forked from openshift/origin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
bitbucket.go
141 lines (118 loc) · 4.2 KB
/
bitbucket.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
package bitbucket
import (
"encoding/json"
"fmt"
"io/ioutil"
"mime"
"net/http"
"k8s.io/apimachinery/pkg/api/errors"
kapi "k8s.io/kubernetes/pkg/api"
"github.com/golang/glog"
buildapi "github.com/openshift/origin/pkg/build/apis/build"
"github.com/openshift/origin/pkg/build/webhook"
)
// WebHook used for processing gitlab webhook requests.
type WebHook struct{}
// New returns gitlab webhook plugin.
func New() *WebHook {
return &WebHook{}
}
// A push event for Bitbucket webhooks. Only some json parameters are used. The
// Bitbucket payload is less flat than GitLab or GitHub
// More information on Bitbucket push events here:
// https://confluence.atlassian.com/bitbucket/event-payloads-740262817.html#EventPayloads-Push
type pushEvent struct {
Actor user `json:"actor"`
Push push `json:"push"`
}
type user struct {
Username string `json:"username"`
DisplayName string `json:"display_name"`
}
type push struct {
Changes []change `json:"changes"`
}
type change struct {
Commits []commit `json:"commits"`
New new `json:"new"`
Old old `json:"old"`
}
type commit struct {
Hash string `json:"hash"`
Message string `json:"message"`
Author user `json:"author"`
}
type new struct {
Type string `json:"type"`
Name string `json:"name"`
}
type old struct {
Type string `json:"type"`
Name string `json:"name"`
}
// Extract services webhooks from bitbucket.com
func (p *WebHook) Extract(buildCfg *buildapi.BuildConfig, secret, path string, req *http.Request) (revision *buildapi.SourceRevision, envvars []kapi.EnvVar, dockerStrategyOptions *buildapi.DockerStrategyOptions, proceed bool, err error) {
triggers, err := webhook.FindTriggerPolicy(buildapi.BitbucketWebHookBuildTriggerType, buildCfg)
if err != nil {
return revision, envvars, dockerStrategyOptions, false, err
}
glog.V(4).Infof("Checking if the provided secret for BuildConfig %s/%s matches", buildCfg.Namespace, buildCfg.Name)
if _, err = webhook.ValidateWebHookSecret(triggers, secret); err != nil {
return revision, envvars, dockerStrategyOptions, false, err
}
glog.V(4).Infof("Verifying build request for BuildConfig %s/%s", buildCfg.Namespace, buildCfg.Name)
if err = verifyRequest(req); err != nil {
return revision, envvars, dockerStrategyOptions, false, err
}
method := getEvent(req.Header)
if method != "repo:push" {
return revision, envvars, dockerStrategyOptions, false, errors.NewBadRequest(fmt.Sprintf("Unknown Bitbucket X-Event-Key %s", method))
}
body, err := ioutil.ReadAll(req.Body)
if err != nil {
return revision, envvars, dockerStrategyOptions, false, errors.NewBadRequest(err.Error())
}
var event pushEvent
if err = json.Unmarshal(body, &event); err != nil {
return revision, envvars, dockerStrategyOptions, false, errors.NewBadRequest(err.Error())
}
// We use old here specifically. If the branch is deleted in a push, the New
// object will be nil.
if !webhook.GitRefMatches(event.Push.Changes[0].Old.Name, webhook.DefaultConfigRef, &buildCfg.Spec.Source) {
glog.V(2).Infof("Skipping build for BuildConfig %s/%s. Branch reference from '%s' does not match configuration", buildCfg.Namespace, buildCfg, event)
return revision, envvars, dockerStrategyOptions, false, err
}
lastCommit := event.Push.Changes[0].Commits[0]
author := buildapi.SourceControlUser{
Name: lastCommit.Author.Username,
}
revision = &buildapi.SourceRevision{
Git: &buildapi.GitSourceRevision{
Commit: lastCommit.Hash,
Author: author,
Committer: author,
Message: lastCommit.Message,
},
}
return revision, envvars, dockerStrategyOptions, true, err
}
func verifyRequest(req *http.Request) error {
if method := req.Method; method != "POST" {
return webhook.MethodNotSupported
}
contentType := req.Header.Get("Content-Type")
mediaType, _, err := mime.ParseMediaType(contentType)
if err != nil {
return errors.NewBadRequest(fmt.Sprintf("non-parseable Content-Type %s (%s)", contentType, err))
}
if mediaType != "application/json" {
return errors.NewBadRequest(fmt.Sprintf("unsupported Content-Type %s", contentType))
}
if len(getEvent(req.Header)) == 0 {
return errors.NewBadRequest("missing X-Event-Key")
}
return nil
}
func getEvent(header http.Header) string {
return header.Get("X-Event-Key")
}