Shiloh/lasthourcloud
Shiloh/lasthourcloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 4 Wiki Activity

fix: GitHub sync PR's

Browse Source
This commit is contained in:
Andras Bacsai 2022-02-15 10:25:23 +01:00
parent 7bfa68aa58
commit 0eb7c890ad
1 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/routes/webhooks/github/events.ts
View File

@ -5,6 +5,7 @@ import cuid from 'cuid';
import crypto from 'crypto'; import crypto from 'crypto';
import { buildQueue } from '$lib/queues'; import { buildQueue } from '$lib/queues';
import { checkContainer, removeProxyConfiguration } from '$lib/haproxy'; import { checkContainer, removeProxyConfiguration } from '$lib/haproxy';
import { dev } from '$app/env';
export const options: RequestHandler = async () => { export const options: RequestHandler = async () => {
return { return {
@ -22,8 +23,8 @@ export const post: RequestHandler = async (event) => {
const buildId = cuid(); const buildId = cuid();
const allowedGithubEvents = ['push', 'pull_request']; const allowedGithubEvents = ['push', 'pull_request'];
const allowedActions = ['opened', 'reopened', 'synchronize', 'closed']; const allowedActions = ['opened', 'reopened', 'synchronize', 'closed'];
const githubEvent = event.request.headers.get('x-github-event').toLowerCase(); const githubEvent = event.request.headers.get('x-github-event')?.toLowerCase();
const githubSignature = event.request.headers.get('x-hub-signature-256').toLowerCase(); const githubSignature = event.request.headers.get('x-hub-signature-256')?.toLowerCase();
if (!allowedGithubEvents.includes(githubEvent)) { if (!allowedGithubEvents.includes(githubEvent)) {
return { return {
status: 500, status: 500,
@ -34,7 +35,6 @@ export const post: RequestHandler = async (event) => {
} }
let repository, projectId, branch; let repository, projectId, branch;
const body = await event.request.json(); const body = await event.request.json();
if (githubEvent === 'push') { if (githubEvent === 'push') {
repository = body.repository; repository = body.repository;
projectId = repository.id; projectId = repository.id;
@ -54,14 +54,17 @@ export const post: RequestHandler = async (event) => {
'utf8' 'utf8'
); );
const checksum = Buffer.from(githubSignature, 'utf8'); const checksum = Buffer.from(githubSignature, 'utf8');
if (checksum.length !== digest.length || !crypto.timingSafeEqual(digest, checksum)) { if (!dev) {
return { if (checksum.length !== digest.length || !crypto.timingSafeEqual(digest, checksum)) {
status: 500, return {
body: { status: 500,
message: 'SHA256 checksum failed. Are you doing something fishy?' body: {
} message: 'SHA256 checksum failed. Are you doing something fishy?'
}; }
};
}
} }
if (githubEvent === 'push') { if (githubEvent === 'push') {
if (!applicationFound.configHash) { if (!applicationFound.configHash) {
const configHash = crypto const configHash = crypto
@ -120,7 +123,11 @@ export const post: RequestHandler = async (event) => {
}; };
} }
} }
if (pullmergeRequestAction === 'opened' || pullmergeRequestAction === 'reopened') { if (
pullmergeRequestAction === 'opened' ||
pullmergeRequestAction === 'reopened' ||
pullmergeRequestAction === 'synchronize'
) {
await buildQueue.add(buildId, { await buildQueue.add(buildId, {
build_id: buildId, build_id: buildId,
type: 'webhook_pr', type: 'webhook_pr',