f2) -echo "✅ Current package version: $CURRENT_VERSION" - -# Compare versions -if [ "$LATEST_VERSION" = "$CURRENT_VERSION" ]; then - echo "✅ No new version available. Current version $CURRENT_VERSION is up to date." - echo " Build would be skipped in CI/CD." -else - echo "🔄 New version available: $LATEST_VERSION" - echo " Build would be triggered in CI/CD." -fi - -echo "" -echo "=== Test completed successfully ===" diff --git a/zabbix-alpine-builder/zabbix/APKBUILD b/zabbix-alpine-builder/zabbix/APKBUILD deleted file mode 100644 index a9b5e72..0000000 --- a/zabbix-alpine-builder/zabbix/APKBUILD +++ /dev/null @@ -1,137 +0,0 @@ -# Maintainer: Zabbix APK Builder -pkgname=zabbix -pkgver=7.4.2 -pkgrel=0 -pkgdesc="An enterprise-class open source distributed monitoring solution" -url="https://www.zabbix.com/" -arch="all" -license="AGPL-3.0-only" -makedepends=" - alpine-sdk - autoconf - automake - libtool - pcre2-dev - libevent-dev - openssl-dev - net-snmp-dev - curl-dev - sqlite-dev - unixodbc-dev - postgresql-dev - mysql-dev - libxml2-dev - zlib-dev - " -subpackages="$pkgname-agent $pkgname-proxy" -source="https://cdn.zabbix.com/zabbix/sources/stable/7.4/zabbix-$pkgver.tar.gz" - -# User and group for Zabbix -_zabbix_user="zabbix" -_zabbix_group="zabbix" - -prepare() { - default_prepare - autoreconf -fiv -} - -build() { - # Common configuration options - local _common_config=" - --prefix=/usr - --sysconfdir=/etc/zabbix - --localstatedir=/var - --enable-ipv6 - --with-libcurl - --with-libxml2 - --with-net-snmp - --with-openssl - --with-pcre2 - " - - # Build agent - ./configure $_common_config \ - --enable-agent \ - --disable-server \ - --disable-proxy - make - - # Save agent binary - mv src/zabbix_agentd/zabbix_agentd zabbix_agentd.built - - # Clean for proxy build - make clean - - # Build proxy - ./configure $_common_config \ - --disable-agent \ - --disable-server \ - --enable-proxy \ - --with-sqlite3 - make - - # Save proxy binary - mv src/zabbix_proxy/zabbix_proxy zabbix_proxy.built -} - -package() { - # Main package - create zabbix user - addgroup -S $_zabbix_group - adduser -S -D -H -h /var/lib/zabbix -s /sbin/nologin -G $_zabbix_group $_zabbix_user - - # Create common directories - install -d -m755 -o $_zabbix_user -g $_zabbix_group \ - "$pkgdir"/var/lib/zabbix \ - "$pkgdir"/var/log/zabbix \ - "$pkgdir"/var/run/zabbix - - # Install common configuration files - install -d -m755 "$pkgdir"/etc/zabbix -} - -agent() { - pkgdesc="Zabbix monitoring agent" - depends="pcre2 libevent openssl net-snmp curl" - - # Install agent binary - install -d -m755 "$subpkgdir"/usr/sbin - install -m755 "$builddir"/zabbix_agentd.built "$subpkgdir"/usr/sbin/zabbix_agentd - - # Install agent configuration - install -d -m755 "$subpkgdir"/etc/zabbix - install -m640 -o root -g $_zabbix_group \ - "$builddir"/conf/zabbix_agentd.conf "$subpkgdir"/etc/zabbix/ - - # Create agent-specific directories - install -d -m755 -o $_zabbix_user -g $_zabbix_group \ - "$subpkgdir"/var/lib/zabbix/agent \ - "$subpkgdir"/var/log/zabbix/agent - - # Install init script placeholder (to be created separately) - install -d -m755 "$subpkgdir"/etc/init.d -} - -proxy() { - pkgdesc="Zabbix monitoring proxy with SQLite support" - depends="pcre2 libevent openssl net-snmp curl sqlite libxml2" - - # Install proxy binary - install -d -m755 "$subpkgdir"/usr/sbin - install -m755 "$builddir"/zabbix_proxy.built "$subpkgdir"/usr/sbin/zabbix_proxy - - # Install proxy configuration - install -d -m755 "$subpkgdir"/etc/zabbix - install -m640 -o root -g $_zabbix_group \ - "$builddir"/conf/zabbix_proxy.conf "$subpkgdir"/etc/zabbix/ - - # Create proxy-specific directories - install -d -m755 -o $_zabbix_user -g $_zabbix_group \ - "$subpkgdir"/var/lib/zabbix/proxy \ - "$subpkgdir"/var/log/zabbix/proxy - - # Install init script placeholder (to be created separately) - install -d -m755 "$subpkgdir"/etc/init.d -} - -# Checksums will be updated by CI/CD workflow -sha512sums="SKIP" diff --git a/zabbix-apk-builder/.github/workflows/build.yml b/zabbix-apk-builder/.gitea/workflows/build.yml similarity index 85% rename from zabbix-apk-builder/.github/workflows/build.yml rename to zabbix-apk-builder/.gitea/workflows/build.yml index 8b2222d..196c6d9 100644 --- a/zabbix-apk-builder/.github/workflows/build.yml +++ b/zabbix-apk-builder/.gitea/workflows/build.yml @@ -134,29 +134,7 @@ jobs: path: packages/*.apk retention-days: 30 - - name: Create release - if: github.ref == 'refs/heads/main' - uses: softprops/action-gh-release@v1 - with: - tag_name: "v${{ needs.check-version.outputs.latest_version }}" - name: "Zabbix ${{ needs.check-version.outputs.latest_version }} APK Packages" - body: | - Automated build of Zabbix ${{ needs.check-version.outputs.latest_version }} packages for Alpine Linux. - - ## Packages - - `zabbix-agent-${{ needs.check-version.outputs.latest_version }}-r0.apk` - Monitoring agent - - `zabbix-proxy-${{ needs.check-version.outputs.latest_version }}-r0.apk` - Network proxy - - `zabbix-${{ needs.check-version.outputs.latest_version }}-r0.apk` - Meta package - - ## Installation - ```bash - apk add --allow-untrusted zabbix-agent-${{ needs.check-version.outputs.latest_version }}-r0.apk - rc-update add zabbix-agent default - rc-service zabbix-agent start - ``` - files: packages/*.apk - draft: false - prerelease: false + publish-to-gitea: needs: [check-version, build-packages] diff --git a/zabbix-apk-builder/CI-CD-DOCS.md b/zabbix-apk-builder/CI-CD-DOCS.md deleted file mode 100644 index a6d1b21..0000000 --- a/zabbix-apk-builder/CI-CD-DOCS.md +++ /dev/null @@ -1,258 +0,0 @@ -# CI/CD Pipeline Documentation - -## Overview - -This CI/CD pipeline automates the entire Zabbix APK package lifecycle from version detection to deployment. It's designed to work with your Gitea repository and provides both automated and manual build capabilities. - -## Pipeline Architecture - -``` -┌─────────────────┐ ┌──────────────────┐ ┌─────────────────┐ -│ Version Check │ -> │ Update APKBUILD │ -> │ Build Packages │ -│ (Zabbix Git) │ │ (Auto-commit) │ │ (Docker) │ -└─────────────────┘ └──────────────────┘ └─────────────────┘ - │ -┌─────────────────┐ ┌──────────────────┐ ┌─────────────────┐ -│ Deploy Test │ <- │ Publish to Gitea │ <- │ Create Release │ -│ (Alpine Test) │ │ (Package Repo) │ │ (GitHub) │ -└─────────────────┘ └──────────────────┘ └─────────────────┘ -``` - -## Version Detection Strategy - -### Primary Method: Zabbix Bitbucket API -- **Endpoint**: `https://git.zabbix.com/rest/api/1.0/projects/ZBX/repos/zabbix/tags` -- **Process**: - 1. Fetches all tags from Zabbix official repository - 2. Filters for stable releases (excludes rc, beta, alpha) - 3. Sorts versions and selects the latest -- **Advantages**: - - Official Zabbix repository - - Real-time release information - - Includes all release types for filtering - -### Fallback Options -If the Bitbucket API fails: -1. **CDN Scraping**: Parse `https://cdn.zabbix.com/zabbix/sources/stable/` -2. **RSS Feed**: Monitor Zabbix blog/announcements -3. **Manual Trigger**: Force build via GitHub Actions - -## Jobs Breakdown - -### 1. **check-version** -- **Purpose**: Monitors Zabbix releases for new versions -- **Method**: Queries Zabbix Bitbucket API for latest stable release -- **Logic**: - ```bash - # Filters tags to stable releases only - grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | - grep -v 'rc\|beta\|alpha' | - sort -V | tail -1 - ``` -- **Output**: Determines if build is needed and provides version info - -### 2. **update-version** -- **Purpose**: Automatically updates APKBUILD when new version found -- **Actions**: - - Updates `pkgver` to latest version - - Resets `pkgrel` to 0 - - Clears checksums (regenerated during build) - - Commits and pushes changes - -### 3. **build-packages** -- **Purpose**: Builds APK packages using Docker -- **Process**: - - Sets up Docker Buildx - - Runs `./build.sh` - - Uploads packages as artifacts - - Creates GitHub release (main branch only) - -### 4. **publish-to-gitea** -- **Purpose**: Publishes packages to your Gitea repository -- **Process**: - - Downloads built packages - - Clones Gitea repo using SSH - - Organizes packages in Alpine repository structure - - Updates package index - - Commits and pushes to Gitea - -### 5. **deploy-test** -- **Purpose**: Tests package installation (test branch only) -- **Process**: - - Downloads packages - - Tests installation in fresh Alpine containers - - Verifies binaries work correctly - -## Trigger Conditions - -### Automatic Triggers -- **Daily Check**: Runs at 6 AM UTC to check for new Zabbix versions -- **Code Changes**: Triggers on pushes to main/test branches when relevant files change - -### Manual Triggers -- **Workflow Dispatch**: Manual trigger with optional force build -- **Use Case**: Emergency builds or testing - -## Configuration Requirements - -### GitHub Secrets -You need to configure these secrets in your GitHub repository: - -```bash -# For Gitea repository access -GITEA_SSH_KEY # Private SSH key for gitea-repo access -``` - -### Repository Setup -1. **Branch Strategy**: - - `main`: Production releases - - `test`: Testing and validation - -2. **File Structure**: - ``` - .github/workflows/build.yml # Main pipeline - APKBUILD # Package definition - build.sh # Build script - Dockerfile # Build environment - *.initd, *.confd # Service files - ``` - -## API Endpoints Used - -### Zabbix Version Detection -```bash -# Primary endpoint - Zabbix Bitbucket API -https://git.zabbix.com/rest/api/1.0/projects/ZBX/repos/zabbix/tags?limit=100 - -# Response format: -{ - "values": [ - { - "displayId": "7.4.2", - "type": "TAG" - } - ] -} -``` - -### Version Processing -```bash -# Extract stable versions only -curl -s "https://git.zabbix.com/rest/api/1.0/projects/ZBX/repos/zabbix/tags?limit=100" | \ - jq -r '.values[].displayId' | \ - grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | \ - grep -v 'rc\|beta\|alpha' | \ - sort -V | \ - tail -1 -``` - -## Package Repository Structure - -Your Gitea repository will follow Alpine Linux repository format: -``` -alpine/ - v3.18/ - main/ - x86_64/ - zabbix-agent-X.Y.Z-r0.apk - zabbix-proxy-X.Y.Z-r0.apk - zabbix-X.Y.Z-r0.apk - PACKAGES.txt -``` - -## Deployment Flow - -### Development Workflow -1. **Code Changes** → Push to `test` branch -2. **Pipeline Runs** → Builds and tests packages -3. **Testing** → Verify in Alpine containers -4. **Merge** → To `main` branch for release - -### Production Workflow -1. **New Zabbix Release** → Detected by daily check -2. **Auto-Update** → APKBUILD updated and committed -3. **Build** → Packages built and tested -4. **Release** → GitHub release created -5. **Publish** → Packages pushed to Gitea repository - -## Monitoring and Notifications - -### Success Indicators -- ✅ Version check completes -- ✅ APKBUILD updated correctly -- ✅ Packages build successfully -- ✅ Tests pass in Alpine containers -- ✅ Packages published to Gitea - -### Failure Handling -- 🚨 Build failures create GitHub issues -- 🚨 Failed deployments stop the pipeline -- 🚨 Version detection errors logged - -## Usage Examples - -### Manual Build -```bash -# Trigger manual build via GitHub Actions UI -# OR via GitHub CLI: -gh workflow run build.yml -f force_build=true -``` - -### Emergency Version Update -```bash -# Update version manually and push -sed -i 's/pkgver=.*/pkgver=7.4.3/' APKBUILD -git add APKBUILD -git commit -m "Emergency update to 7.4.3" -git push -``` - -### Using Built Packages -```bash -# Add your Gitea repository -echo "http://gitea-repo/mbuz/Zabbix/raw/branch/main/alpine/v3.18/main" >> /etc/apk/repositories - -# Install packages -apk update -apk add zabbix-agent zabbix-proxy -``` - -## Testing the Version Detection - -You can test the version detection logic locally: - -```bash -# Get latest stable version -curl -s "https://git.zabbix.com/rest/api/1.0/projects/ZBX/repos/zabbix/tags?limit=100" | \ - jq -r '.values[].displayId' | \ - grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | \ - grep -v 'rc\|beta\|alpha' | \ - sort -V | \ - tail -1 - -# Should output: 7.4.2 (or latest version) -``` - -## Maintenance - -### Regular Tasks -- Monitor pipeline runs -- Update Alpine Linux version in repository structure -- Rotate SSH keys periodically -- Review and update dependencies - -### Troubleshooting -- Check GitHub Actions logs for failures -- Verify SSH key access to Gitea -- Ensure Docker builds work locally -- Test package installation manually -- Verify Zabbix API connectivity - -## Security Considerations - -1. **SSH Keys**: Use dedicated deploy keys with minimal permissions -2. **Secrets**: Store sensitive data in GitHub Secrets -3. **API Access**: Monitor for API rate limits or authentication changes -4. **Package Signing**: Consider implementing APK package signing - -This pipeline provides a fully automated solution for maintaining up-to-date Zabbix packages while ensuring quality through testing and proper repository management. diff --git a/zabbix-apk-builder/README.md b/zabbix-apk-builder/README.md index 011e4dc..1f169e5 100644 --- a/zabbix-apk-builder/README.md +++ b/zabbix-apk-builder/README.md @@ -1,3 +1,4 @@ + # Zabbix APK Builder Automated Alpine Linux package builder for Zabbix Agent and Proxy with CI/CD pipeline integration. @@ -186,7 +187,8 @@ cd /build && ./build.sh # Test API manually curl -s "https://git.zabbix.com/rest/api/1.0/projects/ZBX/repos/zabbix/tags?limit=100" | \ jq -r '.values[].displayId' | \ - grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | \ + grep -E '^[0-9]+\.[0-9]+\.[0-9]+ + | \ sort -V | tail -1 ``` diff --git a/zabbix-apk-builder/setup-cicd.sh b/zabbix-apk-builder/setup-cicd.sh deleted file mode 100755 index 7fba9ae..0000000 --- a/zabbix-apk-builder/setup-cicd.sh +++ /dev/null @@ -1,233 +0,0 @@ -#!/bin/bash - -# Zabbix APK Builder CI/CD Setup Script -set -e - -echo "🚀 Zabbix APK Builder CI/CD Setup" -echo "==================================" -echo - -# Colors for output -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -BLUE='\033[0;34m' -NC='\033[0m' # No Color - -# Function to print colored output -print_step() { - echo -e "${BLUE}[STEP]${NC} $1" -} - -print_success() { - echo -e "${GREEN}[SUCCESS]${NC} $1" -} - -print_warning() { - echo -e "${YELLOW}[WARNING]${NC} $1" -} - -print_error() { - echo -e "${RED}[ERROR]${NC} $1" -} - -# Check if we're in a git repository -print_step "Checking Git repository status..." -if ! git rev-parse --git-dir > /dev/null 2>&1; then - print_error "Not in a Git repository. Please initialize git first:" - echo " git init" - echo " git add ." - echo " git commit -m 'Initial commit'" - echo " git remote add origin " - exit 1 -fi - -# Check if we have required files -print_step "Verifying required files..." -required_files=("APKBUILD" "build.sh" "Dockerfile" ".github/workflows/build.yml") -for file in "${required_files[@]}"; do - if [[ ! -f "$file" ]]; then - print_error "Required file missing: $file" - exit 1 - fi -done -print_success "All required files present" - -# Test version detection API -print_step "Testing Zabbix version detection API..." -if ! curl -s --connect-timeout 10 "https://git.zabbix.com/rest/api/1.0/projects/ZBX/repos/zabbix/tags?limit=5" | grep -q "displayId"; then - print_warning "Could not reach Zabbix API. Pipeline will work but version detection may fail." -else - latest_version=$(curl -s "https://git.zabbix.com/rest/api/1.0/projects/ZBX/repos/zabbix/tags?limit=100" | \ - grep -o '"displayId":"[^"]*"' | cut -d'"' -f4 | \ - grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | sort -V | tail -1) - print_success "API working. Latest Zabbix version: $latest_version" -fi - -# Check if GitHub CLI is available -print_step "Checking GitHub CLI availability..." -if command -v gh &> /dev/null; then - if gh auth status &> /dev/null; then - print_success "GitHub CLI authenticated" - GITHUB_CLI_AVAILABLE=true - else - print_warning "GitHub CLI not authenticated. Manual secret configuration needed." - GITHUB_CLI_AVAILABLE=false - fi -else - print_warning "GitHub CLI not installed. Manual secret configuration needed." - GITHUB_CLI_AVAILABLE=false -fi - -# SSH Key Setup -print_step "Setting up SSH key for Gitea access..." -echo -echo "You need an SSH key for the CI/CD pipeline to push packages to your Gitea repository." -echo - -# Check if user has SSH keys -if [[ -f ~/.ssh/id_rsa ]] || [[ -f ~/.ssh/id_ed25519 ]]; then - echo "Existing SSH keys found:" - ls -la ~/.ssh/id_* 2>/dev/null | grep -v .pub || true - echo - read -p "Use existing SSH key? (y/N): " use_existing - - if [[ $use_existing =~ ^[Yy]$ ]]; then - if [[ -f ~/.ssh/id_ed25519 ]]; then - SSH_KEY_PATH=~/.ssh/id_ed25519 - elif [[ -f ~/.ssh/id_rsa ]]; then - SSH_KEY_PATH=~/.ssh/id_rsa - fi - print_success "Using existing SSH key: $SSH_KEY_PATH" - else - create_new_key=true - fi -else - create_new_key=true -fi - -if [[ $create_new_key == true ]]; then - print_step "Creating new SSH key for CI/CD..." - ssh-keygen -t ed25519 -f ~/.ssh/zabbix_cicd -N "" -C "zabbix-cicd@$(hostname)" - SSH_KEY_PATH=~/.ssh/zabbix_cicd - print_success "Created new SSH key: $SSH_KEY_PATH" -fi - -# Display public key -echo -echo "📋 Public key to add to your Gitea repository:" -echo "==============================================" -cat "$SSH_KEY_PATH.pub" -echo "==============================================" -echo - -print_warning "IMPORTANT: Add this public key to your Gitea repository with write access!" -echo "1. Go to your Gitea repository settings" -echo "2. Navigate to Deploy Keys section" -echo "3. Add the public key above" -echo "4. Enable write access for the key" -echo - -read -p "Press Enter after adding the public key to Gitea..." - -# Configure GitHub Secrets -print_step "Configuring GitHub repository secrets..." -echo - -if [[ $GITHUB_CLI_AVAILABLE == true ]]; then - echo "Setting up GitHub secrets using GitHub CLI..." - - # Set SSH key secret - if gh secret set GITEA_SSH_KEY < "$SSH_KEY_PATH"; then - print_success "SSH key secret configured" - else - print_error "Failed to set SSH key secret" - exit 1 - fi - -else - echo "Manual secret configuration required:" - echo - echo "1. Go to your GitHub repository" - echo "2. Navigate to Settings → Secrets and variables → Actions" - echo "3. Add the following secret:" - echo - echo " Name: GITEA_SSH_KEY" - echo " Value: (paste the private key below)" - echo - echo "📋 Private key content:" - echo "======================" - cat "$SSH_KEY_PATH" - echo "======================" - echo - read -p "Press Enter after configuring the GitHub secret..." -fi - -# Test build locally -print_step "Testing local build..." -if [[ -x ./build.sh ]]; then - echo "Running test build (this may take a few minutes)..." - if ./build.sh; then - print_success "Local build test successful" - if [[ -d packages ]] && [[ $(ls packages/*.apk 2>/dev/null | wc -l) -gt 0 ]]; then - echo "Built packages:" - ls -la packages/*.apk - fi - else - print_warning "Local build test failed, but CI/CD setup continues" - fi -else - print_error "build.sh is not executable" - chmod +x build.sh - print_success "Fixed build.sh permissions" -fi - -# Repository setup verification -print_step "Verifying repository configuration..." - -# Check remote URL -remote_url=$(git remote get-url origin 2>/dev/null || echo "") -if [[ -z "$remote_url" ]]; then - print_error "No Git remote 'origin' configured" - echo "Please add your GitHub repository as remote:" - echo " git remote add origin https://github.com/username/repo.git" - exit 1 -else - print_success "Git remote configured: $remote_url" -fi - -# Check if we're on main or test branch -current_branch=$(git branch --show-current) -if [[ "$current_branch" != "main" ]] && [[ "$current_branch" != "test" ]]; then - print_warning "Not on main or test branch (current: $current_branch)" - echo "CI/CD pipeline triggers on main/test branches" -fi - -# Final steps -echo -print_step "Final setup steps..." -echo -echo "✅ CI/CD Setup Complete!" -echo -echo "📋 Next Steps:" -echo "1. Commit and push your changes:" -echo " git add ." -echo " git commit -m 'Add CI/CD pipeline'" -echo " git push origin main" -echo -echo "2. Check GitHub Actions tab in your repository" -echo "3. The pipeline will:" -echo " - Check for new Zabbix versions daily" -echo " - Build packages automatically" -echo " - Publish to your Gitea repository" -echo -echo "📖 Documentation:" -echo "- CI-CD-DOCS.md: Comprehensive pipeline documentation" -echo "- README.md: Usage and setup guide" -echo -echo "🔧 Manual Operations:" -echo "- Force build: Go to Actions tab → Zabbix APK Builder → Run workflow" -echo "- Test build: ./build.sh" -echo "- Check version: curl -s 'https://git.zabbix.com/rest/api/1.0/projects/ZBX/repos/zabbix/tags?limit=5'" -echo -print_success "Setup completed successfully! 🎉"