GitHub webhook sample - Go

A handler written in Go that demonstrates interacting with GitHub through a webhook.

Before you begin

You must meet the following requirements to run this sample:

  • Own a public domain. For example, you can create a domain with Google Domains.
  • A Kubernetes cluster running with the following:
  • Knative Serving must be installed. For details about setting up a Knative cluster, see the installation guide.
  • Your Knative cluster must be configured to use your custom domain.
  • You must ensure that your Knative cluster uses a static IP address refer to your provider’s documentation.
  • An installed version of Docker.
  • A Docker Hub account to which you are able to upload your sample’s container image.

Build the sample code

  1. Download a copy of the code:
  1. git clone -b "release-1.0" https://github.com/knative/docs knative-docs
  2. cd knative-docs/docs/serving/samples/gitwebhook-go
  1. Use Docker to build a container image for this service. Replace {DOCKER_HUB_USERNAME} with your Docker Hub username in the following commands.
  1. export DOCKER_HUB_USERNAME=username
  3. # Build the container, run from the project folder
  4. docker build -t ${DOCKER_HUB_USERNAME}/gitwebhook-go .
  6. # Push the container to the registry
  7. docker push ${DOCKER_HUB_USERNAME}/gitwebhook-go

  1. Create a secret that holds two values from GitHub:

  2. A personal access token that you will use to make API requests to GitHub.

  3. Ensure that you grant read/write permission in the repo for that personal access token.

  4. Follow the GitHub instructions to

  5. A webhook secret that you will use to validate requests.

  6. Base64 encode the access token:

    1. $ echo -n "45d382d4a9a93c453fb7c8adc109121e7c29fa3ca" | base64
    2. NDVkMzgyZDRhOWE5M2M0NTNmYjdjOGFkYzEwOTEyMWU3YzI5ZmEzY2E=

  7. Copy the encoded access token into github-secret.yaml next to personalAccessToken:.

  8. Create a webhook secret value unique to this sample, base64 encode it, and copy it into github-secret.yaml next to webhookSecret::

    1. $ echo -n "mygithubwebhooksecret" | base64
    2. bXlnaXRodWJ3ZWJob29rc2VjcmV0

  9. Apply the secret to your cluster:

    1. kubectl apply --filename github-secret.yaml

  10. Next, update the service.yaml file in the project to reference the tagged image from step 1.

  1. apiVersion: serving.knative.dev/v1
  2. kind: Service
  3. metadata:
  4.   name: gitwebhook
  5.   namespace: default
  6. spec:
  7.   template:
  8.     spec:
  9.       containers:
  10.         - # Replace {DOCKER_HUB_USERNAME} with your actual docker hub username
  11.           image: docker.io/{DOCKER_HUB_USERNAME}/gitwebhook-go:latest
  12.           env:
  13.             - name: GITHUB_PERSONAL_TOKEN
  14.               valueFrom:
  15.                 secretKeyRef:
  16.                   name: githubsecret
  17.                   key: personalAccessToken
  18.             - name: WEBHOOK_SECRET
  19.               valueFrom:
  20.                 secretKeyRef:
  21.                   name: githubsecret
  22.                   key: webhookSecret
  1. Use kubectl to apply the service.yaml file.
  1. $ kubectl apply --filename service.yaml

Response:

  1. service "gitwebhook" created

  1. Create a webhook in your GitHub repo using the URL for your gitwebhook service:

  2. Retrieve the hostname for this service, using the following command:

    1. $ kubectl get ksvc gitwebhook \
    2.    --output=custom-columns=NAME:.metadata.name,DOMAIN:.status.domain

    Example response:

    1. NAME                DOMAIN
    2. gitwebhook          gitwebhook.default.MYCUSTOMDOMAIN.com

    where MYCUSTOMDOMAIN is the domain that you set as your custom domain.

  3. Go to the GitHub repository for which you have privileges to create a webhook.

  4. Click Settings > Webhooks > Add webhook to open the Webhooks page.

  5. Enter the Payload URL as http://{DOMAIN}, where {DOMAIN} is the address from the kubectl get ksvc gitwebhook command. For example: http://gitwebhook.default.MYCUSTOMDOMAIN.com

  6. Set the Content type to application/json.

  7. Enter your webhook secret in Secret using the original base value that you set in webhookSecret (not the base64 encoded value). For example: mygithubwebhooksecret

  8. If you did not enabled TLS certificates, click Disable under SSL Validation.

  9. Click Add webhook to create the webhook.

Exploring

Once deployed, you can inspect the created resources with kubectl commands:

  1. # This will show the Knative service that we created:
  2. kubectl get ksvc --output yaml
  4. # This will show the Route, created by the service:
  5. kubectl get route --output yaml
  7. # This will show the Configuration, created by the service:
  8. kubectl get configurations --output yaml
  10. # This will show the Revision, created by the Configuration:
  11. kubectl get revisions --output yaml

Testing the service

Now that you have the service running and the webhook created, send a Pull Request to the same GitHub repo where you added the webhook. If all is working right, you’ll see the title of the PR will be modified, with the text (looks pretty legit) appended the end of the title.

Cleaning up

To clean up the sample service:

  1. kubectl delete --filename service.yaml