GitLab-Source
1, 部署Gitlab
root@master02:/opt/knative-in-practise/eventing/gitlab/deploy# kubectl apply -f .
root@master02:/opt/knative-in-practise/eventing/gitlab/deploy# cat 01-namespace.yaml apiVersion: v1 kind: Namespace metadata: name: gitlab root@master02:/opt/knative-in-practise/eventing/gitlab/deploy# cat 02-redis.yaml --- kind: Service apiVersion: v1 metadata: name: gitlab-redis namespace: gitlab labels: app: gitlab-redis spec: type: ClusterIP ports: - name: redis protocol: TCP port: 6379 targetPort: redis selector: app: gitlab-redis --- kind: Deployment apiVersion: apps/v1 metadata: name: gitlab-redis namespace: gitlab labels: app: gitlab-redis spec: replicas: 1 selector: matchLabels: app: gitlab-redis template: metadata: name: gitlab-redis labels: app: gitlab-redis spec: containers: - name: gitlab-redis image: 'sameersbn/redis:4.0.9-3' ports: - name: redis containerPort: 6379 protocol: TCP resources: limits: cpu: 500m memory: 1Gi requests: cpu: 200m memory: 1Gi livenessProbe: exec: command: - redis-cli - ping initialDelaySeconds: 5 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 readinessProbe: exec: command: - redis-cli - ping initialDelaySeconds: 5 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 --- root@master02:/opt/knative-in-practise/eventing/gitlab/deploy# cat 03-secret.yaml apiVersion: v1 kind: Secret metadata: name: gitlab namespace: gitlab data: db_pass: bWFnZWR1LmNvbQ== db_user: Z2l0bGFi gitlab_root_pass: bWFnZWR1LmNvbQ== # root pass: magedu.com gitlab_secrets_db_key_base: bE92U1NTcHMwSDJVU2tBTS9VajhZVUZMRjhPS25xUGhwTG5ocG41N0drTQ== gitlab_secrets_otp_key_base: aVZ6Z01OUFoybjFKRk1US1ltUUVUS3lYL3VpbWpKaDBMeVhFemlmTmhVNA== gitlab_secrets_secret_key_base: VFVFNWk3SW1wT0lQSzN6cnZCTnFUU09UWjI3ZjRkTm56cVNXejF6eW5BWQ== type: Opaque root@master02:/opt/knative-in-practise/eventing/gitlab/deploy# cat 04-postgresql.yaml --- ## Service kind: Service apiVersion: v1 metadata: name: gitlab-postgresql namespace: gitlab labels: app: gitlab-postgresql spec: ports: - name: postgres protocol: TCP port: 5432 targetPort: postgres selector: app: postgresql type: ClusterIP --- ## Deployment kind: Deployment apiVersion: apps/v1 metadata: name: gitlab-pgsql namespace: gitlab labels: app: postgresql spec: replicas: 1 selector: matchLabels: app: postgresql template: metadata: name: postgresql labels: app: postgresql spec: containers: - name: postgresql image: sameersbn/postgresql:12-20200524 ports: - name: postgres containerPort: 5432 env: - name: DB_USER valueFrom: secretKeyRef: name: gitlab key: db_user - name: DB_PASS valueFrom: secretKeyRef: name: gitlab key: db_pass - name: DB_NAME value: gitlabhq_production - name: DB_EXTENSION value: 'pg_trgm,btree_gist' resources: requests: cpu: 200m memory: 256Mi limits: cpu: 2 memory: 2Gi livenessProbe: exec: command: ["pg_isready","-h","localhost","-U","postgres"] initialDelaySeconds: 30 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 readinessProbe: exec: command: ["pg_isready","-h","localhost","-U","postgres"] initialDelaySeconds: 5 timeoutSeconds: 1 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 root@master02:/opt/knative-in-practise/eventing/gitlab/deploy# cat 05-gitlab.yaml --- ## Service kind: Service apiVersion: v1 metadata: name: gitlab namespace: gitlab labels: app: gitlab spec: ports: - name: http protocol: TCP port: 31080 targetPort: 80 - name: ssh protocol: TCP port: 31022 targetPort: 22 selector: app: gitlab type: LoadBalancer externalTrafficPolicy: Cluster --- ## Service kind: Service apiVersion: v1 metadata: name: code namespace: gitlab labels: app: gitlab spec: ports: - name: http protocol: TCP port: 80 targetPort: 80 - name: ssh protocol: TCP port: 22 targetPort: 22 selector: app: gitlab --- kind: Deployment apiVersion: apps/v1 metadata: name: gitlab namespace: gitlab labels: app: gitlab spec: replicas: 1 selector: matchLabels: app: gitlab template: metadata: name: gitlab labels: app: gitlab spec: containers: - name: gitlab image: 'sameersbn/gitlab:14.7.2' ports: - name: ssh containerPort: 22 - name: http containerPort: 80 - name: https containerPort: 443 env: - name: GITLAB_TIMEZONE value: Asia/Shanghai - name: GITLAB_SECRETS_OTP_KEY_BASE # Be used to encrypt 2FA secrets in the database. "long-and-random-alpha-numeric-string" valueFrom: secretKeyRef: name: gitlab key: gitlab_secrets_otp_key_base - name: GITLAB_SECRETS_DB_KEY_BASE # Be used to encrypt CI secret variables, as well as import credentials, in the database. valueFrom: secretKeyRef: name: gitlab key: gitlab_secrets_db_key_base - name: GITLAB_SECRETS_SECRET_KEY_BASE # Be used for password reset links, and other 'standard' auth features. valueFrom: secretKeyRef: name: gitlab key: gitlab_secrets_secret_key_base - name: GITLAB_ROOT_PASSWORD valueFrom: secretKeyRef: name: gitlab key: gitlab_root_pass - name: GITLAB_ROOT_EMAIL value: mage@magedu.com - name: GITLAB_HOST value: 'localhost' - name: GITLAB_PORT value: '80' - name: GITLAB_SSH_PORT value: '22' - name: GITLAB_NOTIFY_ON_BROKEN_BUILDS value: 'true' - name: GITLAB_NOTIFY_PUSHER value: 'false' - name: DB_TYPE value: postgres - name: DB_HOST value: gitlab-postgresql - name: DB_PORT value: '5432' - name: DB_USER valueFrom: secretKeyRef: name: gitlab key: db_user - name: DB_PASS valueFrom: secretKeyRef: name: gitlab key: db_pass - name: DB_NAME value: gitlabhq_production - name: REDIS_HOST value: gitlab-redis - name: REDIS_PORT value: '6379' resources: requests: cpu: 1 memory: 1Gi limits: cpu: 2 memory: 8Gi livenessProbe: httpGet: path: / port: 80 scheme: HTTP initialDelaySeconds: 300 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 readinessProbe: httpGet: path: / port: 80 scheme: HTTP initialDelaySeconds: 5 timeoutSeconds: 30 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 volumeMounts: - name: localtime mountPath: /etc/localtime volumes: - name: localtime hostPath: path: /etc/localtime root@master02:/opt/knative-in-practise/eventing/gitlab/deploy# cat 06-virtualservice-gitlab.yaml --- apiVersion: networking.istio.io/v1beta1 kind: DestinationRule metadata: name: gitlab namespace: gitlab spec: host: gitlab trafficPolicy: tls: mode: DISABLE --- apiVersion: networking.istio.io/v1beta1 kind: Gateway metadata: name: gitlab-gateway namespace: istio-system spec: selector: app: istio-ingressgateway servers: - port: number: 80 name: http protocol: HTTP hosts: - "gitlab.magedu.com" - "code.magedu.com" - "code.magedu.com" --- apiVersion: networking.istio.io/v1beta1 kind: VirtualService metadata: name: gitlab-virtualservice namespace: gitlab spec: hosts: - "gitlab.magedu.com" - "code.magedu.com" gateways: - istio-system/gitlab-gateway http: - match: - uri: prefix: / route: - destination: host: gitlab port: number: 31080 ---
root@master02:/opt/knative-in-practise/eventing/gitlab/deploy# cat *|grep image image: 'sameersbn/redis:4.0.9-3' image: sameersbn/postgresql:12-20200524 image: 'sameersbn/gitlab:14.7.2'
- "gitlab.magedu.com"
- "code.magedu.com"
# root pass: magedu.com
root@master01:~# kubectl get svc -ngitlab NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE code ClusterIP 10.100.149.22480/TCP,22/TCP 44h gitlab LoadBalancer 10.100.68.233 31080:18311/TCP,31022:22343/TCP 44h gitlab-postgresql ClusterIP 10.100.33.56 5432/TCP 44h gitlab-redis ClusterIP 10.100.162.143 6379/TCP 44h
2,Gitlab上的操作
2.1 改中文
2.2 菜单-管理员-设置-网络
2.3 菜单-管理员-设置-通用
2.4 Administrator-偏好设置-访问令牌
3,装备示例仓库myproject
3,在knative上部署GitLabSource
https://github.com/knative/docs/tree/main/code-samples/eventing/github-source
https://github.com/knative-sandbox/eventing-github
wget https://github.com/knative-sandbox/eventing-github/releases/download/knative-v1.2.0/github.yaml
root@master02:/opt/knative-in-practise/eventing/gitlab/gitlab-source# kubectl apply -f gitlab.yaml
docker load -i controller_sources.tar.gz
docker load -i receive_adapter_sources.tar.gz
docker load -i webhook_source.tar.gz
root@master01:/opt/knative-in-practise/eventing/gitlab/gitlab-source# cat gitlab.yaml |grep 250 value: 192.168.80.250:80/chuan/receive_adapter:latest image: 192.168.80.250:80/chuan/controller:latest image: 192.168.80.250:80/chuan/webhook:latest
root@master02:/opt/knative-in-practise/eventing/gitlab/gitlab-source# kubectl api-resources |grep -i sources gitlabsources sources.knative.dev/v1alpha1 true GitLabSource
root@master01:~# kubectl get ns|grep knative-sources knative-sources Active 2m23s
root@master01:/opt/knative-in-practise/eventing/gitlab/gitlab-source# kubectl get deploy -nknative-sources -o yaml|grep 250 |grep -v api
value: 192.168.80.250:80/chuan/receive_adapter:latest
image: 192.168.80.250:80/chuan/controller:latest
image: 192.168.80.250:80/chuan/webhook:latest
knative-sources gitlab-controller-manager-7ff55bcccb-2qlzh 1/1 Running 0 7m21s knative-sources gitlab-webhook-6c9dd57845-hkjcd 1/1 Running 0 7m21s
4,在Knative上部署KService/event-display和创建Secret资源,包含两个数据项,
4.1 GitLab上的Personal Access Token 4.2 GitLab调用GitLabSource与Webhook Secret5,创建GitLabSource资源
◆从GitLab仓库加载事件 ◆将事件转为CloudEvents,并发往Sinkroot@master01:~# kn service list NAME URL LATEST AGE CONDITIONS READY REASON event-display http://event-display.default.example.com event-display-00001 6d23h 3 OK / 3 True root@master01:~# kn service delete event-display
root@master02:/opt/knative-in-practise/eventing/sources/05-gitlabsource-to-knative-service# cat 01-namespace.yaml kind: Namespace apiVersion: v1 metadata: name: event-demo --- root@master02:/opt/knative-in-practise/eventing/sources/05-gitlabsource-to-knative-service# cat 02-kservice-event-display.yaml --- apiVersion: serving.knative.dev/v1 kind: Service metadata: name: event-display namespace: event-demo spec: template: metadata: annotations: autoscaling.knative.dev/min-scale: "1" spec: containers: - image: ikubernetes/event_display ports: - containerPort: 8080 root@master02:/opt/knative-in-practise/eventing/sources/05-gitlabsource-to-knative-service# cat 03-secret-token.yaml apiVersion: v1 kind: Secret metadata: name: gitlabsecret namespace: event-demo type: Opaque stringData: accessToken: YFNYfQZ4UtKSVjzcMA1N secretToken: Bou0Urm15WFDXkRITkGcqQ root@master02:/opt/knative-in-practise/eventing/sources/05-gitlabsource-to-knative-service# cat 04-GitLabSource-to-knative-service.yaml apiVersion: sources.knative.dev/v1alpha1 kind: GitLabSource metadata: name: gitlabsource-demo namespace: event-demo spec: eventTypes: - push_events - issues_events - merge_requests_events - tag_push_events projectUrl: http://code.gitlab.svc.cluster.local/root/myproject sslverify: false accessToken: secretKeyRef: name: gitlabsecret key: accessToken secretToken: secretKeyRef: name: gitlabsecret key: secretToken sink: ref: apiVersion: serving.knative.dev/v1 kind: Service name: event-display
验证
root@master02:/opt/knative-in-practise/eventing/sources/05-gitlabsource-to-knative-service# kubectl get gitlabsources -nevent-demo NAME READY REASON SINK AGE gitlabsource-demo True http://event-display.event-demo.svc.cluster.local 35s
root@master01:~# kn source list-types TYPE S NAME DESCRIPTION ApiServerSource X apiserversources.sources.knative.dev Watch and send Kubernetes API events to addressable ContainerSource X containersources.sources.knative.dev Generate events by Container image and send to addressable GitLabSource gitlabsources.sources.knative.dev PingSource X pingsources.sources.knative.dev Send periodically ping events to addressable SinkBinding X sinkbindings.sources.knative.dev Binding for connecting a PodSpecable to addressable
root@master01:/opt/knative-in-practise/eventing/gitlab/gitlab-source# kn service list -A NAMESPACE NAME URL LATEST AGE CONDITIONS READY REASON event-demo event-display http://event-display.event-demo.example.com event-display-00001 3m12s 3 OK / 3 True event-demo gitlabsource-demo-p8wf4 http://gitlabsource-demo-p8wf4.event-demo.example.com gitlabsource-demo-p8wf4-00001 3m4s 3 OK / 3 True
root@master02:/opt/knative-in-practise/eventing/sources/05-gitlabsource-to-knative-service# kubectl get po -A NAMESPACE NAME READY STATUS RESTARTS AGE event-demo event-display-00001-deployment-57fc7d44f5-98mpw 2/2 Running 0 23s event-demo gitlabsource-demo-p8wf4-00001-deployment-7d6469bcd9-6vwht 2/2 Running 0 18s