如何使用n8n部置gitlab cicd status到teams

Posted on
  1. 安裝 docker
1
2
3
4
5
6
7
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmour -o /usr/share/keyrings/docker-archive-keyring.gpg
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] \
  https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update
sudo apt install -y docker-ce docker-ce-cli containerd.io
  1. 安裝 docker-compose
1
2
3
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" \
  -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
  1. 設定 n8ndocker-compose.yml
1
2
sudo mkdir -p /srv/n8n
sudo vim /srv/n8n/docker-compose.yml

/srv/n8n/docker-compose.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
services:
  n8n:
    image: n8nio/n8n:latest
    restart: unless-stopped
    environment:
      # Host config
      - N8N_HOST=n8n_server_dns_or_ip
      - N8N_PORT=5678
      - N8N_PROTOCOL=http
      - WEBHOOK_URL=https://n8n_server_dns_or_ip
      # Basic Auth
      - N8N_BASIC_AUTH_ACTIVE=true
      - N8N_BASIC_AUTH_USER=admin
      - N8N_BASIC_AUTH_PASSWORD=ReplaceWithStrongPassword
      # 自動修正設定檔權限
      - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS=true
    ports:
      - "127.0.0.1:5678:5678"
    volumes:
      - n8n-data:/home/node/.n8n  # 使用 Docker volume

volumes:
  n8n-data:
  1. 佈署 n8n
1
docker-compose up -d
  1. 設定 nginx
1
sudo vim /etc/nginx/sites-available/n8n.conf

/etc/nginx/sites-available/n8n.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
server {
  listen 80;
  server_name n8n_server_dns_or_ip;
  return 301 https://$host$request_uri;
}

server {
  listen 443 ssl;
  server_name n8n_server_dns_or_ip;

  ssl_certificate /etc/ssl/n8n/n8n.crt;
  ssl_certificate_key /etc/ssl/n8n/n8n.key;

  location / {
    proxy_pass http://127.0.0.1:5678;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
  }
}
  1. 產生自簽名証書
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
sudo mkdir -p /etc/ssl/n8n
cd /etc/ssl/n8n

sudo openssl genrsa -out n8n.key 4096

cat > san.cnf <<'EOF'
[req]
distinguished_name = req_distinguished_name
[req_distinguished_name]
[v3_ca]
subjectAltName = @alt_names
[alt_names]
IP.1 = 10.0.0.10
EOF

sudo openssl req -new -sha256 -key n8n.key -out n8n.csr -config san.cnf -subj "/CN=10.0.0.10"
sudo openssl x509 -req -in n8n.csr -signkey n8n.key -out n8n.crt -days 3650 -extensions v3_ca -extfile san.cnf
  1. 啟動 nginx
1
2
3
sudo ln -s /etc/nginx/sites-available/n8n.conf /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx
  1. 複製 n8n 自簽名証書到 gitlab server
1
2
3
4
sudo scp n8n.crt user_name@gitlab_server_dns_or_ip:/usr/local/share/ca-certificates/
sudo update-ca-certificates
sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart
  1. gitlab 設定 webhook
  • 打開 GitLab 專案 → Settings → Webhooks
  • URL 填 n8n webhook
  • 觸發事件只選 Pipeline events
  • 保存 webhook
  1. Teams 設定 workflow
  • 選範本 收到 webhook 要求時發佈在頻道中
  • 選擇要發佈的頻道
  • 複製 URL
  1. 建立 n8n webhook
  • 連上 n8n server https://n8n_server_dns_or_ip
  • 打開 n8n Web UI
  • 建立 新 Workflow
  • 建立 Webhook Node
  1. HTTP method: POST
  2. Path: gitlab-cicd
  3. Authentication: None
  4. Respond: onReceived
  • 建立 HTTP Request Node
  1. Method: POST
  2. URL: 剛才 teams 產生的 workflow url
  3. Authentication: None
  4. Enable Send Headers
  5. Specify Headers: Using JSON
1
2
3
{
  "Content-Type": "application/json"
}
  1. Enable Send Body
  2. Body Content Type: JSON
  3. Specify Body: Using JSON
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
{
  "type": "message",
  "attachments": [
    {
      "contentType": "application/vnd.microsoft.card.adaptive",
      "content": {
        "$schema": "http://adaptivecards.io/schemas/adaptive-card.json",
        "type": "AdaptiveCard",
        "version": "1.4",
        "body": [
          {
            "type": "TextBlock",
            "size": "Medium",
            "weight": "Bolder",
            "text": "GitLab Pipeline Result"
          },
          {
            "type": "FactSet",
            "facts": [
              {
                "title": "Project:",
                "value": "={{$json["project"]["name"]}}"
              },
              {
                "title": "Branch/Tag:",
                "value": "={{$json["object_attributes"]["ref"]}}"
              },
              {
                "title": "Status:",
                "value": "={{$json["object_attributes"]["status"]}}"
              },
              {
                "title": "Pipeline URL:",
                "value": "={{$json["object_attributes"]["url"]}}"
              }
            ]
          }
        ]
      }
    }
  ]
}
  • Enable workhook to active
  1. gitlab webhook 按 Test 觸發 pipeline event