-
Notifications
You must be signed in to change notification settings - Fork 147
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add webhooks for all harbor projects when created #1753
Conversation
if (lagoonHarborRoute === 'http://172.17.0.1:8084'){ | ||
var webhookAddress = 'http://172.17.0.1:7777' | ||
} else { | ||
var webhookAddress = "https://hooks.lagoon.amazeeio.cloud/" | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this could be done a bit better:
- instead of using
http://172.17.0.1:7777
we can usehttp://webhook-handler:3000
as harbor and the webhook-handler are locally in the same docker network you can talk to the services with their DNS names and their internal ports. - The discovery of the public Hook WebHook URL can be fully automated via checking the env variables, see an example:
https://github.com/amazeeio/lagoon/blob/b6117c46d9fbc335b0dd0126a633904a70548486/services/api/src/clients/keycloakClient.js#L21-L26
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree with you on how to set the default for this variable. About the container address; we already use the 172.17.0.1 notation on line 7, which why I opted for it here. I'll test with webhook-handler
to verify it works as expected.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The webhook-handler:3000
works as expected. The only problem with that is that we aren't loading the webhook-handler for most of the CI tests. Should I write some testing logic which includes these webhooks as well?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
After sleeping on it, I realized that we can't really test this just yet because we do not yet have a webhook handler for these Harbor webhooks as of yet.
Checklist
This commit adds the ability for kubernetesbuilddeploy to automatically add a webhook for each project when that project is created. These webhooks will be triggered when a container security scan within Harbor either fails or completes.