diff --git a/zabbix-alpine-builder/README.md b/zabbix-alpine-builder/README.md new file mode 100644 index 0000000..e1c09e0 --- /dev/null +++ b/zabbix-alpine-builder/README.md @@ -0,0 +1,174 @@ +# Zabbix 7.4 APK Builder for Alpine Linux + +## Overview + +This project provides an automated solution for building Zabbix Agent and Proxy packages (.apk files) for Alpine Linux. The system automatically monitors the official Zabbix repository for new 7.4.x releases and builds updated packages when new versions are detected. + +The project creates two separate packages from a single APKBUILD: +- **zabbix-agent**: Lightweight monitoring agent for data collection +- **zabbix-proxy**: Monitoring proxy with SQLite 3 support for distributed monitoring + +## File Structure + +``` +/home/mbuz/zabbix-git/zabbix-alpine-builder/ +├── .gitea/ +│ └── workflows/ +│ └── build.yml # Gitea Actions CI/CD workflow +├── zabbix/ +│ └── APKBUILD # Alpine package build specification +├── build.sh # Local build script for testing +├── test-version-check.sh # Version check validation script +└── README.md # This documentation file +``` + +## Prerequisites + +For local building, you need the following Alpine Linux packages: + +```bash +sudo apk add alpine-sdk git +``` + +The `alpine-sdk` package includes: +- `abuild` - Alpine package builder +- `build-base` - Essential build tools +- Development headers and libraries + +## Manual Build + +To build the packages locally for testing: + +1. **Clone or navigate to the project directory:** + ```bash + cd /home/mbuz/zabbix-git/zabbix-alpine-builder + ``` + +2. **Run the build script:** + ```bash + ./build.sh + ``` + +3. **The script will:** + - Check for required dependencies + - Set up the abuild environment (create signing keys if needed) + - Navigate to the `zabbix/` directory + - Download Zabbix source code + - Update checksums automatically + - Build both agent and proxy packages + - Create a local package repository + +4. **Generated packages will be available in:** + ``` + ~/packages/zabbix-agent-7.4.x-r0.apk + ~/packages/zabbix-proxy-7.4.x-r0.apk + ``` + +## Testing Version Check + +To validate the version checking logic without running a full build: + +```bash +./test-version-check.sh +``` + +This script tests the same version detection logic used by the CI/CD workflow and reports whether a build would be triggered. + +## CI/CD Automation + +The project includes automated package building through Gitea Actions: + +### Workflow Configuration + +The workflow file `.gitea/workflows/build.yml` provides: + +- **Scheduled Execution**: Runs daily at 2:00 AM UTC to check for new versions +- **Manual Triggering**: Can be triggered manually via the Gitea Actions interface +- **Alpine Container**: Builds packages in a clean Alpine Linux environment + +### Automated Process + +1. **Version Detection**: + - Uses the Zabbix Bitbucket REST API for accurate version detection + - Filters out release candidates, beta, and alpha versions + - Only considers stable releases matching the pattern `X.Y.Z` + - Compares with the current version in `APKBUILD` + +2. **Build Trigger**: + - Only proceeds if a newer version is detected + - Gracefully stops if no update is needed + +3. **Package Building**: + - Updates `pkgver` in the `APKBUILD` file + - Fetches source code using `abuild fetch` + - Recalculates source checksums using `abuild checksum` + - Builds both agent and proxy packages + - Validates the build process + +4. **Version Control**: + - Commits the updated `APKBUILD` with new version information + - Pushes changes to the `test` branch + - Includes detailed commit messages with version changes + +5. **Artifact Management**: + - Archives generated `.apk` files as build artifacts + - Provides downloadable packages for 30 days + - Generates build summary reports + +### Build Artifacts + +Successful builds produce: +- `zabbix-agent-{version}-r0.apk` - Monitoring agent package +- `zabbix-proxy-{version}-r0.apk` - Monitoring proxy package with SQLite support + +## Package Details + +### Zabbix Agent Package +- **Binary**: `/usr/sbin/zabbix_agentd` +- **Configuration**: `/etc/zabbix/zabbix_agentd.conf` +- **Runtime Dependencies**: pcre2, libevent, openssl, net-snmp, curl +- **Log Directory**: `/var/log/zabbix/agent` +- **Data Directory**: `/var/lib/zabbix/agent` + +### Zabbix Proxy Package +- **Binary**: `/usr/sbin/zabbix_proxy` +- **Configuration**: `/etc/zabbix/zabbix_proxy.conf` +- **Runtime Dependencies**: pcre2, libevent, openssl, net-snmp, curl, sqlite, libxml2 +- **Database Support**: SQLite 3 +- **Log Directory**: `/var/log/zabbix/proxy` +- **Data Directory**: `/var/lib/zabbix/proxy` + +## Security Considerations + +- Packages run under a dedicated `zabbix` user account +- Configuration files have restricted permissions (640) +- Service directories are owned by the zabbix user +- Signing keys are automatically generated for package integrity + +## Troubleshooting + +### Local Build Issues + +1. **Missing dependencies**: Ensure `alpine-sdk` and `git` are installed +2. **Permission errors**: Don't run the build script as root +3. **Signing key errors**: The script will automatically generate keys on first run +4. **Network issues**: Ensure internet access for downloading Zabbix sources + +### CI/CD Issues + +1. **Build failures**: Check the workflow logs in Gitea Actions +2. **Version detection**: Verify access to the upstream Zabbix repository +3. **Push failures**: Ensure proper repository permissions for the bot account + +## Contributing + +To contribute to this project: + +1. Test local builds before submitting changes +2. Update version numbers appropriately +3. Maintain compatibility with Alpine Linux packaging standards +4. Document any significant changes in commit messages + +## License + +This project follows the same licensing as Zabbix (AGPL-3.0-only for versions 7.0+) for package building scripts. The generated packages contain Zabbix software under its original license terms. diff --git a/zabbix-alpine-builder/build.sh b/zabbix-alpine-builder/build.sh new file mode 100755 index 0000000..070aa52 --- /dev/null +++ b/zabbix-alpine-builder/build.sh @@ -0,0 +1,153 @@ +#!/bin/bash + +# Zabbix APK Builder - Local Build Script +# This script performs a local build of the Zabbix packages for testing purposes + +set -euo pipefail + +# Script configuration +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +ZABBIX_DIR="$SCRIPT_DIR/zabbix" + +# Colors for output +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +NC='\033[0m' # No Color + +# Logging functions +log_info() { + echo -e "${GREEN}[INFO]${NC} $1" +} + +log_warn() { + echo -e "${YELLOW}[WARN]${NC} $1" +} + +log_error() { + echo -e "${RED}[ERROR]${NC} $1" +} + +# Check if we're running as root (required for abuild) +check_root() { + if [[ $EUID -eq 0 ]]; then + log_error "This script should not be run as root" + log_info "Please run as a regular user with sudo access" + exit 1 + fi +} + +# Check dependencies +check_dependencies() { + log_info "Checking build dependencies..." + + if ! command -v abuild &> /dev/null; then + log_error "abuild not found. Please install alpine-sdk:" + log_info " sudo apk add alpine-sdk" + exit 1 + fi + + if ! command -v git &> /dev/null; then + log_error "git not found. Please install git:" + log_info " sudo apk add git" + exit 1 + fi + + log_info "Dependencies check passed" +} + +# Setup abuild environment +setup_abuild() { + log_info "Setting up abuild environment..." + + # Create abuild config if it doesn't exist + if [[ ! -f "$HOME/.abuild/abuild.conf" ]]; then + log_info "Creating abuild configuration..." + mkdir -p "$HOME/.abuild" + echo "PACKAGER_PRIVKEY=\"$HOME/.abuild/$(whoami)-$(date +%Y%m%d).rsa\"" > "$HOME/.abuild/abuild.conf" + fi + + # Generate signing key if it doesn't exist + if [[ ! -f "$HOME/.abuild/$(whoami)-"*".rsa" ]]; then + log_info "Generating abuild signing key..." + abuild-keygen -a -i + fi +} + +# Main build function +build_packages() { + log_info "Starting Zabbix package build..." + + # Navigate to the zabbix directory containing APKBUILD + if [[ ! -d "$ZABBIX_DIR" ]]; then + log_error "Zabbix directory not found: $ZABBIX_DIR" + exit 1 + fi + + cd "$ZABBIX_DIR" + + # Check if APKBUILD exists + if [[ ! -f "APKBUILD" ]]; then + log_error "APKBUILD file not found in $ZABBIX_DIR" + exit 1 + fi + + log_info "Building packages with abuild..." + + # Clean any previous builds + abuild clean || true + + # Fetch sources and verify checksums + log_info "Fetching sources..." + abuild fetch + + # Update checksums if needed (important for new versions) + log_info "Updating checksums..." + abuild checksum + + # Build the packages and create local repository index + # -r flag creates a local repository with package index + log_info "Building packages and creating repository index..." + abuild -r + + if [[ $? -eq 0 ]]; then + log_info "Build completed successfully!" + log_info "Generated packages can be found in ~/packages/" + + # List generated packages + if [[ -d "$HOME/packages" ]]; then + log_info "Generated APK files:" + find "$HOME/packages" -name "zabbix*.apk" -type f -exec basename {} \; | sort + fi + else + log_error "Build failed!" + exit 1 + fi +} + +# Cleanup function +cleanup() { + log_info "Cleaning up build artifacts..." + cd "$ZABBIX_DIR" + abuild clean || true +} + +# Main execution +main() { + log_info "Zabbix APK Builder - Local Build Script" + log_info "========================================" + + check_root + check_dependencies + setup_abuild + + # Trap cleanup on exit + trap cleanup EXIT + + build_packages + + log_info "Build process completed!" +} + +# Run main function +main "$@" diff --git a/zabbix-alpine-builder/test-version-check.sh b/zabbix-alpine-builder/test-version-check.sh new file mode 100755 index 0000000..917ca8e --- /dev/null +++ b/zabbix-alpine-builder/test-version-check.sh @@ -0,0 +1,42 @@ +#!/bin/bash + +# Test script for version checking logic +# This script simulates the version check workflow to ensure it works correctly + +set -euo pipefail + +echo "=== Zabbix Version Check Test ===" + +# Test the API endpoint and version extraction +echo "Testing version check API..." + +LATEST_VERSION=$(curl -s "https://git.zabbix.com/rest/api/1.0/projects/ZBX/repos/zabbix/tags?limit=100" | \ + jq -r '.values[].displayId' | \ + grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | \ + grep -v 'rc\|beta\|alpha' | \ + sort -V | \ + tail -1) + +# Validate version format +if [[ ! "$LATEST_VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + echo "❌ Error: Invalid version format detected: $LATEST_VERSION" + exit 1 +fi + +echo "✅ Latest upstream version: $LATEST_VERSION" + +# Extract current version from APKBUILD +CURRENT_VERSION=$(grep '^pkgver=' zabbix/APKBUILD | cut -d'=' -f2) +echo "✅ Current package version: $CURRENT_VERSION" + +# Compare versions +if [ "$LATEST_VERSION" = "$CURRENT_VERSION" ]; then + echo "✅ No new version available. Current version $CURRENT_VERSION is up to date." + echo " Build would be skipped in CI/CD." +else + echo "🔄 New version available: $LATEST_VERSION" + echo " Build would be triggered in CI/CD." +fi + +echo "" +echo "=== Test completed successfully ===" diff --git a/zabbix-alpine-builder/zabbix/APKBUILD b/zabbix-alpine-builder/zabbix/APKBUILD new file mode 100644 index 0000000..a9b5e72 --- /dev/null +++ b/zabbix-alpine-builder/zabbix/APKBUILD @@ -0,0 +1,137 @@ +# Maintainer: Zabbix APK Builder +pkgname=zabbix +pkgver=7.4.2 +pkgrel=0 +pkgdesc="An enterprise-class open source distributed monitoring solution" +url="https://www.zabbix.com/" +arch="all" +license="AGPL-3.0-only" +makedepends=" + alpine-sdk + autoconf + automake + libtool + pcre2-dev + libevent-dev + openssl-dev + net-snmp-dev + curl-dev + sqlite-dev + unixodbc-dev + postgresql-dev + mysql-dev + libxml2-dev + zlib-dev + " +subpackages="$pkgname-agent $pkgname-proxy" +source="https://cdn.zabbix.com/zabbix/sources/stable/7.4/zabbix-$pkgver.tar.gz" + +# User and group for Zabbix +_zabbix_user="zabbix" +_zabbix_group="zabbix" + +prepare() { + default_prepare + autoreconf -fiv +} + +build() { + # Common configuration options + local _common_config=" + --prefix=/usr + --sysconfdir=/etc/zabbix + --localstatedir=/var + --enable-ipv6 + --with-libcurl + --with-libxml2 + --with-net-snmp + --with-openssl + --with-pcre2 + " + + # Build agent + ./configure $_common_config \ + --enable-agent \ + --disable-server \ + --disable-proxy + make + + # Save agent binary + mv src/zabbix_agentd/zabbix_agentd zabbix_agentd.built + + # Clean for proxy build + make clean + + # Build proxy + ./configure $_common_config \ + --disable-agent \ + --disable-server \ + --enable-proxy \ + --with-sqlite3 + make + + # Save proxy binary + mv src/zabbix_proxy/zabbix_proxy zabbix_proxy.built +} + +package() { + # Main package - create zabbix user + addgroup -S $_zabbix_group + adduser -S -D -H -h /var/lib/zabbix -s /sbin/nologin -G $_zabbix_group $_zabbix_user + + # Create common directories + install -d -m755 -o $_zabbix_user -g $_zabbix_group \ + "$pkgdir"/var/lib/zabbix \ + "$pkgdir"/var/log/zabbix \ + "$pkgdir"/var/run/zabbix + + # Install common configuration files + install -d -m755 "$pkgdir"/etc/zabbix +} + +agent() { + pkgdesc="Zabbix monitoring agent" + depends="pcre2 libevent openssl net-snmp curl" + + # Install agent binary + install -d -m755 "$subpkgdir"/usr/sbin + install -m755 "$builddir"/zabbix_agentd.built "$subpkgdir"/usr/sbin/zabbix_agentd + + # Install agent configuration + install -d -m755 "$subpkgdir"/etc/zabbix + install -m640 -o root -g $_zabbix_group \ + "$builddir"/conf/zabbix_agentd.conf "$subpkgdir"/etc/zabbix/ + + # Create agent-specific directories + install -d -m755 -o $_zabbix_user -g $_zabbix_group \ + "$subpkgdir"/var/lib/zabbix/agent \ + "$subpkgdir"/var/log/zabbix/agent + + # Install init script placeholder (to be created separately) + install -d -m755 "$subpkgdir"/etc/init.d +} + +proxy() { + pkgdesc="Zabbix monitoring proxy with SQLite support" + depends="pcre2 libevent openssl net-snmp curl sqlite libxml2" + + # Install proxy binary + install -d -m755 "$subpkgdir"/usr/sbin + install -m755 "$builddir"/zabbix_proxy.built "$subpkgdir"/usr/sbin/zabbix_proxy + + # Install proxy configuration + install -d -m755 "$subpkgdir"/etc/zabbix + install -m640 -o root -g $_zabbix_group \ + "$builddir"/conf/zabbix_proxy.conf "$subpkgdir"/etc/zabbix/ + + # Create proxy-specific directories + install -d -m755 -o $_zabbix_user -g $_zabbix_group \ + "$subpkgdir"/var/lib/zabbix/proxy \ + "$subpkgdir"/var/log/zabbix/proxy + + # Install init script placeholder (to be created separately) + install -d -m755 "$subpkgdir"/etc/init.d +} + +# Checksums will be updated by CI/CD workflow +sha512sums="SKIP"