cicd WIP / ko build work

.github/workflows/container-build.yml

@@ -22,72 +22,88 @@ jobs:
       BASE_REPO: ghcr.io/carverauto/serviceradar
     steps:
       - uses: actions/checkout@v4
+
       - name: Extract short SHA
         id: vars
         run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
           go-version: '1.24'
+
       - name: Set up Node.js
         uses: actions/setup-node@v4
         with:
           node-version: '20'
           cache: 'npm'
           cache-dependency-path: 'web/package-lock.json'
+
+      - name: Install build dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y libsqlite3-dev gcc
+
       - name: Setup ko
         uses: ko-build/[email protected]
+
       - name: Build web UI
         run: ./scripts/build-web.sh
+
       - name: Move web artifacts
         run: |
           mkdir -p pkg/cloud/api/web/
           cp -r web/dist pkg/cloud/api/web/
           mkdir -p cmd/cloud/.kodata
           cp -r web/dist cmd/cloud/.kodata/web
+
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Build and push container images
         run: |
-          # Build and push agent
+          # Common tag variables
+          SHA_TAG=sha-${{ steps.vars.outputs.sha_short }}
+          
+          # Build agent
           cd cmd/agent
           KO_DOCKER_REPO=${{ env.BASE_REPO }}/serviceradar-agent GOFLAGS="-tags=containers" ko build \
             --platform=linux/amd64,linux/arm64 \
-            --tags=sha-${{ steps.vars.outputs.sha_short }},latest \
+            --tags=${SHA_TAG},latest \
             --bare .
           cd ../..
           
-          # Build and push poller
+          # Build poller
           cd cmd/poller
           KO_DOCKER_REPO=${{ env.BASE_REPO }}/serviceradar-poller GOFLAGS="-tags=containers" ko build \
             --platform=linux/amd64,linux/arm64 \
-            --tags=sha-${{ steps.vars.outputs.sha_short }},latest \
+            --tags=${SHA_TAG},latest \
             --bare .
           cd ../..
           
-          # Build and push cloud
+          # Build cloud (with CGO enabled)
           cd cmd/cloud
-          KO_DOCKER_REPO=${{ env.BASE_REPO }}/serviceradar-cloud GOFLAGS="-tags=containers" ko build \
-            --platform=linux/amd64,linux/arm64 \
-            --tags=sha-${{ steps.vars.outputs.sha_short }},latest \
+          CGO_ENABLED=1 KO_DOCKER_REPO=${{ env.BASE_REPO }}/serviceradar-cloud GOFLAGS="-tags=containers" ko build \
+            --platform=linux/amd64 \
+            --tags=${SHA_TAG},latest \
             --bare .
           cd ../..
           
-          # Build and push dusk checker
+          # Build dusk checker
           cd cmd/checkers/dusk
           KO_DOCKER_REPO=${{ env.BASE_REPO }}/serviceradar-dusk-checker GOFLAGS="-tags=containers" ko build \
             --platform=linux/amd64,linux/arm64 \
-            --tags=sha-${{ steps.vars.outputs.sha_short }},latest \
+            --tags=${SHA_TAG},latest \
             --bare .
           cd ../../..
           
-          # Build and push snmp checker
+          # Build snmp checker
           cd cmd/checkers/snmp
           KO_DOCKER_REPO=${{ env.BASE_REPO }}/serviceradar-snmp-checker GOFLAGS="-tags=containers" ko build \
             --platform=linux/amd64,linux/arm64 \
-            --tags=sha-${{ steps.vars.outputs.sha_short }},latest \
+            --tags=${SHA_TAG},latest \
             --bare .

Makefile

@@ -107,10 +107,10 @@ kodata-prep: build-web ## Prepare kodata directories
 
 .PHONY: container-build
 container-build: kodata-prep ## Build container images with ko
-	@echo "$(COLOR_BOLD)Building container images with ko$(COLOR_RESET)"
+	@echo "$(COLOR_BOLD)Building container images with ko (broken on arm64)$(COLOR_RESET)"
 	@cd cmd/agent && KO_DOCKER_REPO=$(KO_DOCKER_REPO)/serviceradar-agent GOFLAGS="-tags=containers" ko build --platform=$(PLATFORMS) --tags=$(VERSION) --bare .
 	@cd cmd/poller && KO_DOCKER_REPO=$(KO_DOCKER_REPO)/serviceradar-poller GOFLAGS="-tags=containers" ko build --platform=$(PLATFORMS) --tags=$(VERSION) --bare .
-	@cd cmd/cloud && KO_DOCKER_REPO=$(KO_DOCKER_REPO)/serviceradar-cloud GOFLAGS="-tags=containers" ko build --platform=$(PLATFORMS) --tags=$(VERSION) --bare .
+	@cd cmd/cloud && KO_DOCKER_REPO=$(KO_DOCKER_REPO)/serviceradar-cloud GOFLAGS="-tags=containers" CGO_ENABLED=1 ko build --platform=$(PLATFORMS) --tags=$(VERSION) --bare --builder=docker .
 	@cd cmd/checkers/dusk && KO_DOCKER_REPO=$(KO_DOCKER_REPO)/serviceradar-dusk-checker GOFLAGS="-tags=containers" ko build --platform=$(PLATFORMS) --tags=$(VERSION) --bare .
 	@cd cmd/checkers/snmp && KO_DOCKER_REPO=$(KO_DOCKER_REPO)/serviceradar-snmp-checker GOFLAGS="-tags=containers" ko build --platform=$(PLATFORMS) --tags=$(VERSION) --bare .
 

k8s/demo/README.md

@@ -0,0 +1,94 @@
+# ServiceRadar Kubernetes Deployment
+
+This directory contains Kubernetes manifests for deploying ServiceRadar in a Kubernetes cluster using Kustomize.
+
+## Structure
+
+```
+.
+├── base/                  # Base manifests that are common across all environments
+│   ├── kustomization.yaml
+│   ├── serviceradar-agent.yaml
+│   ├── serviceradar-poller.yaml
+│   ├── serviceradar-cloud.yaml
+│   ├── serviceradar-dusk-checker.yaml
+│   ├── serviceradar-snmp-checker.yaml
+│   └── configmap.yaml
+├── overlays/              # Environment-specific overlays
+│   └── demo/              # Demo environment overlay
+│       ├── kustomization.yaml
+│       ├── namespace.yaml
+│       └── patches/
+│           └── resources.yaml
+└── deploy.sh              # Deployment script
+```
+
+## Components
+
+- **cloud** - The central service that collects and stores monitoring data
+- **poller** - Service that polls targets and reports back to cloud
+- **agent** - DaemonSet that runs on each node to monitor local resources
+- **dusk-checker** - Specialization checker for Dusk Network services
+- **snmp-checker** - SNMP monitoring service
+
+## Quick Start
+
+### Prerequisites
+
+- Kubernetes cluster
+- kubectl configured to access your cluster
+- (Optional) kustomize CLI
+
+### Deployment
+
+To deploy to the demo environment:
+
+```bash
+./deploy.sh demo
+```
+
+This will:
+1. Create the `demo` namespace if it doesn't exist
+2. Apply all the kustomized resources to your cluster
+3. Wait for deployments to become available
+
+### Accessing the UI
+
+After deployment, you can access the ServiceRadar Cloud UI through:
+
+- **NodePort**: http://\<node-ip\>:30080
+- **Ingress** (if configured): http://serviceradar-demo.example.com
+
+## Configuration
+
+The base configuration is in the ConfigMap located at `base/configmap.yaml`. This contains JSON configurations for each component.
+
+To customize for your environment:
+1. Create a new overlay directory in `overlays/`
+2. Copy and modify the `kustomization.yaml` and other files from the demo overlay
+3. Add patches as needed for your environment
+
+## Image Updates
+
+To update images, edit the `kustomization.yaml` in your overlay directory:
+
+```yaml
+images:
+- name: ghcr.io/carverauto/serviceradar/serviceradar-agent
+  newTag: v1.0.20  # Change to desired version
+```
+
+## Troubleshooting
+
+If you encounter issues:
+
+```bash
+# Check pod status
+kubectl -n demo get pods
+
+# Check logs for a specific component
+kubectl -n demo logs deployment/serviceradar-cloud
+
+# Describe a pod for more details
+kubectl -n demo describe pod <pod-name>
+```

k8s/demo/base/configmap.yaml

@@ -0,0 +1,161 @@
+# base/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: serviceradar-config
+data:
+  cloud.json: |
+    {
+      "listen_addr": ":8090",
+      "grpc_addr": ":50052",
+      "db_path": "/var/lib/serviceradar/serviceradar.db",
+      "alert_threshold": "5m",
+      "known_pollers": ["demo-poller"],
+      "metrics": {
+      "enabled": true,
+      "retention": 100,
+      "max_nodes": 10000
+        },
+        "security": {
+          "mode": "mtls",
+          "cert_dir": "/etc/serviceradar/certs",
+          "role": "cloud"
+        },
+        "webhooks": [
+          {
+            "enabled": false,
+            "url": "https://your-webhook-url",
+            "cooldown": "15m",
+            "headers": [
+              {
+                "key": "Authorization",
+                "value": "Bearer your-token"
+              }
+            ]
+          },
+          {
+            "enabled": true,
+            "url": "https://discord.com/api/webhooks/1328806609710878730/hquu9vJUHZ9n1EaYQG8fqec6eHrLckXmzp8u0VjTzuE_gRXhArTuiX1ROrpw6MFlICLy",
+            "cooldown": "15m",
+            "template": "{\"embeds\":[{\"title\":\"{{.alert.Title}}\",\"description\":\"{{.alert.Message}}\",\"color\":{{if eq .alert.Level \"error\"}}15158332{{else if eq .alert.Level \"warning\"}}16776960{{else}}3447003{{end}},\"timestamp\":\"{{.alert.Timestamp}}\",\"fields\":[{\"name\":\"Node ID\",\"value\":\"{{.alert.NodeID}}\",\"inline\":true}{{range $key, $value := .alert.Details}},{\"name\":\"{{$key}}\",\"value\":\"{{$value}}\",\"inline\":true}{{end}}]}]}"
+          }
+        ]
+    }
+
+  poller.json: |
+    {
+      "agents": {
+        "local-agent": {
+          "address": "localhost:50051",
+          "security": {
+            "server_name": "demo.serviceradar.cloud",
+            "mode": "none"
+          },
+          "checks": [
+            {
+              "service_type": "port",
+              "service_name": "SSH",
+              "details": "127.0.0.1:22"
+            },
+            {
+              "service_type": "snmp",
+              "service_name": "snmp",
+              "details": "localhost:50054"
+            },
+            {
+              "service_type": "icmp",
+              "service_name": "ping",
+              "details": "8.8.8.8"
+            },
+            {
+              "service_type": "sweep",
+              "service_name": "network_sweep",
+              "details": ""
+            }
+          ]
+        }
+      },
+      "cloud_address": "demo.serviceradar.cloud:50052",
+      "listen_addr": "localhost:50053",
+      "poll_interval": "30s",
+      "poller_id": "demo-poller",
+      "service_name": "PollerService",
+      "service_type": "grpc",
+          "security": {
+            "mode": "none",
+            "cert_dir": "/etc/serviceradar/certs",
+            "server_name": "demo.serviceradar.cloud",
+            "role": "poller"
+          }
+    }
+
+  agent.json: |
+    {
+      "checkers_dir": "/etc/serviceradar/checkers",
+      "listen_addr": ":50051",
+      "service_type": "grpc",
+      "service_name": "AgentService",
+      "security": {
+        "mode": "none",
+        "cert_dir": "/etc/serviceradar/certs",
+        "server_name": "demo.serviceradar.cloud",
+        "role": "agent"
+      }
+    }
+
+  sweep.json: |
+    {
+      "networks": [
+          "192.168.2.0/24",
+          "192.168.3.1/32"
+      ],
+      "ports": [
+        22,
+        80,
+        443,
+        3306,
+        5432,
+        6379,
+        8080,
+        8443
+      ],
+      "sweep_modes": [
+        "icmp",
+        "tcp"
+      ],
+      "interval": "5m",
+      "concurrency": 100,
+      "timeout": "10s"
+    } 
+
+  snmp-checker.json: |
+    {
+      "node_address": "localhost:50051",
+      "listen_addr": ":50054",
+      "security": {
+        "server_name": "serviceradar-demo",
+        "mode": "none",
+        "role": "checker",
+        "cert_dir": "/etc/serviceradar/certs"
+      },
+      "timeout": "30s",
+      "targets": [
+        {
+          "name": "test-router",
+          "host": "192.168.1.1",
+          "port": 161,
+          "community": "public",
+          "version": "v2c",
+          "interval": "30s",
+          "retries": 2,
+          "oids": [
+            {
+              "oid": ".1.3.6.1.2.1.2.2.1.10.4",
+              "name": "ifInOctets_4",
+              "type": "counter",
+              "scale": 1.0
+            }
+          ]
+        }
+      ]
+    }

k8s/demo/base/kustomization.yaml

@@ -0,0 +1,13 @@
+# base/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - serviceradar-agent.yaml
+  - serviceradar-poller.yaml
+  - serviceradar-cloud.yaml
+  - serviceradar-snmp-checker.yaml
+  - configmap.yaml
+
+commonLabels:
+  app.kubernetes.io/part-of: serviceradar