blob: 97492f648778b865d5affde5cb81594ac93c93ca [file] [log] [blame]
James E. Blaireff5a9d2017-06-20 00:00:37 -07001:title: GitHub Driver
2
3GitHub
4======
5
6The GitHub driver supports sources, triggers, and reporters. It can
7interact with the public GitHub service as well as site-local
8installations of GitHub enterprise.
9
10.. TODO: make this section more user friendly
11
12Configure GitHub `webhook events
13<https://developer.github.com/webhooks/creating/>`_.
14
15Set *Payload URL* to
16``http://<zuul-hostname>/connection/<connection-name>/payload``.
17
18Set *Content Type* to ``application/json``.
19
20Select *Events* you are interested in. See below for the supported events.
21
22Connection Configuration
23------------------------
24
Monty Taylorae1f03a2017-07-27 14:43:32 -050025There are two forms of operation. Either the Zuul installation can be
26configured as a `Github App`_ or it can be configured as a Webhook.
27
28If the `Github App`_ approach is taken, the config settings ``app_id`` and
29``app_key`` are required. If the Webhook approach is taken, the ``api_token``
30setting is required.
31
James E. Blaireff5a9d2017-06-20 00:00:37 -070032The supported options in zuul.conf connections are:
33
34**driver=github**
35
Monty Taylorae1f03a2017-07-27 14:43:32 -050036**app_id**
37 App ID if you are using a GitHub App. Can be found under the "Public Link"
38 on the right hand side labeled "ID".
Monty Taylor4b203992017-07-28 04:09:19 -050039 ``app_id=1234``
Monty Taylorae1f03a2017-07-27 14:43:32 -050040
41**app_key**
Monty Taylor4b203992017-07-28 04:09:19 -050042 Path to a file containing the Secret Key Zuul will use to create tokens for
43 the API interactions. In Github this is known as "Private key" and must be
44 collected when generated.
45 ``app_key=/etc/zuul/github.key``
Monty Taylorae1f03a2017-07-27 14:43:32 -050046
James E. Blaireff5a9d2017-06-20 00:00:37 -070047**api_token**
Monty Taylorae1f03a2017-07-27 14:43:32 -050048 API token for accessing GitHub if Zuul is configured with Webhooks.
James E. Blaireff5a9d2017-06-20 00:00:37 -070049 See `Creating an access token for command-line use
50 <https://help.github.com/articles/creating-an-access-token-for-command-line-use/>`_.
51
52**webhook_token**
Clint Byrumcf1b7422017-07-27 17:12:00 -070053 Required token for validating the webhook event payloads. In the
54 GitHub App Configuration page, this is called "Webhook secret".
James E. Blaireff5a9d2017-06-20 00:00:37 -070055 See `Securing your webhooks
56 <https://developer.github.com/webhooks/securing/>`_.
57
58**sshkey**
59 Path to SSH key to use when cloning github repositories.
60 ``sshkey=/home/zuul/.ssh/id_rsa``
61
James E. Blair5f11ff32017-06-23 21:46:45 +010062**server**
James E. Blaireff5a9d2017-06-20 00:00:37 -070063 Optional: Hostname of the github install (such as a GitHub Enterprise)
64 If not specified, defaults to ``github.com``
James E. Blair5f11ff32017-06-23 21:46:45 +010065 ``server=github.myenterprise.com``
James E. Blaireff5a9d2017-06-20 00:00:37 -070066
James E. Blair4d5dd252017-06-23 21:40:56 +010067**canonical_hostname**
68 The canonical hostname associated with the git repos on the GitHub
James E. Blair5f11ff32017-06-23 21:46:45 +010069 server. Defaults to the value of **server**. This is used to
James E. Blaircc3ca7d2017-06-29 11:09:18 -070070 identify projects from this connection by name and in preparing
71 repos on the filesystem for use by jobs. Note that Zuul will still
72 only communicate with the GitHub server identified by **server**;
73 this option is useful if users customarily use a different hostname
74 to clone or pull git repos so that when Zuul places them in the
75 job's working directory, they appear under this directory name.
James E. Blair4d5dd252017-06-23 21:40:56 +010076 ``canonical_hostname=git.example.com``
77
James E. Blaireff5a9d2017-06-20 00:00:37 -070078Trigger Configuration
79---------------------
80GitHub webhook events can be configured as triggers.
81
82A connection name with the github driver can take multiple events with the
83following options.
84
85**event**
James E. Blair88e53882017-06-23 21:45:07 +010086 The event from github. Supported events are ``pull_request``,
87 ``pull_request_review``, and ``push``.
James E. Blaireff5a9d2017-06-20 00:00:37 -070088
James E. Blair88e53882017-06-23 21:45:07 +010089 A ``pull_request`` event will have associated action(s) to trigger
90 from. The supported actions are:
James E. Blaireff5a9d2017-06-20 00:00:37 -070091
James E. Blair88e53882017-06-23 21:45:07 +010092 *opened* - pull request opened
James E. Blaireff5a9d2017-06-20 00:00:37 -070093
James E. Blair88e53882017-06-23 21:45:07 +010094 *changed* - pull request synchronized
James E. Blaireff5a9d2017-06-20 00:00:37 -070095
James E. Blair88e53882017-06-23 21:45:07 +010096 *closed* - pull request closed
James E. Blaireff5a9d2017-06-20 00:00:37 -070097
James E. Blair88e53882017-06-23 21:45:07 +010098 *reopened* - pull request reopened
James E. Blaireff5a9d2017-06-20 00:00:37 -070099
James E. Blair88e53882017-06-23 21:45:07 +0100100 *comment* - comment added on pull request
James E. Blaireff5a9d2017-06-20 00:00:37 -0700101
James E. Blair88e53882017-06-23 21:45:07 +0100102 *labeled* - label added on pull request
James E. Blaireff5a9d2017-06-20 00:00:37 -0700103
James E. Blair88e53882017-06-23 21:45:07 +0100104 *unlabeled* - label removed from pull request
James E. Blaireff5a9d2017-06-20 00:00:37 -0700105
James E. Blair88e53882017-06-23 21:45:07 +0100106 *status* - status set on commit
James E. Blaireff5a9d2017-06-20 00:00:37 -0700107
James E. Blair88e53882017-06-23 21:45:07 +0100108 A ``pull_request_review`` event will
109 have associated action(s) to trigger from. The supported actions are:
James E. Blaireff5a9d2017-06-20 00:00:37 -0700110
James E. Blair88e53882017-06-23 21:45:07 +0100111 *submitted* - pull request review added
James E. Blaireff5a9d2017-06-20 00:00:37 -0700112
James E. Blair88e53882017-06-23 21:45:07 +0100113 *dismissed* - pull request review removed
James E. Blaireff5a9d2017-06-20 00:00:37 -0700114
115**branch**
James E. Blair88e53882017-06-23 21:45:07 +0100116 The branch associated with the event. Example: ``master``. This
117 field is treated as a regular expression, and multiple branches may
118 be listed. Used for ``pull_request`` and ``pull_request_review``
119 events.
James E. Blaireff5a9d2017-06-20 00:00:37 -0700120
121**comment**
James E. Blair88e53882017-06-23 21:45:07 +0100122 This is only used for ``pull_request`` ``comment`` actions. It
123 accepts a list of regexes that are searched for in the comment
124 string. If any of these regexes matches a portion of the comment
125 string the trigger is matched. ``comment: retrigger`` will match
126 when comments containing 'retrigger' somewhere in the comment text
127 are added to a pull request.
James E. Blaireff5a9d2017-06-20 00:00:37 -0700128
129**label**
James E. Blair88e53882017-06-23 21:45:07 +0100130 This is only used for ``labeled`` and ``unlabeled`` ``pull_request``
131 actions. It accepts a list of strings each of which matches the
132 label name in the event literally. ``label: recheck`` will match a
133 ``labeled`` action when pull request is labeled with a ``recheck``
134 label. ``label: 'do not test'`` will match a ``unlabeled`` action
135 when a label with name ``do not test`` is removed from the pull
136 request.
James E. Blaireff5a9d2017-06-20 00:00:37 -0700137
138**state**
James E. Blair88e53882017-06-23 21:45:07 +0100139 This is only used for ``pull_request_review`` events. It accepts a
140 list of strings each of which is matched to the review state, which
141 can be one of ``approved``, ``comment``, or ``request_changes``.
James E. Blaireff5a9d2017-06-20 00:00:37 -0700142
143**status**
James E. Blair88e53882017-06-23 21:45:07 +0100144 This is used for ``pull-request`` and ``status`` actions. It accepts
145 a list of strings each of which matches the user setting the status,
146 the status context, and the status itself in the format of
147 ``user:context:status``. For example,
148 ``zuul_github_ci_bot:check_pipeline:success``.
James E. Blaireff5a9d2017-06-20 00:00:37 -0700149
150**ref**
James E. Blair88e53882017-06-23 21:45:07 +0100151 This is only used for ``push`` events. This field is treated as a
152 regular expression and multiple refs may be listed. GitHub always
153 sends full ref name, eg. ``refs/tags/bar`` and this string is
154 matched against the regexp.
James E. Blaireff5a9d2017-06-20 00:00:37 -0700155
156Reporter Configuration
157----------------------
158Zuul reports back to GitHub via GitHub API. Available reports include a PR
159comment containing the build results, a commit status on start, success and
160failure, an issue label addition/removal on the PR, and a merge of the PR
161itself. Status name, description, and context is taken from the pipeline.
162
163A :ref:`connection<connections>` that uses the github driver must be
164supplied to the reporter. It has the following options:
165
166**status**
James E. Blair88e53882017-06-23 21:45:07 +0100167 String value (``pending``, ``success``, ``failure``) that the
168 reporter should set as the commit status on github. ``status:
169 'success'``
James E. Blaireff5a9d2017-06-20 00:00:37 -0700170
171**status-url**
James E. Blair88e53882017-06-23 21:45:07 +0100172 String value for a link url to set in the github status. Defaults to
173 the zuul server status_url, or the empty string if that is unset.
James E. Blaireff5a9d2017-06-20 00:00:37 -0700174
175**comment**
James E. Blair88e53882017-06-23 21:45:07 +0100176 Boolean value (``true`` or ``false``) that determines if the
177 reporter should add a comment to the pipeline status to the github
178 pull request. Defaults to ``true``. Only used for Pull Request based
179 events. ``comment: false``
James E. Blaireff5a9d2017-06-20 00:00:37 -0700180
181**merge**
James E. Blair88e53882017-06-23 21:45:07 +0100182 Boolean value (``true`` or ``false``) that determines if the
183 reporter should merge the pull reqeust. Defaults to ``false``. Only
184 used for Pull Request based events. ``merge=true``
James E. Blaireff5a9d2017-06-20 00:00:37 -0700185
186**label**
James E. Blair88e53882017-06-23 21:45:07 +0100187 List of strings each representing an exact label name which should
188 be added to the pull request by reporter. Only used for Pull Request
189 based events. ``label: 'test successful'``
James E. Blaireff5a9d2017-06-20 00:00:37 -0700190
191**unlabel**
James E. Blair88e53882017-06-23 21:45:07 +0100192 List of strings each representing an exact label name which should
193 be removed from the pull request by reporter. Only used for Pull
194 Request based events. ``unlabel: 'test failed'``
Monty Taylorae1f03a2017-07-27 14:43:32 -0500195
196.. _Github App: https://developer.github.com/apps/
James E. Blaird134c6d2017-07-26 16:09:34 -0700197
198Requirements Configuration
199--------------------------
200
201As described in :ref:`pipeline.require <pipeline-require>` and
202:ref:`pipeline.reject <pipeline-reject>`, pipelines may specify that
203items meet certain conditions in order to be enqueued into the
204pipeline. These conditions vary according to the source of the
205project in question. To supply requirements for changes from a GitHub
206source named *my-github*, create a congfiguration such as the
207following::
208
209 pipeline:
210 require:
211 my-github:
212 review:
213 - type: approval
214
215This indicates that changes originating from the GitHub connection
216named *my-github* must have an approved code review in order to be
217enqueued into the pipeline.
218
James E. Blairfa2594b2017-07-28 17:16:21 -0700219.. zuul:attr:: pipeline.require.<github source>
James E. Blaird134c6d2017-07-26 16:09:34 -0700220
221 The dictionary passed to the GitHub pipeline `require` attribute
222 supports the following attributes:
223
224 .. _github-pipeline-require-review:
225
226 .. zuul:attr:: review
227
228 This requires that a certain kind of code review be present for
229 the pull request (it could be added by the event in question).
230 It takes several sub-parameters, all of which are optional and
231 are combined together so that there must be a code review
232 matching all specified requirements.
233
234 .. zuul:attr:: username
235
236 If present, a code review from this username is required. It
237 is treated as a regular expression.
238
239 .. zuul:attr:: email
240
241 If present, a code review with this email address is
242 required. It is treated as a regular expression.
243
244 .. zuul:attr:: older-than
245
246 If present, the code review must be older than this amount of
247 time to match. Provide a time interval as a number with a
248 suffix of "w" (weeks), "d" (days), "h" (hours), "m"
249 (minutes), "s" (seconds). Example ``48h`` or ``2d``.
250
251 .. zuul:attr:: newer-than
252
253 If present, the code review must be newer than this amount of
254 time to match. Same format as "older-than".
255
256 .. zuul:attr:: type
257
258 If present, the code review must match this type (or types).
259
260 .. TODO: what types are valid?
261
262 .. zuul:attr:: permission
263
264 If present, the author of the code review must have this
265 permission (or permissions). The available values are
266 ``read``, ``write``, and ``admin``.
267
268 .. zuul:attr:: open
269
270 A boolean value (``true`` or ``false``) that indicates whether
271 the change must be open or closed in order to be enqueued.
272
273 .. zuul:attr:: current-patchset
274
275 A boolean value (``true`` or ``false``) that indicates whether
276 the item must be associated with the latest commit in the pull
277 request in order to be enqueued.
278
279 .. TODO: this could probably be expanded upon -- under what
280 circumstances might this happen with github
281
282 .. zuul:attr:: status
283
284 A string value that corresponds with the status of the pull
285 request. The syntax is ``user:status:value``.
286
287 .. zuul:attr:: label
288
289 A string value indicating that the pull request must have the
290 indicated label (or labels).
291
292
James E. Blairfa2594b2017-07-28 17:16:21 -0700293.. zuul:attr:: pipeline.reject.<github source>
James E. Blaird134c6d2017-07-26 16:09:34 -0700294
295 The `reject` attribute is the mirror of the `require` attribute. It
296 also accepts a dictionary under the connection name. This
297 dictionary supports the following attributes:
298
299 .. zuul:attr:: review
300
301 This takes a list of code reviews. If a code review matches the
302 provided criteria the pull request can not be entered into the
303 pipeline. It follows the same syntax as the :ref:`review
304 pipeline requirement above <github-pipeline-require-review>`.