forked from openshift/origin
-
Notifications
You must be signed in to change notification settings - Fork 1
/
webhook.go
73 lines (62 loc) · 2.23 KB
/
webhook.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
package buildconfig
import (
"fmt"
"net/http"
"strings"
kapi "github.com/GoogleCloudPlatform/kubernetes/pkg/api"
"github.com/GoogleCloudPlatform/kubernetes/pkg/api/errors"
"github.com/GoogleCloudPlatform/kubernetes/pkg/registry/generic/rest"
buildapi "github.com/openshift/origin/pkg/build/api"
"github.com/openshift/origin/pkg/build/client"
"github.com/openshift/origin/pkg/build/webhook"
)
func NewWebHookREST(registry Registry, instantiator client.BuildConfigInstantiator, plugins map[string]webhook.Plugin) *rest.WebHook {
controller := &controller{
registry: registry,
instantiator: instantiator,
plugins: plugins,
}
return rest.NewWebHook(controller, false)
}
type controller struct {
registry Registry
instantiator client.BuildConfigInstantiator
plugins map[string]webhook.Plugin
}
// ServeHTTP implements rest.HookHandler
func (c *controller) ServeHTTP(w http.ResponseWriter, req *http.Request, ctx kapi.Context, name, subpath string) error {
parts := strings.Split(subpath, "/")
if len(parts) < 2 {
return errors.NewBadRequest(fmt.Sprintf("unexpected hook subpath %s", subpath))
}
secret, hookType := parts[0], parts[1]
plugin, ok := c.plugins[hookType]
if !ok {
return errors.NewNotFound("BuildConfigHook", hookType)
}
config, err := c.registry.GetBuildConfig(ctx, name)
if err != nil {
// clients should not be able to find information about build configs in the system unless the config exists
// and the secret matches
return errors.NewUnauthorized(fmt.Sprintf("the webhook %q for %q did not accept your secret", hookType, name))
}
revision, proceed, err := plugin.Extract(config, secret, "", req)
switch err {
case webhook.ErrSecretMismatch, webhook.ErrHookNotEnabled:
return errors.NewUnauthorized(fmt.Sprintf("the webhook %q for %q did not accept your secret", plugin, name))
case nil:
default:
return errors.NewInternalError(fmt.Errorf("hook failed: %v", err))
}
if !proceed {
return nil
}
request := &buildapi.BuildRequest{
ObjectMeta: kapi.ObjectMeta{Name: name},
Revision: revision,
}
if _, err := c.instantiator.Instantiate(config.Namespace, request); err != nil {
return errors.NewInternalError(fmt.Errorf("could not generate a build: %v", err))
}
return nil
}