Initial commit

CHANGELOG.md

@@ -0,0 +1,4 @@
+# Changelog
+
+## v0.0.1
+Initial release. only supporting `promtool check rules` and `promtool check config`

Dockerfile

@@ -0,0 +1,9 @@
+FROM alpine:3 
+
+RUN ["/bin/sh", "-c", "apk add --update --no-cache bash ca-certificates curl git jq openssh"]
+
+RUN ["bin/sh", "-c", "mkdir -p /src"]
+
+COPY ["src", "/src/"]
+
+ENTRYPOINT ["/src/main.sh"]

README.md

@@ -1,2 +1,67 @@
-# promtool-action
-GitHub Action for checking Prometheus configs
+# Promtool GitHub Actions
+
+Promtool GitHub Actions allow you to check Prometheus configs and Alert rules within GitHub Actions.
+
+The output of the actions can be viewed from the Actions tab in the main repository view. If the actions are executed on a pull request event, a comment may be posted on the pull request.
+
+## Success Criteria
+
+An exit code of `0` is considered a successful execution.
+
+## Usage
+
+Promtool GitHub Actions are a single GitHub Action that executes different promtool subcommands depending on the content of the GitHub Actions YAML file. Right now only `rules` and `config` is supported which runs `promtool check rules` and `promtool check config` for the given files.
+
+```yaml
+name: Check Prometheus Alert rules
+
+on:
+  pull_request:
+    paths:
+    - 'prometheus/config/*.yml'
+    - 'prometheus/alert_rules/*.yml'
+
+jobs:
+  on-pull-request:
+    name: On Pull Request
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout Repo
+      uses: actions/checkout@master
+
+    - name: Check Prometheus alert rules
+      uses: peimanja/promtool-github-actions@master
+      with:
+        promtool_actions_subcommand: 'rules'
+        promtool_actions_files: 'prometheus/alert_rules/*.yml'
+        promtool_actions_version: '2.14.0'
+        promtool_actions_comment: true
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Check Prometheus configs
+      uses: peimanja/promtool-github-actions@vmaster
+      with:
+        promtool_actions_subcommand: 'config'
+        promtool_actions_files: 'prometheus/config/*.yml'
+        promtool_actions_version: '2.14.0'
+        promtool_actions_comment: true
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+```
+
+## Inputs
+
+Inputs configure Terraform GitHub Actions to perform different actions.
+
+* `promtool_actions_subcommand` - (Required) The Promtool subcommand to execute. Valid values are `rules` and `config`.
+* `promtool_actions_files` - (Required) Path to files. Can be something like `configs/*.yml` or `alert_rules/*.yml`. 
+* `promtool_actions_version` - (Optional) The Promtool version to install and execute (Prometheus bundle version). The default is set to `latest` and the latest stable version will be pulled down automatically.
+* `promtool_actions_comment` - (Optional) Whether or not to comment on GitHub pull requests. Defaults to `true`.
+
+## Secrets
+
+Secrets are similar to inputs except that they are encrypted and only used by GitHub Actions. It's a convenient way to keep sensitive data out of the GitHub Actions workflow YAML file.
+
+* `GITHUB_TOKEN` - (Optional) The GitHub API token used to post comments to pull requests. Not required if the `promtool_actions_comment` input is set to `false`.

action.yml

@@ -0,0 +1,22 @@
+name: 'Promtool GitHub Actions'
+description: 'Runs Prometheus Promtool commands via GitHub Actions.'
+author: 'Peiman Jafari'
+branding:
+  icon: 'terminal'
+  color: 'purple'
+inputs:
+  promtool_actions_subcommand:
+    description: 'Promtool subcommand to execute (configs or rules).'
+    required: true
+  promtool_actions_files:
+    description: 'Path to files. Can be something like `configs/*.yml` or `alert_rules/*.yml`.'
+    required: true
+  promtool_actions_version:
+    description: 'Promtool version to install.'
+    default: 'latest'
+  promtool_actions_comment:
+    description: 'Whether or not to comment on pull requests.'
+    default: true
+runs:
+  using: 'docker'
+  image: './Dockerfile'

entrypoint.sh

@@ -0,0 +1,4 @@
+#!/bin/sh -l
+
+promtool check rules $1
+

src/main.sh

@@ -0,0 +1,87 @@
+#!/bin/bash
+
+function parseInputs {
+  # Required inputs
+  if [ "${INPUT_PROMTOOL_ACTIONS_FILES}" != "" ]; then
+    promFiles=${INPUT_PROMTOOL_ACTIONS_FILES}
+  else
+    echo "Input promtool_files cannot be empty"
+    exit 1
+  fi
+
+  if [ "${INPUT_PROMTOOL_ACTIONS_SUBCOMMAND}" != "" ]; then
+    promtoolSubcommand=${INPUT_PROMTOOL_ACTIONS_SUBCOMMAND}
+  else
+    echo "Input promtool_subcommand cannot be empty"
+    exit 1
+  fi
+
+  # Optional inputs
+  promtoolVersion="latest"
+  if [ "${INPUT_PROMTOOL_ACTIONS_VERSION}" != "" ] || [ "${INPUT_PROMTOOL_ACTIONS_VERSION}" != "latest" ]; then
+    promtoolVersion=${INPUT_PROMTOOL_ACTIONS_VERSION}
+  fi
+
+  promtoolComment=0
+  if [ "${INPUT_PROMTOOL_ACTIONS_COMMENT}" == "1" ] || [ "${INPUT_PROMTOOL_ACTIONS_COMMENT}" == "true" ]; then
+    promtoolComment=1
+  fi
+}
+
+
+function installPromtool {
+  if [[ "${promtoolVersion}" == "latest" ]]; then
+    echo "Checking the latest version of Promtool"
+    promtoolVersion=$(git ls-remote --tags --refs --sort="v:refname"  git://github.com/prometheus/prometheus | grep -v '[-].*' | tail -n1 | sed 's/.*\///' | cut -c 2-)
+    if [[ -z "${promtoolVersion}" ]]; then
+      echo "Failed to fetch the latest version"
+      exit 1
+    fi
+  fi
+
+
+  url="https://github.com/prometheus/prometheus/releases/download/v${promtoolVersion}/prometheus-${promtoolVersion}.linux-amd64.tar.gz"
+
+  echo "Downloading Promtool v${promtoolVersion}"
+  curl -s -S -L -o /tmp/promtool_${promtoolVersion} ${url}
+  if [ "${?}" -ne 0 ]; then
+    echo "Failed to download Promtool v${promtoolVersion}"
+    exit 1
+  fi
+  echo "Successfully downloaded Promtool v${promtoolVersion}"
+
+  echo "Unzipping Promtool v${promtoolVersion}"
+  tar -zxf /tmp/promtool_${promtoolVersion} --strip-components=1 --directory /usr/local/bin &> /dev/null
+  if [ "${?}" -ne 0 ]; then
+    echo "Failed to unzip Promtool v${promtoolVersion}"
+    exit 1
+  fi
+  echo "Successfully unzipped Promtool v${promtoolVersion}"
+}
+
+function main {
+  # Source the other files to gain access to their functions
+  scriptDir=$(dirname ${0})
+  source ${scriptDir}/promtool_check_rules.sh
+  source ${scriptDir}/promtool_check_config.sh
+
+  parseInputs
+  cd ${GITHUB_WORKSPACE}
+
+  case "${promtoolSubcommand}" in
+    config)
+      installPromtool
+      promtoolCheckConfig ${*}
+      ;;
+    rules)
+      installPromtool
+      promtoolCheckRules ${*}
+      ;;
+    *)
+      echo "Error: Must provide a valid value for promtool_subcommand"
+      exit 1
+      ;;
+  esac
+}
+
+main "${*}"

src/promtool_check_config.sh

@@ -0,0 +1,45 @@
+#!/bin/bash
+
+function promtoolCheckConfig {
+  echo "rules: info: checking if Prometheus config files are valid or not"
+  checkconfigOut=$(promtool check config ${promFiles} ${*} 2>&1)
+  checkconfigExitCode=${?}
+
+  # Exit code of 0 indicates success. Print the output and exit.
+  if [ ${checkconfigExitCode} -eq 0 ]; then
+    echo "checkconfig: info: Prometheus config files ${promFiles} are valid."
+    echo "${checkconfigOut}"
+    echo
+    checkconfigCommentStatus="Success"
+  fi
+
+  # Exit code of !0 indicates failure.
+  if [ ${checkconfigExitCode} -ne 0 ]; then
+    echo "checkconfig: error: Prometheus config files ${promFiles} are invalid."
+    echo "${checkconfigOut}"
+    echo
+    checkconfigCommentStatus="Failed"
+  fi
+
+  # Comment on the pull request if necessary.
+  if [ "$GITHUB_EVENT_NAME" == "pull_request" ] && [ "${promtoolComment}" == "1" ]; then
+     checkconfigCommentWrapper="#### \`promtool check config\` ${checkconfigCommentStatus}
+<details><summary>Show Output</summary>
+
+\`\`\`
+${checkconfigOut}
+\`\`\`
+
+</details>
+
+*Workflow: \`${GITHUB_WORKFLOW}\`, Action: \`${GITHUB_ACTION}\`, Files: \`${promFiles}\`*"
+
+    echo "checkconfig: info: creating JSON"
+    checkconfigPayload=$(echo "${checkconfigCommentWrapper}" | jq -R --slurp '{body: .}')
+    checkconfigCommentsURL=$(cat ${GITHUB_EVENT_PATH} | jq -r .pull_request.comments_url)
+    echo "checkconfig: info: commenting on the pull request"
+    echo "${checkconfigPayload}" | curl -s -S -H "Authorization: token ${GITHUB_TOKEN}" --header "Content-Type: application/json" --data @- "${checkconfigCommentsURL}" > /dev/null
+  fi
+
+  exit ${checkconfigExitCode}
+}

src/promtool_check_rules.sh

@@ -0,0 +1,45 @@
+#!/bin/bash
+
+function promtoolCheckRules {
+  echo "rules: info: checking if Prometheus alert rule files are valid or not"
+  checkRulesOut=$(promtool check rules ${promFiles} ${*} 2>&1)
+  checkRulesExitCode=${?}
+
+  # Exit code of 0 indicates success. Print the output and exit.
+  if [ ${checkRulesExitCode} -eq 0 ]; then
+    echo "checkRules: info: Prometheus alert rule files ${promFiles} are valid."
+    echo "${checkRulesOut}"
+    echo
+    checkRulesCommentStatus="Success"
+  fi
+
+  # Exit code of !0 indicates failure.
+  if [ ${checkRulesExitCode} -ne 0 ]; then
+    echo "checkRules: error: Prometheus alert rule files ${promFiles} are invalid."
+    echo "${checkRulesOut}"
+    echo
+    checkRulesCommentStatus="Failed"
+  fi
+
+  # Comment on the pull request if necessary.
+  if [ "$GITHUB_EVENT_NAME" == "pull_request" ] && [ "${promtoolComment}" == "1" ]; then
+     checkRulesCommentWrapper="#### \`promtool check rules\` ${checkRulesCommentStatus}
+<details><summary>Show Output</summary>
+
+\`\`\`
+${checkRulesOut}
+\`\`\`
+
+</details>
+
+*Workflow: \`${GITHUB_WORKFLOW}\`, Action: \`${GITHUB_ACTION}\`, Files: \`${promFiles}\`*"
+
+    echo "checkRules: info: creating JSON"
+    checkRulesPayload=$(echo "${checkRulesCommentWrapper}" | jq -R --slurp '{body: .}')
+    checkRulesCommentsURL=$(cat ${GITHUB_EVENT_PATH} | jq -r .pull_request.comments_url)
+    echo "checkRules: info: commenting on the pull request"
+    echo "${checkRulesPayload}" | curl -s -S -H "Authorization: token ${GITHUB_TOKEN}" --header "Content-Type: application/json" --data @- "${checkRulesCommentsURL}" > /dev/null
+  fi
+
+  exit ${checkRulesExitCode}
+}