我正在寻找一种将 Kubernetes 集群中运行的 Tekton 任务链接到 GitHub 步骤的方法(如果存在),这样我就可以在 GitHub 中标记所需的步骤,并且只有在它们通过时才允许 PR 合并。
我知道 Tekton 触发器,它解决了问题的另一部分,即对 GitHub 中的事件做出反应,例如创建新的拉取请求或合并主分支。但是 Tekton 能够以我期望的方式调用 GitHub API 吗?
问问题
213 次
2 回答
0
另一种方法是使用github-set-status来自 Tekton Hub 的任务,恕我直言,这很容易使用。集成 GitLab 我们在对应的 gitlab-set-status 方面有很好的经验。下面是关于如何根据Tekton Pipeline 聚合状态和表达式保护的最终任务设置任务的综合答案。STATEgithub-set-statuswhen
我还概述了一个示例pipeline.yaml,并从提到的答案中推导出来(未经测试!)。它利用git-clone和 Cloud Native buildpacksTasks(也来自 Tekton Hub)来提供一个完整的示例:
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: buildpacks-test-pipeline
spec:
params:
- name: IMAGE
type: string
description: image URL to push
- name: SOURCE_URL
type: string
description: A git repo url where the source code resides.
- name: REPO_PATH_ONLY
type: string
description: GitHub group & repo name only (e.g. jonashackt/microservice-api-spring-boot)
- name: SOURCE_REVISION
description: The branch, tag or SHA to checkout.
default: ""
- name: GITHUB_HOST
type: string
description: Your GitHub host only (e.g. api.github.com)
- name: TEKTON_DASHBOARD_HOST
type: string
description: The Tekton dashboard host name only
workspaces:
- name: source-workspace # Directory where application source is located. (REQUIRED)
- name: cache-workspace # Directory where cache is stored (OPTIONAL)
tasks:
- name: fetch-repository # This task fetches a repository from github, using the `git-clone` task you installed
taskRef:
name: git-clone
workspaces:
- name: output
workspace: source-workspace
params:
- name: url
value: "$(params.SOURCE_URL)"
- name: revision
value: "$(params.SOURCE_REVISION)"
- name: subdirectory
value: ""
- name: deleteExisting
value: "true"
- name: buildpacks # This task uses the `buildpacks` task to build the application
taskRef:
name: buildpacks
runAfter:
- fetch-repository
workspaces:
- name: source
workspace: source-workspace
- name: cache
workspace: cache-workspace
params:
- name: APP_IMAGE
value: "$(params.IMAGE)"
- name: BUILDER_IMAGE
value: paketobuildpacks/builder:base # This is the builder we want the task to use (REQUIRED)
finally:
- name: report-pipeline-failed-to-github
when:
- input: $(tasks.status)
operator: in
values: [ "Failed", "None" ] # see aggregated status https://tekton.dev/docs/pipelines/pipelines/#using-aggregate-execution-status-of-all-tasks
taskRef:
name: "github-set-status"
params:
- name: "STATE"
value: "failed"
- name: "GITHUB_HOST_URL"
value: "$(params.GITHUB_HOST)"
- name: "REPO_FULL_NAME"
value: "$(params.REPO_PATH_ONLY)"
- name: "GITHUB_TOKEN_SECRET_NAME"
value: "github-api-secret"
- name: "GITHUB_TOKEN_SECRET_KEY"
value: "token"
- name: "SHA"
value: "$(params.SOURCE_REVISION)"
- name: "TARGET_URL"
value: "$(params.TEKTON_DASHBOARD_HOST)/#/namespaces/default/pipelineruns/$(context.pipelineRun.name)"
- name: "CONTEXT"
value: "tekton-pipeline"
- name: "DESCRIPTION"
value: "An error occurred building your commit in Tekton"
- name: report-pipeline-success-to-github
when:
- input: $(tasks.status)
operator: in
values: [ "Succeeded", "Completed" ] # see aggregated status https://tekton.dev/docs/pipelines/pipelines/#using-aggregate-execution-status-of-all-tasks
taskRef:
name: "github-set-status"
params:
- name: "STATE"
value: "success"
- name: "GITHUB_HOST_URL"
value: "$(params.GITHUB_HOST)"
- name: "REPO_FULL_NAME"
value: "$(params.REPO_PATH_ONLY)"
- name: "GITHUB_TOKEN_SECRET_NAME"
value: "github-api-secret"
- name: "GITHUB_TOKEN_SECRET_KEY"
value: "token"
- name: "SHA"
value: "$(params.SOURCE_REVISION)"
- name: "TARGET_URL"
value: "$(params.TEKTON_DASHBOARD_HOST)/#/namespaces/default/pipelineruns/$(context.pipelineRun.name)"
- name: "CONTEXT"
value: "tekton-pipeline"
- name: "DESCRIPTION"
value: "Finished building your commit in Tekton"
于 2021-11-29T14:23:15.913 回答
0
您正在寻找的是可以从 PipelineRun 向 GitHub 报告状态的东西。
这可以通过几种不同的方式来完成。一种方法是使用commit--status-tracker,但是它似乎使用了PipelineResources的“旧”概念,因此我建议使用例如GitHub App Notifier代替,尽管它似乎很新。
于 2020-12-28T12:44:12.123 回答