Trigger Example with GitHub

You can set the Fetch repository action in Valohai to be done automatically every time you push code to the remote GitHub repository connected to your project.

Create a trigger on Valohai

On Valohai app, navigate to project settings -> Triggers -> Create trigger

Select Webhook as the trigger type.

Generate a new secret and store it securely; you'll need it when configuring the trigger and GitHub. A passphrase or a random string of characters is fine: your password manager can do this for you. This is referred to as the "GitHub Secret" in this example.

Add a Web Request Authentication condition with HMAC with the + Add menu under the Conditions column:

1. Auth Type: select "HMAC"

2. Token Lookup Namespace: select "HTTP Header"

3. Token Lookup Key: type X-Hub-Signature-256

4. Secret Key: type the GitHub Secret from your notes

5. Value Prefix: type sha256=

6. Leave the HMAC Basestring Format field empty.

7. Algorithm: select "SHA256"

Add a Fetch Repository action with the + Add menu under the Actions column

The References and YAML path fields are optional, so you can leave them empty. This will use the default values for this project as set in the project's repository settings.

Save the trigger and navigate back to it from the ... menu -> Edit Trigger.

Copy the trigger URL.

Create a webhook event on GitHub

On the GitHub website, navigate to project settings -> webhooks (under Code and automation) -> Create Webhook.

You will be prompted to enter "sudo mode" by GitHub to make changes to your project settings.

1. Payload URL: paste the trigger URL

2. Secret: type or paste the GitHub Secret

3. Everything else can be left to the default values.

4. Save the webhook.

5. GitHub will now deliver a test webhook.

6. Navigate to the webhook's properties and check the recent deliveries to confirm that the test delivery was successful.

Advanced: Launch additional executions and pipelines

You can also add an execution or pipeline to the GitHub webhook trigger to run it every time some code is pushed to the GitHub repository. Make sure to position the execution or pipeline running action underneath the repository fetch action so that it will receive the newest code in the repository.

GitHub sends a payload of data in the webhook request, which is available as an input for executions launched by this trigger when the Payload input name field is set in the action. This input file can be read and used to implement custom logic to conditionally launch further pipelines or executions, e.g., if the release branch has been updated.

Here's an example step that parses GitHub's payload to call functions depending on which branches were pushed. It assumes that you have set the GitHub webhook to send the data as application/json. The step will also install the requests library.

Add the following step to your valohai.yaml

- step:
    name: GitHub Dispatch
    image: python:3.11
    command:
    - pip install valohai-utils requests
    - python ./github_dispatch.py
    inputs:
    - name: github-payload
      optional: true

Create a file called github_dispatch.py:

import pprint
import requests
import valohai
import json

release_pipeline_trigger_url = "<trigger URL>"

with open(valohai.inputs('github-payload').path()) as f:
    github_payload = json.load(f)

print('INFO: GitHub payload:')
pprint.pprint(github_payload)

# Branch references are in the form "refs/heads/<branch name>"
if github_payload['ref'] == "refs/heads/main":
    print("INFO: Pushed to main branch -- Dispatching trigger")
    requests.post(release_pipeline_trigger_url, headers={"Authorization": "secret=..."})