Documentation
¶
Index ¶
- func ConfigureRepository(ctx context.Context, run *params.Run, req *http.Request, payload string, ...) (bool, bool, error)
- type Provider
- func (v *Provider) CreateStatus(ctx context.Context, tekton versioned.Interface, runevent *info.Event, ...) error
- func (v *Provider) Detect(req *http.Request, payload string, logger *zap.SugaredLogger) (bool, bool, *zap.SugaredLogger, string, error)
- func (v *Provider) GetAppToken(ctx context.Context, kube kubernetes.Interface, gheURL string, ...) (string, error)
- func (v *Provider) GetCommitInfo(ctx context.Context, runevent *info.Event) error
- func (v *Provider) GetConfig() *info.ProviderConfig
- func (v *Provider) GetFileInsideRepo(ctx context.Context, runevent *info.Event, path, target string) (string, error)
- func (v *Provider) GetFiles(ctx context.Context, runevent *info.Event) ([]string, error)
- func (v *Provider) GetStringPullRequestComment(ctx context.Context, runevent *info.Event, reg string) ([]*github.IssueComment, error)
- func (v *Provider) GetTaskURI(ctx context.Context, _ *params.Run, event *info.Event, uri string) (bool, string, error)
- func (v *Provider) GetTektonDir(ctx context.Context, runevent *info.Event, path string) (string, error)
- func (v *Provider) InitAppClient(ctx context.Context, kube kubernetes.Interface, event *info.Event) error
- func (v *Provider) IsAllowed(ctx context.Context, event *info.Event) (bool, error)
- func (v *Provider) ParsePayload(ctx context.Context, run *params.Run, request *http.Request, payload string) (*info.Event, error)
- func (v *Provider) SetClient(ctx context.Context, run *params.Run, event *info.Event) error
- func (v *Provider) SetLogger(logger *zap.SugaredLogger)
- func (v *Provider) Validate(_ context.Context, _ *params.Run, event *info.Event) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Provider ¶
type Provider struct {
Client *github.Client
Logger *zap.SugaredLogger
Token, APIURL *string
ApplicationID *int64
Run *params.Run
// contains filtered or unexported fields
}
func (*Provider) CreateStatus ¶
func (*Provider) Detect ¶
func (v *Provider) Detect(req *http.Request, payload string, logger *zap.SugaredLogger) (bool, bool, *zap.SugaredLogger, string, error)
Detect processes event and detect if it is a github event, whether to process or reject it returns (if is a GH event, whether to process or reject, error if any occurred)
func (*Provider) GetAppToken ¶ added in v0.15.0
func (*Provider) GetCommitInfo ¶
GetCommitInfo get info (url and title) on a commit in runevent, this needs to be run after sewebhook while we already matched a token.
func (*Provider) GetConfig ¶
func (v *Provider) GetConfig() *info.ProviderConfig
func (*Provider) GetFileInsideRepo ¶
func (v *Provider) GetFileInsideRepo(ctx context.Context, runevent *info.Event, path, target string) (string, error)
GetFileInsideRepo Get a file via Github API using the runinfo information, we branch is true, the user the branch as ref instead of the SHA TODO: merge GetFileInsideRepo amd GetTektonDir
func (*Provider) GetStringPullRequestComment ¶
func (v *Provider) GetStringPullRequestComment(ctx context.Context, runevent *info.Event, reg string) ([]*github.IssueComment, error)
GetStringPullRequestComment return the comment if we find a regexp in one of the comments text of a pull request
func (*Provider) GetTaskURI ¶ added in v0.13.0
func (*Provider) GetTektonDir ¶
func (v *Provider) GetTektonDir(ctx context.Context, runevent *info.Event, path string) (string, error)
GetTektonDir Get all yaml files in tekton directory return as a single concated file
func (*Provider) InitAppClient ¶
func (*Provider) ParsePayload ¶
func (v *Provider) ParsePayload(ctx context.Context, run *params.Run, request *http.Request, payload string) (*info.Event, error)
ParsePayload will parse the payload and return the event it generate the github app token targeting the installation id this pieces of code is a bit messy because we need first getting a token to before parsing the payload.
We need to get the token at first because in some case when coming from pull request comment (or recheck from the UI) we will use that token to get information about the PR that is not part of the payload.
We then regenerate a second time the token scoped to the repo where the payload come from so we can avoid the scenario where an admin install the app on a github org which has a mixed of private and public repos and some of the public users should not have access to the private repos.
Another thing: The payload is protected by the webhook signature so it cannot be tempered but even tho if it's tempered with and somehow a malicious user found the token and set their own github endpoint to hijack and exfiltrate the token, it would fail since the jwt token generation will fail, so we are safe here. a bit too far fetched but i don't see any way we can exploit this.
func (*Provider) SetLogger ¶
func (v *Provider) SetLogger(logger *zap.SugaredLogger)
Source Files