Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement DockerHub webhook receiver #112

Merged
merged 1 commit into from
Jan 14, 2021
Merged

Implement DockerHub webhook receiver #112

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion api/v1beta1/receiver_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ import (
type ReceiverSpec struct {
// Type of webhook sender, used to determine
// the validation procedure and payload deserialization.
// +kubebuilder:validation:Enum=generic;github;gitlab;bitbucket;harbor
// +kubebuilder:validation:Enum=generic;github;gitlab;bitbucket;harbor;dockerhub
// +required
Type string `json:"type"`

Expand Down Expand Up @@ -68,6 +68,7 @@ const (
GitLabReceiver string = "gitlab"
BitbucketReceiver string = "bitbucket"
HarborReceiver string = "harbor"
DockerHubReceiver string = "dockerhub"
)

func ReceiverReady(receiver Receiver, reason, message, url string) Receiver {
Expand Down
1 change: 1 addition & 0 deletions config/crd/bases/notification.toolkit.fluxcd.io_receivers.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,7 @@ spec:
- gitlab
- bitbucket
- harbor
- dockerhub
type: string
required:
- resources
Expand Down
2 changes: 1 addition & 1 deletion docs/spec/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ with an exponential backoff of maximum 30 seconds.
The notification controller handles webhook requests on a dedicated port.
This port can be used to create a Kubernetes LoadBalancer Service or
Ingress to expose the receiver endpoint outside the cluster
to be accessed by GitHub, GitLab, Bitbucket, Harbor, Jenkins, etc.
to be accessed by GitHub, GitLab, Bitbucket, Harbor, DockerHub, Jenkins, etc.

Receiver API:

Expand Down
30 changes: 24 additions & 6 deletions docs/spec/v1beta1/receiver.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ reconciliation for a group of resources.
type ReceiverSpec struct {
// Type of webhook sender, used to determine
// the validation procedure and payload deserialization.
// +kubebuilder:validation:Enum=generic;github;gitlab;harbor
// +kubebuilder:validation:Enum=generic;github;gitlab;harbor;dockerhub
// +required
Type string `json:"type"`

Expand Down Expand Up @@ -43,6 +43,7 @@ const (
GitLabReceiver string = "gitlab"
BitbucketReceiver string = "bitbucket"
HarborReceiver string = "harbor"
DockerHubReceiver string = "dockerhub"
)
```

Expand All @@ -69,7 +70,7 @@ kubectl create secret generic webhook-token \
--from-literal=token=$TOKEN
```

GitHub receiver:
### GitHub receiver

```yaml
apiVersion: notification.toolkit.fluxcd.io/v1beta1
Expand All @@ -94,7 +95,7 @@ spec:
Note that you have to set the generated token as the GitHub webhook secret value.
The controller uses the `X-Hub-Signature` HTTP header to verify that the request is legitimate.

GitLab receiver:
### GitLab receiver

```yaml
apiVersion: notification.toolkit.fluxcd.io/v1beta1
Expand All @@ -119,7 +120,7 @@ spec:
Note that you have to configure the GitLab webhook with the generated token.
The controller uses the `X-Gitlab-Token` HTTP header to verify that the request is legitimate.

Bitbucket server receiver:
### Bitbucket server receiver

```yaml
apiVersion: notification.toolkit.fluxcd.io/v1beta1
Expand All @@ -141,7 +142,7 @@ spec:
Note that you have to set the generated token as the Bitbucket server webhook secret value.
The controller uses the `X-Hub-Signature` HTTP header to verify that the request is legitimate.

Harbor receiver:
### Harbor receiver

```yaml
apiVersion: notification.toolkit.fluxcd.io/v1beta1
Expand All @@ -163,7 +164,24 @@ spec:
Note that you have to set the generated token as the Harbor webhook authentication header.
The controller uses the `Authentication` HTTP header to verify that the request is legitimate.

Generic receiver:
### DockerHub receiver

```yaml
apiVersion: notification.toolkit.fluxcd.io/v1beta1
kind: Receiver
metadata:
name: dockerhub-receiver
namespace: default
spec:
type: dockerhub
secretRef:
name: webhook-token
resources:
- kind: ImageRepository
name: webapp
```

### Generic receiver

```yaml
apiVersion: notification.toolkit.fluxcd.io/v1beta1
Expand Down
19 changes: 19 additions & 0 deletions internal/server/receiver_handlers.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ package server

import (
"context"
"encoding/json"
"fmt"
"net/http"
"net/url"
Expand Down Expand Up @@ -181,6 +182,24 @@ func (s *ReceiverServer) validate(ctx context.Context, receiver v1beta1.Receiver

s.logger.Info("handling Harbor event", "receiver", receiver.Name)
return nil
case v1beta1.DockerHubReceiver:
type payload struct {
PushData struct {
Tag string `json:"tag"`
} `json:"push_data"`
Repository struct {
URL string `json:"repo_url"`
} `json:"repository"`
}
var p payload
if err := json.NewDecoder(r.Body).Decode(&p); err != nil {
return fmt.Errorf("cannot decode DockerHub webhook payload")
}

s.logger.Info(
fmt.Sprintf("handling event from %s for tag %s", p.Repository.URL, p.PushData.Tag),
"receiver", receiver.Name)
return nil
}

return fmt.Errorf("recevier type '%s' not supported", receiver.Spec.Type)
Expand Down