Add go code

Author: maggie44

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,67 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [main]
+  schedule:
+    - cron: "26 22 * * 5"
+
+jobs:
+  codeql-analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ["go"]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v1
+
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 https://git.io/JvXDl
+
+      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+      #    and modify them (or add more) to build your code if your project
+      #    uses a compiled language
+
+      #- run: |
+      #   make bootstrap
+      #   make release
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1

.github/workflows/deploy-to-bcr.yml

@@ -0,0 +1,28 @@
+name: Deploy to BCR
+
+on:
+ pull_request:
+    types: [opened, synchronize, closed]
+    branches:
+      - master
+
+jobs:
+  deploy-to-bcr:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Turnstyle
+        uses: softprops/turnstyle@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Deploy to Balena
+        uses: balena-io/deploy-to-balena-action@master
+        id: build
+        with:
+          balena_token: ${{ secrets.BALENA_TOKEN }}
+          fleet: maggie0002/balena-data-extractor
+
+      - name: Log release ID built
+        run: echo "Built release ID ${{ steps.build.outputs.release_id }}"

.github/workflows/deploy-to-ghcr.yml

@@ -0,0 +1,60 @@
+name: Deploy to GHCR
+
+on:
+  push:
+    tags:
+      - "*"
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: maggie0002/balena-data-extractor
+
+jobs:
+  deploy-to-gcr:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Available platforms
+        run: echo ${{ steps.buildx.outputs.platforms }}
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v1
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v3
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          flavor: |
+            latest=true
+          tags: |
+            type=semver,pattern={{version}}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.gitignore

@@ -0,0 +1,4 @@
+.DS_Store
+balena-data-extractor
+.vscode
+cmds.yml

Dockerfile

@@ -0,0 +1,22 @@
+FROM golang:1.18.2 as builder
+
+ENV CGO_ENABLED=0
+
+WORKDIR /build
+
+COPY . .
+
+RUN go build -ldflags '-w -s'
+
+
+FROM alpine:3.16
+
+ENV PRIVATEBIN_URL=https://privatebin.net
+
+WORKDIR /app
+
+# COPY cmds.yaml cmds.yaml
+
+COPY --from=builder /build/balena-data-extractor .
+
+ENTRYPOINT ["./balena-data-extractor"]

README.md

@@ -0,0 +1,52 @@
+# Balena Data Extractor
+
+[![balena deploy button](https://www.balena.io/deploy.svg)](https://dashboard.balena-cloud.com/deploy?repoUrl=https://github.com/maggie0002/balena-data-extractor)
+
+This is an experimental project for extracting various forms of data (such as device information or logs) from Balena devices and uploading it to [PrivateBin](https://privatebin.info/directory/); a secure online version of PasteBin. 
+
+All of the extracted content is encrypted on the device before being uploaded to PrivateBin meaning PrivateBin cannot see any of the stored content. You can retrieve data by using the URL returned by this container, which includes your key for decrypting the content. For added security, you can apply a password required when accessing the content on the PrivateBin website.
+
+As an added bonus and for even greater security and privacy, you can run your own instance of the open source [PrivateBin](https://privatebin.info/directory/) project on your own server and then pass the URL of your server to this container via an environment variable or to the executable (see below).
+
+ 
+# Basic Usage:
+
+Run the container and the default mode will extract the following content and create an individual URL for each:
+
+```
+Device Info (via the Balena Supervisor)
+Environment Variables (API_KEY variables are filtered out)
+JournalCtl Logs
+A List of Network Interfaces
+```
+
+## With the Docker Compose file:
+
+Add the `balena-data-extractor` section of docker-compose.yml file in this repository to your own docker-compose file.
+
+## With a `run` command on a device:
+
+`balena run bcr.io/maggie0002/balena-data-extractor`
+
+# Advanced Usage
+
+You can change the default PrivateBin instance used by modifying the PRIVATEBIN_URL in the Docker Compose file or by [passing the env variable](https://docs.docker.com/engine/reference/run/#env-environment-variables) to the `balena run` command.
+
+You can use a cmds.yaml file to generate your own commands to execute and pass to PrivateBin (see cmds.example.yaml file) by passing `-data yaml` and copying a cmds.yml file in to the container with the Dockerfile.
+
+You can also set additional options by passing them in the Docker Compose command field or by putting them at the end of your `balena run` command:
+
+  -burn
+        Burn all data after being read once
+  -expire string
+        Delete all data after specified time. Options are: 'hour', 'day', 'week' or 'month' (default "day")
+  -data string
+        Choose which data to export. Options are: 'all', 'deviceinfo', 'envvars', 'journalctl', 'networkinterfaces', 'yaml') (default "all")
+  -password string
+        Set a password for accessing the uploaded content
+  -url string
+        Override the default data host with the passed URL
+  -help
+        Show this content
+
+* Only the last 10000 lines of the JournalCtl logs are returned otherwise the browser struggles to decrypt it. 

balena.yml

@@ -0,0 +1,26 @@
+name: Balena Data Extractor
+description: >-
+  A container for extracting data from Balena devices and uploading to a secure website (PrivateBin).
+joinable: false
+type: sw.block
+assets:
+  repository:
+    type: blob.asset
+    data:
+      url: "https://github.com/maggie0002/balena-data-extractor"
+  logo:
+    type: blob.asset
+    data:
+      url: "https://raw.githubusercontent.com/maggie0002/balena-apps-logo/main/logo.png"
+data:
+  defaultDeviceType: raspberrypi4-64
+  supportedDeviceTypes:
+    - raspberry-pi
+    - raspberry-pi2
+    - raspberrypi3
+    - raspberrypi3-64
+    - raspberrypi4-64
+    - fincm3
+    - raspberrypi400-64
+    - intel-nuc
+    - genericx86-64-ext

cmds.example.yaml

@@ -0,0 +1,10 @@
+api:
+    name: GitHub API
+    url: https://api.github.com
+    key: your-api-key-or-remove-this-line
+file:
+    name: OS Release Info
+    path: /etc/os-release
+shell:
+    name: Contents of the programme folder
+    cmd: ls -lah

docker-compose.yml

@@ -0,0 +1,13 @@
+version: "2.1"
+
+services:
+  balena-data-extractor:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    environment:
+      PRIVATEBIN_URL: https://privatebin.net
+    restart: no
+    labels:
+      io.balena.features.supervisor-api: 1
+    # command: -data all