Remove log of secret.

Fix bug that prevented actions from triggering.
Remove support for http2.
2024-09-29 18:14:36 -04:00 · 2024-09-29 18:09:07 -04:00 · 2024-09-29 18:00:34 -04:00 · 2024-09-29 17:42:08 -04:00
3 changed files with 5 additions and 6 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -38,7 +38,7 @@ default = ["local_trigger"]
 local_trigger = []

 [dependencies]
-axum = { version = "0.7.5", default-features = false, features = ["tokio", "http1", "http2", "json"] }
+axum = { version = "0.7.5", default-features = false, features = ["tokio", "http1", "json"] }
 base64 = "0.22.1"
 hmac = "0.12.1"
 http-body-util = "0.1.2"
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -63,7 +63,6 @@ pub async fn launch_server() -> Result<(), Box<dyn std::error::Error>> {
        .collect();
    tracing::debug!("Using repo whitelist: {:?}", allowed_repos);

-    let allowed_repos = HashSet::new();
    let app = Router::new()
        .route("/hook", post(hook))
        .layer(middleware::from_fn(verify_signature))
@@ -98,7 +97,7 @@ pub async fn local_trigger(payload: &str) -> Result<(), Box<dyn std::error::Erro

    let allowed_repos = std::env::var("WEBHOOK_BRIDGE_REPO_WHITELIST")
        .ok()
-        .unwrap_or_else(String::new);
+        .unwrap_or_default();
    let allowed_repos: HashSet<_> = allowed_repos
        .split(",")
        .filter(|s| !s.is_empty())
--- a/src/webhook.rs
+++ b/src/webhook.rs
@@ -146,9 +146,9 @@ where
 }

 async fn check_hash(body: Bytes, secret: String, signature: Vec<u8>) -> Result<Bytes, Response> {
-    tracing::info!("Checking signature {:02x?}", signature.as_slice());
-    tracing::info!("Using secret {:?}", secret);
-    tracing::info!("and body {}", general_purpose::STANDARD.encode(&body));
+    tracing::debug!("Checking signature {:02x?}", signature.as_slice());
+    // tracing::info!("Using secret {:?}", secret);
+    tracing::debug!("and body {}", general_purpose::STANDARD.encode(&body));
    let mut mac = HmacSha256::new_from_slice(secret.as_bytes())
        .map_err(|e| (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response())?;
    mac.update(&body);
Author	SHA1	Message	Date
Tom Alexander	dd4c20f0a7	Remove log of secret. All checks were successful semver Build semver has succeeded Details format Build format has succeeded Details build Build build has succeeded Details clippy Build clippy has succeeded Details rust-test Build rust-test has succeeded Details	2024-09-29 18:14:36 -04:00
Tom Alexander	c04b4e8da5	Fix bug that prevented actions from triggering. All checks were successful semver Build semver has succeeded Details format Build format has succeeded Details build Build build has succeeded Details clippy Build clippy has succeeded Details rust-test Build rust-test has succeeded Details	2024-09-29 18:09:07 -04:00
Tom Alexander	69dd1ba156	Remove support for http2. Nginx does not support http2 for upstream proxies because there is not much point for low-latency connections.	2024-09-29 18:00:34 -04:00
Tom Alexander	65c964b329	Fix clippy lint.	2024-09-29 17:42:08 -04:00