Build Triggers, Webhooks and Rollbacks - Oh My!

Once you have an app deployed in OpenShift you can take advantage of some continuous capabilities that help to enable DevOps and automate your management process. We will cover some of those in this lab: Build triggers, webhooks, and rollbacks.

A bit of configuration

We are going to do some integration and coding with an external git repository. For this lab we are going to use github, if you don't already have an account, you can create one here.

OK, let's fork the dc-metro-map app from my account into your github account. Goto https://github.com/RedHatGov/openshift-workshops and look to the top right for the "Fork" button.

image

Click the "Fork" button

Github should redirect you to the newly created fork of the source code.

Build Trigger / Code Change Webhook

When using S2I there are a few different things that can be used to [trigger] a rebuild of your source code. The first is a configuration change, the second is an image change, and the last (which we are covering here) is a webhook. A webhook is basically your git source code repository telling OpenShift that the code we care about has changed. Let's set that up for our project now to see it in action.

Jump back to your OpenShift web console and let's add the webapp to our project. You should know how to do this from previous lab work, but this time point to your github URL for the source code. If you need a refresher follow the steps below or just skip to the next section

Click the "Add to Project" button ![image](img/ocp-addToProjectButton.png)

Select the "From Git" icon

Make sure that you replace YOUR_ACCOUNT with your GitHub user ID. Click on the "Show Advanced Git Options" expander to fill in the "Context Dir" field:

Git Repo URL

https://github.com/YOUR_ACCOUNT/openshift-workshops.git

Context Dir

dc-metro-map

Select Node.js

Application Name

dc-metro-map

Name

dc-metro-map

Select "Deployment Configuration" When you are done, scroll to the bottom and click 'Create'

The node.js builder template creates a number of resources for you, but what we care about right now is the build configuration because that contains the webhooks. So to get the URL:

  1. Goto the terminal and type the following:
    $ oc get bc/dc-metro-map -o yaml | grep generic-webhook
  2. which returns the name of the secret that we need to find:
    name: dc-metro-map-generic-webhook-secret
  3. Now that you have the name of the secret, you can get its value:
    $ SECRET=`oc get secrets dc-metro-map-generic-webhook-secret -o json | jq -r '.data.WebHookSecretKey' | base64 -d ; echo`
  4. Last, we can get the URL for the webhook, this way:
    $ oc describe bc/dc-metro-map | grep "Webhook Generic" -A 1 | sed "s/<secret>/${SECRET}/"
  5. which results in the information that we need:
    Webhook Generic:
    URL:        https://api.ocptest-alliances.dynatracelabs.com:6443/apis/build.openshift.io/v1/namespaces/demo-0/buildconfigs/dc-metro-map/webhooks/813f423c1d78b005/generic
  6. Copy the "Webhook Generic" URL to the clipboard, so that we can use it in GitHub.
  7. Now switch back over to github
  8. Let's put the webhook URL into the repository. At the main page for this repository (the fork), you should see a tab bar with code, pull requests, pulse, graphs, and settings.image
  9. Click the "Settings" tab
  10. Now you will see a vertical list of settings groups.
  11. Click the "Webhooks" linkimage
  12. Click the "Add webhook" button
  13. Paste in the URL you copied
  14. Disable SSL verification by clicking the buttonimage
  15. Click the "Add webhook" button

Good work! Now any "push" to the forked repository will send a webhook that triggers OpenShift to: re-build the code and image using s2i, and then perform a new pod deployment. In fact Github should have sent a test trigger and OpenShift should have kicked off a new build already.

Rollbacks

Well, what if something isn't quite right with the latest version of our app? Let's say some feature we thought was ready for the world really isn't - and we didn't figure that out until after we deployed it. No problem, we can roll it back with the click of a button. Let's check that out:

OpenShift has done a graceful removal of the old pod and created a new one.

💥 TECHNICAL NOTE

Note that the old pod wasn't killed until the new pod was successfully started and ready to be used. This is so that OpenShift could continue to route traffic to the old pod until the new one was ready.

The node.js builder template creates a number of resources for you, but what we care about right now is the build configuration because that contains the webhooks. So to get the URL:

  1. in "Administrator" mode, click on "Builds" and then click on "Build Configs" This is going to show basic details for all build configurations in this projectimage
  2. Click the "dc-metro-map" build configimageYou will see the summary of builds using this build config
  3. Scroll to the bottom of the window.imageNow you can see the links to get the various secrets.
  4. Copy the Generic webhook to the clipboard, by clicking on "Copy URL with Secret"
  5. Now switch back over to github
  6. Let's put the webhook URL into the repository. At the main page for this repository (the fork), you should see a tab bar with code, pull requests, pulse, graphs, and settings.image
  7. Click the "Settings" tabNow you will see a vertical list of settings groups.
  8. Click the "Webhooks" linkimage
  9. Click the "Add webhook" button
  10. Paste in the URL you copied
  11. Disable SSL verification by clicking the buttonimage
  12. Click the "Add webhook" button

Good work! Now any "push" to the forked repository will send a webhook that triggers OpenShift to: re-build the code and image using s2i, and then perform a new pod deployment. In fact Github should have sent a test trigger and OpenShift should have kicked off a new build already.

Rollbacks

Well, what if something isn't quite right with the latest version of our app? Let's say some feature we thought was ready for the world really isn't - and we didn't figure that out until after we deployed it. No problem, we can roll it back with the click of a button. Let's check that out:

  1. Click on "Builds" and then click on "Builds" This is going to show basic details for all builds, for the dc-metro-map application.image
  2. Click the "dc-metro-map" build that you want to roll back to. For the purposes of this lab, click dc-metro-map-1.
  3. Click on ‘Actions', and then ‘Rebuild', from the menu, in the upper right corner of the window.image
  4. You can go back to the ‘Workloads', ‘DeploymentConfigs', ‘dc-metro-map' page, and click on the ‘Events' tab, to see your previous deployment spinning down and your new one spinning up. imageOpenShift has done a graceful removal of the old pod and created a new one.

💥 TECHNICAL NOTE

Note that the old pod wasn't killed until the new pod was successfully started and ready to be used. This is so that OpenShift could continue to route traffic to the old pod until the new one was ready.

In this lab we saw how you can configure a source code repository to trigger builds with webhooks. This webhook could come from Github, Jenkins, Travis-CI, or any tool capable of sending a URL POST. Keep in mind that there are other types of build triggers you can setup. For example: if a new version of the upstream RHEL image changes. We also inspected our deployment history and did a rollback of our running deployment to one based on an older image with the click of a button.