Spinnaker Slack



  1. For slack, you need to create a custom bot user, then get the access token associated with that new bot user. Then Then hal config notification slack enable echo $TOKENFROMSLACK hal config notification slack edit -bot-name $SPINNAKERBOT -token.
  2. Find sources: 'Spinnaker' – news newspapers books scholar JSTOR (December 2019) (Learn how and when to remove. The opposite sheet is left slack.

Install Spinnaker in a Multipass VM. Minnaker is an open source tool that installs the latest release of Spinnaker and Halyard on Lightweight Kubernetes (K3s). Launch a Multipass VM with 2 cores, 10GB of memory, 30GB of storage. Other approaches use YAML, JSON, or proprietary domain-specific languages (DSLs) that you need to master and train your team to use. These alternative approaches reinvent familiar concepts like sharing and reuse, don't tap into existing ecosystems, and are often different for every cloud that you need to target.

Enable Slack Spinnaker

You can create an application and configure it with relevant data—application attributes.

Including a Slack support channel for an application is a configurable application attribute. This feature communicates with Slack’s conversations API to expose a list of available Slack channels in your workspace. The Slack support channel feature is supported by all providers.

Gate

You need an API token associated with your Slack workspace for gate to receive a list of channels from Slack’s API. See the Slack documentation if you need to create a Slack token. Add this token in the config for gate’s encrypted secrets.

The base url for the Slack API is also needed in gate.yml. This does not need to be encrypted.

Deck

The UI components in deck are protected with a feature flag in the application settings, settings.netflix.ts. To activate this feature you need to enable this flag to true.

Slack

If your workspace’s base URL is anything other than https://slack.com, then you need to configure this as well. This base URL is used to construct the link for accessing a Slack support channel.

Spinnaker SlackSpinnaker slack notifications

This only acts as a source of images, and does not include supportfor deploying Docker images.

When configuring Docker Registries, anAccount maps to a credential able toauthenticate against a certain set of Dockerrepositories.

Perform the steps in this article in the same place where you have Halyardinstalled, whether in a Dockercontainer or locally onUbuntu/Debian or macOS.

Prerequisites

  • The Docker Registry you are configuring must already exist.
  • That Registry must support thev2 registry API.
  • If the Registry doesn’t have at least 1tag among therepositories you define in your Account, Halyard throws a warning.

Registry providers

You can set up a Docker Registry provider for Spinnaker using any of therepositories listed here. Each one supports the same API, but thereare subtle differences in how to get them to work with Spinnaker.

DockerHub

The DockerHub registry address is index.docker.io, keep track of this forlater:

Spinnaker Slacker

Dockerhub hosts a mix of public and private repositories, but does not expose acatalogendpoint to programmatically list them. Therefore you need to explicitly listwhich Docker repositories you want to index and deploy. For example, if youwanted to deploy the public NGINX image, alongside your private app image,your list of repositories would look like:

NOTE: Keep in mind that the repository name is typically either prefixedwith library/ for most public images, or <username>/ for images belongingto user <username>/.

If any of your images aren’t publicly available, make sure you know yourDockerHub username & password to supply to hal later:

Google Container Registry

Spinnaker Slacks

  1. Set the registry address.

    There are a few different registry addresses for GCR, depending on where youwant to store your images. The most likely address is gcr.io, but there aremore options available.

  2. (Optional) Enable the Resource ManagerAPI.

    Enable this API if you want to use thecatalogendpoint to programatically list all images available to your credentials,so you don’t have supply repositories manually.

  3. Set up authentication.

    A service accountis the preferred way to authenticate to GCR. Use the commands below to createand download a service account to be used as your password with the requiredroles/storage.objectViewer role, assuming the registry exists in your currentgcloud project.

    (You can use an accesstokeninstead, but that’s problematic for Spinnaker because the token is shortlived, and you are responsible for refreshing it.)

    Your GCR password is now in a file called $SERVICE_ACCOUNT_DEST.For Spinnaker to authenticate against GCR, keep track of these environmentvars to be passed to hallater:

  4. Enable the provider.

  5. Add the account.

    Note: if you’re running Halyard in a Dockercontainer, you mighthave to restart the container, now mounting the ~/.gcp directory.

Amazon Elastic Container Registry (ECR)

  1. Set the registry address.

    ECR registry addresses are specific to an AWS account and region. You can retrieve the address from the ECR console, or with aws ecr describe-repositories.

  2. Enable the provider.

  3. Set up authentication.

    Because the Docker Registry API does not support the standard AWS authentication methods, the Halyard --password-command option will be configured to use the AWS CLI to retrieve an ECR authentication token on a regular interval with IAM credentials on the Spinnaker instance. The ECR API returns the authentication token as a base64 encoded string comprised of the username and password, which the password command will decode and retrieve the password from the payload.

    Ensure that the AWS CLI is installed on the Spinnaker instance running the Clouddriver service. For example:

    The Spinnaker instance running the Clouddriver service will also need permissions to interact with the ECR repository. Attach the AmazonEC2ContainerRegistryReadOnly managed policy to the IAM role for your Spinnaker instance profile or (if IAM user credentials are saved in ~/.aws) your Spinnaker IAM user. For example,

    or:

  4. Add the account.

Other registries

Most registries fit either the Dockerhub or GCR pattern described above,or some mix of the two. In all cases you need to know the FQDN of theregistry, and your username/password pair if you are accessing private images.If your registry supports the /_catalogendpointyou do not have to list your repositories. If it does not, keep in mind that therepository names are generally of the form <username>/<image name>. Halyardverifies this for you.

RegistryFQDNCatalog
GCRgcr.io, eu.gcr.io, us.gcr.io, asia.gcr.io, b.gcr.ioYes
DockerHubindex.docker.ioNo
Quayquay.ioYes
ECRaccount-id.dkr.ecr.region.amazon.aws.comYes
JFrog Artifactoryserver-repo.jfrog.io?

Add the account

First, make sure that the provider is enabled:

Spinnaker Slack Integration

Assuming that your registry has address $ADDRESS, with repositories$REPOSITORIES, username $USERNAME, and password $PASSWORD, run thefollowing hal command to add an account named my-docker-registry toyour list of Docker Registry accounts:

Advanced Account Settings

If you are looking for more configurability, please see the other optionslisted in the HalyardReference.

Next Steps

Spinnaker Slack Bar

Optionally, you can set up another cloud provider,but otherwise you’re ready to choose an environmentin which to install Spinnaker.





Comments are closed.