Merge pull request #22 from yubiuser/development

v2.0.0

.devcontainer/Dockerfile

@@ -1,4 +1,7 @@
-From golang:1.21-alpine3.18
+ARG alpine_version=3.19
+ARG golang_version=1.21
+
+FROM golang:${golang_version}-alpine${alpine_version}
 RUN apk add --no-cache \
                 git \
                 nano\
@@ -15,3 +18,7 @@ RUN adduser $USERNAME -s /bin/sh -D -u $USER_UID $USER_GID && \
     chmod 0440 /etc/sudoers.d/$USERNAME
 
 USER $USERNAME
+
+RUN go install -v golang.org/x/tools/gopls@latest
+RUN go install -v github.com/go-delve/delve/cmd/dlv@latest
+RUN go install -v honnef.co/go/tools/cmd/staticcheck@latest

.devcontainer/devcontainer.json

@@ -8,10 +8,10 @@
 		"vscode": {
 			"settings": {},
 			"extensions": [
-				"ms-vscode.go",
 				"eamodio.gitlens",
 				"EditorConfig.EditorConfig",
-				"golang.Go"
+				"golang.Go",
+        "github.vscode-github-actions"
 			]
 		}
 	},

.github/dependabot.yml

@@ -9,7 +9,7 @@ updates:
   open-pull-requests-limit: 10
   target-branch: development
 - package-ecosystem: gomod
-  directory: "/"
+  directory: "/src/"
   schedule:
     interval: weekly
     day: sunday

.github/workflows/delete_PR_images.yml

@@ -0,0 +1,35 @@
+name: Remove obsolet PR images from registry
+
+on:
+  pull_request:
+    types: [closed]
+
+env:
+  PACKAGE_NAME: docker-event-monitor
+
+jobs:
+  Delete_PR_image:
+    if: |
+      github.event_name == 'pull_request'
+      && github.event.pull_request.head.repo.full_name == github.repository
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+    steps:
+      - name: Get image ID of PR
+        id: version
+        run: |
+          curl -sSL \
+          -H "Accept: application/vnd.github+json" \
+          -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
+          -H "X-GitHub-Api-Version: 2022-11-28" \
+          https://api.github.com/users/${{ github.repository_owner }}/packages/container/${{ env.PACKAGE_NAME }}/versions >> containerMeta.json ;
+          echo "VERSION_ID=$(jq -r '.[] | select(.metadata.container.tags[] == "pr-${{ github.event.pull_request.number }}").id' containerMeta.json)" >> "$GITHUB_ENV" ;
+
+      - name: Delete PR image
+        uses: actions/delete-package-versions@v5.0.0
+        if: ${{ env.VERSION_ID != '' }}
+        with:
+          package-version-ids: ${{ env.VERSION_ID }}
+          package-type: container
+          package-name: ${{ env.PACKAGE_NAME }}

.github/workflows/delete_untagged_images.yml

@@ -0,0 +1,31 @@
+name: Remove untagged images from registry
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 0 * * *"
+
+env:
+  PACKAGE_NAME: docker-event-monitor
+
+jobs:
+  Delete_untagged_images:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3.0.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.PAT_TOKEN }}
+
+      - name: Delete all images from repository without tags
+        uses: Chizkiyahu/delete-untagged-ghcr-action@v3.2.0
+        with:
+          token: ${{ secrets.PAT_TOKEN }}
+          repository_owner: ${{ github.repository_owner }}
+          repository: ${{ github.repository }}
+          package_name: ${{ env.PACKAGE_NAME }}
+          untagged_only: true
+          owner_type: user
+          except_untagged_multiplatform: true

.github/workflows/ghcr.yml

@@ -5,54 +5,128 @@ on:
   release:
     types: [published]
   pull_request:
+  push:
+    branches:
+    - development
+
+env:
+  REGISTRY_IMAGE: ghcr.io/${{ github.repository }}
 
 jobs:
-  build-and-push:
+  build:
     runs-on: ubuntu-latest
     permissions:
       contents: read
       packages: write
+    strategy:
+      fail-fast: true
+      matrix:
+        include:
+          - platform: linux/amd64
+          - platform: linux/arm64
+          - platform: linux/arm/v6
+          - platform: linux/arm/v7
+          - platform: linux/386
     steps:
+      - name: Prepare name for digest up/download
+        run: |
+          platform=${{ matrix.platform }}
+          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
+
       - name: Checkout Code
-        uses: actions/checkout@v3.6.0
+        uses: actions/checkout@v4.1.1
 
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2.2.0
+        uses: docker/setup-qemu-action@v3.0.0
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2.10.0
+        uses: docker/setup-buildx-action@v3.0.0
+        with:
+          buildkitd-flags: --debug
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
         with:
           images: |
-            ghcr.io/${{ github.repository_owner }}/${{ github.repository }}
-          flavor: latest=${{ startsWith(github.ref, 'refs/tags/') }}
-          tags: |
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-            type=semver,pattern={{major}}
-            type=sha, enable=${{ !startsWith(github.ref, 'refs/tags/') }}
-            type=edge
-
+            ${{ env.REGISTRY_IMAGE }}
       - name: Login to GitHub Container Registry
-        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v2.2.0
+        uses: docker/login-action@v3.0.0
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@v4.1.1
+        uses: docker/build-push-action@v5.1.0
+        id: build
         with:
           context: .
           file: ./Dockerfile
-          platforms: linux/amd64, linux/arm64, linux/386, linux/arm/v7, linux/arm/v6
-          push: ${{ github.event_name != 'pull_request' }}
-          cache-from: type=gha
-          cache-to: type=gha
-          provenance: false
-          tags: ${{ steps.meta.outputs.tags }}
+          platforms: ${{ matrix.platform }}
           labels: ${{ steps.meta.outputs.labels }}
+          provenance: false
+          outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=${{ github.event.pull_request.head.repo.full_name == github.repository || github.event_name == 'push' || github.event_name == 'release' }}
+      - name: Export digest
+        run: |
+          mkdir -p /tmp/digests
+          digest="${{ steps.build.outputs.digest }}"
+          touch "/tmp/digests/${digest#sha256:}"
+      - name: Upload digest
+        uses: actions/upload-artifact@v4.3.0
+        with:
+          name: digests-${{ env.PLATFORM_PAIR }}
+          path: /tmp/digests/*
+          if-no-files-found: error
+          retention-days: 1
+
+  merge:
+    runs-on: ubuntu-latest
+    needs:
+      - build
+    if: |
+      github.actor != 'dependabot[bot]'
+      && ( github.event.pull_request.head.repo.full_name == github.repository || github.event_name == 'push' || github.event_name == 'release' )
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Download digests
+        uses: actions/download-artifact@v4.1.1
+        with:
+          path: /tmp/digests
+          pattern: digests-*
+          merge-multiple: true
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3.0.0
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ${{ env.REGISTRY_IMAGE }}
+          flavor: latest=${{ startsWith(github.ref, 'refs/tags/') }}
+          tags: |
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=sha,enable=${{ github.event_name == 'workflow_dispatch' }}
+            type=ref,event=pr
+            type=ref,event=branch
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3.0.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Create manifest list and push
+        working-directory: /tmp/digests
+        run: |
+          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
+      - name: Inspect image
+        run: |
+          docker buildx imagetools inspect --raw ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}
+
+

.github/workflows/sync-back-to-dev.yml

@@ -18,7 +18,7 @@ jobs:
     name: Syncing branches
     steps:
       - name: Checkout
-        uses: actions/checkout@v3.6.0
+        uses: actions/checkout@v4.1.1
       - name: Opening pull request
         run: gh pr create -B development -H main --title 'Sync main back into development' --body 'Created by Github action' --label 'internal'
         env:

Dockerfile

@@ -1,11 +1,14 @@
-From golang:1.21-alpine3.18 as builder
+ARG alpine_version=3.19
+ARG golang_version=1.21
+
+FROM golang:${golang_version}-alpine${alpine_version} as builder
 
 COPY /src /src
 WORKDIR /src
 RUN go mod download
 RUN CGO_ENABLED=0 go build -ldflags "-s -w"  docker-event-monitor.go
 
-From scratch as deploy
+FROM scratch as deploy
 COPY --from=builder /src/docker-event-monitor docker-event-monitor
 # the tls certificates:
 # this pulls directly from the upstream image, which already has ca-certificates:

Readme.md

@@ -7,13 +7,14 @@ Monitor Docker events and send push notifications for each event.
 ## Features
 
 - Small memory and CPU footprint
-- Pushover integration
-- Gotify integration
+- Pushover notification
+- Gotify notification
+- E-Mail notification (SMTP)
 - Filter events
 
 ## Background
 
-I've been using [Monocker](https://github.com/petersem/monocker) to monitor my Docker containers and get push notifications on status changes. However, it's using polling (with hard lower limit of 10 sec) to poll for status changes. This is too long to catch all status changes (e.g. watchtower updating an container). While I did remove the limit in my own Monocker fork, I noticed that the CPU usage goes up quite a bit for polling times < 1sec.
+I've been using [Monocker](https://github.com/petersem/monocker) to monitor my Docker containers and get push notifications on status changes. However, it's using polling (with hard lower limit of 10 sec) to poll for status changes. This is too long to catch all status changes (e.g. watchtower updating a container). While I did remove the limit in my own Monocker fork, I noticed that the CPU usage goes up quite a bit for polling times < 1sec.
 I needed another soultion, and found [docker-events-notifier](https://github.com/hasnat/docker-events-notifier), but Pushover integration was missing.
 
 So I started to develop my own solution which ended up being a `bash` script doing exactly what I wanted it to do (you can still find it in `/legacy/`). However, the used `jq` caused CPU spikes for each processed event. As I could not find a good solution, I decied to write my own application and to learn something new - [Go](https://go.dev/).
@@ -29,7 +30,7 @@ The application uses Docker's API to connect to the [event stream](https://docs.
 The simplest way to use the docker event monitor is to run the docker container. It'a very small ( < 10MB) image. You can download it via
 
 ```shell
-docker pull ghcr.io/yubiuser/yubiuser/docker-event-monitor:latest
+docker pull ghcr.io/yubiuser/docker-event-monitor:latest
 ```
 
 ### Docker compose
@@ -40,7 +41,7 @@ version: '2.4'
 services:
   docker-event-monitor:
     container_name: docker-event-monitor
-    image: ghcr.io/yubiuser/yubiuser/docker-event-monitor:latest
+    image: ghcr.io/yubiuser/docker-event-monitor:latest
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock:ro
       - /etc/localtime:/etc/localtime:ro
@@ -52,6 +53,13 @@ services:
       GOTIFY: false
       GOTIFY_URL: 'URL'
       GOTIFY_TOKEN: 'TOKEN'
+      MAIL: false
+      MAIL_FROM: 'your.username@provider.com'
+      MAIL_TO: 'recipient@provider.com'
+      MAIL_USER: 'SMTP USER'
+      MAIL_PASSWORD: 'PASSWORD'
+      MAIL_PORT: 587
+      MAIL_HOST: 'smtp@provider.com'
       FILTER: 'event=start,event=stop,type=container'
       DELAY: '500ms'
       LOG_LEVEL: 'info'
@@ -74,14 +82,22 @@ If you have a suitable `Go` environment set up, you can build the binary from `/
 
 Configurations can use the CLI flags or environment variables. The table below outlines all supported options and their respective env vars.
 
-| Flag                  | Env Variable           | Default | Details |
-| ----------------      | ---------------------- | ------- |-------- |
-| `--pushover`          | `PUSHOVER`             | `false` |Enable/Disable Pushover notification|
-| `--pushoverapitoken`  | `PUSHOVER_APITOKEN`    | `""`    | |
-| `--pushoveruserkey`   | `PUSHOVER_USER`        | `""`    | |
-| `--delay`             | `DELAY`       | `500ms` |Delay befor processing next event. Can be useful if messages arrive in wrong order |
-| `--gotify`            | `GOTIFY`             | `false` |Enable/Disable Gotify notification|
-| `--gotifyurl`         | `GOTIFY_URL`    | `""`    | |
-| `--gotifytoken`       | `GOTIFY_TOKEN`        | `""`    | |
-| `--filter`            | `FILTER`               | `""`    | Filter events. Uses the same filters as `docker events` (see [here](https://docs.docker.com/engine/reference/commandline/events/#filter))  |
-| `--loglevel`          | `LOG_LEVEL`            | `"info"`| Use `debug` for more verbose logging` |
+| Flag                  | Env Variable            | Default | Details |
+| ----------------      | ----------------------  | ------- |-------- |
+| `--pushover`          | `PUSHOVER`              | `false` | Enable/Disable Pushover notification|
+| `--pushoverapitoken`  | `PUSHOVER_APITOKEN`     | `""`    | |
+| `--pushoveruserkey`   | `PUSHOVER_USER`         | `""`    | |
+| `--delay`             | `DELAY`                 | `500ms` | Delay befor processing next event. Can be useful if messages arrive in wrong order |
+| `--gotify`            | `GOTIFY`                | `false` | Enable/Disable Gotify notification|
+| `--gotifyurl`         | `GOTIFY_URL`            | `""`    | |
+| `--gotifytoken`       | `GOTIFY_TOKEN`          | `""`    | |
+| `--mail`              | `MAIL`                  | `false` | Enable/Disable E-Mail (SMTP) notification|
+| `--mailfrom`          | `MAIL_FROM`             | `""`    | optional: `your.username@provider.com`, set to MAIL_USER if empty/unset |
+| `--mailto`            | `MAIL_TO`               | `""`    | `recipient@provider.com` |
+| `--mailuser`          | `MAIL_USER`             | `""`    | SMTP username |
+| `--mailpassword`      | `MAIL_PASSWORD`         | `""`    | |
+| `--mailport`          | `MAIL_PORT`             | `587`   | |
+| `--mailhost`          | `MAIL_HOST`             | `""`    | `smtp@provider.com` |
+| `--filter`            | `FILTER`                | `""`    | Filter events. Uses the same filters as `docker events` (see [here](https://docs.docker.com/engine/reference/commandline/events/#filter))    |
+| `--loglevel`          | `LOG_LEVEL`             | `"info"`| Use `debug` for more verbose logging |
+| `--servertag`         | `SERVER_TAG`            | `""`    | Prefix to include in the title of notifications. Useful when running docker-event-monitors on multiple machines |

docker-compose.yml

@@ -3,7 +3,7 @@ version: '2.4'
 services:
   docker-event-monitor:
     container_name: docker-event-monitor
-    image: ghcr.io/yubiuser/yubiuser/docker-event-monitor:latest
+    image: ghcr.io/yubiuser/docker-event-monitor:latest
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock:ro
       - /etc/localtime:/etc/localtime:ro
@@ -15,6 +15,13 @@ services:
       GOTIFY: false
       GOTIFY_URL: 'URL'
       GOTIFY_TOKEN: 'TOKEN'
+      MAIL: false
+      MAIL_FROM: 'your.username@provider.com'
+      MAIL_TO: 'recipient@provider.com'
+      MAIL_USER: 'SMTP USER'
+      MAIL_PASSWORD: 'PASSWORD'
+      MAIL_PORT: 587
+      MAIL_HOST: 'smtp@provider.com'
       FILTER: 'event=start,event=stop,type=container'
       DELAY: '500ms'
       LOG_LEVEL: 'info'