← Back to posts

Spinnaker Tips: Setting a github status check on a PR from a pipeline

Oct 12, 2023 by Jason McIntosh

A common situation we hit is creating a pull request on github with some terraform changes that are run through our pipelines. We’d like to verify the terraform changes cleanly “plan” before we apply them. An example is when someone has a typo (how many times I’ve left dangling commas in a JSON object!) and the plan fails due to this. Spinnaker has a solution for this though it’s not well documented. Let’s see how this works!

Setup

First you’ll need to enable echo to send github status notifications. There are a couple of places to enable this notification:

Deck:

 window.spinnakerSettings.notifications.githubStatus.enabled = true;

Echo:

github-status:
  enabled: true
  token: REPLACEME
  endpoint: https://api.github.com

You can instead of setting these two flags directly just add a notifications block to operator/halyard using: https://docs.armory.io/continuous-deployment/installation/armory-operator/op-manifest-reference/notification/

You should also be familiar with github triggers and hooks in spinnaker. See the following documentation around configuring webhooks and triggering pipelines from github webhooks:

How to use it

The first challenge with a github status notification is how to know when and where to send the notifications. GitHub status notifications are sent using a SHA to a specific commit. As such we need to know the commit SHA in order to add a status to that commit.

First Go to spinnaker, create a pipeline and add a github trigger. We’ll use the sha from the trigger for sending a status response. You can now also add a notification that posts a status update.

Note the ${execution.trigger.hash} for the sha block. This lets the notification pull the triggered github commit sha to post a status notification back to Github. You can set this notification on the entire pipeline, or on specific stages.

Your pipeline can execute any number of checks or work and report back a status response. Please note that you’ll likely want to send notifications on a limited set of branches so remember to make sure to configure your triggers and notifications as needed!

You can see the results here where the status check will show “pipeline/pipeline name” including the results of the pipeline.

Note that I tested this without a Github trigger but I just passed the SHA directly via a parameter. I used the following spel expression for my test case. 

${execution.trigger.type == "git" ? execution.trigger.hash : parameters.github_hash}

Recently Published Posts

Introducing Pipelines-as-Code Plugin for Open Source Spinnaker

Jul 21, 2023

Easily Scale and Automate with Version Control in Git Developers choose best-of-breed version control systems like GitHub for a reason: they need the ability to collaborate and improve code together.  But a broken Spinnaker deployment pipeline can often be the last thing standing in the way of getting your application to market.  Until now. Armory’s […]

Read more

What is FedRAMP and Why It Matters

Jun 8, 2023

What’s FedRAMP? Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP is important since it’s the gold standard for assessing cloud service providers (CSP) within the government. Under this program, authorized FedRAMP cloud service providers […]

Read more

New Spinnaker Operator Updates Now available for the Spinnaker Community

Mar 15, 2023

Stay up-to-date with the latest Kubernetes release with Spinnaker. The Armory crew has worked diligently the past several weeks to release a new stable version of OSS Operator (1.3.0). This is the first release in just over 18 months and is now available for the open source community.  What Changed? The Spinnaker Operator is the […]

Read more