d0ugal
diff --git a/‎.github/workflows/ci.yml‎
Lines changed: 150 additions & 0 deletions b/‎.github/workflows/ci.yml‎
Lines changed: 150 additions & 0 deletions
diff --git a/‎.github/workflows/release-please.yml‎
Lines changed: 82 additions & 0 deletions b/‎.github/workflows/release-please.yml‎
Lines changed: 82 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 43 additions & 0 deletions b/‎.gitignore‎
Lines changed: 43 additions & 0 deletions
diff --git a/‎.golangci.yml‎
Lines changed: 57 additions & 0 deletions b/‎.golangci.yml‎
Lines changed: 57 additions & 0 deletions
diff --git a/‎.release-please-config.json‎
Lines changed: 15 additions & 0 deletions b/‎.release-please-config.json‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎CHANGELOG.md‎
Lines changed: 31 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 31 additions & 0 deletions
@@ -0,0 +1,150 @@
+name: CI
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  test:
+    name: Test
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v5
+
+    - name: Set up Go 1.25
+      uses: actions/setup-go@v5
+      with:
+        go-version: '1.25'
+
+    - name: Install dependencies
+      run: go mod download
+
+    - name: Run tests
+      run: go test -v -race -coverprofile=coverage.txt -covermode=atomic ./...
+
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v5
+      with:
+        file: ./coverage.txt
+        flags: unittests
+        name: codecov-umbrella
+
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    continue-on-error: true
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v5
+
+    - name: Run golangci-lint
+      uses: golangci/golangci-lint-action@v8
+      with:
+        version: latest
+
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    needs: [test]
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v5
+
+    - name: Set up Go
+      uses: actions/setup-go@v5
+      with:
+        go-version: '1.25'
+
+    - name: Build
+      run: |
+        go build -v -ldflags="-s -w" -o ghcr-exporter ./cmd
+
+    - name: Upload build artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: ghcr-exporter
+        path: ghcr-exporter
+        retention-days: 30
+
+  security:
+    name: Security Scan
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      security-events: write
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v5
+
+    - name: Run Trivy vulnerability scanner
+      uses: aquasecurity/trivy-action@master
+      with:
+        scan-type: 'fs'
+        scan-ref: '.'
+        format: 'table'
+        exit-code: '1'
+        severity: 'CRITICAL,HIGH'
+
+  dev-build:
+    name: Development Build
+    runs-on: ubuntu-latest
+    needs: [test]
+    if: github.event_name == 'push'
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v5
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Log in to GHCR
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ env.REGISTRY }}
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Generate dev tag
+      id: meta
+      run: |
+        # Create a dev tag with commit SHA and timestamp
+        SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-7)
+        TIMESTAMP=$(date +%Y%m%d-%H%M%S)
+        DEV_TAG="dev-${TIMESTAMP}-${SHORT_SHA}"
+        echo "dev_tag=${DEV_TAG}" >> $GITHUB_OUTPUT
+        echo "Generated dev tag: ${DEV_TAG}"
+
+    - name: Extract metadata
+      id: docker_meta
+      uses: docker/metadata-action@v5
+      with:
+        images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+        tags: |
+          ${{ steps.meta.outputs.dev_tag }}
+          dev
+
+    - name: Build and push Docker image
+      uses: docker/build-push-action@v6
+      with:
+        context: .
+        platforms: linux/amd64,linux/arm64
+        push: true
+        tags: ${{ steps.docker_meta.outputs.tags }}
+        labels: ${{ steps.docker_meta.outputs.labels }}
+        cache-from: type=gha
+        cache-to: type=gha,mode=min
+        continue-on-error: false
@@ -0,0 +1,82 @@
+name: Release Please
+
+on:
+  push:
+    branches: [ main ]
+
+permissions:
+  contents: write
+  pull-requests: write
+  issues: write
+  packages: write
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  release-please:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v5
+      with:
+        fetch-depth: 0
+        token: ${{ secrets.GITHUB_TOKEN }}
+    
+    - uses: googleapis/release-please-action@v4
+      id: release_please
+      with:
+        release-type: go
+        path: .
+        token: ${{ secrets.GITHUB_TOKEN }}
+
+    # Debug info
+    - name: Debug Release Info
+      if: steps.release_please.outputs.release_created == 'true'
+      run: |
+        echo "Release created!"
+        echo "Tag: ${{ steps.release_please.outputs.tag_name }}"
+        echo "Name: ${{ steps.release_please.outputs.name }}"
+        echo "Draft: ${{ steps.release_please.outputs.draft }}"
+        echo "Prerelease: ${{ steps.release_please.outputs.prerelease }}"
+
+    # Build and push Docker image
+    - name: Set up Docker Buildx
+      if: steps.release_please.outputs.release_created == 'true'
+      uses: docker/setup-buildx-action@v3
+
+    - name: Log in to GHCR
+      if: steps.release_please.outputs.release_created == 'true'
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ env.REGISTRY }}
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Extract metadata
+      if: steps.release_please.outputs.release_created == 'true'
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+        tags: |
+          ${{ steps.release_please.outputs.tag_name }}
+          latest
+
+    - name: Build and push Docker image
+      if: steps.release_please.outputs.release_created == 'true'
+      uses: docker/build-push-action@v6
+      with:
+        context: .
+        platforms: linux/amd64,linux/arm64
+        push: true
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+        cache-from: type=gha,scope=release-${{ steps.release_please.outputs.tag_name }}
+        cache-to: type=gha,mode=max,scope=release-${{ steps.release_please.outputs.tag_name }}
+        continue-on-error: false
+        build-args: |
+          VERSION=${{ steps.release_please.outputs.tag_name }}
+          COMMIT=${{ github.sha }}
+          BUILD_DATE=${{ github.event.head_commit.timestamp }}
@@ -0,0 +1,43 @@
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+
+# Test binary, built with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Dependency directories (remove the comment below to include it)
+# vendor/
+
+# Go workspace file
+go.work
+
+# Build artifacts
+ghcr-exporter
+coverage.txt
+
+# IDE files
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# OS generated files
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+ehthumbs.db
+Thumbs.db
+
+# Logs
+*.log
+
+# Configuration files (optional - remove if you want to track them)
+config.yaml
@@ -0,0 +1,57 @@
+version: "2"
+
+run:
+  timeout: 5m
+  go: "1.25"
+
+linters:
+  # Use fast linters for better performance
+  default: fast
+  enable:
+    - govet
+    - staticcheck
+    - errcheck
+    - gosec
+    - ineffassign
+    - unused
+    - contextcheck
+    - wsl_v5
+    
+  disable:
+    - cyclop  # Too strict
+    - depguard  # Allow internal imports
+    - err113  # Allow dynamic errors
+    - exhaustruct  # Too strict for tests
+    - forcetypeassert  # Allow in tests
+    - funcorder  # Not critical
+    - funlen  # Allow longer functions
+    - gocognit  # Too strict
+    - goconst  # Not critical
+    - godot  # Not critical
+    - intrange  # Go 1.22+ feature
+    - lll  # Line length not critical
+    - mnd  # Magic numbers acceptable
+    - nestif  # Allow nested if
+    - nlreturn  # Not critical
+    - noinlineerr  # Allow inline errors
+    - paralleltest  # Not critical
+    - perfsprint  # Not critical
+    - revive  # Too many false positives
+    - tagliatelle  # YAML tags fine
+    - testpackage  # Allow test packages
+    - usetesting  # Not critical
+    - varnamelen  # Variable names fine
+    - wsl  # Use wsl_v5 instead
+    - gosec  # Security warnings are false positives for this codebase
+
+  settings:
+    gosec:
+      # Allow some security warnings
+      excludes:
+        - G204  # Subprocess launched with variable - inputs are validated and sanitized
+        - G304  # Potential file inclusion via variable - path is validated and comes from trusted config
+
+formatters:
+  enable:
+    - gci
+    - gofmt
@@ -0,0 +1,15 @@
+{
+  "packages": {
+    ".": {
+      "changelog-path": "CHANGELOG.md",
+      "release-type": "go",
+      "bump-minor-pre-major": true,
+      "bump-patch-for-minor-pre-major": true,
+      "include-component-in-tag": false,
+      "include-v-in-tag": true
+    }
+  },
+  "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json"
+}
+
+
@@ -0,0 +1,31 @@
+# Changelog
+
+All notable changes to ghcr-exporter will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+### Features
+
+* Initial release of ghcr-exporter
+* Collects package download statistics from GitHub Container Registry (GHCR)
+* Tracks package version counts and last published timestamps
+* Supports both user and organization packages
+* Prometheus metrics endpoint with health checks
+* Docker support with non-root user
+* Graceful error handling and retry logic
+* Web UI with metrics information
+* GitHub API integration with authentication
+
+### Metrics
+
+* `ghcr_exporter_info` - Information about the exporter
+* `ghcr_package_downloads_total` - Version count (proxy for package activity)
+* `ghcr_package_last_published_timestamp` - Last published timestamp
+* `ghcr_collection_duration_seconds` - Collection duration
+* `ghcr_collection_success_total` - Successful collections
+* `ghcr_collection_failed_total` - Failed collections
+* `ghcr_collection_interval_seconds` - Collection interval
+* `ghcr_collection_timestamp` - Last collection timestamp