Move webhook to a standalone package under modules (#8747)
* Move webhook to a standalone package under modules * fix test * fix commentstokarchuk/v1.17
Lunny Xiao
5 years ago
committed by
zeripath
parent
ba336f6f45
commit
0e7f7df3cf
@ -0,0 +1,208 @@ |
||||
// Copyright 2019 The Gitea Authors. All rights reserved.
|
||||
// Use of this source code is governed by a MIT-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package webhook |
||||
|
||||
import ( |
||||
"crypto/tls" |
||||
"fmt" |
||||
"io/ioutil" |
||||
"net" |
||||
"net/http" |
||||
"net/url" |
||||
"strings" |
||||
"time" |
||||
|
||||
"code.gitea.io/gitea/models" |
||||
"code.gitea.io/gitea/modules/log" |
||||
"code.gitea.io/gitea/modules/setting" |
||||
"github.com/unknwon/com" |
||||
) |
||||
|
||||
// Deliver deliver hook task
|
||||
func Deliver(t *models.HookTask) error { |
||||
t.IsDelivered = true |
||||
|
||||
var req *http.Request |
||||
var err error |
||||
|
||||
switch t.HTTPMethod { |
||||
case "": |
||||
log.Info("HTTP Method for webhook %d empty, setting to POST as default", t.ID) |
||||
fallthrough |
||||
case http.MethodPost: |
||||
switch t.ContentType { |
||||
case models.ContentTypeJSON: |
||||
req, err = http.NewRequest("POST", t.URL, strings.NewReader(t.PayloadContent)) |
||||
if err != nil { |
||||
return err |
||||
} |
||||
|
||||
req.Header.Set("Content-Type", "application/json") |
||||
case models.ContentTypeForm: |
||||
var forms = url.Values{ |
||||
"payload": []string{t.PayloadContent}, |
||||
} |
||||
|
||||
req, err = http.NewRequest("POST", t.URL, strings.NewReader(forms.Encode())) |
||||
if err != nil { |
||||
|
||||
return err |
||||
} |
||||
|
||||
req.Header.Set("Content-Type", "application/x-www-form-urlencoded") |
||||
} |
||||
case http.MethodGet: |
||||
u, err := url.Parse(t.URL) |
||||
if err != nil { |
||||
return err |
||||
} |
||||
vals := u.Query() |
||||
vals["payload"] = []string{t.PayloadContent} |
||||
u.RawQuery = vals.Encode() |
||||
req, err = http.NewRequest("GET", u.String(), nil) |
||||
if err != nil { |
||||
return err |
||||
} |
||||
default: |
||||
return fmt.Errorf("Invalid http method for webhook: [%d] %v", t.ID, t.HTTPMethod) |
||||
} |
||||
|
||||
req.Header.Add("X-Gitea-Delivery", t.UUID) |
||||
req.Header.Add("X-Gitea-Event", string(t.EventType)) |
||||
req.Header.Add("X-Gitea-Signature", t.Signature) |
||||
req.Header.Add("X-Gogs-Delivery", t.UUID) |
||||
req.Header.Add("X-Gogs-Event", string(t.EventType)) |
||||
req.Header.Add("X-Gogs-Signature", t.Signature) |
||||
req.Header["X-GitHub-Delivery"] = []string{t.UUID} |
||||
req.Header["X-GitHub-Event"] = []string{string(t.EventType)} |
||||
|
||||
// Record delivery information.
|
||||
t.RequestInfo = &models.HookRequest{ |
||||
Headers: map[string]string{}, |
||||
} |
||||
for k, vals := range req.Header { |
||||
t.RequestInfo.Headers[k] = strings.Join(vals, ",") |
||||
} |
||||
|
||||
t.ResponseInfo = &models.HookResponse{ |
||||
Headers: map[string]string{}, |
||||
} |
||||
|
||||
defer func() { |
||||
t.Delivered = time.Now().UnixNano() |
||||
if t.IsSucceed { |
||||
log.Trace("Hook delivered: %s", t.UUID) |
||||
} else { |
||||
log.Trace("Hook delivery failed: %s", t.UUID) |
||||
} |
||||
|
||||
if err := models.UpdateHookTask(t); err != nil { |
||||
log.Error("UpdateHookTask [%d]: %v", t.ID, err) |
||||
} |
||||
|
||||
// Update webhook last delivery status.
|
||||
w, err := models.GetWebhookByID(t.HookID) |
||||
if err != nil { |
||||
log.Error("GetWebhookByID: %v", err) |
||||
return |
||||
} |
||||
if t.IsSucceed { |
||||
w.LastStatus = models.HookStatusSucceed |
||||
} else { |
||||
w.LastStatus = models.HookStatusFail |
||||
} |
||||
if err = models.UpdateWebhookLastStatus(w); err != nil { |
||||
log.Error("UpdateWebhookLastStatus: %v", err) |
||||
return |
||||
} |
||||
}() |
||||
|
||||
resp, err := webhookHTTPClient.Do(req) |
||||
if err != nil { |
||||
t.ResponseInfo.Body = fmt.Sprintf("Delivery: %v", err) |
||||
return err |
||||
} |
||||
defer resp.Body.Close() |
||||
|
||||
// Status code is 20x can be seen as succeed.
|
||||
t.IsSucceed = resp.StatusCode/100 == 2 |
||||
t.ResponseInfo.Status = resp.StatusCode |
||||
for k, vals := range resp.Header { |
||||
t.ResponseInfo.Headers[k] = strings.Join(vals, ",") |
||||
} |
||||
|
||||
p, err := ioutil.ReadAll(resp.Body) |
||||
if err != nil { |
||||
t.ResponseInfo.Body = fmt.Sprintf("read body: %s", err) |
||||
return err |
||||
} |
||||
t.ResponseInfo.Body = string(p) |
||||
return nil |
||||
} |
||||
|
||||
// DeliverHooks checks and delivers undelivered hooks.
|
||||
// TODO: shoot more hooks at same time.
|
||||
func DeliverHooks() { |
||||
tasks, err := models.FindUndeliveredHookTasks() |
||||
if err != nil { |
||||
log.Error("DeliverHooks: %v", err) |
||||
return |
||||
} |
||||
|
||||
// Update hook task status.
|
||||
for _, t := range tasks { |
||||
if err = Deliver(t); err != nil { |
||||
log.Error("deliver: %v", err) |
||||
} |
||||
} |
||||
|
||||
// Start listening on new hook requests.
|
||||
for repoIDStr := range HookQueue.Queue() { |
||||
log.Trace("DeliverHooks [repo_id: %v]", repoIDStr) |
||||
HookQueue.Remove(repoIDStr) |
||||
|
||||
repoID, err := com.StrTo(repoIDStr).Int64() |
||||
if err != nil { |
||||
log.Error("Invalid repo ID: %s", repoIDStr) |
||||
continue |
||||
} |
||||
|
||||
tasks, err := models.FindRepoUndeliveredHookTasks(repoID) |
||||
if err != nil { |
||||
log.Error("Get repository [%d] hook tasks: %v", repoID, err) |
||||
continue |
||||
} |
||||
for _, t := range tasks { |
||||
if err = Deliver(t); err != nil { |
||||
log.Error("deliver: %v", err) |
||||
} |
||||
} |
||||
} |
||||
} |
||||
|
||||
var webhookHTTPClient *http.Client |
||||
|
||||
// InitDeliverHooks starts the hooks delivery thread
|
||||
func InitDeliverHooks() { |
||||
timeout := time.Duration(setting.Webhook.DeliverTimeout) * time.Second |
||||
|
||||
webhookHTTPClient = &http.Client{ |
||||
Transport: &http.Transport{ |
||||
TLSClientConfig: &tls.Config{InsecureSkipVerify: setting.Webhook.SkipTLSVerify}, |
||||
Proxy: http.ProxyFromEnvironment, |
||||
Dial: func(netw, addr string) (net.Conn, error) { |
||||
conn, err := net.DialTimeout(netw, addr, timeout) |
||||
if err != nil { |
||||
return nil, err |
||||
} |
||||
|
||||
return conn, conn.SetDeadline(time.Now().Add(timeout)) |
||||
|
||||
}, |
||||
}, |
||||
} |
||||
|
||||
go DeliverHooks() |
||||
} |
||||
@ -0,0 +1,16 @@ |
||||
// Copyright 2019 The Gitea Authors. All rights reserved.
|
||||
// Use of this source code is governed by a MIT-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package webhook |
||||
|
||||
import ( |
||||
"path/filepath" |
||||
"testing" |
||||
|
||||
"code.gitea.io/gitea/models" |
||||
) |
||||
|
||||
func TestMain(m *testing.M) { |
||||
models.MainTest(m, filepath.Join("..", "..")) |
||||
} |
||||
@ -0,0 +1,179 @@ |
||||
// Copyright 2019 The Gitea Authors. All rights reserved.
|
||||
// Use of this source code is governed by a MIT-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package webhook |
||||
|
||||
import ( |
||||
"crypto/hmac" |
||||
"crypto/sha256" |
||||
"encoding/hex" |
||||
"fmt" |
||||
"strings" |
||||
|
||||
"code.gitea.io/gitea/models" |
||||
"code.gitea.io/gitea/modules/git" |
||||
"code.gitea.io/gitea/modules/log" |
||||
"code.gitea.io/gitea/modules/setting" |
||||
api "code.gitea.io/gitea/modules/structs" |
||||
"code.gitea.io/gitea/modules/sync" |
||||
"github.com/gobwas/glob" |
||||
) |
||||
|
||||
// HookQueue is a global queue of web hooks
|
||||
var HookQueue = sync.NewUniqueQueue(setting.Webhook.QueueLength) |
||||
|
||||
// getPayloadBranch returns branch for hook event, if applicable.
|
||||
func getPayloadBranch(p api.Payloader) string { |
||||
switch pp := p.(type) { |
||||
case *api.CreatePayload: |
||||
if pp.RefType == "branch" { |
||||
return pp.Ref |
||||
} |
||||
case *api.DeletePayload: |
||||
if pp.RefType == "branch" { |
||||
return pp.Ref |
||||
} |
||||
case *api.PushPayload: |
||||
if strings.HasPrefix(pp.Ref, git.BranchPrefix) { |
||||
return pp.Ref[len(git.BranchPrefix):] |
||||
} |
||||
} |
||||
return "" |
||||
} |
||||
|
||||
// PrepareWebhook adds special webhook to task queue for given payload.
|
||||
func PrepareWebhook(w *models.Webhook, repo *models.Repository, event models.HookEventType, p api.Payloader) error { |
||||
return prepareWebhook(w, repo, event, p) |
||||
} |
||||
|
||||
func checkBranch(w *models.Webhook, branch string) bool { |
||||
if w.BranchFilter == "" || w.BranchFilter == "*" { |
||||
return true |
||||
} |
||||
|
||||
g, err := glob.Compile(w.BranchFilter) |
||||
if err != nil { |
||||
// should not really happen as BranchFilter is validated
|
||||
log.Error("CheckBranch failed: %s", err) |
||||
return false |
||||
} |
||||
|
||||
return g.Match(branch) |
||||
} |
||||
|
||||
func prepareWebhook(w *models.Webhook, repo *models.Repository, event models.HookEventType, p api.Payloader) error { |
||||
for _, e := range w.EventCheckers() { |
||||
if event == e.Type { |
||||
if !e.Has() { |
||||
return nil |
||||
} |
||||
} |
||||
} |
||||
|
||||
// If payload has no associated branch (e.g. it's a new tag, issue, etc.),
|
||||
// branch filter has no effect.
|
||||
if branch := getPayloadBranch(p); branch != "" { |
||||
if !checkBranch(w, branch) { |
||||
log.Info("Branch %q doesn't match branch filter %q, skipping", branch, w.BranchFilter) |
||||
return nil |
||||
} |
||||
} |
||||
|
||||
var payloader api.Payloader |
||||
var err error |
||||
// Use separate objects so modifications won't be made on payload on non-Gogs/Gitea type hooks.
|
||||
switch w.HookTaskType { |
||||
case models.SLACK: |
||||
payloader, err = models.GetSlackPayload(p, event, w.Meta) |
||||
if err != nil { |
||||
return fmt.Errorf("GetSlackPayload: %v", err) |
||||
} |
||||
case models.DISCORD: |
||||
payloader, err = models.GetDiscordPayload(p, event, w.Meta) |
||||
if err != nil { |
||||
return fmt.Errorf("GetDiscordPayload: %v", err) |
||||
} |
||||
case models.DINGTALK: |
||||
payloader, err = models.GetDingtalkPayload(p, event, w.Meta) |
||||
if err != nil { |
||||
return fmt.Errorf("GetDingtalkPayload: %v", err) |
||||
} |
||||
case models.TELEGRAM: |
||||
payloader, err = models.GetTelegramPayload(p, event, w.Meta) |
||||
if err != nil { |
||||
return fmt.Errorf("GetTelegramPayload: %v", err) |
||||
} |
||||
case models.MSTEAMS: |
||||
payloader, err = models.GetMSTeamsPayload(p, event, w.Meta) |
||||
if err != nil { |
||||
return fmt.Errorf("GetMSTeamsPayload: %v", err) |
||||
} |
||||
default: |
||||
p.SetSecret(w.Secret) |
||||
payloader = p |
||||
} |
||||
|
||||
var signature string |
||||
if len(w.Secret) > 0 { |
||||
data, err := payloader.JSONPayload() |
||||
if err != nil { |
||||
log.Error("prepareWebhooks.JSONPayload: %v", err) |
||||
} |
||||
sig := hmac.New(sha256.New, []byte(w.Secret)) |
||||
_, err = sig.Write(data) |
||||
if err != nil { |
||||
log.Error("prepareWebhooks.sigWrite: %v", err) |
||||
} |
||||
signature = hex.EncodeToString(sig.Sum(nil)) |
||||
} |
||||
|
||||
if err = models.CreateHookTask(&models.HookTask{ |
||||
RepoID: repo.ID, |
||||
HookID: w.ID, |
||||
Type: w.HookTaskType, |
||||
URL: w.URL, |
||||
Signature: signature, |
||||
Payloader: payloader, |
||||
HTTPMethod: w.HTTPMethod, |
||||
ContentType: w.ContentType, |
||||
EventType: event, |
||||
IsSSL: w.IsSSL, |
||||
}); err != nil { |
||||
return fmt.Errorf("CreateHookTask: %v", err) |
||||
} |
||||
return nil |
||||
} |
||||
|
||||
// PrepareWebhooks adds new webhooks to task queue for given payload.
|
||||
func PrepareWebhooks(repo *models.Repository, event models.HookEventType, p api.Payloader) error { |
||||
return prepareWebhooks(repo, event, p) |
||||
} |
||||
|
||||
func prepareWebhooks(repo *models.Repository, event models.HookEventType, p api.Payloader) error { |
||||
ws, err := models.GetActiveWebhooksByRepoID(repo.ID) |
||||
if err != nil { |
||||
return fmt.Errorf("GetActiveWebhooksByRepoID: %v", err) |
||||
} |
||||
|
||||
// check if repo belongs to org and append additional webhooks
|
||||
if repo.MustOwner().IsOrganization() { |
||||
// get hooks for org
|
||||
orgHooks, err := models.GetActiveWebhooksByOrgID(repo.OwnerID) |
||||
if err != nil { |
||||
return fmt.Errorf("GetActiveWebhooksByOrgID: %v", err) |
||||
} |
||||
ws = append(ws, orgHooks...) |
||||
} |
||||
|
||||
if len(ws) == 0 { |
||||
return nil |
||||
} |
||||
|
||||
for _, w := range ws { |
||||
if err = prepareWebhook(w, repo, event, p); err != nil { |
||||
return err |
||||
} |
||||
} |
||||
return nil |
||||
} |
||||
@ -0,0 +1,67 @@ |
||||
// Copyright 2019 The Gitea Authors. All rights reserved.
|
||||
// Use of this source code is governed by a MIT-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package webhook |
||||
|
||||
import ( |
||||
"testing" |
||||
|
||||
"code.gitea.io/gitea/models" |
||||
api "code.gitea.io/gitea/modules/structs" |
||||
"github.com/stretchr/testify/assert" |
||||
) |
||||
|
||||
func TestPrepareWebhooks(t *testing.T) { |
||||
assert.NoError(t, models.PrepareTestDatabase()) |
||||
|
||||
repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository) |
||||
hookTasks := []*models.HookTask{ |
||||
{RepoID: repo.ID, HookID: 1, EventType: models.HookEventPush}, |
||||
} |
||||
for _, hookTask := range hookTasks { |
||||
models.AssertNotExistsBean(t, hookTask) |
||||
} |
||||
assert.NoError(t, PrepareWebhooks(repo, models.HookEventPush, &api.PushPayload{})) |
||||
for _, hookTask := range hookTasks { |
||||
models.AssertExistsAndLoadBean(t, hookTask) |
||||
} |
||||
} |
||||
|
||||
func TestPrepareWebhooksBranchFilterMatch(t *testing.T) { |
||||
assert.NoError(t, models.PrepareTestDatabase()) |
||||
|
||||
repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 2}).(*models.Repository) |
||||
hookTasks := []*models.HookTask{ |
||||
{RepoID: repo.ID, HookID: 4, EventType: models.HookEventPush}, |
||||
} |
||||
for _, hookTask := range hookTasks { |
||||
models.AssertNotExistsBean(t, hookTask) |
||||
} |
||||
// this test also ensures that * doesn't handle / in any special way (like shell would)
|
||||
assert.NoError(t, PrepareWebhooks(repo, models.HookEventPush, &api.PushPayload{Ref: "refs/heads/feature/7791"})) |
||||
for _, hookTask := range hookTasks { |
||||
models.AssertExistsAndLoadBean(t, hookTask) |
||||
} |
||||
} |
||||
|
||||
func TestPrepareWebhooksBranchFilterNoMatch(t *testing.T) { |
||||
assert.NoError(t, models.PrepareTestDatabase()) |
||||
|
||||
repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 2}).(*models.Repository) |
||||
hookTasks := []*models.HookTask{ |
||||
{RepoID: repo.ID, HookID: 4, EventType: models.HookEventPush}, |
||||
} |
||||
for _, hookTask := range hookTasks { |
||||
models.AssertNotExistsBean(t, hookTask) |
||||
} |
||||
assert.NoError(t, PrepareWebhooks(repo, models.HookEventPush, &api.PushPayload{Ref: "refs/heads/fix_weird_bug"})) |
||||
|
||||
for _, hookTask := range hookTasks { |
||||
models.AssertNotExistsBean(t, hookTask) |
||||
} |
||||
} |
||||
|
||||
// TODO TestHookTask_deliver
|
||||
|
||||
// TODO TestDeliverHooks
|
||||
Loading…
Reference in new issue