如何使用n8n部置gitlab cicd status到teams

1. 安裝 docker

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmour -o /usr/share/keyrings/docker-archive-keyring.gpg
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] \
  https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update
sudo apt install -y docker-ce docker-ce-cli containerd.io

2. 安裝 docker-compose

sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" \
  -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

3. 設定 n8n 的 docker-compose.yml

sudo mkdir -p /srv/n8n
sudo vim /srv/n8n/docker-compose.yml

/srv/n8n/docker-compose.yml

services:
  n8n:
    image: n8nio/n8n:latest
    restart: unless-stopped
    environment:
      # Host config
      - N8N_HOST=n8n_server_dns_or_ip
      - N8N_PORT=5678
      - N8N_PROTOCOL=http
      - WEBHOOK_URL=https://n8n_server_dns_or_ip
      # Basic Auth
      - N8N_BASIC_AUTH_ACTIVE=true
      - N8N_BASIC_AUTH_USER=admin
      - N8N_BASIC_AUTH_PASSWORD=ReplaceWithStrongPassword
      # 自動修正設定檔權限
      - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS=true
    ports:
      - "127.0.0.1:5678:5678"
    volumes:
      - n8n-data:/home/node/.n8n  # 使用 Docker volume

volumes:
  n8n-data:

4. 佈署 n8n

docker-compose up -d

5. 設定 nginx

sudo vim /etc/nginx/sites-available/n8n.conf

/etc/nginx/sites-available/n8n.conf

server {
  listen 80;
  server_name n8n_server_dns_or_ip;
  return 301 https://$host$request_uri;
}

server {
  listen 443 ssl;
  server_name n8n_server_dns_or_ip;

  ssl_certificate /etc/ssl/n8n/n8n.crt;
  ssl_certificate_key /etc/ssl/n8n/n8n.key;

  location / {
    proxy_pass http://127.0.0.1:5678;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
  }
}

6. 產生自簽名証書

sudo mkdir -p /etc/ssl/n8n
cd /etc/ssl/n8n

sudo openssl genrsa -out n8n.key 4096

cat > san.cnf <<'EOF'
[req]
distinguished_name = req_distinguished_name
[req_distinguished_name]
[v3_ca]
subjectAltName = @alt_names
[alt_names]
IP.1 = 10.0.0.10
EOF

sudo openssl req -new -sha256 -key n8n.key -out n8n.csr -config san.cnf -subj "/CN=10.0.0.10"
sudo openssl x509 -req -in n8n.csr -signkey n8n.key -out n8n.crt -days 3650 -extensions v3_ca -extfile san.cnf

7. 啟動 nginx

sudo ln -s /etc/nginx/sites-available/n8n.conf /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx

8. 複製 n8n 自簽名証書到 gitlab server

sudo scp n8n.crt user_name@gitlab_server_dns_or_ip:/usr/local/share/ca-certificates/
sudo update-ca-certificates
sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart

9. gitlab 設定 webhook

• 打開 GitLab 專案 → Settings → Webhooks
• URL 填 n8n webhook
• 觸發事件只選 Pipeline events
• 保存 webhook

10. Teams 設定 workflow

• 選範本 收到 webhook 要求時發佈在頻道中
• 選擇要發佈的頻道
• 複製 URL

11. 建立 n8n webhook

• 連上 n8n server https://n8n_server_dns_or_ip
• 打開 n8n Web UI
• 建立 新 Workflow
• 建立 Webhook Node

1. HTTP method: POST
2. Path: gitlab-cicd
3. Authentication: None
4. Respond: onReceived

• 建立 Function Node

1. Mode: Run Once for All Items
2. Language: JavaScript
3. Add script

// 取得 webhook payload
const payload = $json;

// 取出需要的欄位
const pipelineUrl = payload?.body?.object_attributes?.url || null;
const projectNamespace = payload?.body?.project?.namespace || null;
const defaultBranch = payload?.body?.project?.default_branch || null;

// 取 builds 陣列
const builds = Array.isArray(payload?.body?.builds) ? payload.body.builds : [];

// 如果沒有至少三個 build，就不處理
if (builds.length < 3) {
  return [];
}

// 只取前三個 job 的 status
const statuses = [
  builds[0]?.status ?? null,
  builds[1]?.status ?? null,
  builds[2]?.status ?? null
];

// 定義正在進行中的狀態（要過濾掉）
const inProgress = ['created', 'pending', 'running'];

// 如果任一還在進行中，則過濾掉
if (statuses.some(s => inProgress.includes(s))) {
  return [];
}

// 如果任一是 failed → 回傳 failed
if (statuses.some(s => s === 'failed')) {
  return [{
    json: {
      pipeline_url: pipelineUrl,
      namespace: projectNamespace,
      default_branch: defaultBranch,
      statuses,
      result: 'failed'
    }
  }];
}

// 其他情況（全部 success 或其他）都不輸出
return [];

• 建立 HTTP Request Node

1. Method: POST
2. URL: 剛才 teams 產生的 workflow url
3. Authentication: None
4. Enable Send Headers
5. Specify Headers: Using JSON

{
  "Content-Type": "application/json"
}

6. Enable Send Body
7. Body Content Type: JSON
8. Specify Body: Using JSON

{
  "type": "message",
  "attachments": [
    {
      "contentType": "application/vnd.microsoft.card.adaptive",
      "content": {
        "$schema": "http://adaptivecards.io/schemas/adaptive-card.json",
        "type": "AdaptiveCard",
        "version": "1.4",
        "body": [
          {
            "type": "TextBlock",
            "size": "Medium",
            "weight": "Bolder",
            "text": "GitLab Pipeline Result"
          },
          {
            "type": "FactSet",
            "facts": [
              {
                "title": "Project:",
                "value": "{{ $json.namespace }}"
              },
              {
                "title": "Branch/Tag:",
                "value": "{{ $json.default_branch }}"
              },
              {
                "title": "Status:",
                "value": "{{ $json.result }}"
              },
              {
                "title": "URL:",
                "value": "{{ $json.pipeline_url }}"
              }
            ]
          }
        ]
      }
    }
  ]
}

• Enable workhook to active

12. gitlab webhook 按 Test 觸發 pipeline event