Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
1c082a5e24 | ||
|
|
9ed8905a5c | ||
|
|
8cb28459a0 | ||
|
|
753ad6dd05 | ||
|
|
dd4c20f0a7 |
@@ -62,7 +62,7 @@ inherits = "release"
|
|||||||
lto = true
|
lto = true
|
||||||
strip = "symbols"
|
strip = "symbols"
|
||||||
|
|
||||||
[profile.dev]
|
[target.'cfg(target_os = "linux")'.profile.dev]
|
||||||
codegen-backend = "cranelift"
|
codegen-backend = "cranelift"
|
||||||
|
|
||||||
[profile.dev.package."*"]
|
[profile.dev.package."*"]
|
||||||
|
|||||||
@@ -42,24 +42,54 @@ pub(crate) async fn hook(
|
|||||||
debug!("REQ: {:?}", payload);
|
debug!("REQ: {:?}", payload);
|
||||||
match payload {
|
match payload {
|
||||||
HookRequest::Push(webhook_payload) => {
|
HookRequest::Push(webhook_payload) => {
|
||||||
handle_push(
|
let kubernetes_client: kube::Client = kube::Client::try_default()
|
||||||
state.gitea,
|
.await
|
||||||
state.kubernetes_client,
|
.expect("Set KUBECONFIG to a valid kubernetes config.");
|
||||||
|
|
||||||
|
let gitea_api_root = std::env::var("WEBHOOK_BRIDGE_API_ROOT");
|
||||||
|
let gitea_api_token = std::env::var("WEBHOOK_BRIDGE_OAUTH_TOKEN");
|
||||||
|
let (gitea_api_root, gitea_api_token) = match (gitea_api_root, gitea_api_token) {
|
||||||
|
(Ok(r), Ok(t)) => (r, t),
|
||||||
|
_ => {
|
||||||
|
return (
|
||||||
|
StatusCode::OK,
|
||||||
|
Json(HookResponse {
|
||||||
|
ok: true,
|
||||||
|
message: None,
|
||||||
|
}),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
let gitea = GiteaClient::new(gitea_api_root, gitea_api_token);
|
||||||
|
|
||||||
|
let push_result = handle_push(
|
||||||
|
gitea,
|
||||||
|
kubernetes_client,
|
||||||
state.allowed_repos.borrow(),
|
state.allowed_repos.borrow(),
|
||||||
webhook_payload,
|
webhook_payload,
|
||||||
)
|
)
|
||||||
.await
|
.await;
|
||||||
.expect("Failed to handle push event.");
|
match push_result {
|
||||||
(
|
Ok(_) => (
|
||||||
StatusCode::OK,
|
StatusCode::OK,
|
||||||
Json(HookResponse {
|
Json(HookResponse {
|
||||||
ok: true,
|
ok: true,
|
||||||
message: None,
|
message: None,
|
||||||
}),
|
}),
|
||||||
)
|
),
|
||||||
|
Err(_) => (
|
||||||
|
// StatusCode::INTERNAL_SERVER_ERROR,
|
||||||
|
StatusCode::OK,
|
||||||
|
Json(HookResponse {
|
||||||
|
ok: false,
|
||||||
|
message: Some("Failed to handle push event.".to_string()),
|
||||||
|
}),
|
||||||
|
),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
HookRequest::Unrecognized(payload) => (
|
HookRequest::Unrecognized(payload) => (
|
||||||
StatusCode::BAD_REQUEST,
|
// StatusCode::BAD_REQUEST,
|
||||||
|
StatusCode::OK,
|
||||||
Json(HookResponse {
|
Json(HookResponse {
|
||||||
ok: false,
|
ok: false,
|
||||||
message: Some(format!("unrecognized event type: {payload}")),
|
message: Some(format!("unrecognized event type: {payload}")),
|
||||||
@@ -146,9 +176,9 @@ where
|
|||||||
}
|
}
|
||||||
|
|
||||||
async fn check_hash(body: Bytes, secret: String, signature: Vec<u8>) -> Result<Bytes, Response> {
|
async fn check_hash(body: Bytes, secret: String, signature: Vec<u8>) -> Result<Bytes, Response> {
|
||||||
tracing::info!("Checking signature {:02x?}", signature.as_slice());
|
tracing::debug!("Checking signature {:02x?}", signature.as_slice());
|
||||||
tracing::info!("Using secret {:?}", secret);
|
// tracing::info!("Using secret {:?}", secret);
|
||||||
tracing::info!("and body {}", general_purpose::STANDARD.encode(&body));
|
tracing::debug!("and body {}", general_purpose::STANDARD.encode(&body));
|
||||||
let mut mac = HmacSha256::new_from_slice(secret.as_bytes())
|
let mut mac = HmacSha256::new_from_slice(secret.as_bytes())
|
||||||
.map_err(|e| (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response())?;
|
.map_err(|e| (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response())?;
|
||||||
mac.update(&body);
|
mac.update(&body);
|
||||||
|
|||||||
Reference in New Issue
Block a user