Argo CICD demo step1
Argo event source github 使用webhook监听github提交,触发构建workflow
- 项目代码仓库 https://github.com/zl86790/argogithubsource
2. github token https://github.com/settings/tokens
3. 把token写入 secret
4. 创建Event source
# Info on GitHub Webhook: https://developer.github.com/v3/repos/hooks/#create-a-hook
apiVersion: argoproj.io/v1alpha1
kind: EventSource
metadata:
name: github
namespace: argo
spec:
service:
ports:
- port: 12000
targetPort: 12000
github:
gitwebhook:
repositories:
- owner: zl86790
names:
- argogithubsource
# Github will send events to following port and endpoint
webhook:
# endpoint to listen to events on
endpoint: /push
# port to run internal HTTP server on
port: "12000"
# HTTP request method to allow. In this case, only POST requests are accepted
method: POST
# url the event-source will use to register at Github.
# This url must be reachable from outside the cluster.
# The name for the service is in `<event-source-name>-eventsource-svc` format.
# You will need to create an Ingress or Openshift Route for the event-source service so that it can be reached from GitHub.
url: http://xxx.xxx.xxx.xxx:30001
# type of events to listen to.
# following listens to everything, hence *
# You can find more info on https://developer.github.com/v3/activity/events/types/
events:
- "*"
# apiToken refers to K8s secret that stores the github api token
# if apiToken is provided controller will create webhook on GitHub repo
# +optional
apiToken:
# Name of the K8s secret that contains the access token
name: github-access
# Key within the K8s secret whose corresponding value (must be base64 encoded) is access token
key: token
# # webhookSecret refers to K8s secret that stores the github hook secret
# # +optional
# webhookSecret:
# # Name of the K8s secret that contains the hook secret
# name: github-access
# # Key within the K8s secret whose corresponding value (must be base64 encoded) is hook secret
# key: secret
# type of the connection between event-source and Github.
# You should set it to false to avoid man-in-the-middle and other attacks.
insecure: true
# Determines if notifications are sent when the webhook is triggered
active: true
# The media type used to serialize the payloads
contentType: json
gitwebhook-without-api-credentials:
owner: "argoproj"
repository: "argo"
webhook:
endpoint: "/push"
port: "13000"
method: "POST"
events:
- "*"
webhookSecret:
name: github-access
key: secret
insecure: true
active: true
contentType: "json"
# gitwebhook-with-secure-connection:
# owner: "argoproj"
# repository: "argo"
# webhook:
# endpoint: "/push"
# port: "13000"
# method: "POST"
# url: "http://myargofakeurl.fake"
# # k8s secret that contains the cert
# serverCertSecret:
# name: my-secret
# key: cert-key
# # k8s secret that contains the private key
# serverKeySecret:
# name: my-secret
# key: pk-key
# events:
# - "push"
# - "delete"
# apiToken:
# name: github-access
# key: token
# webhookSecret:
# name: github-access
# key: secret
# insecure: true
# active: true
# contentType: "json"
5. 检查