Add more new fields for webhook payload.

Add source_id to HookUser.
This must be a new field that gitea added in an update.
2024-10-18 20:27:57 -04:00 · 2024-10-18 19:41:56 -04:00 · 2024-09-30 00:38:32 -04:00 · 2024-09-30 00:29:07 -04:00 · 2024-09-30 00:03:10 -04:00 · 2024-09-29 23:23:22 -04:00
15 changed files with 189 additions and 280 deletions
--- a/.webhook_bridge/pipeline-build-semver.yaml
+++ b/.webhook_bridge/pipeline-build-semver.yaml
@@ -14,6 +14,9 @@ spec:
      - name: image-name
        description: The name for the built image
        type: string
+      - name: target-name
+        description: The dockerfile target to build
+        type: string
      - name: path-to-image-context
        description: The path to the build context
        type: string
@@ -58,13 +61,11 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
              value: task/gitea-set-status/0.1/gitea-set-status.yaml
-        runAfter:
-          - fetch-repository
        params:
          - name: CONTEXT
            value: "$(params.JOB_NAME)"
@@ -85,7 +86,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -105,11 +106,11 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
-              value: task/kaniko/0.6//kaniko.yaml
+              value: task/kaniko/0.6/kaniko.yaml
        params:
          - name: IMAGE
            value: "$(params.image-name):$(tasks.detect-tag.results.tag)"
@@ -122,6 +123,7 @@ spec:
          - name: EXTRA_ARGS
            value:
              - "--destination=$(params.image-name)" # Also write the :latest image
+              - "--target=$(params.target-name)"
              - --cache=true
              - --cache-copy-layers
              - --cache-repo=harbor.fizz.buzz/kanikocache/cache
@@ -135,8 +137,6 @@ spec:
            workspace: git-source
          - name: dockerconfig
            workspace: docker-credentials
-        runAfter:
-          - detect-tag
    finally:
      - name: report-success
        when:
@@ -147,7 +147,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -176,7 +176,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -216,6 +216,8 @@ spec:
  params:
    - name: image-name
      value: "harbor.fizz.buzz/private/webhook-bridge"
+    - name: target-name
+      value: ""
    - name: path-to-image-context
      value: .
    - name: path-to-dockerfile
--- a/.webhook_bridge/pipeline-format.yaml
+++ b/.webhook_bridge/pipeline-format.yaml
@@ -14,6 +14,9 @@ spec:
      - name: image-name
        description: The name for the built image
        type: string
+      - name: target-name
+        description: The dockerfile target to build
+        type: string
      - name: path-to-image-context
        description: The path to the build context
        type: string
@@ -26,13 +29,11 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
              value: task/gitea-set-status/0.1/gitea-set-status.yaml
-        runAfter:
-          - fetch-repository
        params:
          - name: CONTEXT
            value: "$(params.JOB_NAME)"
@@ -53,7 +54,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -73,7 +74,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -89,6 +90,7 @@ spec:
            value: "gcr.io/kaniko-project/executor:v1.12.1"
          - name: EXTRA_ARGS
            value:
+              - "--target=$(params.target-name)"
              - --cache=true
              - --cache-copy-layers
              - --cache-repo=harbor.fizz.buzz/kanikocache/cache
@@ -102,8 +104,6 @@ spec:
            workspace: git-source
          - name: dockerconfig
            workspace: docker-credentials
-        runAfter:
-          - fetch-repository
      - name: run-cargo-fmt
        taskSpec:
          metadata: {}
@@ -149,7 +149,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -185,7 +185,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -214,7 +214,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -292,7 +292,9 @@ spec:
        secretName: harbor-plain
  params:
    - name: image-name
-      value: "harbor.fizz.buzz/private/webhook-bridge-development"
+      value: "harbor.fizz.buzz/private/webhook-bridge-development-format"
+    - name: target-name
+      value: ""
    - name: path-to-image-context
      value: docker/webhook_bridge_development/
    - name: path-to-dockerfile
--- a/.webhook_bridge/pipeline-rust-clippy.yaml
+++ b/.webhook_bridge/pipeline-rust-clippy.yaml
@@ -14,6 +14,9 @@ spec:
      - name: image-name
        description: The name for the built image
        type: string
+      - name: target-name
+        description: The dockerfile target to build
+        type: string
      - name: path-to-image-context
        description: The path to the build context
        type: string
@@ -26,13 +29,11 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
              value: task/gitea-set-status/0.1/gitea-set-status.yaml
-        runAfter:
-          - fetch-repository
        params:
          - name: CONTEXT
            value: "$(params.JOB_NAME)"
@@ -53,7 +54,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -73,7 +74,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -89,6 +90,7 @@ spec:
            value: "gcr.io/kaniko-project/executor:v1.12.1"
          - name: EXTRA_ARGS
            value:
+              - "--target=$(params.target-name)"
              - --cache=true
              - --cache-copy-layers
              - --cache-repo=harbor.fizz.buzz/kanikocache/cache
@@ -102,8 +104,6 @@ spec:
            workspace: git-source
          - name: dockerconfig
            workspace: docker-credentials
-        runAfter:
-          - fetch-repository
      - name: run-cargo-clippy
        taskSpec:
          metadata: {}
@@ -164,7 +164,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -193,7 +193,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -271,7 +271,9 @@ spec:
        secretName: harbor-plain
  params:
    - name: image-name
-      value: "harbor.fizz.buzz/private/webhook-bridge-development"
+      value: "harbor.fizz.buzz/private/webhook-bridge-development-clippy"
+    - name: target-name
+      value: ""
    - name: path-to-image-context
      value: docker/webhook_bridge_development/
    - name: path-to-dockerfile
--- a/.webhook_bridge/pipeline-rust-test.yaml
+++ b/.webhook_bridge/pipeline-rust-test.yaml
@@ -14,6 +14,9 @@ spec:
      - name: image-name
        description: The name for the built image
        type: string
+      - name: target-name
+        description: The dockerfile target to build
+        type: string
      - name: path-to-image-context
        description: The path to the build context
        type: string
@@ -26,13 +29,11 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
              value: task/gitea-set-status/0.1/gitea-set-status.yaml
-        runAfter:
-          - fetch-repository
        params:
          - name: CONTEXT
            value: "$(params.JOB_NAME)"
@@ -53,7 +54,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -73,11 +74,11 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
-              value: task/kaniko/0.6//kaniko.yaml
+              value: task/kaniko/0.6/kaniko.yaml
        params:
          - name: IMAGE
            value: "$(params.image-name):$(tasks.fetch-repository.results.commit)"
@@ -89,6 +90,7 @@ spec:
            value: "gcr.io/kaniko-project/executor:v1.12.1"
          - name: EXTRA_ARGS
            value:
+              - "--target=$(params.target-name)"
              - --cache=true
              - --cache-copy-layers
              - --cache-repo=harbor.fizz.buzz/kanikocache/cache
@@ -102,8 +104,6 @@ spec:
            workspace: git-source
          - name: dockerconfig
            workspace: docker-credentials
-        runAfter:
-          - fetch-repository
      - name: run-cargo-test
        taskSpec:
          metadata: {}
@@ -154,7 +154,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -183,7 +183,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -261,7 +261,9 @@ spec:
        secretName: harbor-plain
  params:
    - name: image-name
-      value: "harbor.fizz.buzz/private/webhook-bridge-development"
+      value: "harbor.fizz.buzz/private/webhook-bridge-development-test"
+    - name: target-name
+      value: ""
    - name: path-to-image-context
      value: docker/webhook_bridge_development/
    - name: path-to-dockerfile
--- a/.webhook_bridge/pipeline-semver.yaml
+++ b/.webhook_bridge/pipeline-semver.yaml
@@ -26,7 +26,7 @@ spec:
    tasks:
      - name: calculate-tag
        runAfter:
-          - report-pending
+          - fetch-repository
        workspaces:
          - name: source
            workspace: git-source
@@ -72,13 +72,11 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
              value: task/gitea-set-status/0.1/gitea-set-status.yaml
-        runAfter:
-          - fetch-repository
        params:
          - name: CONTEXT
            value: "$(params.JOB_NAME)"
@@ -99,7 +97,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -124,7 +122,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
@@ -153,7 +151,7 @@ spec:
          resolver: git
          params:
            - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
            - name: revision
              value: df36b3853a5657fd883015cdbf07ad6466918acf
            - name: pathInRepo
--- a/.webhook_bridge/webhook_bridge.toml
+++ b/.webhook_bridge/webhook_bridge.toml
@@ -26,6 +26,6 @@ version = "0.0.1"

 [[push]]
  name = "build"
-  source = "pipeline-build.yaml"
+  source = "pipeline-build-semver.yaml"
  clone_uri = "git@code.fizz.buzz:talexander/webhook_bridge.git"
  branches = [ "^v[0-9]+\\.[0-9]+\\.[0-9]+$" ]
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,5 +1,3 @@
-cargo-features = ["codegen-backend"]
-
 [package]
 name = "webhook_bridge"
 version = "0.0.1"
@@ -38,7 +36,7 @@ default = ["local_trigger"]
 local_trigger = []

 [dependencies]
-axum = { version = "0.7.5", default-features = false, features = ["tokio", "http1", "http2", "json"] }
+axum = { version = "0.7.5", default-features = false, features = ["tokio", "http1", "json"] }
 base64 = "0.22.1"
 hmac = "0.12.1"
 http-body-util = "0.1.2"
@@ -61,10 +59,3 @@ tracing-subscriber = { version = "0.3.18", default-features = false, features =
 inherits = "release"
 lto = true
 strip = "symbols"
-
-[profile.dev]
-codegen-backend = "cranelift"
-
-[profile.dev.package."*"]
-codegen-backend = "llvm"
-opt-level = 3
--- a/1
+++ b/1
@@ -33,3 +33,4 @@ format: ## Auto-format source files.
 .PHONY: clean
 clean:
 > $(MAKE) -C docker/webhook_bridge_development clean
+> rm -rf target
--- a/example_tag_webhook_payload.json
+++ b/example_tag_webhook_payload.json
@@ -1,165 +0,0 @@
-{
-  "ref": "refs/tags/v0.0.2",
-  "before": "0000000000000000000000000000000000000000",
-  "after": "84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
-  "compare_url": "https://code.fizz.buzz/talexander/webhook_bridge/compare/0000000000000000000000000000000000000000...84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
-  "commits": [],
-  "total_commits": 0,
-  "head_commit": {
-    "id": "84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
-    "message": "Add a pipeline to build the server image.\n",
-    "url": "https://code.fizz.buzz/talexander/webhook_bridge/commit/84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
-    "author": {
-      "name": "Tom Alexander",
-      "email": "tom@fizz.buzz",
-      "username": ""
-    },
-    "committer": {
-      "name": "Tom Alexander",
-      "email": "tom@fizz.buzz",
-      "username": ""
-    },
-    "verification": null,
-    "timestamp": "2024-09-29T00:19:22-04:00",
-    "added": [
-      ".webhook_bridge/pipeline-build.yaml"
-    ],
-    "removed": [],
-    "modified": [
-      ".webhook_bridge/webhook_bridge.toml"
-    ]
-  },
-  "repository": {
-    "id": 21,
-    "owner": {
-      "id": 1,
-      "login": "talexander",
-      "login_name": "",
-      "full_name": "",
-      "email": "gitea@local.domain",
-      "avatar_url": "https://code.fizz.buzz/avatars/9d402a89b5a0786f83c1b8c5486fc7ff3d083a54fe20e55c0a776a1932c30289",
-      "language": "",
-      "is_admin": false,
-      "last_login": "0001-01-01T00:00:00Z",
-      "created": "2023-07-05T22:03:28Z",
-      "restricted": false,
-      "active": false,
-      "prohibit_login": false,
-      "location": "",
-      "website": "",
-      "description": "",
-      "visibility": "public",
-      "followers_count": 0,
-      "following_count": 0,
-      "starred_repos_count": 0,
-      "username": "talexander"
-    },
-    "name": "webhook_bridge",
-    "full_name": "talexander/webhook_bridge",
-    "description": "A server that receives webhooks from gitea and fires off Tekton jobs in response.",
-    "empty": false,
-    "private": false,
-    "fork": false,
-    "template": false,
-    "parent": null,
-    "mirror": false,
-    "size": 346,
-    "language": "",
-    "languages_url": "https://code.fizz.buzz/api/v1/repos/talexander/webhook_bridge/languages",
-    "html_url": "https://code.fizz.buzz/talexander/webhook_bridge",
-    "url": "https://code.fizz.buzz/api/v1/repos/talexander/webhook_bridge",
-    "link": "",
-    "ssh_url": "git@code.fizz.buzz:talexander/webhook_bridge.git",
-    "clone_url": "https://code.fizz.buzz/talexander/webhook_bridge.git",
-    "original_url": "",
-    "website": "",
-    "stars_count": 0,
-    "forks_count": 0,
-    "watchers_count": 1,
-    "open_issues_count": 0,
-    "open_pr_counter": 0,
-    "release_counter": 0,
-    "default_branch": "main",
-    "archived": false,
-    "created_at": "2024-07-14T18:48:52Z",
-    "updated_at": "2024-09-29T04:25:36Z",
-    "archived_at": "1970-01-01T00:00:00Z",
-    "permissions": {
-      "admin": true,
-      "push": true,
-      "pull": true
-    },
-    "has_issues": true,
-    "internal_tracker": {
-      "enable_time_tracker": true,
-      "allow_only_contributors_to_track_time": true,
-      "enable_issue_dependencies": true
-    },
-    "has_wiki": true,
-    "has_pull_requests": true,
-    "has_projects": true,
-    "has_releases": true,
-    "has_packages": true,
-    "has_actions": false,
-    "ignore_whitespace_conflicts": false,
-    "allow_merge_commits": true,
-    "allow_rebase": true,
-    "allow_rebase_explicit": true,
-    "allow_squash_merge": true,
-    "allow_rebase_update": true,
-    "default_delete_branch_after_merge": false,
-    "default_merge_style": "merge",
-    "default_allow_maintainer_edit": false,
-    "avatar_url": "",
-    "internal": false,
-    "mirror_interval": "",
-    "mirror_updated": "0001-01-01T00:00:00Z",
-    "repo_transfer": null
-  },
-  "pusher": {
-    "id": 2,
-    "login": "build-bot",
-    "login_name": "",
-    "full_name": "",
-    "email": "build-bot@noreply.code.fizz.buzz",
-    "avatar_url": "https://secure.gravatar.com/avatar/e39ef2faba8a3dfb3dcb4d8275a532d4?d=identicon",
-    "language": "",
-    "is_admin": false,
-    "last_login": "0001-01-01T00:00:00Z",
-    "created": "2023-07-09T04:25:44Z",
-    "restricted": false,
-    "active": false,
-    "prohibit_login": false,
-    "location": "",
-    "website": "",
-    "description": "",
-    "visibility": "private",
-    "followers_count": 0,
-    "following_count": 0,
-    "starred_repos_count": 0,
-    "username": "build-bot"
-  },
-  "sender": {
-    "id": 2,
-    "login": "build-bot",
-    "login_name": "",
-    "full_name": "",
-    "email": "build-bot@noreply.code.fizz.buzz",
-    "avatar_url": "https://secure.gravatar.com/avatar/e39ef2faba8a3dfb3dcb4d8275a532d4?d=identicon",
-    "language": "",
-    "is_admin": false,
-    "last_login": "0001-01-01T00:00:00Z",
-    "created": "2023-07-09T04:25:44Z",
-    "restricted": false,
-    "active": false,
-    "prohibit_login": false,
-    "location": "",
-    "website": "",
-    "description": "",
-    "visibility": "private",
-    "followers_count": 0,
-    "following_count": 0,
-    "starred_repos_count": 0,
-    "username": "build-bot"
-  }
-}
--- a/example_webhook_payload.json
+++ b/example_webhook_payload.json
@@ -1,13 +1,13 @@
 {
  "ref": "refs/heads/main",
-  "before": "a2aca6d2f1c85b5d4bef1349230fdaef1683622d",
-  "after": "84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
-  "compare_url": "https://code.fizz.buzz/talexander/webhook_bridge/compare/a2aca6d2f1c85b5d4bef1349230fdaef1683622d...84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
+  "before": "f3b00c46ea57d5314063ad6fbfcaf9e38712cafe",
+  "after": "e991b259f2bdf3f24a2cba309a93d81f32ab7f50",
+  "compare_url": "https://code.fizz.buzz/talexander/webhook_bridge/compare/f3b00c46ea57d5314063ad6fbfcaf9e38712cafe...e991b259f2bdf3f24a2cba309a93d81f32ab7f50",
  "commits": [
    {
-      "id": "84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
-      "message": "Add a pipeline to build the server image.\n",
-      "url": "https://code.fizz.buzz/talexander/webhook_bridge/commit/84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
+      "id": "e991b259f2bdf3f24a2cba309a93d81f32ab7f50",
+      "message": "Add source_id to HookUser.\n\nThis must be a new field that gitea added in an update.\n",
+      "url": "https://code.fizz.buzz/talexander/webhook_bridge/commit/e991b259f2bdf3f24a2cba309a93d81f32ab7f50",
      "author": {
        "name": "Tom Alexander",
        "email": "tom@fizz.buzz",
@@ -19,21 +19,24 @@
        "username": ""
      },
      "verification": null,
-      "timestamp": "2024-09-29T00:19:22-04:00",
-      "added": [
-        ".webhook_bridge/pipeline-build.yaml"
-      ],
+      "timestamp": "2024-10-18T19:41:56-04:00",
+      "added": [],
      "removed": [],
      "modified": [
-        ".webhook_bridge/webhook_bridge.toml"
+        ".webhook_bridge/pipeline-build-semver.yaml",
+        ".webhook_bridge/pipeline-format.yaml",
+        ".webhook_bridge/pipeline-rust-clippy.yaml",
+        ".webhook_bridge/pipeline-rust-test.yaml",
+        ".webhook_bridge/pipeline-semver.yaml",
+        "src/hook_push.rs"
      ]
    }
  ],
  "total_commits": 1,
  "head_commit": {
-    "id": "84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
-    "message": "Add a pipeline to build the server image.\n",
-    "url": "https://code.fizz.buzz/talexander/webhook_bridge/commit/84fe1ec23ae242cb1bbccbc2ab999c3082f54d45",
+    "id": "e991b259f2bdf3f24a2cba309a93d81f32ab7f50",
+    "message": "Add source_id to HookUser.\n\nThis must be a new field that gitea added in an update.\n",
+    "url": "https://code.fizz.buzz/talexander/webhook_bridge/commit/e991b259f2bdf3f24a2cba309a93d81f32ab7f50",
    "author": {
      "name": "Tom Alexander",
      "email": "tom@fizz.buzz",
@@ -45,13 +48,16 @@
      "username": ""
    },
    "verification": null,
-    "timestamp": "2024-09-29T00:19:22-04:00",
-    "added": [
-      ".webhook_bridge/pipeline-build.yaml"
-    ],
+    "timestamp": "2024-10-18T19:41:56-04:00",
+    "added": [],
    "removed": [],
    "modified": [
-      ".webhook_bridge/webhook_bridge.toml"
+      ".webhook_bridge/pipeline-build-semver.yaml",
+      ".webhook_bridge/pipeline-format.yaml",
+      ".webhook_bridge/pipeline-rust-clippy.yaml",
+      ".webhook_bridge/pipeline-rust-test.yaml",
+      ".webhook_bridge/pipeline-semver.yaml",
+      "src/hook_push.rs"
    ]
  },
  "repository": {
@@ -60,9 +66,11 @@
      "id": 1,
      "login": "talexander",
      "login_name": "",
+      "source_id": 0,
      "full_name": "",
      "email": "gitea@local.domain",
      "avatar_url": "https://code.fizz.buzz/avatars/9d402a89b5a0786f83c1b8c5486fc7ff3d083a54fe20e55c0a776a1932c30289",
+      "html_url": "https://code.fizz.buzz/talexander",
      "language": "",
      "is_admin": false,
      "last_login": "0001-01-01T00:00:00Z",
@@ -88,7 +96,7 @@
    "template": false,
    "parent": null,
    "mirror": false,
-    "size": 343,
+    "size": 151,
    "language": "",
    "languages_url": "https://code.fizz.buzz/api/v1/repos/talexander/webhook_bridge/languages",
    "html_url": "https://code.fizz.buzz/talexander/webhook_bridge",
@@ -107,7 +115,7 @@
    "default_branch": "main",
    "archived": false,
    "created_at": "2024-07-14T18:48:52Z",
-    "updated_at": "2024-09-29T04:14:47Z",
+    "updated_at": "2024-09-30T04:41:20Z",
    "archived_at": "1970-01-01T00:00:00Z",
    "permissions": {
      "admin": true,
@@ -120,17 +128,19 @@
      "allow_only_contributors_to_track_time": true,
      "enable_issue_dependencies": true
    },
-    "has_wiki": true,
+    "has_wiki": false,
    "has_pull_requests": true,
-    "has_projects": true,
+    "has_projects": false,
+    "projects_mode": "all",
    "has_releases": true,
-    "has_packages": true,
+    "has_packages": false,
    "has_actions": false,
    "ignore_whitespace_conflicts": false,
    "allow_merge_commits": true,
    "allow_rebase": true,
    "allow_rebase_explicit": true,
    "allow_squash_merge": true,
+    "allow_fast_forward_only_merge": false,
    "allow_rebase_update": true,
    "default_delete_branch_after_merge": false,
    "default_merge_style": "merge",
@@ -138,6 +148,7 @@
    "avatar_url": "",
    "internal": false,
    "mirror_interval": "",
+    "object_format_name": "sha1",
    "mirror_updated": "0001-01-01T00:00:00Z",
    "repo_transfer": null
  },
@@ -145,9 +156,11 @@
    "id": 1,
    "login": "talexander",
    "login_name": "",
+    "source_id": 0,
    "full_name": "",
    "email": "talexander@noreply.code.fizz.buzz",
    "avatar_url": "https://code.fizz.buzz/avatars/9d402a89b5a0786f83c1b8c5486fc7ff3d083a54fe20e55c0a776a1932c30289",
+    "html_url": "https://code.fizz.buzz/talexander",
    "language": "",
    "is_admin": false,
    "last_login": "0001-01-01T00:00:00Z",
@@ -168,9 +181,11 @@
    "id": 1,
    "login": "talexander",
    "login_name": "",
+    "source_id": 0,
    "full_name": "",
    "email": "talexander@noreply.code.fizz.buzz",
    "avatar_url": "https://code.fizz.buzz/avatars/9d402a89b5a0786f83c1b8c5486fc7ff3d083a54fe20e55c0a776a1932c30289",
+    "html_url": "https://code.fizz.buzz/talexander",
    "language": "",
    "is_admin": false,
    "last_login": "0001-01-01T00:00:00Z",
--- a/src/app_state.rs
+++ b/src/app_state.rs
@@ -1,9 +1,7 @@
-use kube::Client;
-
-use crate::gitea_client::GiteaClient;
+use std::collections::HashSet;
+use std::sync::Arc;

 #[derive(Clone)]
 pub(crate) struct AppState {
-    pub(crate) kubernetes_client: Client,
-    pub(crate) gitea: GiteaClient,
+    pub(crate) allowed_repos: Arc<HashSet<String>>,
 }
--- a/src/bin_local_trigger.rs
+++ b/src/bin_local_trigger.rs
@@ -2,7 +2,7 @@
 use webhookbridge::init_tracing;
 use webhookbridge::local_trigger;

-const EXAMPLE_WEBHOOK_PAYLOAD: &str = include_str!("../example_tag_webhook_payload.json");
+const EXAMPLE_WEBHOOK_PAYLOAD: &str = include_str!("../local_payload.json");

 #[tokio::main]
 #[allow(clippy::needless_return)]
--- a/src/hook_push.rs
+++ b/src/hook_push.rs
@@ -16,7 +16,7 @@ pub(crate) struct HookPush {
    commits: Vec<HookCommit>,
    total_commits: u64,
    head_commit: HookCommit,
-    repository: HookRepository,
+    pub(crate) repository: HookRepository,
    pusher: HookUser,
    sender: HookUser,
 }
@@ -28,9 +28,12 @@ pub(crate) struct HookUser {
    id: u64,
    login: String,
    login_name: String,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    source_id: Option<u64>,
    full_name: String,
    email: String,
    avatar_url: String,
+    html_url: String,
    language: String,
    is_admin: bool,
    last_login: String, // TODO: parse to datetime
@@ -55,7 +58,7 @@ pub(crate) struct HookRepository {
    id: u64,
    owner: HookUser,
    name: String,
-    full_name: String,
+    pub(crate) full_name: String,
    description: String,
    empty: bool,
    private: bool,
@@ -90,6 +93,7 @@ pub(crate) struct HookRepository {
    has_wiki: bool,
    has_pull_requests: bool,
    has_projects: bool,
+    projects_mode: String,
    has_releases: bool,
    has_packages: bool,
    has_actions: bool,
@@ -98,6 +102,7 @@ pub(crate) struct HookRepository {
    allow_rebase: bool,
    allow_rebase_explicit: bool,
    allow_squash_merge: bool,
+    allow_fast_forward_only_merge: bool,
    allow_rebase_update: bool,
    default_delete_branch_after_merge: bool,
    default_merge_style: String,
@@ -105,6 +110,7 @@ pub(crate) struct HookRepository {
    avatar_url: String,
    internal: bool,
    mirror_interval: String,
+    object_format_name: String,
    mirror_updated: String, // TODO: parse to datetime
    repo_transfer: Value,   // Was null in test hook
 }
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -1,4 +1,6 @@
 #![forbid(unsafe_code)]
+use std::collections::HashSet;
+use std::sync::Arc;
 use std::time::Duration;

 use axum::http::StatusCode;
@@ -35,7 +37,8 @@ pub async fn init_tracing() -> Result<(), Box<dyn std::error::Error>> {
    tracing_subscriber::registry()
        .with(
            tracing_subscriber::EnvFilter::try_from_default_env().unwrap_or_else(|_| {
-                "webhook_bridge=info,tower_http=debug,axum::rejection=trace".into()
+                "webhookbridge=info,webhook_bridge=info,local_trigger=info,tower_http=debug,axum::rejection=trace"
+                    .into()
            }),
        )
        .with(tracing_subscriber::fmt::layer())
@@ -44,13 +47,13 @@ pub async fn init_tracing() -> Result<(), Box<dyn std::error::Error>> {
 }

 pub async fn launch_server() -> Result<(), Box<dyn std::error::Error>> {
-    let kubernetes_client: Client = Client::try_default()
-        .await
-        .expect("Set KUBECONFIG to a valid kubernetes config.");
-
-    let gitea_api_root = std::env::var("WEBHOOK_BRIDGE_API_ROOT")?;
-    let gitea_api_token = std::env::var("WEBHOOK_BRIDGE_OAUTH_TOKEN")?;
-    let gitea = GiteaClient::new(gitea_api_root, gitea_api_token);
+    let allowed_repos = std::env::var("WEBHOOK_BRIDGE_REPO_WHITELIST")?;
+    let allowed_repos: HashSet<_> = allowed_repos
+        .split(",")
+        .filter(|s| !s.is_empty())
+        .map(str::to_owned)
+        .collect();
+    tracing::debug!("Using repo whitelist: {:?}", allowed_repos);

    let app = Router::new()
        .route("/hook", post(hook))
@@ -62,8 +65,7 @@ pub async fn launch_server() -> Result<(), Box<dyn std::error::Error>> {
            TimeoutLayer::new(Duration::from_secs(600)),
        ))
        .with_state(AppState {
-            kubernetes_client,
-            gitea,
+            allowed_repos: Arc::new(allowed_repos),
        });

    let listener = tokio::net::TcpListener::bind("0.0.0.0:9988").await?;
@@ -83,9 +85,19 @@ pub async fn local_trigger(payload: &str) -> Result<(), Box<dyn std::error::Erro
    let gitea_api_token = std::env::var("WEBHOOK_BRIDGE_OAUTH_TOKEN")?;
    let gitea = GiteaClient::new(gitea_api_root, gitea_api_token);

+    let allowed_repos = std::env::var("WEBHOOK_BRIDGE_REPO_WHITELIST")
+        .ok()
+        .unwrap_or_default();
+    let allowed_repos: HashSet<_> = allowed_repos
+        .split(",")
+        .filter(|s| !s.is_empty())
+        .map(str::to_owned)
+        .collect();
+    tracing::debug!("Using repo whitelist: {:?}", allowed_repos);
+
    let webhook_payload: HookPush = serde_json::from_str(payload)?;

-    handle_push(gitea, kubernetes_client, webhook_payload).await?;
+    handle_push(gitea, kubernetes_client, &allowed_repos, webhook_payload).await?;

    Ok(())
 }
--- a/src/webhook.rs
+++ b/src/webhook.rs
@@ -1,3 +1,5 @@
+use std::borrow::Borrow;
+use std::collections::HashSet;
 use std::future::Future;

 use axum::async_trait;
@@ -40,19 +42,54 @@ pub(crate) async fn hook(
    debug!("REQ: {:?}", payload);
    match payload {
        HookRequest::Push(webhook_payload) => {
-            handle_push(state.gitea, state.kubernetes_client, webhook_payload)
+            let kubernetes_client: kube::Client = kube::Client::try_default()
                .await
-                .expect("Failed to handle push event.");
-            (
+                .expect("Set KUBECONFIG to a valid kubernetes config.");
+
+            let gitea_api_root = std::env::var("WEBHOOK_BRIDGE_API_ROOT");
+            let gitea_api_token = std::env::var("WEBHOOK_BRIDGE_OAUTH_TOKEN");
+            let (gitea_api_root, gitea_api_token) = match (gitea_api_root, gitea_api_token) {
+                (Ok(r), Ok(t)) => (r, t),
+                _ => {
+                    return (
                        StatusCode::OK,
                        Json(HookResponse {
                            ok: true,
                            message: None,
                        }),
+                    );
+                }
+            };
+            let gitea = GiteaClient::new(gitea_api_root, gitea_api_token);
+
+            let push_result = handle_push(
+                gitea,
+                kubernetes_client,
+                state.allowed_repos.borrow(),
+                webhook_payload,
            )
+            .await;
+            match push_result {
+                Ok(_) => (
+                    StatusCode::OK,
+                    Json(HookResponse {
+                        ok: true,
+                        message: None,
+                    }),
+                ),
+                Err(_) => (
+                    // StatusCode::INTERNAL_SERVER_ERROR,
+                    StatusCode::OK,
+                    Json(HookResponse {
+                        ok: false,
+                        message: Some("Failed to handle push event.".to_string()),
+                    }),
+                ),
+            }
        }
        HookRequest::Unrecognized(payload) => (
-            StatusCode::BAD_REQUEST,
+            // StatusCode::BAD_REQUEST,
+            StatusCode::OK,
            Json(HookResponse {
                ok: false,
                message: Some(format!("unrecognized event type: {payload}")),
@@ -139,9 +176,9 @@ where
 }

 async fn check_hash(body: Bytes, secret: String, signature: Vec<u8>) -> Result<Bytes, Response> {
-    tracing::info!("Checking signature {:02x?}", signature.as_slice());
-    tracing::info!("Using secret {:?}", secret);
-    tracing::info!("and body {}", general_purpose::STANDARD.encode(&body));
+    tracing::debug!("Checking signature {:02x?}", signature.as_slice());
+    // tracing::info!("Using secret {:?}", secret);
+    tracing::debug!("and body {}", general_purpose::STANDARD.encode(&body));
    let mut mac = HmacSha256::new_from_slice(secret.as_bytes())
        .map_err(|e| (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response())?;
    mac.update(&body);
@@ -167,11 +204,19 @@ fn hex_to_bytes(s: &str) -> Option<Vec<u8>> {
 pub(crate) async fn handle_push(
    gitea: GiteaClient,
    kubernetes_client: kube::Client,
+    allowed_repos: &HashSet<String>,
    webhook_payload: HookPush,
 ) -> Result<(), Box<dyn std::error::Error>> {
    let repo_owner = webhook_payload.get_repo_owner()?;
    let repo_name = webhook_payload.get_repo_name()?;
    let pull_base_sha = webhook_payload.get_pull_base_sha()?;
+    if !allowed_repos.contains(&webhook_payload.repository.full_name) {
+        tracing::info!(
+            "{} is not an allowed repository.",
+            webhook_payload.repository.full_name
+        );
+        return Ok(());
+    }
    let repo_tree = gitea.get_tree(repo_owner, repo_name, pull_base_sha).await?;
    let remote_config = discover_webhook_bridge_config(&gitea, &repo_tree).await?;
    let pipelines = discover_matching_push_triggers(
Author	SHA1	Message	Date
Tom Alexander	3ca037411a	Add more new fields for webhook payload. All checks were successful semver Build semver has succeeded Details format Build format has succeeded Details clippy Build clippy has succeeded Details rust-test Build rust-test has succeeded Details	2024-10-18 20:27:57 -04:00
Tom Alexander	e991b259f2	Add source_id to HookUser. This must be a new field that gitea added in an update.	2024-10-18 19:41:56 -04:00
Tom Alexander	f3b00c46ea	Test: Remove the clients from AppState entirely. Some checks failed semver Build semver has succeeded Details format Build format has succeeded Details clippy Build clippy has succeeded Details rust-test Build rust-test has failed Details build Build build has succeeded Details	2024-09-30 00:38:32 -04:00
Tom Alexander	e4463fe79d	Remove redundant runAfter directives from workflows. Some checks failed semver Build semver has failed Details format Build format has succeeded Details clippy Build clippy has failed Details rust-test Build rust-test has succeeded Details	2024-09-30 00:29:07 -04:00
Tom Alexander	f18c1fe421	Fix typo in pipelines. Some checks failed semver Build semver has succeeded Details format Build format has succeeded Details rust-test Build rust-test has succeeded Details build Build build has succeeded Details clippy Build clippy has failed Details	2024-09-30 00:03:10 -04:00
Tom Alexander	3c58d19a88	Add support for dockerfile targets to workflows. Some checks failed semver Build semver has succeeded Details format Build format has succeeded Details rust-test Build rust-test has succeeded Details build Build build has succeeded Details clippy Build clippy has failed Details	2024-09-29 23:23:22 -04:00
Tom Alexander	f07c0dc971	Rename pipeline-build to pipeline-build-semver to distinguish it from pipeline-build-hash used in poudboot.	2024-09-29 22:21:37 -04:00
Tom Alexander	fd7b22c5ce	Remove cranelift. Some checks failed semver Build semver has succeeded Details format Build format has succeeded Details clippy Build clippy has failed Details rust-test Build rust-test has succeeded Details build Build build has succeeded Details I should be configuring cranelift globally in my per-machine configs, not spreading my build preferences in the project's Cargo.toml.	2024-09-29 22:17:35 -04:00
Tom Alexander	1c082a5e24	Test: instantiate new clients for every request. Some checks failed semver Build semver has succeeded Details format Build format has succeeded Details build Build build has succeeded Details clippy Build clippy has failed Details rust-test Build rust-test has succeeded Details Trying to figure out why I am getting the below error occasionally in gitea: Delivery: Post "https://webhookbridge.fizz.buzz/hook": context deadline exceeded (Client.Timeout exceeded while awaiting headers)	2024-09-29 21:58:05 -04:00
Tom Alexander	9ed8905a5c	Always return status code ok. All checks were successful semver Build semver has succeeded Details format Build format has succeeded Details clippy Build clippy has succeeded Details build Build build has succeeded Details rust-test Build rust-test has succeeded Details	2024-09-29 18:37:23 -04:00
Tom Alexander	8cb28459a0	Fix clippy lint.	2024-09-29 18:31:47 -04:00
Tom Alexander	753ad6dd05	Handle errors in push events. Some checks failed semver Build semver has succeeded Details format Build format has succeeded Details rust-test Build rust-test has failed Details clippy Build clippy has failed Details build Build build has succeeded Details	2024-09-29 18:24:50 -04:00
Tom Alexander	dd4c20f0a7	Remove log of secret. All checks were successful semver Build semver has succeeded Details format Build format has succeeded Details build Build build has succeeded Details clippy Build clippy has succeeded Details rust-test Build rust-test has succeeded Details	2024-09-29 18:14:36 -04:00
Tom Alexander	c04b4e8da5	Fix bug that prevented actions from triggering. All checks were successful semver Build semver has succeeded Details format Build format has succeeded Details build Build build has succeeded Details clippy Build clippy has succeeded Details rust-test Build rust-test has succeeded Details	2024-09-29 18:09:07 -04:00
Tom Alexander	69dd1ba156	Remove support for http2. Nginx does not support http2 for upstream proxies because there is not much point for low-latency connections.	2024-09-29 18:00:34 -04:00
Tom Alexander	65c964b329	Fix clippy lint.	2024-09-29 17:42:08 -04:00
Tom Alexander	613026b326	Adding repo whitelist. Some checks failed semver Build semver has succeeded Details format Build format has succeeded Details clippy Build clippy has failed Details build Build build has succeeded Details rust-test Build rust-test has succeeded Details	2024-09-29 16:54:58 -04:00
Tom Alexander	cd56bb2fe1	Fix debug build in docker container by adding cranelift. All checks were successful semver Build semver has succeeded Details format Build format has succeeded Details clippy Build clippy has succeeded Details build Build build has succeeded Details rust-test Build rust-test has succeeded Details	2024-09-29 15:31:24 -04:00