You can set the Fetch repository action in Valohai to be done automatically every time you push code to the remote GitHub repository connected to your project.
Create a trigger on Valohai
On Valohai app, navigate to project settings -> Triggers -> Create trigger
Select Webhook as the trigger type.
Generate a new secret and store it securely; you’ll need it when configuring the trigger and GitHub. A passphrase or a random string of characters is fine: your password manager can do this for you. This is referred to as the “GitHub Secret” in this example.
Add a Web Request Authentication condition with HMAC with the + Add menu under the Conditions column:
- Auth Type: select “HMAC”
- Token Lookup Namespace: select “HTTP Header”
- Token Lookup Key: type
X-Hub-Signature-256
- Secret Key: type the GitHub Secret from your notes
- Value Prefix: type
sha256=
- Leave the HMAC Basestring Format field empty.
- Algorithm: select “SHA256”
Add a Fetch Repository action with the + Add menu under the Actions column
The References and YAML path fields are optional, so you can leave them empty. This will use the default values for this project as set in the project’s repository settings.
Save the trigger and navigate back to it from the ...
menu -> Edit Trigger.
Copy the trigger URL.
Create a webhook event on GitHub
On the GitHub website, navigate to project settings -> webhooks (under Code and automation) -> Create Webhook.
You will be prompted to enter “sudo mode” by GitHub to make changes to your project settings.
- Payload URL: paste the trigger URL
- Secret: type or paste the GitHub Secret
- Everything else can be left to the default values.
- Save the webhook.
- GitHub will now deliver a test webhook.
- Navigate to the webhook’s properties and check the recent deliveries to confirm that the test delivery was successful.
Advanced: Launch additional executions and pipelines
You can also add an execution or pipeline to the GitHub webhook trigger to run it every time some code is pushed to the GitHub repository. Make sure to position the execution or pipeline running action underneath the repository fetch action so that it will receive the newest code in the repository.
GitHub sends a payload of data in the webhook
request, which is available as an input for executions launched by this trigger when the Payload input name field
is set in the action. This input file can be read and used to implement custom logic to conditionally launch further
pipelines or executions, e.g., if the release
branch has been updated.
Here’s an example step that parses GitHub’s payload to call functions depending on which
branches were pushed. It assumes that you have set the GitHub webhook to send the data as
application/json
. The step will also install the requests
library.
Add the following step to your valohai.yaml
- step:
name: GitHub Dispatch
image: python:3.11
command:
- pip install valohai-utils requests
- python ./github_dispatch.py
inputs:
- name: github-payload
optional: true
Create a file called github_dispatch.py
:
import pprint
import requests
import valohai
import json
release_pipeline_trigger_url = "<trigger URL>"
with open(valohai.inputs('github-payload').path()) as f:
github_payload = json.load(f)
print('INFO: GitHub payload:')
pprint.pprint(github_payload)
# Branch references are in the form "refs/heads/<branch name>"
if github_payload['ref'] == "refs/heads/main":
print("INFO: Pushed to main branch -- Dispatching trigger")
requests.post(release_pipeline_trigger_url, headers={"Authorization": "secret=..."})
Launching webhook triggers from executions
You can read more on how to launch webhook triggers using Python in the webhooks introduction