mirror of
https://github.com/tektoncd/catalog.git
synced 2024-10-18 02:19:26 +00:00
Make github-open-pr fail if HTTP POST was unsuccessful
This commit is contained in:
parent
a6e8e8f880
commit
dc81350f1b
123
task/github-open-pr/0.2/README.md
Normal file
123
task/github-open-pr/0.2/README.md
Normal file
@ -0,0 +1,123 @@
|
||||
# GitHub Open Pull Request
|
||||
|
||||
GitHub Open Pull Request is part of a collection of GitHub tasks to help working
|
||||
with the [GitHub API](https://docs.github.com/en/rest/reference).
|
||||
|
||||
## GitHub token
|
||||
|
||||
This task expects a secret set in the kubernetes secret `github`
|
||||
with a GitHub token in the key `token`; you can easily create it on the
|
||||
command line with `kubectl` like this :
|
||||
|
||||
```
|
||||
kubectl create secret generic github --from-literal token="MY_TOKEN"
|
||||
```
|
||||
|
||||
## Open Pull Request
|
||||
|
||||
The `github-open-pr` task uses the [pull request api](https://docs.github.com/en/rest/reference/pulls#create-a-pull-request)
|
||||
to open pull requests on Github. It is able to fill in a title and body of the pull request.
|
||||
|
||||
|
||||
### Install the Task
|
||||
|
||||
```
|
||||
kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/main/task/github-open-pr/0.2/github-open-pr.yaml
|
||||
```
|
||||
|
||||
### Parameters
|
||||
|
||||
* **GITHUB_HOST_URL**: The GitHub host domain _default:_ `api.github.com`
|
||||
* **REPO_FULL_NAME**: The GitHub repository full name, _e.g:_ `tektoncd/catalog`
|
||||
* **API_PATH_PREFIX**: The GitHub Enterprise has a prefix for the API path. _e.g:_ `/api/v3`
|
||||
* **HEAD**: The name of the branch where your changes are implemented. _e.g.: `new-feature-i-created`
|
||||
* **BASE**: The name of the branch you want the changes pulled into. _e.g.: `develop`
|
||||
* **BODY**: The body description of the pull request. _e.g.: `The following PR includes these changes...`
|
||||
* **TITLE**: The title of the pull request. _e.g.: `Feature X`
|
||||
* **AUTH_TYPE**: The type of authentication to use. You could use the less secure "Basic"
|
||||
for example. See https://docs.github.com/en/rest/overview/other-authentication-methods for more information.
|
||||
* **GITHUB_TOKEN_SECRET_NAME** \[optional\]: The name of the kubernetes secret that
|
||||
contains the GitHub token. Default value: `github`
|
||||
* **GITHUB_TOKEN_SECRET_KEY** \[optional\]: The key within the kubernetes secret that
|
||||
contains the GitHub token. Default value: `token`
|
||||
|
||||
### Results
|
||||
|
||||
- **NUMBER**: Number of the created pull request.
|
||||
- **URL**: URL of the created pull request.
|
||||
|
||||
### Platforms
|
||||
|
||||
The Task can be run on `linux/amd64`, `linux/s390x` and `linux/ppc64le` platforms.
|
||||
|
||||
## Usage for Bearer authentication
|
||||
|
||||
This TaskRun opens a pull request on GitHub.
|
||||
|
||||
```yaml
|
||||
---
|
||||
apiVersion: tekton.dev/v1beta1
|
||||
kind: TaskRun
|
||||
metadata:
|
||||
name: github-open-pr-from-develop-to-main
|
||||
labels:
|
||||
tekton.dev/task: github-open-pr
|
||||
spec:
|
||||
taskRef:
|
||||
kind: Task
|
||||
name: github-open-pr
|
||||
params:
|
||||
- name: REPO_FULL_NAME
|
||||
value: tektoncd/catalog
|
||||
- name: HEAD
|
||||
value: develop
|
||||
- name: BASE
|
||||
value: main
|
||||
- name: TITLE
|
||||
value: "Feature X"
|
||||
- name: BODY
|
||||
value: "Includes the following changes"
|
||||
```
|
||||
|
||||
## Usage for Basic authentication
|
||||
|
||||
Make sure the token is fabricated by base64 encoding the username and password with a semicolon in between.
|
||||
Example shell script to use:
|
||||
|
||||
```bash
|
||||
#!/bin/bash
|
||||
echo "${1}:${2}" | base64
|
||||
```
|
||||
|
||||
Calling this script like this `./script.sh githubuser reallyinsecurepassword` would result in `Z2l0aHVidXNlcjpyZWFsbHlpbnNlY3VyZXBhc3N3b3JkCg==`.
|
||||
|
||||
Place the result in a secret in the way as the token-based authenticaton.
|
||||
|
||||
The following TaskRun shows the usage of Basic authentication. Adding the `AUTH_TYPE` parameter.
|
||||
|
||||
```yaml
|
||||
---
|
||||
apiVersion: tekton.dev/v1beta1
|
||||
kind: TaskRun
|
||||
metadata:
|
||||
generateName: github-open-pr-from-develop-to-main
|
||||
labels:
|
||||
tekton.dev/task: github-open-pr
|
||||
spec:
|
||||
taskRef:
|
||||
kind: Task
|
||||
name: github-open-pr
|
||||
params:
|
||||
- name: REPO_FULL_NAME
|
||||
value: tektoncd/catalog
|
||||
- name: HEAD
|
||||
value: develop
|
||||
- name: BASE
|
||||
value: main
|
||||
- name: TITLE
|
||||
value: "Feature X"
|
||||
- name: BODY
|
||||
value: "Includes the following changes"
|
||||
- name: AUTH_TYPE
|
||||
value: Basic
|
||||
```
|
154
task/github-open-pr/0.2/github-open-pr.yaml
Normal file
154
task/github-open-pr/0.2/github-open-pr.yaml
Normal file
@ -0,0 +1,154 @@
|
||||
---
|
||||
apiVersion: tekton.dev/v1beta1
|
||||
kind: Task
|
||||
metadata:
|
||||
name: github-open-pr
|
||||
labels:
|
||||
app.kubernetes.io/version: "0.2"
|
||||
annotations:
|
||||
tekton.dev/categories: Git
|
||||
tekton.dev/pipelines.minVersion: "0.12.1"
|
||||
tekton.dev/tags: github
|
||||
tekton.dev/displayName: "open github pull request"
|
||||
tekton.dev/platforms: "linux/amd64,linux/s390x,linux/ppc64le"
|
||||
spec:
|
||||
description: >-
|
||||
This task will open a PR on Github based on several parameters.
|
||||
This could be useful in GitOps repositories for example.
|
||||
|
||||
params:
|
||||
- name: GITHUB_HOST_URL
|
||||
description: |
|
||||
The GitHub host, adjust this if you run a GitHub enteprise.
|
||||
default: "api.github.com"
|
||||
type: string
|
||||
|
||||
- name: API_PATH_PREFIX
|
||||
description: |
|
||||
The API path prefix, GitHub Enterprise has a prefix e.g. /api/v3
|
||||
default: ""
|
||||
type: string
|
||||
|
||||
- name: REPO_FULL_NAME
|
||||
description: |
|
||||
The GitHub repository full name, e.g.: tektoncd/catalog
|
||||
type: string
|
||||
|
||||
- name: GITHUB_TOKEN_SECRET_NAME
|
||||
description: |
|
||||
The name of the kubernetes secret that contains the GitHub token, default: github
|
||||
type: string
|
||||
default: github
|
||||
|
||||
- name: GITHUB_TOKEN_SECRET_KEY
|
||||
description: |
|
||||
The key within the kubernetes secret that contains the GitHub token, default: token
|
||||
type: string
|
||||
default: token
|
||||
|
||||
- name: AUTH_TYPE
|
||||
description: |
|
||||
The type of authentication to use. You could use the less secure "Basic" for example
|
||||
type: string
|
||||
default: Bearer
|
||||
|
||||
- name: HEAD
|
||||
description: |
|
||||
The name of the branch where your changes are implemented.
|
||||
type: string
|
||||
|
||||
- name: BASE
|
||||
description: |
|
||||
The name of the branch you want the changes pulled into.
|
||||
type: string
|
||||
|
||||
- name: BODY
|
||||
description: |
|
||||
The body description of the pull request.
|
||||
type: string
|
||||
|
||||
- name: TITLE
|
||||
description: |
|
||||
The title of the pull request.
|
||||
type: string
|
||||
|
||||
results:
|
||||
- name: NUMBER
|
||||
description: Number of the created pull request.
|
||||
|
||||
- name: URL
|
||||
description: URL of the created pull request.
|
||||
|
||||
volumes:
|
||||
- name: githubtoken
|
||||
secret:
|
||||
secretName: $(params.GITHUB_TOKEN_SECRET_NAME)
|
||||
|
||||
steps:
|
||||
- name: open-pr
|
||||
volumeMounts:
|
||||
- name: githubtoken
|
||||
readOnly: true
|
||||
mountPath: /etc/github-open-pr
|
||||
env:
|
||||
- name: PULLREQUEST_NUMBER_PATH
|
||||
value: $(results.NUMBER.path)
|
||||
- name: PULLREQUEST_URL_PATH
|
||||
value: $(results.URL.path)
|
||||
|
||||
image: registry.access.redhat.com/ubi8/python-38:1-34.1599745032
|
||||
script: |
|
||||
#!/usr/libexec/platform-python
|
||||
|
||||
"""This script will open a PR on Github"""
|
||||
|
||||
import json
|
||||
import os
|
||||
import sys
|
||||
import http.client
|
||||
|
||||
github_token = open("/etc/github-open-pr/$(params.GITHUB_TOKEN_SECRET_KEY)", "r").read()
|
||||
|
||||
open_pr_url = "$(params.API_PATH_PREFIX)" + "/repos/$(params.REPO_FULL_NAME)/pulls"
|
||||
|
||||
data = {
|
||||
"head": "$(params.HEAD)",
|
||||
"base": "$(params.BASE)",
|
||||
"title": "$(params.TITLE)",
|
||||
"body": "$(params.BODY)"
|
||||
}
|
||||
print("Sending this data to GitHub: ")
|
||||
print(data)
|
||||
|
||||
authHeader = "$(params.AUTH_TYPE) " + github_token
|
||||
|
||||
# This is for our fake github server
|
||||
if "$(params.GITHUB_HOST_URL)".startswith("http://"):
|
||||
conn = http.client.HTTPConnection("$(params.GITHUB_HOST_URL)"
|
||||
.replace("http://", ""))
|
||||
else:
|
||||
conn = http.client.HTTPSConnection("$(params.GITHUB_HOST_URL)")
|
||||
|
||||
conn.request(
|
||||
"POST",
|
||||
open_pr_url,
|
||||
body=json.dumps(data),
|
||||
headers={
|
||||
"User-Agent": "TektonCD, the peaceful cat",
|
||||
"Authorization": authHeader,
|
||||
"Accept": "application/vnd.github.v3+json ",
|
||||
})
|
||||
resp = conn.getresponse()
|
||||
if not str(resp.status).startswith("2"):
|
||||
print("Error: %d" % (resp.status))
|
||||
print(resp.read())
|
||||
sys.exit(1)
|
||||
else:
|
||||
# https://docs.github.com/en/rest/reference/pulls#create-a-pull-request
|
||||
body = json.loads(resp.read().decode())
|
||||
|
||||
open(os.environ.get('PULLREQUEST_NUMBER_PATH'), 'w').write(f'{body["number"]}')
|
||||
open(os.environ.get('PULLREQUEST_URL_PATH'), 'w').write(body["html_url"])
|
||||
|
||||
print("GitHub pull request created for $(params.REPO_FULL_NAME): "
|
||||
f'number={body["number"]} url={body["html_url"]}')
|
24
task/github-open-pr/0.2/tests/fixtures/github-open-pr.yaml
vendored
Normal file
24
task/github-open-pr/0.2/tests/fixtures/github-open-pr.yaml
vendored
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
headers:
|
||||
method: POST
|
||||
path: /repos/{repo:[^/]+/[^/]+}/pulls
|
||||
response:
|
||||
status: 201
|
||||
output: |
|
||||
{
|
||||
"html_url": "https://github.com/octocat/Hello-World/pull/1347",
|
||||
"number": 1
|
||||
}
|
||||
content-type: application/json
|
||||
---
|
||||
headers:
|
||||
method: POST
|
||||
path: /api/v3/repos/{repo:[^/]+/[^/]+}/pulls
|
||||
response:
|
||||
status: 201
|
||||
output: |
|
||||
{
|
||||
"html_url": "https://github.com/octocat/Hello-World/pull/1347",
|
||||
"number": 1
|
||||
}
|
||||
content-type: application/json
|
3
task/github-open-pr/0.2/tests/pre-apply-task-hook.sh
Normal file
3
task/github-open-pr/0.2/tests/pre-apply-task-hook.sh
Normal file
@ -0,0 +1,3 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
kubectl -n ${tns} create secret generic github --from-literal token="secret"
|
41
task/github-open-pr/0.2/tests/run.yaml
Normal file
41
task/github-open-pr/0.2/tests/run.yaml
Normal file
@ -0,0 +1,41 @@
|
||||
apiVersion: tekton.dev/v1beta1
|
||||
kind: PipelineRun
|
||||
metadata:
|
||||
name: github-open-pr
|
||||
spec:
|
||||
pipelineSpec:
|
||||
tasks:
|
||||
- name: github
|
||||
taskRef:
|
||||
name: github-open-pr
|
||||
params:
|
||||
- name: GITHUB_HOST_URL
|
||||
value: http://localhost:8080
|
||||
- name: REPO_FULL_NAME
|
||||
value: tektoncd/catalog
|
||||
- name: HEAD
|
||||
value: develop
|
||||
- name: BASE
|
||||
value: main
|
||||
- name: TITLE
|
||||
value: "title"
|
||||
- name: BODY
|
||||
value: "body"
|
||||
- name: github-enterprise
|
||||
taskRef:
|
||||
name: github-open-pr
|
||||
params:
|
||||
- name: GITHUB_HOST_URL
|
||||
value: http://localhost:8080
|
||||
- name: API_PATH_PREFIX
|
||||
value: /api/v3
|
||||
- name: REPO_FULL_NAME
|
||||
value: tektoncd/catalog
|
||||
- name: HEAD
|
||||
value: develop
|
||||
- name: BASE
|
||||
value: main
|
||||
- name: TITLE
|
||||
value: "title"
|
||||
- name: BODY
|
||||
value: "body"
|
Loading…
Reference in New Issue
Block a user