Trigger Spinnaker pipelines from GitHub Actions
With the growing populatity of GitHub Actions, most of the enterprises especially the ones whose git repositories are already hosted on GitHub, are moving away from conventional CI tools such as Jenkins, TeamCity or Travis to GitHub Actions.
GitHub Actions help us create advanced pipelines without losing the focus on simplicity.
Spinnaker although can trigger a pipeline based on a webhook, visualizing a Spinnaker pipeline as part of the GitHub pipeline is essential at times. In this blog, let’s have a look at how we can use GitHub action and trigger the Spinnaker pipeline.
Limitation: It works with Spinnaker that has basic authentication set up such as LDAP. It doesn’t work when OAuth2 or SAML or any other authentication is enabled in Spinnaker.
Spinnaker Configuration:
Create a webhook type trigger under Spinnaker configuration as shown in the below image.
<spinnaker_gate_url>/webhooks/webhook/action is the url that should be used to invoke the webhook. This is the url that will be used later in the github action via secrets.
GitHub Action:
In your github repository create a file under specified path(.github/workflows/spinnaker.yaml) and copy the below content.
# This action is meant for triggering Spinnaker pipeline from github
name: Trigger Spinnaker Pipeline# Controls when the action will run. Workflow runs when manually triggered using the UI or API.
on:
# Trigger the workflow on push,
# but only for the master branch
push:
branches: [ master ]# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
trigger_pipeline:
# The type of runner that the job will run on
runs-on: ubuntu-latest# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Trigger Spinnaker Pipeline
uses: distributhor/workflow-webhook@v2
env:
webhook_url: ${{ secrets.SPIN_GATE_URL }}/webhooks/webhook/action
webhook_secret: ${{ secrets.WEBHOOK_SECRET }}
data: '{ "repository": "${{github.event.repository.full_name}}", "commit_url": "${{github.event.repository.commits_url}}" }'
Above action requires a few inputs that need to be passed via secrets in that particular repository.
- SPIN_GATE_URL — — -> URL of Spinnaker gate
- WEBHOOK_SECRET — — -> The secret with which to generate the signature hash. Required argument for workflow-webhook@v2 action. Have got no significance at Spinnaker end.
Process to create secrets that can be used in a github repository:
- Navigate to settings column under the specific repository
2. Click on Secrets section
3. Click on New repository secret to create secrets that can be used across actions using {{ secrets.<SECRET> }}