Report HelmRelease reconciliation status to Gitlab CI pipeline #3387
Replies: 3 comments 3 replies
-
Having throught about this a little more, I think it would be possible to use Flux's built in alerting to do what I need by sending the alerts to a generic webhook hosted on Google Cloudrun e.g. like this: https://cloud.google.com/run/docs/triggering/webhooks. I'd get by cloudrun job to spit out a message to a Google pubsub topic and have the pipeline wait until the message arrives giving the status of the reconciliation. What would be really nice is if flux could directly talk to pubsub instead. As flux is installed inside GKE and running that cluster, it can usually directly talk to pubsub through Google's APIs or potentially be given permission to do so if needed using GKE workload identity. |
Beta Was this translation helpful? Give feedback.
-
I was able to get Google's managed prometheus to pick up the metrics Flux provides using a PodMonitor resource kindly provided by the Google managed prometheus team. I was also able to get the metrics in a Google monitoring dashboard by adapting the PromQL from However I still cannot get direct notifications of reconciliation statuses to work as this information isn't directly exported in the prometheus metrics (I think). I've been trying to get the Flux notification controller to talk to the Google mananged prometheus alertmanager pod in order to push the alerts through there as the docs suggest that this is possible. However unathenticated connections do not let the alerts process correctly, I get log messages from the notification controller like this:
Having checked through the code, it looks like I need to use bearer authentication but there is no documented way to do that in the Flux docs. Can someone please suggest how I can go about setting up Flux to use bearer authentication? For reference, here are the manifests that I am applying to set up Flux alerts to go to the GMP alert manager:
|
Beta Was this translation helpful? Give feedback.
-
@heretic098 have you solved this task finally? I need to implement something similar. Could you share how your solution works? |
Beta Was this translation helpful? Give feedback.
-
Hi, I wanted to ask if other people have come up with a good solution to the following problem. I have a Gitlab CI pipeline which results in a helm chart being packaged and deployed to the Gitlab project's helm "package registry".
For reference, here is the shell script that the Gitlab CI pipeline step calls in order to post the created helm chart:
I have a Flux HelmRelease custom resource set up to pull the latest Helm release from the registry and apply it. It is set up like this:
I want to trigger some automated testing once the Flux helmrelease reconcilation has completed but I am struggling to work out how to programatically report back to the pipeline that the reconciliation is completed. I've seen the Flux alerting docs which suggest it is possible to report back on the status of a Kustomization. I don't think this does what I want; to report back on a HelmRelease. In addition, my helm chart and source code live in separate git repositories to my Flux manifests. So I think that if I wanted to report back to my Flux manifests repo / merge request pipelines on whether or not my reconcilliations had worked as part of my pipeline on that repo then this is exactly what I would want but that isn't today's problem.
I am using Google Kubernetes Engine (GKE). I'm considering a couple of options:
Here's the yaml for the Flux alert config for option 2, just sending to Slack so I could get a look at the kind of information it puts out:
Does anyone have a better suggestion they would care to offer please?
Beta Was this translation helpful? Give feedback.
All reactions