add webhooks via argo-events with sample job runner
This commit is contained in:
parent
48323e48a8
commit
d92edc71b7
|
@ -79,3 +79,5 @@ data:
|
|||
|
||||
GITEA__session__PROVIDER: "file"
|
||||
GITEA__session__PROVIDER_CONFIG: "/data/gitea/sessions"
|
||||
|
||||
GITEA__webhook__ALLOWED_HOST_LIST: "*"
|
||||
|
|
153
gitea/webhook.yaml
Normal file
153
gitea/webhook.yaml
Normal file
|
@ -0,0 +1,153 @@
|
|||
# kubectl create secret generic gitea-update-webhook-token --dry-run=client -o yaml --from-literal=token=`uuid` | kubeseal -o yaml
|
||||
---
|
||||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: gitea-update-webhook-token
|
||||
namespace: gitea
|
||||
spec:
|
||||
encryptedData:
|
||||
token: AgAv2wu5eGwLjmj/yLUijCG1NacqONc2dK4URGGkXL6Iqe07u6PDLEovWyfdNmRdTRSXN4UpuA95+u4hk+EM0miEcAdfBqW3vzVq8S0oZxb4v00v1GPYYTXk47KKDi8AT1yHftWczU5ibM87T7w/sOWUoGgYxbO8z49c2UDt1Y665B05PyqK+SXQZfifRA2rBeOP8alL/lhzglh1RMYSe939gnhPbKL9j92zFwt5EtGe5qU56gmTG7ki/hydGusFNYt0K2GtoYJAdYIMwkAT+eRvA143+IhzG2RbjG5jXYkFUSTNtd+TtUczWUiFjnpBI0u6Ybd1maQVf+spFGx1lACHxXTkav5LfZoUi2BDzNWglH2sV6sGS/LcHy64BdyOwHQj3TjpkeP2/TLeJYotuEkp60Srh9P6WNxwLxc3X3I8nLu6Qb77msc5xh6BpdPHkTSMXPOAtRQuQaNufyGW8+oy2cJqWELzzE4cTWtx1ThOb29+mWYhjFFbU6WpuL2q4OiumC+9q03SVJh9DebuTMbqRj+Y55EXbRJQeMaHlBpWkAphWKh279dqZwrCLfzNFfNHiQrotRZnfMqwe6Xp2INwhaZsI4lPqZX47I5ISYpP4ZR5sG7op+dfRZzRvFIqtU9I4uAs9utGE5P86t3BsMKXwcr2zcZ/L3r/s1KHWByfdpbZ16lM+VvDGPUjCVILM+W0Fc1nt78wHDqUMMC5UHhTk+hNOUyGejYBmz6R1FVOT6pvzKw=
|
||||
template:
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: gitea-update-webhook-token
|
||||
namespace: gitea
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: gitea-update-webhook
|
||||
namespace: gitea
|
||||
spec:
|
||||
internalTrafficPolicy: Cluster
|
||||
ipFamilies:
|
||||
- IPv4
|
||||
ipFamilyPolicy: SingleStack
|
||||
ports:
|
||||
- port: 12000
|
||||
protocol: TCP
|
||||
targetPort: 12000
|
||||
selector:
|
||||
eventsource-name: gitea-update-webhook
|
||||
sessionAffinity: None
|
||||
type: ClusterIP
|
||||
---
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: EventBus
|
||||
metadata:
|
||||
name: default
|
||||
namespace: gitea
|
||||
spec:
|
||||
jetstream:
|
||||
version: latest
|
||||
replicas: 3
|
||||
persistence:
|
||||
storageClassName: nvme
|
||||
accessMode: ReadWriteOnce
|
||||
volumeSize: 10Gi
|
||||
streamConfig: |
|
||||
maxAge: 24h
|
||||
settings: |
|
||||
max_file_store: 1GB # see default values in argo-events-controller-config
|
||||
startArgs:
|
||||
- "-D" # debug-level logs
|
||||
---
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: EventSource
|
||||
metadata:
|
||||
name: gitea-update-webhook
|
||||
namespace: gitea
|
||||
spec:
|
||||
webhook:
|
||||
gitea-update:
|
||||
port: "12000"
|
||||
endpoint: /gitea-update
|
||||
method: POST
|
||||
authSecret:
|
||||
name: gitea-update-webhook-token
|
||||
key: token
|
||||
---
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Sensor
|
||||
metadata:
|
||||
name: gitea-update-webhook-sensor
|
||||
namespace: gitea
|
||||
spec:
|
||||
template:
|
||||
serviceAccountName: gitea-update-webhook-sensor-sa
|
||||
dependencies:
|
||||
- name: gitea-update-webhook-received
|
||||
eventSourceName: gitea-update-webhook
|
||||
eventName: gitea-update
|
||||
triggers:
|
||||
- template:
|
||||
name: webhook-job-trigger
|
||||
k8s:
|
||||
operation: create
|
||||
source:
|
||||
resource:
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
generateName: gitea-update-webhook-received-
|
||||
spec:
|
||||
ttlSecondsAfterFinished: 30
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: echo-contents
|
||||
args:
|
||||
- "nodatareceived"
|
||||
command:
|
||||
- echo
|
||||
image: "bash:latest"
|
||||
restartPolicy: OnFailure
|
||||
backoffLimit: 2
|
||||
parameters:
|
||||
- src:
|
||||
dependencyName: gitea-update-webhook-received
|
||||
dest: spec.template.spec.containers.0.args.0
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: gitea-update-webhook-sensor-sa
|
||||
namespace: gitea
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
namespace: gitea
|
||||
name: gitea-update-webhook-sensor-k8s-resource-creator-role
|
||||
rules:
|
||||
- apiGroups: ["*"]
|
||||
resources:
|
||||
- "*"
|
||||
verbs:
|
||||
- "*"
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: gitea-update-webhook-sensor-resource-creator-rolebinding
|
||||
namespace: gitea
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: gitea-update-webhook-sensor-k8s-resource-creator-role
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: gitea-update-webhook-sensor-sa
|
||||
namespace: gitea
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: gitea-update-webhook-sensor-sa
|
||||
namespace: gitea
|
||||
annotations:
|
||||
kubernetes.io/service-account.name: gitea-update-webhook-sensor-sa
|
||||
type: kubernetes.io/service-account-token
|
Loading…
Reference in New Issue
Block a user