-
Notifications
You must be signed in to change notification settings - Fork 30
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
bd27fe7
commit 403bb77
Showing
5 changed files
with
205 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,110 @@ | ||
// File copied from https://github.com/go-playground/webhooks/blob/master/azuredevops/azuredevops.go | ||
// TODO Basic Auth is added here since it's not available upstream. Remove ths file once https://github.com/go-playground/webhooks/pull/191 is merged | ||
|
||
package azuredevops | ||
|
||
import ( | ||
"encoding/json" | ||
"errors" | ||
"fmt" | ||
"io" | ||
"net/http" | ||
|
||
"github.com/go-playground/webhooks/v6/azuredevops" | ||
) | ||
|
||
// parse errors | ||
var ( | ||
ErrInvalidHTTPMethod = errors.New("invalid HTTP Method") | ||
ErrParsingPayload = errors.New("error parsing payload") | ||
ErrBasicAuthVerificationFailed = errors.New("basic auth verification failed") | ||
) | ||
|
||
// Option is a configuration option for the webhook | ||
type Option func(*Webhook) error | ||
|
||
// Options is a namespace var for configuration options | ||
var Options = WebhookOptions{} | ||
|
||
// WebhookOptions is a namespace for configuration option methods | ||
type WebhookOptions struct{} | ||
|
||
// BasicAuth verifies payload using basic auth | ||
func (WebhookOptions) BasicAuth(username, password string) Option { | ||
return func(hook *Webhook) error { | ||
hook.username = username | ||
hook.password = password | ||
return nil | ||
} | ||
} | ||
|
||
// Webhook instance contains all methods needed to process events | ||
type Webhook struct { | ||
username string | ||
password string | ||
} | ||
|
||
// New creates and returns a WebHook instance | ||
func New(options ...Option) (*Webhook, error) { | ||
hook := new(Webhook) | ||
for _, opt := range options { | ||
if err := opt(hook); err != nil { | ||
return nil, errors.New("Error applying Option") | ||
} | ||
} | ||
return hook, nil | ||
} | ||
|
||
// Parse verifies and parses the events specified and returns the payload object or an error | ||
func (hook Webhook) Parse(r *http.Request, events ...azuredevops.Event) (interface{}, error) { | ||
defer func() { | ||
_, _ = io.Copy(io.Discard, r.Body) | ||
_ = r.Body.Close() | ||
}() | ||
|
||
if !hook.verifyBasicAuth(r) { | ||
return nil, ErrBasicAuthVerificationFailed | ||
} | ||
|
||
if r.Method != http.MethodPost { | ||
return nil, ErrInvalidHTTPMethod | ||
} | ||
|
||
payload, err := io.ReadAll(r.Body) | ||
if err != nil || len(payload) == 0 { | ||
return nil, ErrParsingPayload | ||
} | ||
|
||
var pl azuredevops.BasicEvent | ||
err = json.Unmarshal([]byte(payload), &pl) | ||
if err != nil { | ||
return nil, ErrParsingPayload | ||
} | ||
|
||
switch pl.EventType { | ||
case azuredevops.GitPushEventType: | ||
var fpl azuredevops.GitPushEvent | ||
err = json.Unmarshal([]byte(payload), &fpl) | ||
return fpl, err | ||
case azuredevops.GitPullRequestCreatedEventType, azuredevops.GitPullRequestMergedEventType, azuredevops.GitPullRequestUpdatedEventType: | ||
var fpl azuredevops.GitPullRequestEvent | ||
err = json.Unmarshal([]byte(payload), &fpl) | ||
return fpl, err | ||
case azuredevops.BuildCompleteEventType: | ||
var fpl azuredevops.BuildCompleteEvent | ||
err = json.Unmarshal([]byte(payload), &fpl) | ||
return fpl, err | ||
default: | ||
return nil, fmt.Errorf("unknown event %s", pl.EventType) | ||
} | ||
} | ||
|
||
func (hook Webhook) verifyBasicAuth(r *http.Request) bool { | ||
// skip validation if username or password was not provided | ||
if hook.username == "" && hook.password == "" { | ||
return true | ||
} | ||
username, password, ok := r.BasicAuth() | ||
|
||
return ok && username == hook.username && password == hook.password | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,18 @@ | ||
package webhook | ||
|
||
import ( | ||
"bytes" | ||
"context" | ||
|
||
"k8s.io/apimachinery/pkg/runtime" | ||
"k8s.io/apimachinery/pkg/types" | ||
|
||
v1 "github.com/rancher/gitjob/pkg/apis/gitjob.cattle.io/v1" | ||
"github.com/rancher/gitjob/pkg/webhook/azuredevops" | ||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" | ||
cfake "sigs.k8s.io/controller-runtime/pkg/client/fake" | ||
|
||
"net/http" | ||
"testing" | ||
|
||
"gotest.tools/assert" | ||
|
@@ -31,3 +43,58 @@ func TestGetBranchTagFromRef(t *testing.T) { | |
assert.Equal(t, tag, outputs[i][1]) | ||
} | ||
} | ||
|
||
func TestAzureDevopsWebhook(t *testing.T) { | ||
const commit = "f00c3a181697bb3829a6462e931c7456bbed557b" | ||
const repoURL = "https://dev.azure.com/fleet/git-test/_git/git-test" | ||
gitjob := &v1.GitJob{ | ||
ObjectMeta: metav1.ObjectMeta{ | ||
Name: "test", | ||
}, | ||
Spec: v1.GitJobSpec{ | ||
Git: v1.GitInfo{ | ||
Repo: repoURL, | ||
Branch: "main", | ||
}, | ||
}, | ||
} | ||
scheme := runtime.NewScheme() | ||
err := v1.AddToScheme(scheme) | ||
if err != nil { | ||
t.Errorf("unexpected error %v", err) | ||
} | ||
client := cfake.NewClientBuilder().WithScheme(scheme).WithRuntimeObjects(gitjob).WithStatusSubresource(gitjob).Build() | ||
w := &Webhook{client: client} | ||
w.azureDevops, _ = azuredevops.New() | ||
jsonBody := []byte(`{"subscriptionId":"xxx","notificationId":1,"id":"xxx","eventType":"git.push","publisherId":"tfs","message":{"text":"commit pushed","html":"commit pushed"},"detailedMessage":{"text":"pushed a commit to git-test"},"resource":{"commits":[{"commitId":"` + commit + `","author":{"name":"fleet","email":"[email protected]","date":"2024-01-05T10:16:56Z"},"committer":{"name":"fleet","email":"[email protected]","date":"2024-01-05T10:16:56Z"},"comment":"test commit","url":"https://dev.azure.com/fleet/_apis/git/repositories/xxx/commits/f00c3a181697bb3829a6462e931c7456bbed557b"}],"refUpdates":[{"name":"refs/heads/main","oldObjectId":"135f8a827edae980466f72eef385881bb4e158d8","newObjectId":"` + commit + `"}],"repository":{"id":"xxx","name":"git-test","url":"https://dev.azure.com/fleet/_apis/git/repositories/xxx","project":{"id":"xxx","name":"git-test","url":"https://dev.azure.com/fleet/_apis/projects/xxx","state":"wellFormed","visibility":"unchanged","lastUpdateTime":"0001-01-01T00:00:00"},"defaultBranch":"refs/heads/main","remoteUrl":"` + repoURL + `"},"pushedBy":{"displayName":"Fleet","url":"https://spsprodneu1.vssps.visualstudio.com/xxx/_apis/Identities/xxx","_links":{"avatar":{"href":"https://dev.azure.com/fleet/_apis/GraphProfile/MemberAvatars/msa.xxxx"}},"id":"xxx","uniqueName":"[email protected]","imageUrl":"https://dev.azure.com/fleet/_api/_common/identityImage?id=xxx","descriptor":"xxxx"},"pushId":22,"date":"2024-01-05T10:17:18.735088Z","url":"https://dev.azure.com/fleet/_apis/git/repositories/xxx/pushes/22","_links":{"self":{"href":"https://dev.azure.com/fleet/_apis/git/repositories/xxx/pushes/22"},"repository":{"href":"https://dev.azure.com/fleet/xxx/_apis/git/repositories/xxx"},"commits":{"href":"https://dev.azure.com/fleet/_apis/git/repositories/xxx/pushes/22/commits"},"pusher":{"href":"https://spsprodneu1.vssps.visualstudio.com/xxx/_apis/Identities/xxx"},"refs":{"href":"https://dev.azure.com/fleet/xxx/_apis/git/repositories/xxx/refs/heads/main"}}},"resourceVersion":"1.0","resourceContainers":{"collection":{"id":"xxx","baseUrl":"https://dev.azure.com/fleet/"},"account":{"id":"ec365173-fce3-4dfc-8fc2-950f0b5728b1","baseUrl":"https://dev.azure.com/fleet/"},"project":{"id":"xxx","baseUrl":"https://dev.azure.com/fleet/"}},"createdDate":"2024-01-05T10:17:26.0098694Z"}`) | ||
bodyReader := bytes.NewReader(jsonBody) | ||
req, err := http.NewRequest(http.MethodPost, repoURL, bodyReader) | ||
if err != nil { | ||
t.Errorf("unexpected err %v", err) | ||
} | ||
h := http.Header{} | ||
h.Add("X-Vss-Activityid", "xxx") | ||
req.Header = h | ||
|
||
w.ServeHTTP(&responseWriter{}, req) | ||
|
||
updatedGitJob := &v1.GitJob{} | ||
err = client.Get(context.TODO(), types.NamespacedName{Name: gitjob.Name, Namespace: gitjob.Namespace}, updatedGitJob) | ||
if err != nil { | ||
t.Errorf("unexpected err %v", err) | ||
} | ||
if updatedGitJob.Status.Commit != commit { | ||
t.Errorf("expected commit %v, but got %v", commit, updatedGitJob.Status.Commit) | ||
} | ||
} | ||
|
||
type responseWriter struct{} | ||
|
||
func (r *responseWriter) Header() http.Header { | ||
return http.Header{} | ||
} | ||
func (r *responseWriter) Write([]byte) (int, error) { | ||
return 0, nil | ||
} | ||
|
||
func (r *responseWriter) WriteHeader(statusCode int) {} |