talexander/webhook_bridge
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: talexander:v0.0.13
Branches Tags
talexander:main
talexander:v0.0.34 talexander:v0.0.33 talexander:v0.0.32 talexander:v0.0.31 talexander:v0.0.30 talexander:v0.0.29 talexander:v0.0.28 talexander:v0.0.27 talexander:v0.0.26 talexander:v0.0.25 talexander:v0.0.23 talexander:v0.0.22 talexander:v0.0.21 talexander:v0.0.20 talexander:v0.0.19 talexander:v0.0.18 talexander:v0.0.17 talexander:v0.0.16 talexander:v0.0.15 talexander:v0.0.14 talexander:v0.0.13 talexander:v0.0.12 talexander:v0.0.11 talexander:v0.0.10 talexander:v0.0.9 talexander:v0.0.8 talexander:v0.0.7 talexander:v0.0.6 talexander:v0.0.5 talexander:v0.0.4 talexander:v0.0.3 talexander:v0.0.2 talexander:v0.0.1
...
compare: talexander:v0.0.32
Branches Tags
talexander:main
talexander:v0.0.34 talexander:v0.0.33 talexander:v0.0.32 talexander:v0.0.31 talexander:v0.0.30 talexander:v0.0.29 talexander:v0.0.28 talexander:v0.0.27 talexander:v0.0.26 talexander:v0.0.25 talexander:v0.0.23 talexander:v0.0.22 talexander:v0.0.21 talexander:v0.0.20 talexander:v0.0.19 talexander:v0.0.18 talexander:v0.0.17 talexander:v0.0.16 talexander:v0.0.15 talexander:v0.0.14 talexander:v0.0.13 talexander:v0.0.12 talexander:v0.0.11 talexander:v0.0.10 talexander:v0.0.9 talexander:v0.0.8 talexander:v0.0.7 talexander:v0.0.6 talexander:v0.0.5 talexander:v0.0.4 talexander:v0.0.3 talexander:v0.0.2 talexander:v0.0.1

18 Commits
v0.0.13 ... v0.0.32

Author SHA1 Message Date
Tom Alexander
e0a8e35577 Update the build pipelines.
Some checks failed
semver Build semver has succeeded
Details
build Build build has started
Details
format Build format has succeeded
Details
clippy Build clippy has failed
Details
rust-test Build rust-test has succeeded
Details
2026-05-02 23:30:01 -04:00
Tom Alexander
edaaadf590 Add better logging. 2026-05-02 23:30:01 -04:00
Tom Alexander
4521135b29 Update to the latest catalog. 2026-05-02 23:30:01 -04:00
Tom Alexander
cdb5973104 Build using nix. 2026-05-02 23:30:01 -04:00
Tom Alexander
6e209bdcef Update for the latest gitea. 2026-05-02 16:35:31 -04:00
Tom Alexander
5fb1982930 Mark internal_tracker as optional.
Some checks failed
semver Build semver has succeeded
Details
format Build format has succeeded
Details
clippy Build clippy has failed
Details
build Build build has succeeded
Details
rust-test Build rust-test has succeeded
Details
2025-09-23 21:09:24 -04:00
Tom Alexander
ac3c23e65a Switch to local-path-provisioner.
Some checks failed
format Build format has succeeded
Details
clippy Build clippy has failed
Details
rust-test Build rust-test has succeeded
Details
semver Build semver has succeeded
Details
build Build build has succeeded
Details
2025-08-31 18:35:48 -04:00
Tom Alexander
3f2bdda8cb Add support for new fields in payload.
All checks were successful
semver Build semver has succeeded
Details
format Build format has succeeded
Details
clippy Build clippy has succeeded
Details
rust-test Build rust-test has succeeded
Details
build Build build has succeeded
Details
2025-02-08 21:11:23 -05:00
Tom Alexander
e7eeeefa53 Add back in docker targets.
All checks were successful
semver Build semver has succeeded
Details
format Build format has succeeded
Details
build Build build has succeeded
Details
clippy Build clippy has succeeded
Details
rust-test Build rust-test has succeeded
Details
2024-10-20 23:12:52 -04:00
Tom Alexander
a17f6502c0 Use linked copy. 2024-10-20 23:03:40 -04:00
Tom Alexander
16a39809e4 Merge branch 'buildkit'
All checks were successful
semver Build semver has succeeded
Details
format Build format has succeeded
Details
clippy Build clippy has succeeded
Details
rust-test Build rust-test has succeeded
Details
build Build build has succeeded
Details
2024-10-20 22:42:36 -04:00
Tom Alexander
7dd0a9d0ad Update dockerfiles to take advantage of BuildKit.
All checks were successful
format Build format has succeeded
Details
rust-test Build rust-test has succeeded
Details
clippy Build clippy has succeeded
Details
2024-10-20 22:35:16 -04:00
Tom Alexander
9d682cbe83 Switch to using BuiltKit instead of Kaniko to build docker images.
All checks were successful
format Build format has succeeded
Details
rust-test Build rust-test has succeeded
Details
clippy Build clippy has succeeded
Details
2024-10-20 22:28:04 -04:00
Tom Alexander
3ca037411a Add more new fields for webhook payload.
All checks were successful
semver Build semver has succeeded
Details
format Build format has succeeded
Details
clippy Build clippy has succeeded
Details
rust-test Build rust-test has succeeded
Details
2024-10-18 20:27:57 -04:00
Tom Alexander
e991b259f2 Add source_id to HookUser. 
This must be a new field that gitea added in an update.
 2024-10-18 19:41:56 -04:00
Tom Alexander
f3b00c46ea Test: Remove the clients from AppState entirely.
Some checks failed
semver Build semver has succeeded
Details
format Build format has succeeded
Details
clippy Build clippy has succeeded
Details
rust-test Build rust-test has failed
Details
build Build build has succeeded
Details
2024-09-30 00:38:32 -04:00
Tom Alexander
e4463fe79d Remove redundant runAfter directives from workflows.
Some checks failed
semver Build semver has failed
Details
format Build format has succeeded
Details
clippy Build clippy has failed
Details
rust-test Build rust-test has succeeded
Details
2024-09-30 00:29:07 -04:00
Tom Alexander
f18c1fe421 Fix typo in pipelines.
Some checks failed
semver Build semver has succeeded
Details
format Build format has succeeded
Details
rust-test Build rust-test has succeeded
Details
build Build build has succeeded
Details
clippy Build clippy has failed
Details
2024-09-30 00:03:10 -04:00
23 changed files with 553 additions and 473 deletions
Expand all files Collapse all files

1
.dockerignore
View File

@@ -2,3 +2,4 @@
target/ target/
docker/ docker/
.dockerignore .dockerignore
*.bash

88
.webhook_bridge/pipeline-build-semver.yaml
View File

@@ -61,13 +61,11 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
runAfter:
- fetch-repository
params: params:
- name: CONTEXT - name: CONTEXT
value: "$(params.JOB_NAME)" value: "$(params.JOB_NAME)"
@@ -88,9 +86,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/git-clone/0.9/git-clone.yaml value: task/git-clone/0.9/git-clone.yaml
workspaces: workspaces:
@@ -103,44 +101,74 @@ spec:
value: $(params.PULL_BASE_SHA) value: $(params.PULL_BASE_SHA)
- name: deleteExisting - name: deleteExisting
value: "true" value: "true"
- name: get-git-commit-time
taskSpec:
metadata: {}
stepTemplate:
image: alpine:3.20
computeResources:
requests:
cpu: 10m
memory: 600Mi
workingDir: "$(workspaces.repo.path)"
results:
- name: unix-time
description: The time of the git commit in unix timestamp format.
steps:
- image: alpine/git:v2.34.2
name: detect-tag-step
script: |
#!/usr/bin/env sh
set -euo pipefail
echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path)
workspaces:
- name: repo
workspace: git-source
runAfter:
- fetch-repository
- name: build-image - name: build-image
taskRef: taskRef:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: af22c87d0db59dece97d03e6b6a796d84010158f
- name: pathInRepo - name: pathInRepo
value: task/kaniko/0.6//kaniko.yaml value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
params: params:
- name: IMAGE - name: OUTPUT
value: "$(params.image-name):$(tasks.detect-tag.results.tag)" value: >-
type=image,"name=$(params.image-name):latest,$(params.image-name):$(tasks.detect-tag.results.tag)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true
- name: CONTEXT - name: CONTEXT
value: $(params.path-to-image-context) value: $(params.path-to-image-context)
- name: DOCKERFILE - name: DOCKERFILE
value: $(params.path-to-dockerfile) value: $(params.path-to-dockerfile)
- name: BUILDER_IMAGE
value: "gcr.io/kaniko-project/executor:v1.12.1"
- name: EXTRA_ARGS - name: EXTRA_ARGS
value: value:
- "--destination=$(params.image-name)" # Also write the :latest image - "--opt"
- "--target=$(params.target-name)" - "target=$(params.target-name)"
- --cache=true - --import-cache
- --cache-copy-layers - "type=registry,ref=$(params.image-name):buildcache"
- --cache-repo=harbor.fizz.buzz/kanikocache/cache - --export-cache
- --use-new-run # Should result in a speed-up - "type=registry,ref=$(params.image-name):buildcache,mode=max,compression=zstd,compression-level=22,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true"
- --reproducible # To remove timestamps so layer caching works. - --opt
- --snapshot-mode=redo - build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time)
- --skip-unused-stages=true - name: BUILDKITD_TOML
- --registry-mirror=dockerhub.dockerhub.svc.cluster.local value: |
debug = true
[registry."docker.io"]
mirrors = ["dockerhub.dockerhub.svc.cluster.local"]
[registry."dockerhub.dockerhub.svc.cluster.local"]
http = true
insecure = true
workspaces: workspaces:
- name: source - name: source
workspace: git-source workspace: git-source
- name: dockerconfig - name: dockerconfig
workspace: docker-credentials workspace: docker-credentials
runAfter: runAfter:
- detect-tag - fetch-repository
finally: finally:
- name: report-success - name: report-success
when: when:
@@ -151,9 +179,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
params: params:
@@ -180,9 +208,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
params: params:
@@ -207,7 +235,7 @@ spec:
- name: git-source - name: git-source
volumeClaimTemplate: volumeClaimTemplate:
spec: spec:
storageClassName: "nfs-client" storageClassName: "local-path"
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
resources: resources:
@@ -225,4 +253,4 @@ spec:
- name: path-to-image-context - name: path-to-image-context
value: . value: .
- name: path-to-dockerfile - name: path-to-dockerfile
value: docker/webhook_bridge/Dockerfile value: docker/webhook_bridge/

93
.webhook_bridge/pipeline-format.yaml
View File

@@ -29,13 +29,11 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
runAfter:
- fetch-repository
params: params:
- name: CONTEXT - name: CONTEXT
value: "$(params.JOB_NAME)" value: "$(params.JOB_NAME)"
@@ -56,9 +54,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/git-clone/0.9/git-clone.yaml value: task/git-clone/0.9/git-clone.yaml
workspaces: workspaces:
@@ -71,36 +69,67 @@ spec:
value: $(params.PULL_BASE_SHA) value: $(params.PULL_BASE_SHA)
- name: deleteExisting - name: deleteExisting
value: "true" value: "true"
- name: get-git-commit-time
taskSpec:
metadata: {}
stepTemplate:
image: alpine:3.20
computeResources:
requests:
cpu: 10m
memory: 600Mi
workingDir: "$(workspaces.repo.path)"
results:
- name: unix-time
description: The time of the git commit in unix timestamp format.
steps:
- image: alpine/git:v2.34.2
name: detect-tag-step
script: |
#!/usr/bin/env sh
set -euo pipefail
echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path)
workspaces:
- name: repo
workspace: git-source
runAfter:
- fetch-repository
- name: build-image - name: build-image
taskRef: taskRef:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: af22c87d0db59dece97d03e6b6a796d84010158f
- name: pathInRepo - name: pathInRepo
value: task/kaniko/0.6/kaniko.yaml value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
params: params:
- name: IMAGE - name: OUTPUT
value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" value: >-
type=image,"name=$(params.image-name):latest,$(params.image-name):$(tasks.fetch-repository.results.commit)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true
- name: CONTEXT - name: CONTEXT
value: $(params.path-to-image-context) value: $(params.path-to-image-context)
- name: DOCKERFILE - name: DOCKERFILE
value: $(params.path-to-dockerfile) value: $(params.path-to-dockerfile)
- name: BUILDER_IMAGE
value: "gcr.io/kaniko-project/executor:v1.12.1"
- name: EXTRA_ARGS - name: EXTRA_ARGS
value: value:
- "--target=$(params.target-name)" - "--opt"
- --cache=true - "target=$(params.target-name)"
- --cache-copy-layers - --import-cache
- --cache-repo=harbor.fizz.buzz/kanikocache/cache - "type=registry,ref=$(params.image-name):buildcache"
- --use-new-run # Should result in a speed-up - --export-cache
- --reproducible # To remove timestamps so layer caching works. - "type=registry,ref=$(params.image-name):buildcache,mode=max,compression=zstd,compression-level=22,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true"
- --snapshot-mode=redo - --opt
- --skip-unused-stages=true - build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time)
- --registry-mirror=dockerhub.dockerhub.svc.cluster.local - name: BUILDKITD_TOML
value: |
debug = true
[registry."docker.io"]
mirrors = ["dockerhub.dockerhub.svc.cluster.local"]
[registry."dockerhub.dockerhub.svc.cluster.local"]
http = true
insecure = true
workspaces: workspaces:
- name: source - name: source
workspace: git-source workspace: git-source
@@ -147,15 +176,15 @@ spec:
- build-image - build-image
params: params:
- name: docker-image - name: docker-image
value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" value: "$(tasks.build-image.results.IMAGE_URL[1])"
- name: commit-changes - name: commit-changes
taskRef: taskRef:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/git-cli/0.4/git-cli.yaml value: task/git-cli/0.4/git-cli.yaml
params: params:
@@ -189,9 +218,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
params: params:
@@ -218,9 +247,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
params: params:
@@ -272,7 +301,7 @@ spec:
workspace: cargo-cache workspace: cargo-cache
params: params:
- name: docker-image - name: docker-image
value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" value: "$(tasks.build-image.results.IMAGE_URL[1])"
workspaces: workspaces:
- name: git-source - name: git-source
- name: docker-credentials - name: docker-credentials
@@ -281,7 +310,7 @@ spec:
- name: git-source - name: git-source
volumeClaimTemplate: volumeClaimTemplate:
spec: spec:
storageClassName: "nfs-client" storageClassName: "local-path"
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
resources: resources:
@@ -302,4 +331,4 @@ spec:
- name: path-to-image-context - name: path-to-image-context
value: docker/webhook_bridge_development/ value: docker/webhook_bridge_development/
- name: path-to-dockerfile - name: path-to-dockerfile
value: docker/webhook_bridge_development/Dockerfile value: docker/webhook_bridge_development/

89
.webhook_bridge/pipeline-rust-clippy.yaml
View File

@@ -29,13 +29,11 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
runAfter:
- fetch-repository
params: params:
- name: CONTEXT - name: CONTEXT
value: "$(params.JOB_NAME)" value: "$(params.JOB_NAME)"
@@ -56,9 +54,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/git-clone/0.9/git-clone.yaml value: task/git-clone/0.9/git-clone.yaml
workspaces: workspaces:
@@ -71,36 +69,67 @@ spec:
value: $(params.PULL_BASE_SHA) value: $(params.PULL_BASE_SHA)
- name: deleteExisting - name: deleteExisting
value: "true" value: "true"
- name: get-git-commit-time
taskSpec:
metadata: {}
stepTemplate:
image: alpine:3.20
computeResources:
requests:
cpu: 10m
memory: 600Mi
workingDir: "$(workspaces.repo.path)"
results:
- name: unix-time
description: The time of the git commit in unix timestamp format.
steps:
- image: alpine/git:v2.34.2
name: detect-tag-step
script: |
#!/usr/bin/env sh
set -euo pipefail
echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path)
workspaces:
- name: repo
workspace: git-source
runAfter:
- fetch-repository
- name: build-image - name: build-image
taskRef: taskRef:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: af22c87d0db59dece97d03e6b6a796d84010158f
- name: pathInRepo - name: pathInRepo
value: task/kaniko/0.6/kaniko.yaml value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
params: params:
- name: IMAGE - name: OUTPUT
value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" value: >-
type=image,"name=$(params.image-name):latest,$(params.image-name):$(tasks.fetch-repository.results.commit)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true
- name: CONTEXT - name: CONTEXT
value: $(params.path-to-image-context) value: $(params.path-to-image-context)
- name: DOCKERFILE - name: DOCKERFILE
value: $(params.path-to-dockerfile) value: $(params.path-to-dockerfile)
- name: BUILDER_IMAGE
value: "gcr.io/kaniko-project/executor:v1.12.1"
- name: EXTRA_ARGS - name: EXTRA_ARGS
value: value:
- "--target=$(params.target-name)" - "--opt"
- --cache=true - "target=$(params.target-name)"
- --cache-copy-layers - --import-cache
- --cache-repo=harbor.fizz.buzz/kanikocache/cache - "type=registry,ref=$(params.image-name):buildcache"
- --use-new-run # Should result in a speed-up - --export-cache
- --reproducible # To remove timestamps so layer caching works. - "type=registry,ref=$(params.image-name):buildcache,mode=max,compression=zstd,compression-level=22,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true"
- --snapshot-mode=redo - --opt
- --skip-unused-stages=true - build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time)
- --registry-mirror=dockerhub.dockerhub.svc.cluster.local - name: BUILDKITD_TOML
value: |
debug = true
[registry."docker.io"]
mirrors = ["dockerhub.dockerhub.svc.cluster.local"]
[registry."dockerhub.dockerhub.svc.cluster.local"]
http = true
insecure = true
workspaces: workspaces:
- name: source - name: source
workspace: git-source workspace: git-source
@@ -157,7 +186,7 @@ spec:
- build-image - build-image
params: params:
- name: docker-image - name: docker-image
value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" value: "$(tasks.build-image.results.IMAGE_URL[1])"
finally: finally:
- name: report-success - name: report-success
when: when:
@@ -168,9 +197,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
params: params:
@@ -197,9 +226,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
params: params:
@@ -251,7 +280,7 @@ spec:
workspace: cargo-cache workspace: cargo-cache
params: params:
- name: docker-image - name: docker-image
value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" value: "$(tasks.build-image.results.IMAGE_URL[1])"
workspaces: workspaces:
- name: git-source - name: git-source
- name: docker-credentials - name: docker-credentials
@@ -260,7 +289,7 @@ spec:
- name: git-source - name: git-source
volumeClaimTemplate: volumeClaimTemplate:
spec: spec:
storageClassName: "nfs-client" storageClassName: "local-path"
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
resources: resources:
@@ -281,4 +310,4 @@ spec:
- name: path-to-image-context - name: path-to-image-context
value: docker/webhook_bridge_development/ value: docker/webhook_bridge_development/
- name: path-to-dockerfile - name: path-to-dockerfile
value: docker/webhook_bridge_development/Dockerfile value: docker/webhook_bridge_development/

89
.webhook_bridge/pipeline-rust-test.yaml
View File

@@ -29,13 +29,11 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
runAfter:
- fetch-repository
params: params:
- name: CONTEXT - name: CONTEXT
value: "$(params.JOB_NAME)" value: "$(params.JOB_NAME)"
@@ -56,9 +54,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/git-clone/0.9/git-clone.yaml value: task/git-clone/0.9/git-clone.yaml
workspaces: workspaces:
@@ -71,36 +69,67 @@ spec:
value: $(params.PULL_BASE_SHA) value: $(params.PULL_BASE_SHA)
- name: deleteExisting - name: deleteExisting
value: "true" value: "true"
- name: get-git-commit-time
taskSpec:
metadata: {}
stepTemplate:
image: alpine:3.20
computeResources:
requests:
cpu: 10m
memory: 600Mi
workingDir: "$(workspaces.repo.path)"
results:
- name: unix-time
description: The time of the git commit in unix timestamp format.
steps:
- image: alpine/git:v2.34.2
name: detect-tag-step
script: |
#!/usr/bin/env sh
set -euo pipefail
echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path)
workspaces:
- name: repo
workspace: git-source
runAfter:
- fetch-repository
- name: build-image - name: build-image
taskRef: taskRef:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: af22c87d0db59dece97d03e6b6a796d84010158f
- name: pathInRepo - name: pathInRepo
value: task/kaniko/0.6//kaniko.yaml value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
params: params:
- name: IMAGE - name: OUTPUT
value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" value: >-
type=image,"name=$(params.image-name):latest,$(params.image-name):$(tasks.fetch-repository.results.commit)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true
- name: CONTEXT - name: CONTEXT
value: $(params.path-to-image-context) value: $(params.path-to-image-context)
- name: DOCKERFILE - name: DOCKERFILE
value: $(params.path-to-dockerfile) value: $(params.path-to-dockerfile)
- name: BUILDER_IMAGE
value: "gcr.io/kaniko-project/executor:v1.12.1"
- name: EXTRA_ARGS - name: EXTRA_ARGS
value: value:
- "--target=$(params.target-name)" - "--opt"
- --cache=true - "target=$(params.target-name)"
- --cache-copy-layers - --import-cache
- --cache-repo=harbor.fizz.buzz/kanikocache/cache - "type=registry,ref=$(params.image-name):buildcache"
- --use-new-run # Should result in a speed-up - --export-cache
- --reproducible # To remove timestamps so layer caching works. - "type=registry,ref=$(params.image-name):buildcache,mode=max,compression=zstd,compression-level=22,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true"
- --snapshot-mode=redo - --opt
- --skip-unused-stages=true - build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time)
- --registry-mirror=dockerhub.dockerhub.svc.cluster.local - name: BUILDKITD_TOML
value: |
debug = true
[registry."docker.io"]
mirrors = ["dockerhub.dockerhub.svc.cluster.local"]
[registry."dockerhub.dockerhub.svc.cluster.local"]
http = true
insecure = true
workspaces: workspaces:
- name: source - name: source
workspace: git-source workspace: git-source
@@ -147,7 +176,7 @@ spec:
- build-image - build-image
params: params:
- name: docker-image - name: docker-image
value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" value: "$(tasks.build-image.results.IMAGE_URL[1])"
finally: finally:
- name: report-success - name: report-success
when: when:
@@ -158,9 +187,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
params: params:
@@ -187,9 +216,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
params: params:
@@ -241,7 +270,7 @@ spec:
workspace: cargo-cache workspace: cargo-cache
params: params:
- name: docker-image - name: docker-image
value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" value: "$(tasks.build-image.results.IMAGE_URL[1])"
workspaces: workspaces:
- name: git-source - name: git-source
- name: docker-credentials - name: docker-credentials
@@ -250,7 +279,7 @@ spec:
- name: git-source - name: git-source
volumeClaimTemplate: volumeClaimTemplate:
spec: spec:
storageClassName: "nfs-client" storageClassName: "local-path"
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
resources: resources:
@@ -271,4 +300,4 @@ spec:
- name: path-to-image-context - name: path-to-image-context
value: docker/webhook_bridge_development/ value: docker/webhook_bridge_development/
- name: path-to-dockerfile - name: path-to-dockerfile
value: docker/webhook_bridge_development/Dockerfile value: docker/webhook_bridge_development/

22
.webhook_bridge/pipeline-semver.yaml
View File

@@ -26,7 +26,7 @@ spec:
tasks: tasks:
- name: calculate-tag - name: calculate-tag
runAfter: runAfter:
- report-pending - fetch-repository
workspaces: workspaces:
- name: source - name: source
workspace: git-source workspace: git-source
@@ -72,13 +72,11 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
runAfter:
- fetch-repository
params: params:
- name: CONTEXT - name: CONTEXT
value: "$(params.JOB_NAME)" value: "$(params.JOB_NAME)"
@@ -99,9 +97,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/git-clone/0.9/git-clone.yaml value: task/git-clone/0.9/git-clone.yaml
workspaces: workspaces:
@@ -124,9 +122,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
params: params:
@@ -153,9 +151,9 @@ spec:
resolver: git resolver: git
params: params:
- name: url - name: url
value: https://github.com/tektoncd/catalog.git value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision - name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf value: f914437a46978b95f325f68d791dcf1a35738f60
- name: pathInRepo - name: pathInRepo
value: task/gitea-set-status/0.1/gitea-set-status.yaml value: task/gitea-set-status/0.1/gitea-set-status.yaml
params: params:
@@ -179,7 +177,7 @@ spec:
- name: git-source - name: git-source
volumeClaimTemplate: volumeClaimTemplate:
spec: spec:
storageClassName: "nfs-client" storageClassName: "local-path"
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
resources: resources:

106
Cargo.lock generated
View File

@@ -1,6 +1,6 @@
# This file is automatically @generated by Cargo. # This file is automatically @generated by Cargo.
# It is not intended for manual editing. # It is not intended for manual editing.
version = 3 version = 4
[[package]] [[package]]
name = "addr2line" name = "addr2line"
@@ -1039,11 +1039,11 @@ checksum = "a7a70ba024b9dc04c27ea2f0c0548feb474ec5c54bba33a7f72f873a39d07b24"
[[package]] [[package]]
name = "matchers" name = "matchers"
version = "0.1.0" version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8263075bb86c5a1b1427b5ae862e8889656f126e9f77c484496e8b47cf5c5558" checksum = "d1525a2a28c7f4fa0fc98bb91ae755d1e2d1505079e05539e35bc876b5d65ae9"
dependencies = [ dependencies = [
"regex-automata 0.1.10", "regex-automata",
] ]
[[package]] [[package]]
@@ -1101,16 +1101,6 @@ dependencies = [
"tempfile", "tempfile",
] ]
[[package]]
name = "nu-ansi-term"
version = "0.46.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "77a8165726e8236064dbb45459242600304b42a5ea24ee2948e18e023bf7ba84"
dependencies = [
"overload",
"winapi",
]
[[package]] [[package]]
name = "num-traits" name = "num-traits"
version = "0.2.19" version = "0.2.19"
@@ -1198,12 +1188,6 @@ dependencies = [
"num-traits", "num-traits",
] ]
[[package]]
name = "overload"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39"
[[package]] [[package]]
name = "parking" name = "parking"
version = "2.2.0" version = "2.2.0"
@@ -1403,17 +1387,8 @@ checksum = "4219d74c6b67a3654a9fbebc4b419e22126d13d2f3c4a07ee0cb61ff79a79619"
dependencies = [ dependencies = [
"aho-corasick", "aho-corasick",
"memchr", "memchr",
"regex-automata 0.4.7", "regex-automata",
"regex-syntax 0.8.4", "regex-syntax",
]
[[package]]
name = "regex-automata"
version = "0.1.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132"
dependencies = [
"regex-syntax 0.6.29",
] ]
[[package]] [[package]]
@@ -1424,15 +1399,9 @@ checksum = "38caf58cc5ef2fed281f89292ef23f6365465ed9a41b7a7754eb4e26496c92df"
dependencies = [ dependencies = [
"aho-corasick", "aho-corasick",
"memchr", "memchr",
"regex-syntax 0.8.4", "regex-syntax",
] ]
[[package]]
name = "regex-syntax"
version = "0.6.29"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1"
[[package]] [[package]]
name = "regex-syntax" name = "regex-syntax"
version = "0.8.4" version = "0.8.4"
@@ -2095,9 +2064,9 @@ checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52"
[[package]] [[package]]
name = "tracing" name = "tracing"
version = "0.1.40" version = "0.1.44"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c3523ab5a71916ccf420eebdf5521fcef02141234bbc0b8a49f2fdc4544364ef" checksum = "63e71662fa4b2a2c3a26f570f037eb95bb1f85397f3cd8076caed2f026a6d100"
dependencies = [ dependencies = [
"log", "log",
"pin-project-lite", "pin-project-lite",
@@ -2107,9 +2076,9 @@ dependencies = [
[[package]] [[package]]
name = "tracing-attributes" name = "tracing-attributes"
version = "0.1.27" version = "0.1.31"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" checksum = "7490cfa5ec963746568740651ac6781f701c9c5ea257c58e057f3ba8cf69e8da"
dependencies = [ dependencies = [
"proc-macro2", "proc-macro2",
"quote", "quote",
@@ -2118,41 +2087,26 @@ dependencies = [
[[package]] [[package]]
name = "tracing-core" name = "tracing-core"
version = "0.1.32" version = "0.1.36"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c06d3da6113f116aaee68e4d601191614c9053067f9ab7f6edbcb161237daa54" checksum = "db97caf9d906fbde555dd62fa95ddba9eecfd14cb388e4f491a66d74cd5fb79a"
dependencies = [ dependencies = [
"once_cell", "once_cell",
"valuable",
]
[[package]]
name = "tracing-log"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ee855f1f400bd0e5c02d150ae5de3840039a3f54b025156404e34c23c03f47c3"
dependencies = [
"log",
"once_cell",
"tracing-core",
] ]
[[package]] [[package]]
name = "tracing-subscriber" name = "tracing-subscriber"
version = "0.3.18" version = "0.3.23"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ad0f048c97dbd9faa9b7df56362b8ebcaa52adb06b498c050d2f4e32f90a7a8b" checksum = "cb7f578e5945fb242538965c2d0b04418d38ec25c79d160cd279bf0731c8d319"
dependencies = [ dependencies = [
"matchers", "matchers",
"nu-ansi-term",
"once_cell", "once_cell",
"regex", "regex-automata",
"sharded-slab", "sharded-slab",
"smallvec",
"thread_local", "thread_local",
"tracing", "tracing",
"tracing-core", "tracing-core",
"tracing-log",
] ]
[[package]] [[package]]
@@ -2217,12 +2171,6 @@ dependencies = [
"percent-encoding", "percent-encoding",
] ]
[[package]]
name = "valuable"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "830b7e5d4d90034032940e4ace0d9a9a057e7a45cd94e6c007832e39edb82f6d"
[[package]] [[package]]
name = "vcpkg" name = "vcpkg"
version = "0.2.15" version = "0.2.15"
@@ -2350,28 +2298,6 @@ dependencies = [
"tracing-subscriber", "tracing-subscriber",
] ]
[[package]]
name = "winapi"
version = "0.3.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419"
dependencies = [
"winapi-i686-pc-windows-gnu",
"winapi-x86_64-pc-windows-gnu",
]
[[package]]
name = "winapi-i686-pc-windows-gnu"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
[[package]]
name = "winapi-x86_64-pc-windows-gnu"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
[[package]] [[package]]
name = "windows-sys" name = "windows-sys"
version = "0.48.0" version = "0.48.0"

4
Cargo.toml
View File

@@ -52,8 +52,8 @@ sha2 = "0.10.8"
tokio = { version = "1.38.0", default-features = false, features = ["macros", "process", "rt-multi-thread", "signal"] } tokio = { version = "1.38.0", default-features = false, features = ["macros", "process", "rt-multi-thread", "signal"] }
toml = { version = "0.8.19", default-features = false, features = ["display", "parse"] } toml = { version = "0.8.19", default-features = false, features = ["display", "parse"] }
tower-http = { version = "0.5.2", default-features = false, features = ["trace", "timeout"] } tower-http = { version = "0.5.2", default-features = false, features = ["trace", "timeout"] }
tracing = { version = "0.1.40", default-features = false, features = ["attributes", "std", "tracing-attributes", "async-await"] } tracing = { version = "0.1.44", default-features = false, features = [] }
tracing-subscriber = { version = "0.3.18", default-features = false, features = ["alloc", "ansi", "fmt", "nu-ansi-term", "registry", "sharded-slab", "smallvec", "std", "thread_local", "tracing-log", "env-filter"] } tracing-subscriber = { version = "0.3.23", default-features = false, features = ["env-filter", "fmt"] }
[profile.release-lto] [profile.release-lto]
inherits = "release" inherits = "release"

47
docker/webhook_bridge/Dockerfile
View File

@@ -1,15 +1,42 @@
FROM rustlang/rust:nightly-alpine3.20 AS builder #
# Builder
#
RUN apk add --no-cache musl-dev pkgconfig libressl-dev FROM nixos/nix:2.31.3 AS builder
RUN mkdir /source RUN cp "$(nix --extra-experimental-features "nix-command flakes" --option filter-syscalls false build nixpkgs#cacert --print-out-paths)/etc/ssl/certs/ca-bundle.crt" /tmp/ca-bundle.crt
WORKDIR /source
COPY . .
# TODO: Add static build, which currently errors due to proc_macro. RUSTFLAGS="-C target-feature=+crt-static"
RUN CARGO_TARGET_DIR=/target cargo build --profile release-lto --bin webhook_bridge
FROM alpine:3.20 AS runner COPY . /tmp/build
WORKDIR /tmp/build
COPY --from=builder /target/release-lto/webhook_bridge /usr/bin/ RUN nix \
--extra-experimental-features "nix-command flakes" \
--option filter-syscalls false \
build '.#docker_env'
ENTRYPOINT ["/usr/bin/webhook_bridge"] # Export the built closure to a folder
RUN mkdir /tmp/nix-store-closure
RUN cp -R $(nix-store -qR result/) /tmp/nix-store-closure
RUN ln -s $(readlink -f /tmp/build/result/bin/sh) /tmp/sh
#
# Runner
#
FROM scratch
WORKDIR /app
ENV PATH="$PATH:/app/bin"
ENV SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt
ENV NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt
COPY --from=builder /tmp/ca-bundle.crt /etc/ssl/certs/ca-bundle.crt
COPY --from=builder /tmp/nix-store-closure /nix/store
COPY --from=builder /tmp/build/result /app
COPY --from=builder /tmp/sh /bin/sh
EXPOSE 9988
CMD ["/app/bin/webhook_bridge"]

7
docker/webhook_bridge_development/Dockerfile
View File

@@ -1,6 +1,9 @@
FROM rustlang/rust:nightly-alpine3.20 AS builder # syntax=docker/dockerfile:1
ARG ALPINE_VERSION="3.20"
FROM rustlang/rust:nightly-alpine$ALPINE_VERSION AS builder
RUN apk add --no-cache musl-dev pkgconfig libressl3.8-libssl libressl-dev RUN apk add --no-cache musl-dev pkgconfig libressl3.8-libssl libressl-dev
RUN cargo install --locked --no-default-features --features ci-autoclean cargo-cache RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked cargo install --locked --no-default-features --features ci-autoclean cargo-cache
RUN rustup component add rustfmt RUN rustup component add rustfmt
RUN rustup component add clippy RUN rustup component add clippy

165
example_tag_webhook_payload.json
View File

@@ -1,165 +0,0 @@
{
"ref": "refs/tags/v0.0.2",
"before": "0000000000000000000000000000000000000000",
"after": "84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
"compare_url": "https://code.fizz.buzz/talexander/webhook_bridge/compare/0000000000000000000000000000000000000000...84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
"commits": [],
"total_commits": 0,
"head_commit": {
"id": "84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
"message": "Add a pipeline to build the server image.\n",
"url": "https://code.fizz.buzz/talexander/webhook_bridge/commit/84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
"author": {
"name": "Tom Alexander",
"email": "tom@fizz.buzz",
"username": ""
},
"committer": {
"name": "Tom Alexander",
"email": "tom@fizz.buzz",
"username": ""
},
"verification": null,
"timestamp": "2024-09-29T00:19:22-04:00",
"added": [
".webhook_bridge/pipeline-build.yaml"
],
"removed": [],
"modified": [
".webhook_bridge/webhook_bridge.toml"
]
},
"repository": {
"id": 21,
"owner": {
"id": 1,
"login": "talexander",
"login_name": "",
"full_name": "",
"email": "gitea@local.domain",
"avatar_url": "https://code.fizz.buzz/avatars/9d402a89b5a0786f83c1b8c5486fc7ff3d083a54fe20e55c0a776a1932c30289",
"language": "",
"is_admin": false,
"last_login": "0001-01-01T00:00:00Z",
"created": "2023-07-05T22:03:28Z",
"restricted": false,
"active": false,
"prohibit_login": false,
"location": "",
"website": "",
"description": "",
"visibility": "public",
"followers_count": 0,
"following_count": 0,
"starred_repos_count": 0,
"username": "talexander"
},
"name": "webhook_bridge",
"full_name": "talexander/webhook_bridge",
"description": "A server that receives webhooks from gitea and fires off Tekton jobs in response.",
"empty": false,
"private": false,
"fork": false,
"template": false,
"parent": null,
"mirror": false,
"size": 346,
"language": "",
"languages_url": "https://code.fizz.buzz/api/v1/repos/talexander/webhook_bridge/languages",
"html_url": "https://code.fizz.buzz/talexander/webhook_bridge",
"url": "https://code.fizz.buzz/api/v1/repos/talexander/webhook_bridge",
"link": "",
"ssh_url": "git@code.fizz.buzz:talexander/webhook_bridge.git",
"clone_url": "https://code.fizz.buzz/talexander/webhook_bridge.git",
"original_url": "",
"website": "",
"stars_count": 0,
"forks_count": 0,
"watchers_count": 1,
"open_issues_count": 0,
"open_pr_counter": 0,
"release_counter": 0,
"default_branch": "main",
"archived": false,
"created_at": "2024-07-14T18:48:52Z",
"updated_at": "2024-09-29T04:25:36Z",
"archived_at": "1970-01-01T00:00:00Z",
"permissions": {
"admin": true,
"push": true,
"pull": true
},
"has_issues": true,
"internal_tracker": {
"enable_time_tracker": true,
"allow_only_contributors_to_track_time": true,
"enable_issue_dependencies": true
},
"has_wiki": true,
"has_pull_requests": true,
"has_projects": true,
"has_releases": true,
"has_packages": true,
"has_actions": false,
"ignore_whitespace_conflicts": false,
"allow_merge_commits": true,
"allow_rebase": true,
"allow_rebase_explicit": true,
"allow_squash_merge": true,
"allow_rebase_update": true,
"default_delete_branch_after_merge": false,
"default_merge_style": "merge",
"default_allow_maintainer_edit": false,
"avatar_url": "",
"internal": false,
"mirror_interval": "",
"mirror_updated": "0001-01-01T00:00:00Z",
"repo_transfer": null
},
"pusher": {
"id": 2,
"login": "build-bot",
"login_name": "",
"full_name": "",
"email": "build-bot@noreply.code.fizz.buzz",
"avatar_url": "https://secure.gravatar.com/avatar/e39ef2faba8a3dfb3dcb4d8275a532d4?d=identicon",
"language": "",
"is_admin": false,
"last_login": "0001-01-01T00:00:00Z",
"created": "2023-07-09T04:25:44Z",
"restricted": false,
"active": false,
"prohibit_login": false,
"location": "",
"website": "",
"description": "",
"visibility": "private",
"followers_count": 0,
"following_count": 0,
"starred_repos_count": 0,
"username": "build-bot"
},
"sender": {
"id": 2,
"login": "build-bot",
"login_name": "",
"full_name": "",
"email": "build-bot@noreply.code.fizz.buzz",
"avatar_url": "https://secure.gravatar.com/avatar/e39ef2faba8a3dfb3dcb4d8275a532d4?d=identicon",
"language": "",
"is_admin": false,
"last_login": "0001-01-01T00:00:00Z",
"created": "2023-07-09T04:25:44Z",
"restricted": false,
"active": false,
"prohibit_login": false,
"location": "",
"website": "",
"description": "",
"visibility": "private",
"followers_count": 0,
"following_count": 0,
"starred_repos_count": 0,
"username": "build-bot"
}
}

48
flake.lock generated Normal file
View File

@@ -0,0 +1,48 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1777578337,
"narHash": "sha256-Ad49moKWeXtKBJNy2ebiTQUEgdLyvGmTeykAQ9xM+Z4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "15f4ee454b1dce334612fa6843b3e05cf546efab",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs",
"rust-overlay": "rust-overlay"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1777691680,
"narHash": "sha256-sdCAzrPAaKu+yo7L2pWddy5PN6U9bO++WEWc1zcr7aQ=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "4757db4358c77c1cbe878fa5990e6ea88d82f6b5",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

92
flake.nix Normal file
View File

@@ -0,0 +1,92 @@
{
description = "webhook-bridge development environment";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
rust-overlay = {
url = "github:oxalica/rust-overlay";
inputs = {
nixpkgs.follows = "nixpkgs";
};
};
};
outputs =
{
self,
nixpkgs,
rust-overlay,
}:
let
forAllSystems =
func:
builtins.listToAttrs (
map (system: {
name = system;
value = func system;
}) nixpkgs.lib.systems.flakeExposed
);
in
{
devShells = forAllSystems (
system:
let
overlays = [ (import rust-overlay) ];
pkgs = import nixpkgs {
inherit system overlays;
};
rustToolchain = pkgs.pkgsBuildHost.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;
in
{
default = pkgs.mkShell {
nativeBuildInputs = [
pkgs.pkg-config
rustToolchain
pkgs.openssl
];
buildInputs = with pkgs; [
# sqlx-cli # For sqlx CLI to manage migrations
# sqlite # To access the database (sqlite is bundled into the together_alone binary but this is for manually accessing the db).
];
};
}
);
packages = forAllSystems (
system:
let
overlays = [ (import rust-overlay) ];
pkgs = import nixpkgs {
inherit system overlays;
};
rustToolchain = pkgs.pkgsBuildHost.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;
in
rec {
app = pkgs.rustPlatform.buildRustPackage {
pname = "webhook-bridge";
version = "0.0.0";
src = ./.;
# If you have a Cargo.lock file, use this:
cargoLock.lockFile = ./Cargo.lock;
nativeBuildInputs = [
pkgs.pkg-config
];
buildInputs = [
pkgs.openssl
];
};
docker_env = pkgs.buildEnv {
name = "webhook-bridge";
paths = with pkgs; [
app
bash
uutils-coreutils-noprefix
# toybox # Smaller than uutils-coreutils?
];
};
default = app;
}
);
};
}

76
example_webhook_payload.json → local_payload.json
View File

@@ -1,13 +1,13 @@
{ {
"ref": "refs/heads/main", "ref": "refs/heads/main",
"before": "a2aca6d2f1c85b5d4bef1349230fdaef1683622d", "before": "1f52dd8995987337a3a33ce675625647545490c2",
"after": "84fe1ec23ae242cb1bbccbc2ab999c3082f54d45", "after": "f55834712245bd546a5ca982d95ecf47669ba4ab",
"compare_url": "https://code.fizz.buzz/talexander/webhook_bridge/compare/a2aca6d2f1c85b5d4bef1349230fdaef1683622d...84fe1ec23ae242cb1bbccbc2ab999c3082f54d45", "compare_url": "https://code.fizz.buzz/talexander/webhook_bridge/compare/1f52dd8995987337a3a33ce675625647545490c2...f55834712245bd546a5ca982d95ecf47669ba4ab",
"commits": [ "commits": [
{ {
"id": "84fe1ec23ae242cb1bbccbc2ab999c3082f54d45", "id": "f55834712245bd546a5ca982d95ecf47669ba4ab",
"message": "Add a pipeline to build the server image.\n", "message": "Update to the latest catalog.\n",
"url": "https://code.fizz.buzz/talexander/webhook_bridge/commit/84fe1ec23ae242cb1bbccbc2ab999c3082f54d45", "url": "https://code.fizz.buzz/talexander/webhook_bridge/commit/f55834712245bd546a5ca982d95ecf47669ba4ab",
"author": { "author": {
"name": "Tom Alexander", "name": "Tom Alexander",
"email": "tom@fizz.buzz", "email": "tom@fizz.buzz",
@@ -19,21 +19,25 @@
"username": "" "username": ""
}, },
"verification": null, "verification": null,
"timestamp": "2024-09-29T00:19:22-04:00", "timestamp": "2026-05-02T17:50:49-04:00",
"added": [ "added": [],
".webhook_bridge/pipeline-build.yaml"
],
"removed": [], "removed": [],
"modified": [ "modified": [
".webhook_bridge/webhook_bridge.toml" ".webhook_bridge/pipeline-build-semver.yaml",
".webhook_bridge/pipeline-format.yaml",
".webhook_bridge/pipeline-rust-clippy.yaml",
".webhook_bridge/pipeline-rust-test.yaml",
".webhook_bridge/pipeline-semver.yaml",
"local_payload.json",
"run.bash"
] ]
} }
], ],
"total_commits": 1, "total_commits": 1,
"head_commit": { "head_commit": {
"id": "84fe1ec23ae242cb1bbccbc2ab999c3082f54d45", "id": "f55834712245bd546a5ca982d95ecf47669ba4ab",
"message": "Add a pipeline to build the server image.\n", "message": "Update to the latest catalog.\n",
"url": "https://code.fizz.buzz/talexander/webhook_bridge/commit/84fe1ec23ae242cb1bbccbc2ab999c3082f54d45", "url": "https://code.fizz.buzz/talexander/webhook_bridge/commit/f55834712245bd546a5ca982d95ecf47669ba4ab",
"author": { "author": {
"name": "Tom Alexander", "name": "Tom Alexander",
"email": "tom@fizz.buzz", "email": "tom@fizz.buzz",
@@ -45,13 +49,17 @@
"username": "" "username": ""
}, },
"verification": null, "verification": null,
"timestamp": "2024-09-29T00:19:22-04:00", "timestamp": "2026-05-02T17:50:49-04:00",
"added": [ "added": [],
".webhook_bridge/pipeline-build.yaml"
],
"removed": [], "removed": [],
"modified": [ "modified": [
".webhook_bridge/webhook_bridge.toml" ".webhook_bridge/pipeline-build-semver.yaml",
".webhook_bridge/pipeline-format.yaml",
".webhook_bridge/pipeline-rust-clippy.yaml",
".webhook_bridge/pipeline-rust-test.yaml",
".webhook_bridge/pipeline-semver.yaml",
"local_payload.json",
"run.bash"
] ]
}, },
"repository": { "repository": {
@@ -60,9 +68,11 @@
"id": 1, "id": 1,
"login": "talexander", "login": "talexander",
"login_name": "", "login_name": "",
"source_id": 0,
"full_name": "", "full_name": "",
"email": "gitea@local.domain", "email": "gitea@local.domain",
"avatar_url": "https://code.fizz.buzz/avatars/9d402a89b5a0786f83c1b8c5486fc7ff3d083a54fe20e55c0a776a1932c30289", "avatar_url": "https://code.fizz.buzz/avatars/9d402a89b5a0786f83c1b8c5486fc7ff3d083a54fe20e55c0a776a1932c30289",
"html_url": "https://code.fizz.buzz/talexander",
"language": "", "language": "",
"is_admin": false, "is_admin": false,
"last_login": "0001-01-01T00:00:00Z", "last_login": "0001-01-01T00:00:00Z",
@@ -86,15 +96,14 @@
"private": false, "private": false,
"fork": false, "fork": false,
"template": false, "template": false,
"parent": null,
"mirror": false, "mirror": false,
"size": 343, "size": 193,
"language": "", "language": "",
"languages_url": "https://code.fizz.buzz/api/v1/repos/talexander/webhook_bridge/languages", "languages_url": "https://code.fizz.buzz/api/v1/repos/talexander/webhook_bridge/languages",
"html_url": "https://code.fizz.buzz/talexander/webhook_bridge", "html_url": "https://code.fizz.buzz/talexander/webhook_bridge",
"url": "https://code.fizz.buzz/api/v1/repos/talexander/webhook_bridge", "url": "https://code.fizz.buzz/api/v1/repos/talexander/webhook_bridge",
"link": "", "link": "",
"ssh_url": "git@code.fizz.buzz:talexander/webhook_bridge.git", "ssh_url": "git@git.example.com:talexander/webhook_bridge.git",
"clone_url": "https://code.fizz.buzz/talexander/webhook_bridge.git", "clone_url": "https://code.fizz.buzz/talexander/webhook_bridge.git",
"original_url": "", "original_url": "",
"website": "", "website": "",
@@ -107,47 +116,58 @@
"default_branch": "main", "default_branch": "main",
"archived": false, "archived": false,
"created_at": "2024-07-14T18:48:52Z", "created_at": "2024-07-14T18:48:52Z",
"updated_at": "2024-09-29T04:14:47Z", "updated_at": "2026-05-02T22:11:33Z",
"archived_at": "1970-01-01T00:00:00Z", "archived_at": "1970-01-01T00:00:00Z",
"permissions": { "permissions": {
"admin": true, "admin": true,
"push": true, "push": true,
"pull": true "pull": true
}, },
"has_code": true,
"has_issues": true, "has_issues": true,
"internal_tracker": { "internal_tracker": {
"enable_time_tracker": true, "enable_time_tracker": true,
"allow_only_contributors_to_track_time": true, "allow_only_contributors_to_track_time": true,
"enable_issue_dependencies": true "enable_issue_dependencies": true
}, },
"has_wiki": true, "has_wiki": false,
"has_pull_requests": true, "has_pull_requests": true,
"has_projects": true, "has_projects": false,
"projects_mode": "all",
"has_releases": true, "has_releases": true,
"has_packages": true, "has_packages": false,
"has_actions": false, "has_actions": false,
"ignore_whitespace_conflicts": false, "ignore_whitespace_conflicts": false,
"allow_merge_commits": true, "allow_merge_commits": true,
"allow_rebase": true, "allow_rebase": true,
"allow_rebase_explicit": true, "allow_rebase_explicit": true,
"allow_squash_merge": true, "allow_squash_merge": true,
"allow_fast_forward_only_merge": false,
"allow_rebase_update": true, "allow_rebase_update": true,
"allow_manual_merge": false,
"autodetect_manual_merge": false,
"default_delete_branch_after_merge": false, "default_delete_branch_after_merge": false,
"default_merge_style": "merge", "default_merge_style": "merge",
"default_allow_maintainer_edit": false, "default_allow_maintainer_edit": false,
"avatar_url": "", "avatar_url": "",
"internal": false, "internal": false,
"mirror_interval": "", "mirror_interval": "",
"object_format_name": "sha1",
"mirror_updated": "0001-01-01T00:00:00Z", "mirror_updated": "0001-01-01T00:00:00Z",
"repo_transfer": null "topics": [],
"licenses": [
"0BSD"
]
}, },
"pusher": { "pusher": {
"id": 1, "id": 1,
"login": "talexander", "login": "talexander",
"login_name": "", "login_name": "",
"source_id": 0,
"full_name": "", "full_name": "",
"email": "talexander@noreply.code.fizz.buzz", "email": "talexander@noreply.code.fizz.buzz",
"avatar_url": "https://code.fizz.buzz/avatars/9d402a89b5a0786f83c1b8c5486fc7ff3d083a54fe20e55c0a776a1932c30289", "avatar_url": "https://code.fizz.buzz/avatars/9d402a89b5a0786f83c1b8c5486fc7ff3d083a54fe20e55c0a776a1932c30289",
"html_url": "https://code.fizz.buzz/talexander",
"language": "", "language": "",
"is_admin": false, "is_admin": false,
"last_login": "0001-01-01T00:00:00Z", "last_login": "0001-01-01T00:00:00Z",
@@ -168,9 +188,11 @@
"id": 1, "id": 1,
"login": "talexander", "login": "talexander",
"login_name": "", "login_name": "",
"source_id": 0,
"full_name": "", "full_name": "",
"email": "talexander@noreply.code.fizz.buzz", "email": "talexander@noreply.code.fizz.buzz",
"avatar_url": "https://code.fizz.buzz/avatars/9d402a89b5a0786f83c1b8c5486fc7ff3d083a54fe20e55c0a776a1932c30289", "avatar_url": "https://code.fizz.buzz/avatars/9d402a89b5a0786f83c1b8c5486fc7ff3d083a54fe20e55c0a776a1932c30289",
"html_url": "https://code.fizz.buzz/talexander",
"language": "", "language": "",
"is_admin": false, "is_admin": false,
"last_login": "0001-01-01T00:00:00Z", "last_login": "0001-01-01T00:00:00Z",

11
run.bash
View File

@@ -4,4 +4,13 @@ set -euo pipefail
IFS=$'\n\t' IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
RUST_LOG=webhook_bridge=DEBUG WEBHOOK_BRIDGE_API_ROOT="https://code.fizz.buzz/api" WEBHOOK_BRIDGE_HMAC_SECRET=$(cat /bridge/git/mrmanager/k8s/webhook-bridge/secrets/webhook-bridge/webhook-bridge/HMAC_TOKEN) WEBHOOK_BRIDGE_OAUTH_TOKEN=$(cat /bridge/git/mrmanager/k8s/webhook-bridge/secrets/webhook-bridge/webhook-bridge/OAUTH_TOKEN) cargo run function main {
exec env RUST_LOG=webhookbridge=DEBUG WEBHOOK_BRIDGE_API_ROOT="https://code.fizz.buzz/api" WEBHOOK_BRIDGE_HMAC_SECRET="$(decrypt_k8s_secret -n webhook-bridge webhook-bridge | jq -r '.HMAC_TOKEN')" WEBHOOK_BRIDGE_OAUTH_TOKEN="$(decrypt_k8s_secret -n webhook-bridge webhook-bridge | jq -r '.OAUTH_TOKEN')" WEBHOOK_BRIDGE_REPO_WHITELIST="talexander/webhook_bridge,talexander/homepage,talexander/natter,talexander/poudboot,talexander/ta_waybar_pipewire,talexander/organic" cargo run "${@}"
#"${@}"
}
function decrypt_k8s_secret {
kubectl get secret -o json "${@}" | jq '.data[] |= @base64d | .data'
}
main "${@}"

16
run_docker.bash Executable file
View File

@@ -0,0 +1,16 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
function main {
make -C docker/webhook_bridge build
docker run --rm -i -t -p 9988:9988 -e RUST_LOG=webhookbridge=DEBUG -e WEBHOOK_BRIDGE_API_ROOT="https://code.fizz.buzz/api" -e WEBHOOK_BRIDGE_HMAC_SECRET="$(decrypt_k8s_secret -n webhook-bridge webhook-bridge | jq -r '.HMAC_TOKEN')" -e WEBHOOK_BRIDGE_OAUTH_TOKEN="$(decrypt_k8s_secret -n webhook-bridge webhook-bridge | jq -r '.OAUTH_TOKEN')" -e WEBHOOK_BRIDGE_REPO_WHITELIST="talexander/webhook_bridge,talexander/homepage,talexander/natter,talexander/poudboot,talexander/ta_waybar_pipewire,talexander/organic" webhook-bridge:latest
}
function decrypt_k8s_secret {
kubectl get secret -o json "${@}" | jq '.data[] |= @base64d | .data'
}
main "${@}"

4
rust-toolchain.toml Normal file
View File

@@ -0,0 +1,4 @@
[toolchain]
channel = "nightly"
profile = "default"
components = ["clippy", "rustfmt"]

6
src/app_state.rs
View File

@@ -1,13 +1,7 @@
use std::collections::HashSet; use std::collections::HashSet;
use std::sync::Arc; use std::sync::Arc;
use kube::Client;
use crate::gitea_client::GiteaClient;
#[derive(Clone)] #[derive(Clone)]
pub(crate) struct AppState { pub(crate) struct AppState {
pub(crate) kubernetes_client: Client,
pub(crate) gitea: GiteaClient,
pub(crate) allowed_repos: Arc<HashSet<String>>, pub(crate) allowed_repos: Arc<HashSet<String>>,
} }

2
src/bin_local_trigger.rs
View File

@@ -2,7 +2,7 @@
use webhookbridge::init_tracing; use webhookbridge::init_tracing;
use webhookbridge::local_trigger; use webhookbridge::local_trigger;
const EXAMPLE_WEBHOOK_PAYLOAD: &str = include_str!("../example_tag_webhook_payload.json"); const EXAMPLE_WEBHOOK_PAYLOAD: &str = include_str!("../local_payload.json");
#[tokio::main] #[tokio::main]
#[allow(clippy::needless_return)] #[allow(clippy::needless_return)]

18
src/hook_push.rs
View File

@@ -6,7 +6,6 @@ use serde_json::Value;
#[allow(dead_code)] #[allow(dead_code)]
#[derive(Debug, Deserialize)] #[derive(Debug, Deserialize)]
#[serde(deny_unknown_fields)]
pub(crate) struct HookPush { pub(crate) struct HookPush {
#[serde(rename = "ref")] #[serde(rename = "ref")]
pub(crate) ref_field: String, pub(crate) ref_field: String,
@@ -23,14 +22,16 @@ pub(crate) struct HookPush {
#[allow(dead_code)] #[allow(dead_code)]
#[derive(Debug, Deserialize)] #[derive(Debug, Deserialize)]
#[serde(deny_unknown_fields)]
pub(crate) struct HookUser { pub(crate) struct HookUser {
id: u64, id: u64,
login: String, login: String,
login_name: String, login_name: String,
#[serde(default, skip_serializing_if = "Option::is_none")]
source_id: Option<u64>,
full_name: String, full_name: String,
email: String, email: String,
avatar_url: String, avatar_url: String,
html_url: String,
language: String, language: String,
is_admin: bool, is_admin: bool,
last_login: String, // TODO: parse to datetime last_login: String, // TODO: parse to datetime
@@ -50,7 +51,6 @@ pub(crate) struct HookUser {
#[allow(dead_code)] #[allow(dead_code)]
#[derive(Debug, Deserialize)] #[derive(Debug, Deserialize)]
#[serde(deny_unknown_fields)]
pub(crate) struct HookRepository { pub(crate) struct HookRepository {
id: u64, id: u64,
owner: HookUser, owner: HookUser,
@@ -61,7 +61,6 @@ pub(crate) struct HookRepository {
private: bool, private: bool,
fork: bool, fork: bool,
template: bool, template: bool,
parent: Value, // Was null in test hook
mirror: bool, mirror: bool,
size: u64, size: u64,
language: String, language: String,
@@ -86,10 +85,12 @@ pub(crate) struct HookRepository {
archived_at: String, // TODO: parse to datetime archived_at: String, // TODO: parse to datetime
permissions: HookRepositoryPermissions, permissions: HookRepositoryPermissions,
has_issues: bool, has_issues: bool,
internal_tracker: HookRepositoryInternalTracker, #[serde(default, skip_serializing_if = "Option::is_none")]
internal_tracker: Option<HookRepositoryInternalTracker>,
has_wiki: bool, has_wiki: bool,
has_pull_requests: bool, has_pull_requests: bool,
has_projects: bool, has_projects: bool,
projects_mode: String,
has_releases: bool, has_releases: bool,
has_packages: bool, has_packages: bool,
has_actions: bool, has_actions: bool,
@@ -98,6 +99,7 @@ pub(crate) struct HookRepository {
allow_rebase: bool, allow_rebase: bool,
allow_rebase_explicit: bool, allow_rebase_explicit: bool,
allow_squash_merge: bool, allow_squash_merge: bool,
allow_fast_forward_only_merge: bool,
allow_rebase_update: bool, allow_rebase_update: bool,
default_delete_branch_after_merge: bool, default_delete_branch_after_merge: bool,
default_merge_style: String, default_merge_style: String,
@@ -105,13 +107,12 @@ pub(crate) struct HookRepository {
avatar_url: String, avatar_url: String,
internal: bool, internal: bool,
mirror_interval: String, mirror_interval: String,
object_format_name: String,
mirror_updated: String, // TODO: parse to datetime mirror_updated: String, // TODO: parse to datetime
repo_transfer: Value, // Was null in test hook
} }
#[allow(dead_code)] #[allow(dead_code)]
#[derive(Debug, Deserialize)] #[derive(Debug, Deserialize)]
#[serde(deny_unknown_fields)]
pub(crate) struct HookRepositoryPermissions { pub(crate) struct HookRepositoryPermissions {
admin: bool, admin: bool,
push: bool, push: bool,
@@ -120,7 +121,6 @@ pub(crate) struct HookRepositoryPermissions {
#[allow(dead_code)] #[allow(dead_code)]
#[derive(Debug, Deserialize)] #[derive(Debug, Deserialize)]
#[serde(deny_unknown_fields)]
pub(crate) struct HookRepositoryInternalTracker { pub(crate) struct HookRepositoryInternalTracker {
enable_time_tracker: bool, enable_time_tracker: bool,
allow_only_contributors_to_track_time: bool, allow_only_contributors_to_track_time: bool,
@@ -129,7 +129,6 @@ pub(crate) struct HookRepositoryInternalTracker {
#[allow(dead_code)] #[allow(dead_code)]
#[derive(Debug, Deserialize)] #[derive(Debug, Deserialize)]
#[serde(deny_unknown_fields)]
pub(crate) struct HookCommit { pub(crate) struct HookCommit {
id: String, id: String,
message: String, message: String,
@@ -145,7 +144,6 @@ pub(crate) struct HookCommit {
#[allow(dead_code)] #[allow(dead_code)]
#[derive(Debug, Deserialize)] #[derive(Debug, Deserialize)]
#[serde(deny_unknown_fields)]
pub(crate) struct HookGitUser { pub(crate) struct HookGitUser {
name: String, name: String,
email: String, email: String,

10
src/lib.rs
View File

@@ -47,14 +47,6 @@ pub async fn init_tracing() -> Result<(), Box<dyn std::error::Error>> {
} }
pub async fn launch_server() -> Result<(), Box<dyn std::error::Error>> { pub async fn launch_server() -> Result<(), Box<dyn std::error::Error>> {
let kubernetes_client: Client = Client::try_default()
.await
.expect("Set KUBECONFIG to a valid kubernetes config.");
let gitea_api_root = std::env::var("WEBHOOK_BRIDGE_API_ROOT")?;
let gitea_api_token = std::env::var("WEBHOOK_BRIDGE_OAUTH_TOKEN")?;
let gitea = GiteaClient::new(gitea_api_root, gitea_api_token);
let allowed_repos = std::env::var("WEBHOOK_BRIDGE_REPO_WHITELIST")?; let allowed_repos = std::env::var("WEBHOOK_BRIDGE_REPO_WHITELIST")?;
let allowed_repos: HashSet<_> = allowed_repos let allowed_repos: HashSet<_> = allowed_repos
.split(",") .split(",")
@@ -73,8 +65,6 @@ pub async fn launch_server() -> Result<(), Box<dyn std::error::Error>> {
TimeoutLayer::new(Duration::from_secs(600)), TimeoutLayer::new(Duration::from_secs(600)),
)) ))
.with_state(AppState { .with_state(AppState {
kubernetes_client,
gitea,
allowed_repos: Arc::new(allowed_repos), allowed_repos: Arc::new(allowed_repos),
}); });

7
src/webhook.rs
View File

@@ -77,14 +77,17 @@ pub(crate) async fn hook(
message: None, message: None,
}), }),
), ),
Err(_) => ( Err(e) => {
tracing::error!("Failed to handle push event: {}", e);
(
// StatusCode::INTERNAL_SERVER_ERROR, // StatusCode::INTERNAL_SERVER_ERROR,
StatusCode::OK, StatusCode::OK,
Json(HookResponse { Json(HookResponse {
ok: false, ok: false,
message: Some("Failed to handle push event.".to_string()), message: Some("Failed to handle push event.".to_string()),
}), }),
), )
}
} }
} }
HookRequest::Unrecognized(payload) => ( HookRequest::Unrecognized(payload) => (

13
test_webhook.bash
View File

File diff suppressed because one or more lines are too long