欢迎关注我的公众号:
目前刚开始写一个月,一共写了18篇原创文章,文章目录如下:
istio防故障利器,你知道几个,istio新手不要读,太难!
不懂envoyfilter也敢说精通istio系列-http-rbac-不要只会用AuthorizationPolicy配置权限
不懂envoyfilter也敢说精通istio系列-02-http-corsFilter-不要只会vs
不懂envoyfilter也敢说精通istio系列-03-http-csrf filter-再也不用再代码里写csrf逻辑了
不懂envoyfilter也敢说精通istio系列http-jwt_authn-不要只会RequestAuthorization
不懂envoyfilter也敢说精通istio系列-05-fault-filter-故障注入不止是vs
不懂envoyfilter也敢说精通istio系列-06-http-match-配置路由不只是vs
不懂envoyfilter也敢说精通istio系列-07-负载均衡配置不止是dr
不懂envoyfilter也敢说精通istio系列-08-连接池和断路器
不懂envoyfilter也敢说精通istio系列-09-http-route filter
不懂envoyfilter也敢说精通istio系列-network filter-redis proxy
不懂envoyfilter也敢说精通istio系列-network filter-HttpConnectionManager
不懂envoyfilter也敢说精通istio系列-ratelimit-istio ratelimit完全手册
tekton新课发布:ci/cd之tekton实战--其他视频教程-系统/网络/运维-CSDN程序员研修院
什么是TriggerBinding
校验事件并提取相关字段属性
资源详解
例子
triggerBinding/binding.yaml
apiVersion: triggers.tekton.dev/v1alpha1 kind: TriggerBinding metadata: name: binding spec: params: - name: gitrevision value: $(body.head_commit.id) - name: gitrepositoryurl value: $(body.repository.url) - name: contenttype value: $(header.Content-Type)
表达式
$(body) -> "{"key1": "value1", "key2": {"key3": "value3"}, "key4": ["value4", "value5", "value6"]}" $(body.key1) -> "value1" $(body.key2) -> "{"key3": "value3"}" $(body.key2.key3) -> "value3" $(body.key4[0]) -> "value4" $(body.key4[0:2]) -> "{"value4", "value5"}" # $(header) is replaced by all of the headers from the event. $(header) -> "{"One":["one"], "Two":["one","two","three"]}" $(header.One) -> "one" $(header.one) -> "one" $(header.Two) -> "one two three" $(header.Two[1]) -> "two"
多绑定
triggerBinding/multi-binding.yaml
apiVersion: triggers.tekton.dev/v1alpha1 kind: TriggerBinding metadata: name: event-binding spec: params: - name: gitrevision value: $(body.head_commit.id) - name: gitrepositoryurl value: $(body.repository.url) --- apiVersion: triggers.tekton.dev/v1alpha1 kind: TriggerBinding metadata: name: prod-env spec: params: - name: environment value: prod --- apiVersion: triggers.tekton.dev/v1alpha1 kind: TriggerBinding metadata: name: staging-env spec: params: - name: environment value: staging --- apiVersion: triggers.tekton.dev/v1alpha1 kind: EventListener metadata: name: listener spec: triggers: - name: prod-trigger bindings: - ref: event-binding - ref: prod-env template: ref: pipeline-template - name: staging-trigger bindings: - ref: event-binding - ref: staging-env template: ref: pipeline-template
ClusterTriggerBinding
triggerBinding/cluster/message-clusterbinding.yaml
apiVersion: triggers.tekton.dev/v1alpha1 kind: ClusterTriggerBinding metadata: name: message-clusterbinding spec: params: - name: message value: Hello from the Triggers EventListener!
triggerBinding/cluster/pipeline-clusterbinding.yaml
apiVersion: triggers.tekton.dev/v1alpha1 kind: ClusterTriggerBinding metadata: name: pipeline-clusterbinding spec: params: - name: gitrevision value: $(body.head_commit.id) - name: gitrepositoryurl value: $(body.repository.url) - name: contenttype value: $(header.Content-Type)
triggerBinding/cluster/sa-rbac.yaml
apiVersion: v1 kind: ServiceAccount metadata: name: tekton-triggers-example-sa --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: tekton-triggers-example-minimal rules: # EventListeners need to be able to fetch all namespaced resources - apiGroups: ["triggers.tekton.dev"] resources: ["eventlisteners", "triggerbindings", "triggertemplates", "triggers"] verbs: ["get", "list", "watch"] - apiGroups: [""] # configmaps is needed for updating logging config resources: ["configmaps"] verbs: ["get", "list", "watch"] # Permissions to create resources in associated TriggerTemplates - apiGroups: ["tekton.dev"] resources: ["pipelineruns", "pipelineresources", "taskruns"] verbs: ["create"] - apiGroups: [""] resources: ["serviceaccounts"] verbs: ["impersonate"] - apiGroups: ["policy"] resources: ["podsecuritypolicies"] resourceNames: ["tekton-triggers"] verbs: ["use"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: tekton-triggers-example-binding subjects: - kind: ServiceAccount name: tekton-triggers-example-sa roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: tekton-triggers-example-minimal --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: tekton-triggers-example-clusterrole rules: # EventListeners need to be able to fetch any clustertriggerbindings - apiGroups: ["triggers.tekton.dev"] resources: ["clustertriggerbindings", "clusterinterceptors"] verbs: ["get", "list", "watch"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: tekton-triggers-example-clusterbinding subjects: - kind: ServiceAccount name: tekton-triggers-example-sa namespace: tekton roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: tekton-triggers-example-clusterrole
triggerBinding/cluster/task-pipeline.yaml
apiVersion: tekton.dev/v1beta1 kind: Task metadata: name: say-hello spec: params: - name: contenttype description: The Content-Type of the event type: string resources: inputs: - name: git-source type: git steps: - name: say-hi image: bash command: ["bash", "-c"] args: - echo -e 'Hello Triggers!\nContent-Type is $(params.contenttype)' --- apiVersion: tekton.dev/v1beta1 kind: Task metadata: name: say-message spec: params: - name: message description: The message to print default: This is the default message type: string resources: inputs: - name: git-source type: git steps: - name: say-message image: bash command: ["bash", "-c"] args: - echo '$(params.message)' --- apiVersion: tekton.dev/v1beta1 kind: Task metadata: name: say-bye spec: resources: inputs: - name: git-source type: git steps: - name: say-bye image: bash command: ["bash", "-c"] args: - echo 'Goodbye Triggers!' --- apiVersion: tekton.dev/v1beta1 kind: Pipeline metadata: name: simple-pipeline spec: params: - name: message description: The message to print default: This is the default message type: string - name: contenttype description: The Content-Type of the event type: string resources: - name: git-source type: git tasks: - name: say-hello taskRef: name: say-hello params: - name: contenttype value: $(params.contenttype) resources: inputs: - name: git-source resource: git-source - name: say-message runAfter: [say-hello] taskRef: name: say-message params: - name: message value: $(params.message) resources: inputs: - name: git-source resource: git-source - name: say-bye runAfter: [say-message] taskRef: name: say-bye resources: inputs: - name: git-source resource: git-source
triggerBinding/cluster/trigger-template.yaml
apiVersion: triggers.tekton.dev/v1alpha1 kind: TriggerTemplate metadata: name: pipeline-template spec: params: - name: gitrevision description: The git revision default: main - name: gitrepositoryurl description: The git repository url - name: message description: The message to print default: This is the default message - name: contenttype description: The Content-Type of the event resourcetemplates: - apiVersion: tekton.dev/v1beta1 kind: PipelineRun metadata: generateName: simple-pipeline-run- spec: pipelineRef: name: simple-pipeline params: - name: message value: $(tt.params.message) - name: contenttype value: $(tt.params.contenttype) resources: - name: git-source resourceSpec: type: git params: - name: revision value: $(tt.params.gitrevision) - name: url value: $(tt.params.gitrepositoryurl)
triggerBinding/cluster/listener.yaml
apiVersion: triggers.tekton.dev/v1alpha1 kind: EventListener metadata: name: listener spec: serviceAccountName: tekton-triggers-example-sa triggers: - name: foo-trig bindings: - ref: pipeline-clusterbinding kind: ClusterTriggerBinding - ref: message-clusterbinding kind: ClusterTriggerBinding template: ref: pipeline-template
curl -v \ -H 'X-GitHub-Event: pull_request' \ -H 'X-Hub-Signature: sha1=ba0cdc263b3492a74b601d240c27efe81c4720cb' \ -H 'Content-Type: application/json' \ -d '{"action": "opened", "pull_request":{"head":{"sha": "28911bbb5a3e2ea034daf1f6be0a822d50e31e73"}},"repository":{"url": "https://github.com/tektoncd/triggers.git"}}' \ http://10.68.194.93:8080