Technical Solution
Architecture
Reference Doc
Event Source
apiVersion: argoproj.io/v1alpha1
kind: EventSource
metadata:
name: github
namespace: argo
spec:
service:
ports:
- name: github-webhook
port: 12000
targetPort: 12000
github:
github-webhook:
repositories:
- owner: "*"
names:
- "*"
webhook:
endpoint: /github-webhook
port: "12000"
method: POST
url: https://argo-workflows.kinson.fun
events:
- "*"
apiToken:
name: github-access-token-kinson-bot
key: token
webhookSecret:
name: github-access-token-kinson-bot
key: secret
insecure: true
active: true
contentType: json
为github添加Proxy环境变量
- name: http_proxy
value: http://192.168.3.98:1080
- name: https_proxy
value: http://192.168.3.98:1080
- name: no_proxy
value: .cluster.local,.svc,127.0.0.1
Event Bus
JetStream
apiVersion: argoproj.io/v1alpha1
kind: EventBus
metadata:
name: default
spec:
jetstream:
version: latest
replicas: 5
persistence:
storageClassName: longhorn
accessMode: ReadWriteOnce
volumeSize: 10Gi
streamConfig: |
maxAge: 24h
settings: |
max_file_store: 1GB
startArgs:
- "-D"
Sensor
apiVersion: argoproj.io/v1alpha1
kind: Sensor
metadata:
name: github
spec:
dependencies:
- name: github-pr
eventSourceName: github
eventName: github-webhook
filters:
data:
- path: headers.X-Github-Event
type: string
value:
- pull_request
- path: body.action
type: string
value:
- opened
- edited
- reopened
- synchronize
- path: body.pull_request.state
type: string
value:
- open
- name: github-push
eventSourceName: github
eventName: github-webhook
filters:
data:
- path: headers.X-Github-Event
type: string
value:
- push
triggers:
- template:
name: pensieve-workflow
conditions: "github-pr || github-push"
k8s:
operation: create
source:
resource:
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
generateName: pensieve-ci-
spec:
entrypoint: pensieve-ci
arguments:
parameters:
- name: git_url
- name: git_repo
- name: git_branch
- name: git_pr
value: "0"
- name: git_commit
templates:
- name: pensieve-ci
inputs:
parameters:
- name: git_url
- name: git_repo
- name: git_branch
- name: git_pr
- name: git_commit
container:
image: registry.kinson.fun/ubuntu:20.04
command: ['sleep','infinity']
env:
- name: GIT_URL
value: "{{inputs.parameters.git_url}}"
- name: GIT_REPO
value: "{{inputs.parameters.git_repo}}"
- name: GIT_BRANCH
value: "{{inputs.parameters.git_branch}}"
- name: GIT_PR
value: "{{inputs.parameters.git_pr}}"
- name: GIT_COMMIT
value: "{{ inputs.parameters.git_commit }}"
- name: http_proxy
value: http://192.168.3.98:1080
- name: https_proxy
value: http://192.168.3.98:1080
- name: no_proxy
value: .cluster.local,.svc,127.0.0.1
parameters:
- src:
dependencyName: github-pr
dataKey: body.pull_request.head.repo.clone_url
dest: spec.arguments.parameters.0.value
- src:
dependencyName: github-pr
dataKey: body.pull_request.head.repo.name
dest: spec.arguments.parameters.1.value
- src:
dependencyName: github-pr
dataKey: body.pull_request.head.ref
dest: spec.arguments.parameters.2.value
- src:
dependencyName: github-pr
dataKey: body.pull_request.number
dest: spec.arguments.parameters.3.value
- src:
dependencyName: github-pr
dataKey: body.pull_request.head.sha
dest: spec.arguments.parameters.4.value
- src:
dependencyName: github-push
dataKey: body.repository.clone_url
dest: spec.arguments.parameters.0.value
- src:
dependencyName: github-push
dataKey: body.repository.name
dest: spec.arguments.parameters.1.value
- src:
dependencyName: github-push
dataTemplate: "{{ .Input.body.ref | replace \"refs/heads/\" \"\" }}"
dest: spec.arguments.parameters.2.value
- src:
dependencyName: github-push
dataKey: body.after
dest: spec.arguments.parameters.4.value
retryStrategy:
steps: 3
检查是否有权限
kubectl auth can-i create workflowtaskresults --as=system:serviceaccount:argo:default --namespace=argo
