also install webhooks secrets

This commit is contained in:
Jörg Thalheim 2023-10-12 15:59:26 +02:00
parent 508714f7bf
commit 74fb30f6ff
2 changed files with 6 additions and 3 deletions

View file

@ -654,12 +654,15 @@ class NixConfigurator(ConfiguratorBase):
config["projects"] = config.get("projects", []) config["projects"] = config.get("projects", [])
webhook_secret = read_secret_file(self.github.webhook_secret_name)
for project in projects: for project in projects:
create_project_hook( create_project_hook(
project.owner, project.owner,
project.repo, project.repo,
self.github.token(), self.github.token(),
f"{self.url}/change_hook/github", f"{self.url}/change_hook/github",
webhook_secret,
) )
for project in projects: for project in projects:
@ -707,7 +710,7 @@ class NixConfigurator(ConfiguratorBase):
"change_hook_dialects", {} "change_hook_dialects", {}
) )
config["www"]["change_hook_dialects"]["github"] = { config["www"]["change_hook_dialects"]["github"] = {
"secret": read_secret_file(self.github.webhook_secret_name), "secret": webhook_secret,
"strict": True, "strict": True,
"token": self.github.token(), "token": self.github.token(),
"github_property_whitelist": "*", "github_property_whitelist": "*",

View file

@ -101,11 +101,11 @@ class GithubProject:
return self.data["topics"] return self.data["topics"]
def create_project_hook(owner: str, repo: str, token: str, webhook_url: str) -> None: def create_project_hook(owner: str, repo: str, token: str, webhook_url: str, webhook_secret) -> None:
hooks = paginated_github_request( hooks = paginated_github_request(
f"https://api.github.com/repos/{owner}/{repo}/hooks?per_page=100", token f"https://api.github.com/repos/{owner}/{repo}/hooks?per_page=100", token
) )
config = dict(url=webhook_url, content_type="json", insecure_ssl="0") config = dict(url=webhook_url, content_type="json", insecure_ssl="0", secret=webhook_secret)
data = dict(name="web", active=True, events=["push", "pull_request"], config=config) data = dict(name="web", active=True, events=["push", "pull_request"], config=config)
headers = { headers = {
"Authorization": f"Bearer {token}", "Authorization": f"Bearer {token}",