Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create webhook automatically when creating Repo/Org/Enterprise CR #235

Open
Fabiosilvero opened this issue Feb 3, 2025 · 2 comments
Open

Create webhook automatically when creating Repo/Org/Enterprise CR #235

Fabiosilvero opened this issue Feb 3, 2025 · 2 comments

Comments

@Fabiosilvero
Copy link

Fabiosilvero commented Feb 3, 2025
edited
Loading

What is the feature you would like to have?

Hello,

First of all, thank you for your operator, it is awesome :)

Is it possible to make the webhook install from CR instead of doing it from Github ?

It is possible with garm-cli :

/home/user/bin/garm-cli repository add \
    --name github-actions \
    --owner The_Org \
    --credentials github-pat \
    --install-webhook \
    --pool-balancer-type roundrobin \
    --random-webhook-secret

But with manifests like that, it doesn't seem to install it :

---
apiVersion: v1
kind: Secret
metadata:
  name: webhook-secret
  namespace: garm-operator-system
data:
  webhookSecret: <base64>
---
apiVersion: garm-operator.mercedes-benz.com/v1beta1
kind: GarmServerConfig
metadata:
  name: garm-server-config
  namespace: garm-operator-system
spec:
  callbackUrl: https://stg-garm.my.dns.zone/api/v1/callbacks
  metadataUrl: https://stg-garm.my.dns.zone//api/v1/metadata
  webhookUrl: https://stg-garm.my.dns.zone//webhooks
---
apiVersion: garm-operator.mercedes-benz.com/v1beta1
kind: GitHubEndpoint
metadata:
  name: my-ghes
  namespace: garm-operator-system
spec:
  description: "My GHES"
  apiBaseUrl: "https://github.my.dns.zone/api/v3"
  uploadBaseUrl: "https://github.my.dns.zone/api/uploads"
  baseUrl: "https://github.my.dns.zone"
---
apiVersion: garm-operator.mercedes-benz.com/v1beta1
kind: GitHubCredential
metadata:
  name: github-pat
  namespace: garm-operator-system
spec:
  description: credentials for mercedes-benz github
  endpointRef:
    apiGroup: garm-operator.mercedes-benz.com
    kind: GitHubEndpoint
    name: my-ghes
  authType: pat
  secretRef:
    name: github-pat
    key: token
---
apiVersion: v1
kind: Secret
metadata:
  name: github-pat
  namespace: garm-operator-system
data:
  token: <base64>
---
apiVersion: garm-operator.mercedes-benz.com/v1beta1
kind: Repository
metadata:
  name: github-actions
spec:
  webhookSecretRef:
    key: "webhookSecret"
    name: "webhook-secret"
  credentialsRef:
    apiGroup: garm-operator.mercedes-benz.com
    kind: GitHubCredentials
    name: github-pat
  owner: "The_Org"
---
apiVersion: garm-operator.mercedes-benz.com/v1beta1
kind: Image
metadata:
  labels:
    app.kubernetes.io/name: image
    app.kubernetes.io/instance: image-sample
    app.kubernetes.io/part-of: garm-operator
  name: runner-default
  namespace: garm-operator-system
spec:
  tag: "<GCP_Self_Link_Image>"
---
apiVersion: garm-operator.mercedes-benz.com/v1beta1
kind: Pool
metadata:
  labels:
    app.kubernetes.io/instance: pool-sample
    app.kubernetes.io/name: pool
    app.kubernetes.io/part-of: garm-operator
  name: gcp-test-pool
  namespace: garm-operator-system
spec:
  githubScopeRef:
    apiGroup: garm-operator.mercedes-benz.com
    kind: Repository
    name: github-actions
  enabled: true
  extraSpecs: '{}'
  flavor: e2-standard-2
  githubRunnerGroup: ""
  imageName: runner-default
  maxRunners: 10
  minIdleRunners: 2
  osArch: amd64
  osType: linux
  providerName: gcp
  runnerBootstrapTimeout: 600
  runnerPrefix: ""
  tags:
    - poc-garm

Reading this line I guess it is a current limitation ? Or did I miss something ?

A mockup would be :

---
apiVersion: garm-operator.mercedes-benz.com/v1beta1
kind: Repository
metadata:
  name: github-actions
spec:
  webhookAutoCreate: true   <---------
  webhookSecretRef:
    key: "webhookSecret"
    name: "webhook-secret"
  credentialsRef:
    apiGroup: garm-operator.mercedes-benz.com
    kind: GitHubCredentials
    name: github-pat
  owner: "The_Org"

Thanks,

Anything else you would like to add?

No response
@bavarianbidi
Copy link
Member

Hey @Fabiosilvero thanks for raising this issue.

You're totally right, atm it's just not implemented and we've sometimes spoke about that feature internally.
From a technical point of view, garm is able to create webhooks on a repository or organization level. For enterprises it's not implemented (because there is no Github-API for creating webhooks on enterprise level).

I rather think about creating a own CRD for the webhooks and do a reference in the corresponding repository or organization CR instead of integrating it into the CR itself.

Are you open to implement that feature or should we take care of it?

@Fabiosilvero
Copy link
Author

Fabiosilvero commented Feb 4, 2025
edited
Loading

Unfortunately I can't dev even if my life depended on it :/ But if you need testing the feature before release, I would gladly doing it :)

I rather think about creating a own CRD for the webhooks and do a reference in the corresponding repository or organization CR instead of integrating it into the CR itself.

Yes, it was inherited from garm-cli way of working but I can understand the operator won't work that way. As long as the webhook gets created, I think this is neat :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bavarianbidi @Fabiosilvero