mirror/catalog
1
0
Fork 0
mirror of https://github.com/tektoncd/catalog.git synced 2024-10-18 02:19:26 +00:00
Code Issues Releases Activity

Make github-open-pr fail if HTTP POST was unsuccessful

Browse Source
This commit is contained in:
Frerik Andriessen 2021-09-28 07:15:47 +02:00 committed by tekton-robot
parent a6e8e8f880
commit dc81350f1b
5 changed files with 345 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

123
task/github-open-pr/0.2/README.md Normal file
View File

@ -0,0 +1,123 @@
# GitHub Open Pull Request
GitHub Open Pull Request is part of a collection of GitHub tasks to help working
with the [GitHub API](https://docs.github.com/en/rest/reference).
## GitHub token
This task expects a secret set in the kubernetes secret `github`
with a GitHub token in the key `token`; you can easily create it on the
command line with `kubectl` like this :
```
kubectl create secret generic github --from-literal token="MY_TOKEN"
```
## Open Pull Request
The `github-open-pr` task uses the [pull request api](https://docs.github.com/en/rest/reference/pulls#create-a-pull-request)
to open pull requests on Github. It is able to fill in a title and body of the pull request.
### Install the Task
```
kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/main/task/github-open-pr/0.2/github-open-pr.yaml
```
### Parameters
* **GITHUB_HOST_URL**: The GitHub host domain _default:_ `api.github.com`
* **REPO_FULL_NAME**: The GitHub repository full name, _e.g:_ `tektoncd/catalog`
* **API_PATH_PREFIX**: The GitHub Enterprise has a prefix for the API path. _e.g:_ `/api/v3`
* **HEAD**: The name of the branch where your changes are implemented. _e.g.: `new-feature-i-created`
* **BASE**: The name of the branch you want the changes pulled into. _e.g.: `develop`
* **BODY**: The body description of the pull request. _e.g.: `The following PR includes these changes...`
* **TITLE**: The title of the pull request. _e.g.: `Feature X`
* **AUTH_TYPE**: The type of authentication to use. You could use the less secure "Basic"
for example. See https://docs.github.com/en/rest/overview/other-authentication-methods for more information.
* **GITHUB_TOKEN_SECRET_NAME** \[optional\]: The name of the kubernetes secret that
contains the GitHub token. Default value: `github`
* **GITHUB_TOKEN_SECRET_KEY** \[optional\]: The key within the kubernetes secret that
contains the GitHub token. Default value: `token`
### Results
- **NUMBER**: Number of the created pull request.
- **URL**: URL of the created pull request.
### Platforms
The Task can be run on `linux/amd64`, `linux/s390x` and `linux/ppc64le` platforms.
## Usage for Bearer authentication
This TaskRun opens a pull request on GitHub.
```yaml
---
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
name: github-open-pr-from-develop-to-main
labels:
tekton.dev/task: github-open-pr
spec:
taskRef:
kind: Task
name: github-open-pr
params:
- name: REPO_FULL_NAME
value: tektoncd/catalog
- name: HEAD
value: develop
- name: BASE
value: main
- name: TITLE
value: "Feature X"
- name: BODY
value: "Includes the following changes"
```
## Usage for Basic authentication
Make sure the token is fabricated by base64 encoding the username and password with a semicolon in between.
Example shell script to use:
```bash
#!/bin/bash
echo "${1}:${2}" | base64
```
Calling this script like this `./script.sh githubuser reallyinsecurepassword` would result in `Z2l0aHVidXNlcjpyZWFsbHlpbnNlY3VyZXBhc3N3b3JkCg==`.
Place the result in a secret in the way as the token-based authenticaton.
The following TaskRun shows the usage of Basic authentication. Adding the `AUTH_TYPE` parameter.
```yaml
---
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
generateName: github-open-pr-from-develop-to-main
labels:
tekton.dev/task: github-open-pr
spec:
taskRef:
kind: Task
name: github-open-pr
params:
- name: REPO_FULL_NAME
value: tektoncd/catalog
- name: HEAD
value: develop
- name: BASE
value: main
- name: TITLE
value: "Feature X"
- name: BODY
value: "Includes the following changes"
- name: AUTH_TYPE
value: Basic
```

154
task/github-open-pr/0.2/github-open-pr.yaml Normal file
View File

@ -0,0 +1,154 @@
---
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: github-open-pr
labels:
app.kubernetes.io/version: "0.2"
annotations:
tekton.dev/categories: Git
tekton.dev/pipelines.minVersion: "0.12.1"
tekton.dev/tags: github
tekton.dev/displayName: "open github pull request"
tekton.dev/platforms: "linux/amd64,linux/s390x,linux/ppc64le"
spec:
description: >-
This task will open a PR on Github based on several parameters.
This could be useful in GitOps repositories for example.
params:
- name: GITHUB_HOST_URL
description: |
The GitHub host, adjust this if you run a GitHub enteprise.
default: "api.github.com"
type: string
- name: API_PATH_PREFIX
description: |
The API path prefix, GitHub Enterprise has a prefix e.g. /api/v3
default: ""
type: string
- name: REPO_FULL_NAME
description: |
The GitHub repository full name, e.g.: tektoncd/catalog
type: string
- name: GITHUB_TOKEN_SECRET_NAME
description: |
The name of the kubernetes secret that contains the GitHub token, default: github
type: string
default: github
- name: GITHUB_TOKEN_SECRET_KEY
description: |
The key within the kubernetes secret that contains the GitHub token, default: token
type: string
default: token
- name: AUTH_TYPE
description: |
The type of authentication to use. You could use the less secure "Basic" for example
type: string
default: Bearer
- name: HEAD
description: |
The name of the branch where your changes are implemented.
type: string
- name: BASE
description: |
The name of the branch you want the changes pulled into.
type: string
- name: BODY
description: |
The body description of the pull request.
type: string
- name: TITLE
description: |
The title of the pull request.
type: string
results:
- name: NUMBER
description: Number of the created pull request.
- name: URL
description: URL of the created pull request.
volumes:
- name: githubtoken
secret:
secretName: $(params.GITHUB_TOKEN_SECRET_NAME)
steps:
- name: open-pr
volumeMounts:
- name: githubtoken
readOnly: true
mountPath: /etc/github-open-pr
env:
- name: PULLREQUEST_NUMBER_PATH
value: $(results.NUMBER.path)
- name: PULLREQUEST_URL_PATH
value: $(results.URL.path)
image: registry.access.redhat.com/ubi8/python-38:1-34.1599745032
script: |
#!/usr/libexec/platform-python
"""This script will open a PR on Github"""
import json
import os
import sys
import http.client
github_token = open("/etc/github-open-pr/$(params.GITHUB_TOKEN_SECRET_KEY)", "r").read()
open_pr_url = "$(params.API_PATH_PREFIX)" + "/repos/$(params.REPO_FULL_NAME)/pulls"
data = {
"head": "$(params.HEAD)",
"base": "$(params.BASE)",
"title": "$(params.TITLE)",
"body": "$(params.BODY)"
}
print("Sending this data to GitHub: ")
print(data)
authHeader = "$(params.AUTH_TYPE) " + github_token
# This is for our fake github server
if "$(params.GITHUB_HOST_URL)".startswith("http://"):
conn = http.client.HTTPConnection("$(params.GITHUB_HOST_URL)"
.replace("http://", ""))
else:
conn = http.client.HTTPSConnection("$(params.GITHUB_HOST_URL)")
conn.request(
"POST",
open_pr_url,
body=json.dumps(data),
headers={
"User-Agent": "TektonCD, the peaceful cat",
"Authorization": authHeader,
"Accept": "application/vnd.github.v3+json ",
})
resp = conn.getresponse()
if not str(resp.status).startswith("2"):
print("Error: %d" % (resp.status))
print(resp.read())
sys.exit(1)
else:
# https://docs.github.com/en/rest/reference/pulls#create-a-pull-request
body = json.loads(resp.read().decode())
open(os.environ.get('PULLREQUEST_NUMBER_PATH'), 'w').write(f'{body["number"]}')
open(os.environ.get('PULLREQUEST_URL_PATH'), 'w').write(body["html_url"])
print("GitHub pull request created for $(params.REPO_FULL_NAME): "
f'number={body["number"]} url={body["html_url"]}')

24
task/github-open-pr/0.2/tests/fixtures/github-open-pr.yaml vendored Normal file
View File

@ -0,0 +1,24 @@
---
headers:
method: POST
path: /repos/{repo:[^/]+/[^/]+}/pulls
response:
status: 201
output: |
{
"html_url": "https://github.com/octocat/Hello-World/pull/1347",
"number": 1
}
content-type: application/json
---
headers:
method: POST
path: /api/v3/repos/{repo:[^/]+/[^/]+}/pulls
response:
status: 201
output: |
{
"html_url": "https://github.com/octocat/Hello-World/pull/1347",
"number": 1
}
content-type: application/json

3
task/github-open-pr/0.2/tests/pre-apply-task-hook.sh Normal file
View File

@ -0,0 +1,3 @@
#!/usr/bin/env bash
kubectl -n ${tns} create secret generic github --from-literal token="secret"

41
task/github-open-pr/0.2/tests/run.yaml Normal file
View File

@ -0,0 +1,41 @@
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: github-open-pr
spec:
pipelineSpec:
tasks:
- name: github
taskRef:
name: github-open-pr
params:
- name: GITHUB_HOST_URL
value: http://localhost:8080
- name: REPO_FULL_NAME
value: tektoncd/catalog
- name: HEAD
value: develop
- name: BASE
value: main
- name: TITLE
value: "title"
- name: BODY
value: "body"
- name: github-enterprise
taskRef:
name: github-open-pr
params:
- name: GITHUB_HOST_URL
value: http://localhost:8080
- name: API_PATH_PREFIX
value: /api/v3
- name: REPO_FULL_NAME
value: tektoncd/catalog
- name: HEAD
value: develop
- name: BASE
value: main
- name: TITLE
value: "title"
- name: BODY
value: "body"