fix new ci, 7

.woodpecker.yml

@@ -1,5 +1,50 @@
 steps:
   build:
+    image: golang:1.22.5-alpine3.20
+    commands:
+      - GOPATH=/woodpecker/go
+      - cd src/udi
+      - go mod tidy
+      - go build -a -installsuffix nocgo -o udi main.go
+      - cp udi ../..
+
+  scan:
+    image: quay.io/wollud1969/woodpecker-helper:0.5.1
+    environment:
+      TRIVY_TOKEN:
+        from_secret: trivy_token
+      TRIVY_URL:
+        from_secret: trivy_url
+      DTRACK_API_KEY:
+        from_secret: dtrack_api_key
+      DTRACK_API_URL:
+        from_secret: dtrack_api_url
+    commands:
+      - export GOPATH=/woodpecker/go   # the export is required, otherwise trivy will not consider the variable
+      - HOME=/home/`id -nu`
+      - TAG="${CI_COMMIT_TAG:-$CI_COMMIT_SHA}"
+      - |
+        trivy fs \
+              --server $TRIVY_URL \
+              --token $TRIVY_TOKEN \
+              --format cyclonedx \
+              --scanners license \
+              --output /tmp/sbom.xml \
+              .        
+      - cat /tmp/sbom.xml
+      - |
+        curl -X "POST" \
+             -H "Content-Type: multipart/form-data" \
+             -H "X-Api-Key: $DTRACK_API_KEY" \
+             -F "autoCreate=true" \
+             -F "projectName=$CI_REPO" \
+             -F "projectVersion=$TAG" \
+             -F "bom=@/tmp/sbom.xml"\
+             "$DTRACK_API_URL/api/v1/bom"        
+    when:
+      - event: [push, tag]
+
+  dockerize:
     image: plugins/kaniko
     settings:
       repo: ${FORGE_NAME}/${CI_REPO}
@@ -15,14 +60,14 @@ steps:
       - event: [push, tag]
 
   deploy:
-    image: portainer/kubectl-shell:latest
-    secrets:
-      - source: kube_config
-        target: KUBE_CONFIG_CONTENT
-      - source: encryption_key
-        target: ENCRYPTION_KEY
-      - source: secrets_checksum
-        target: MD5_CHECKSUM
+    image: quay.io/wollud1969/woodpecker-helper:0.5.1
+    environment:
+      KUBE_CONFIG_CONTENT:
+        from_secret: kube_config
+      ENCRYPTION_KEY:
+        from_secret: encryption_key
+      MD5_CHECKSUM:
+        from_secret: secrets_checksum
     commands:
       - export IMAGE_TAG=$CI_COMMIT_TAG
       - printf "$KUBE_CONFIG_CONTENT" > /tmp/kubeconfig

Dockerfile

@@ -1,15 +1,8 @@
-FROM golang:1.22.5-alpine3.20 as builder
-
-RUN mkdir -p /go/src
-COPY ./src/ /go/src
-WORKDIR /go/src/udi
-RUN go build -a -installsuffix nocgo -o udi main.go
-
-
 FROM scratch
 
 ENV UDI_CONF ""
 
-COPY --from=builder /go/src/udi ./
+COPY udi ./
+
 ENTRYPOINT ["./udi"]
 

deployment/decrypt-secrets.sh

@@ -10,7 +10,6 @@ if [ "$MD5_CHECKSUM" = "" ]; then
   exit 1
 fi
 
-echo $ENCRYPTION_KEY
 
 SECRETS_CIPHERTEXT_FILE=secrets.enc
 SECRETS_PLAINTEXT_FILE=/tmp/secrets
@@ -39,7 +38,7 @@ if [ "$MD5_CHECKSUM" != "$CALCULATED_CHECKSUM" ]; then
   exit 1
 fi
 
-# cat $TMP_FILE
+#cat $TMP_FILE
 mv $TMP_FILE $SECRETS_PLAINTEXT_FILE
 
 

deployment/deploy.sh

@@ -58,7 +58,7 @@ for NAMESPACE_DIR in `find $INSTANCES_DIR -type d -mindepth 1 -maxdepth 1`; do
     NEW_UDI_DB_PASSWORD="${!PASSWORD_VARIABLE}"
     DATABASE_VARIABLE=$VARIABLE_PREFIX"_PGDATABASE"
     NEW_UDI_DB_DATABASE="${!DATABASE_VARIABLE}"
-    NEW_UDI_DB_HOST=timescaledb.database.svc.cluster.local
+    NEW_UDI_DB_HOST=database.database1.svc.cluster.local
 
     kubectl create secret generic $INSTANCE-udi-db-cred \
       --dry-run=client \

migration/requirements.txt

@@ -1,2 +1,2 @@
-loguru==0.7.2
+loguru==0.7.3
 psycopg2==2.9.9

queries/saerbeck.sql

@@ -41,3 +41,4 @@ create or replace view cubecell_threeway_battery_v as
     from measurements
     where application = 'de-hottis-saerbeck-monitoring' and
     device = 'eui-70b3d57ed0068fa4';
+

src/udi/go.mod

@@ -18,8 +18,8 @@ require (
 	github.com/jackc/puddle/v2 v2.2.1 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
-	golang.org/x/crypto v0.25.0 // indirect
-	golang.org/x/net v0.27.0 // indirect
-	golang.org/x/sync v0.7.0 // indirect
-	golang.org/x/text v0.16.0 // indirect
+	golang.org/x/crypto v0.32.0 // indirect
+	golang.org/x/net v0.34.0 // indirect
+	golang.org/x/sync v0.10.0 // indirect
+	golang.org/x/text v0.21.0 // indirect
 )

src/udi/go.sum

@@ -28,14 +28,14 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30=
-golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M=
-golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
-golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
-golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
-golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
-golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
+golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
+golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
+golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
+golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
+golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
+golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
+golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=