Let the bots deploy and the humans approve.
Oga is a Kubernetes intializer that blocks a deployment from initializing and requests approval from slack(this can be extended with different requesters in the future see fake_requester as an example) before allowing the deployment to continue.
Create the initializer resource in k8s e.g:
$> kubectl apply -f examples/initializer.yaml
Run the bot:
$> ./oga -bot-name oga -slack-token "<SLACK TOKEN>"`
this will be updated with a k8s deployment in the future
On deployments that require approval, define the below annotation on them:
metadata:
annotations:
"initializer.kubernetes.io/oga": |
slack:
channel: "#testoga"
approvers:
- "@bjhaid"
Apply the deployment and you should get a message like below in slack if it's configured correctly:
On successful approval oga will update the deployment metadata as below:
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
initializer.kubernetes.io/oga: |
approved_by: |
Username: bjhaid, Fullname: Ayodele, Email: bjhaid@oga.com
slack:
approvers:
- '@bjhaid'
channel: '#testoga'
Including the details of the person who responded to the approval request on the annotation.
If you need to override oga
's approval request for any reason you can declare
an empty initializer on your deployment configuration as below:
metadata:
initializers:
annotations:
"initializer.kubernetes.io/oga": |
slack:
channel: "#testoga"
approvers:
- "@bjhaid"
Note this will remove all initializers including oga
Usage of ./oga:
-alsologtostderr
log to standard error as well as files
-annotation string
The annotation to trigger initialization (default "initializer.kubernetes.io/oga")
-bot-name string
The username of the oga bot as created in slack
-initializer-name string
The initializer name (default "oga.initializer.kubernetes.io")
-kubeconfig string
(optional) absolute path to the kubeconfig file (default "/Users/bjhaid/.kube/config")
-log_backtrace_at value
when logging hits line file:N, emit a stack trace
-log_dir string
If non-empty, write log files in this directory
-logtostderr
log to standard error instead of files
-slack-token string
Slack API token
-stderrthreshold value
logs at or above this threshold go to stderr
-v value
log level for V logs
-vmodule value
comma-separated list of pattern=N settings for file-filtered logging
- Add k8s configuration files for deploying oga to k8s.
- Add support for slack groups.
- High Availability of oga, currently can run only a single oga instance.