/
github.py
248 lines (193 loc) · 8.26 KB
/
github.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
# This file is part of Buildbot. Buildbot is free software: you can
# redistribute it and/or modify it under the terms of the GNU General Public
# License as published by the Free Software Foundation, version 2.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details.
#
# You should have received a copy of the GNU General Public License along with
# this program; if not, write to the Free Software Foundation, Inc., 51
# Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Copyright Buildbot Team Members
from __future__ import absolute_import
from __future__ import print_function
import hmac
import logging
import re
from hashlib import sha1
from dateutil.parser import parse as dateparse
from twisted.python import log
from buildbot.util import bytes2NativeString
from buildbot.util import unicode2bytes
try:
import json
assert json
except ImportError:
import simplejson as json
_HEADER_CT = b'Content-Type'
_HEADER_EVENT = b'X-GitHub-Event'
_HEADER_SIGNATURE = b'X-Hub-Signature'
class GitHubEventHandler(object):
def __init__(self, secret, strict, codebase=None):
self._secret = secret
self._strict = strict
self._codebase = codebase
if self._strict and not self._secret:
raise ValueError('Strict mode is requested '
'while no secret is provided')
def process(self, request):
payload = self._get_payload(request)
event_type = request.getHeader(_HEADER_EVENT)
event_type = bytes2NativeString(event_type)
log.msg("X-GitHub-Event: {}".format(
event_type), logLevel=logging.DEBUG)
handler = getattr(self, 'handle_{}'.format(event_type), None)
if handler is None:
raise ValueError('Unknown event: {}'.format(event_type))
return handler(payload, event_type)
def _get_payload(self, request):
content = request.content.read()
content = bytes2NativeString(content)
signature = request.getHeader(_HEADER_SIGNATURE)
signature = bytes2NativeString(signature)
if not signature and self._strict:
raise ValueError('Request has no required signature')
if self._secret and signature:
try:
hash_type, hexdigest = signature.split('=')
except ValueError:
raise ValueError(
'Wrong signature format: {}'.format(signature))
if hash_type != 'sha1':
raise ValueError('Unknown hash type: {}'.format(hash_type))
mac = hmac.new(unicode2bytes(self._secret),
msg=unicode2bytes(content),
digestmod=sha1)
# NOTE: hmac.compare_digest should be used, but it's only available
# starting Python 2.7.7
if mac.hexdigest() != hexdigest:
raise ValueError('Hash mismatch')
content_type = request.getHeader(_HEADER_CT)
content_type = bytes2NativeString(content_type)
if content_type == 'application/json':
payload = json.loads(content)
elif content_type == 'application/x-www-form-urlencoded':
payload = json.loads(request.args['payload'][0])
else:
raise ValueError('Unknown content type: {}'.format(content_type))
log.msg("Payload: {}".format(payload), logLevel=logging.DEBUG)
return payload
def handle_ping(self, _, __):
return [], 'git'
def handle_push(self, payload, event):
# This field is unused:
user = None
# user = payload['pusher']['name']
repo = payload['repository']['name']
repo_url = payload['repository']['html_url']
# NOTE: what would be a reasonable value for project?
# project = request.args.get('project', [''])[0]
project = payload['repository']['full_name']
changes = self._process_change(payload, user, repo, repo_url, project,
event)
log.msg("Received {} changes from github".format(len(changes)))
return changes, 'git'
def handle_pull_request(self, payload, event):
changes = []
number = payload['number']
refname = 'refs/pull/{}/merge'.format(number)
commits = payload['pull_request']['commits']
log.msg('Processing GitHub PR #{}'.format(number),
logLevel=logging.DEBUG)
action = payload.get('action')
if action not in ('opened', 'reopened', 'synchronize'):
log.msg("GitHub PR #{} {}, ignoring".format(number, action))
return changes, 'git'
change = {
'revision': payload['pull_request']['head']['sha'],
'when_timestamp': dateparse(payload['pull_request']['created_at']),
'branch': refname,
'revlink': payload['pull_request']['_links']['html']['href'],
'repository': payload['repository']['html_url'],
'project': payload['pull_request']['base']['repo']['full_name'],
'category': 'pull',
# TODO: Get author name based on login id using txgithub module
'author': payload['sender']['login'],
'comments': 'GitHub Pull Request #{} ({} commit{})'.format(
number, commits, 's' if commits != 1 else ''),
'properties': {
'event': event,
},
}
if callable(self._codebase):
change['codebase'] = self._codebase(payload)
elif self._codebase is not None:
change['codebase'] = self._codebase
changes.append(change)
log.msg("Received {} changes from GitHub PR #{}".format(
len(changes), number))
return changes, 'git'
def _process_change(self, payload, user, repo, repo_url, project, event):
"""
Consumes the JSON as a python object and actually starts the build.
:arguments:
payload
Python Object that represents the JSON sent by GitHub Service
Hook.
"""
changes = []
refname = payload['ref']
# We only care about regular heads or tags
match = re.match(r"^refs/(heads|tags)/(.+)$", refname)
if not match:
log.msg("Ignoring refname `{}': Not a branch".format(refname))
return changes
branch = match.group(2)
if payload.get('deleted'):
log.msg("Branch `{}' deleted, ignoring".format(branch))
return changes
for commit in payload['commits']:
files = []
for kind in ('added', 'modified', 'removed'):
files.extend(commit.get(kind, []))
when_timestamp = dateparse(commit['timestamp'])
log.msg("New revision: {}".format(commit['id'][:8]))
change = {
'author': '{} <{}>'.format(commit['author']['name'],
commit['author']['email']),
'files': files,
'comments': commit['message'],
'revision': commit['id'],
'when_timestamp': when_timestamp,
'branch': branch,
'revlink': commit['url'],
'repository': repo_url,
'project': project,
'properties': {
'github_distinct': commit.get('distinct', True),
'event': event,
},
}
if callable(self._codebase):
change['codebase'] = self._codebase(payload)
elif self._codebase is not None:
change['codebase'] = self._codebase
changes.append(change)
return changes
def getChanges(request, options=None):
"""
Responds only to POST events and starts the build process
:arguments:
request
the http request object
"""
if options is None:
options = {}
klass = options.get('class', GitHubEventHandler)
handler = klass(options.get('secret', None),
options.get('strict', False),
options.get('codebase', None))
return handler.process(request)