add webhooks via argo-events with sample job runner
This commit is contained in:
parent
48323e48a8
commit
d92edc71b7
|
@ -79,3 +79,5 @@ data:
|
||||||
|
|
||||||
GITEA__session__PROVIDER: "file"
|
GITEA__session__PROVIDER: "file"
|
||||||
GITEA__session__PROVIDER_CONFIG: "/data/gitea/sessions"
|
GITEA__session__PROVIDER_CONFIG: "/data/gitea/sessions"
|
||||||
|
|
||||||
|
GITEA__webhook__ALLOWED_HOST_LIST: "*"
|
||||||
|
|
153
gitea/webhook.yaml
Normal file
153
gitea/webhook.yaml
Normal file
|
@ -0,0 +1,153 @@
|
||||||
|
# kubectl create secret generic gitea-update-webhook-token --dry-run=client -o yaml --from-literal=token=`uuid` | kubeseal -o yaml
|
||||||
|
---
|
||||||
|
apiVersion: bitnami.com/v1alpha1
|
||||||
|
kind: SealedSecret
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: gitea-update-webhook-token
|
||||||
|
namespace: gitea
|
||||||
|
spec:
|
||||||
|
encryptedData:
|
||||||
|
token: AgAv2wu5eGwLjmj/yLUijCG1NacqONc2dK4URGGkXL6Iqe07u6PDLEovWyfdNmRdTRSXN4UpuA95+u4hk+EM0miEcAdfBqW3vzVq8S0oZxb4v00v1GPYYTXk47KKDi8AT1yHftWczU5ibM87T7w/sOWUoGgYxbO8z49c2UDt1Y665B05PyqK+SXQZfifRA2rBeOP8alL/lhzglh1RMYSe939gnhPbKL9j92zFwt5EtGe5qU56gmTG7ki/hydGusFNYt0K2GtoYJAdYIMwkAT+eRvA143+IhzG2RbjG5jXYkFUSTNtd+TtUczWUiFjnpBI0u6Ybd1maQVf+spFGx1lACHxXTkav5LfZoUi2BDzNWglH2sV6sGS/LcHy64BdyOwHQj3TjpkeP2/TLeJYotuEkp60Srh9P6WNxwLxc3X3I8nLu6Qb77msc5xh6BpdPHkTSMXPOAtRQuQaNufyGW8+oy2cJqWELzzE4cTWtx1ThOb29+mWYhjFFbU6WpuL2q4OiumC+9q03SVJh9DebuTMbqRj+Y55EXbRJQeMaHlBpWkAphWKh279dqZwrCLfzNFfNHiQrotRZnfMqwe6Xp2INwhaZsI4lPqZX47I5ISYpP4ZR5sG7op+dfRZzRvFIqtU9I4uAs9utGE5P86t3BsMKXwcr2zcZ/L3r/s1KHWByfdpbZ16lM+VvDGPUjCVILM+W0Fc1nt78wHDqUMMC5UHhTk+hNOUyGejYBmz6R1FVOT6pvzKw=
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: gitea-update-webhook-token
|
||||||
|
namespace: gitea
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: gitea-update-webhook
|
||||||
|
namespace: gitea
|
||||||
|
spec:
|
||||||
|
internalTrafficPolicy: Cluster
|
||||||
|
ipFamilies:
|
||||||
|
- IPv4
|
||||||
|
ipFamilyPolicy: SingleStack
|
||||||
|
ports:
|
||||||
|
- port: 12000
|
||||||
|
protocol: TCP
|
||||||
|
targetPort: 12000
|
||||||
|
selector:
|
||||||
|
eventsource-name: gitea-update-webhook
|
||||||
|
sessionAffinity: None
|
||||||
|
type: ClusterIP
|
||||||
|
---
|
||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: EventBus
|
||||||
|
metadata:
|
||||||
|
name: default
|
||||||
|
namespace: gitea
|
||||||
|
spec:
|
||||||
|
jetstream:
|
||||||
|
version: latest
|
||||||
|
replicas: 3
|
||||||
|
persistence:
|
||||||
|
storageClassName: nvme
|
||||||
|
accessMode: ReadWriteOnce
|
||||||
|
volumeSize: 10Gi
|
||||||
|
streamConfig: |
|
||||||
|
maxAge: 24h
|
||||||
|
settings: |
|
||||||
|
max_file_store: 1GB # see default values in argo-events-controller-config
|
||||||
|
startArgs:
|
||||||
|
- "-D" # debug-level logs
|
||||||
|
---
|
||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: EventSource
|
||||||
|
metadata:
|
||||||
|
name: gitea-update-webhook
|
||||||
|
namespace: gitea
|
||||||
|
spec:
|
||||||
|
webhook:
|
||||||
|
gitea-update:
|
||||||
|
port: "12000"
|
||||||
|
endpoint: /gitea-update
|
||||||
|
method: POST
|
||||||
|
authSecret:
|
||||||
|
name: gitea-update-webhook-token
|
||||||
|
key: token
|
||||||
|
---
|
||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Sensor
|
||||||
|
metadata:
|
||||||
|
name: gitea-update-webhook-sensor
|
||||||
|
namespace: gitea
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
serviceAccountName: gitea-update-webhook-sensor-sa
|
||||||
|
dependencies:
|
||||||
|
- name: gitea-update-webhook-received
|
||||||
|
eventSourceName: gitea-update-webhook
|
||||||
|
eventName: gitea-update
|
||||||
|
triggers:
|
||||||
|
- template:
|
||||||
|
name: webhook-job-trigger
|
||||||
|
k8s:
|
||||||
|
operation: create
|
||||||
|
source:
|
||||||
|
resource:
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
generateName: gitea-update-webhook-received-
|
||||||
|
spec:
|
||||||
|
ttlSecondsAfterFinished: 30
|
||||||
|
template:
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: echo-contents
|
||||||
|
args:
|
||||||
|
- "nodatareceived"
|
||||||
|
command:
|
||||||
|
- echo
|
||||||
|
image: "bash:latest"
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
backoffLimit: 2
|
||||||
|
parameters:
|
||||||
|
- src:
|
||||||
|
dependencyName: gitea-update-webhook-received
|
||||||
|
dest: spec.template.spec.containers.0.args.0
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ServiceAccount
|
||||||
|
metadata:
|
||||||
|
name: gitea-update-webhook-sensor-sa
|
||||||
|
namespace: gitea
|
||||||
|
---
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: Role
|
||||||
|
metadata:
|
||||||
|
namespace: gitea
|
||||||
|
name: gitea-update-webhook-sensor-k8s-resource-creator-role
|
||||||
|
rules:
|
||||||
|
- apiGroups: ["*"]
|
||||||
|
resources:
|
||||||
|
- "*"
|
||||||
|
verbs:
|
||||||
|
- "*"
|
||||||
|
---
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: RoleBinding
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: gitea-update-webhook-sensor-resource-creator-rolebinding
|
||||||
|
namespace: gitea
|
||||||
|
roleRef:
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
kind: Role
|
||||||
|
name: gitea-update-webhook-sensor-k8s-resource-creator-role
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: gitea-update-webhook-sensor-sa
|
||||||
|
namespace: gitea
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: gitea-update-webhook-sensor-sa
|
||||||
|
namespace: gitea
|
||||||
|
annotations:
|
||||||
|
kubernetes.io/service-account.name: gitea-update-webhook-sensor-sa
|
||||||
|
type: kubernetes.io/service-account-token
|
Loading…
Reference in New Issue
Block a user