IRIS

_{In Greek mythology, Iris is the personification of the rainbow and messenger of the gods.}

• IRIS
  • Run in cluster
    • Using Helm
  • Build
  • Filters
    • Reason
    • Namespace
    • JSONPath
    • Labels
    • Any
  • Destinations
    • Default
    • Codefresh
  • Integrations

Easily configure webhooks on Kubernetes events using highly customizable filters

• This project is not stable yet and may be changed anytime without any notice.

Run in cluster

Using Helm

• clone or fork this repository
• create your iris.yaml file
• install chart from local directory helm install ./iris --values ./iris.yaml
• by default the chart will be installed into namespace iris, see default values to overwrite it

Build

• clone or fork this repo
• make install
• make build
• Limitations:
  • Execute out of cluster iris run --help
  • Execute on non GCP cluster

Quick example:

In this example we will configure to listen on any Kubernetes event that been reported by the pod controller and matched to the filter will be sent to the destination.

filters:
  - name: MatchDefaultNamespace
    type: namespace
    namespace: default
  - name: MatchPodKind
    type: jsonpath
    path: $.involvedObject.kind
    value: Pod

destinations:
  - name: prod
    url: http://localhost

integrations:
  - name: Report
    destinations: 
    - prod
    filters:
    - MatchPodKind
    - MatchDefaultNamespace

Filters

Set of rules that will be applied on each Kubernetes event.
Kubernetes event that will pass all required filters will be passed to the destination to be reported
Types of filters:

Reason

Reason filter is a syntactic sugar for JSONPath filter with path: $.reason and value: {{reason}}

filters:
  - name: PodScheduled
    reason: "Scheduled"

Namespace

Namespace filter is a syntactic sugar for JSONPath filter with path: $.metadata.namespace and value: {{reason}}

filters:
  - name: FromDefaultNamespace
    namespace: default

JSONPath

With JSONPath gives the ability to match any field from Kubernetes event. The value from the fields can be matched to exec value using value: {{value}} or matched by regex using regexp: {{regexp}}

filters:
  # Match to Warning event type
  - name: WarningLevel
    type: jsonpath
    path: $.type
    value: Warning
  # Match to any event that the name matched to regexp /tiller/
  - name: MatchToRegexpTiller
    type: jsonpath
    path: $.metadata.name
    regexp: tiller

Labels

Labels filter will try to get the original resource from the event with the given filters. The filter considers as passed if any resource were found

filters:
   - name: MatchLabels
     type: labels
     labels:
       app: helm

Any

filters:
  - name: WarningLevel
    type: any
    filters:
    - FromDefaultNamespace
    - WarningLevel

Destinations

Each destination is an api endpoint where the Kubernetes event will be sent Types of destinations:

Default

The default destinations will attempt to send POST request with the event json in the request body If secret is given, hash string will be calculated using the given key on the request body and the result will be set in the request header as X-IRIS-HMAC: hash

destinations:
  - name: Webhook
    url: https://webhook.site
    secret: SECRET

Codefresh

With Iris, you can execute Codefresh pipelines. Add destinations with Codefresh type:

• name: pipeline full name can be found easily using Codefresh CLI - codefresh get pipelines
• branch: which branch of the repo should be cloned
• cftoken: Token to Codefresh API can be generated in Account settings/Tokens view

  - name: ExecuteCodefreshPipeline
    type: Codefresh
    pipeline: PIPELINE_NAME
    cftoken: API_TOKEN
    branch: master

Integrations

Connecting between filters and destinations

integrations:
  - name: Report
    destinations:
    - {{name of destination}}
    filters:
    - {{name of filters to apply}}