// PostHook accepts a post-commit hook and parses the payload
// in order to trigger a build. The payload is specified to the
// remote system (ie GitHub) and will therefore get parsed by
// the appropriate remote plugin.
//
// POST /api/repos/{host}/{owner}/{name}/branches/{branch}/commits/{commit}
//
func PostCommit(c web.C, w http.ResponseWriter, r *http.Request) {
var ctx = context.FromC(c)
var (
branch = c.URLParams["branch"]
hash = c.URLParams["commit"]
host = c.URLParams["host"]
repo = ToRepo(c)
remote = remote.Lookup(host)
)
commit, err := datastore.GetCommitSha(ctx, repo, branch, hash)
if err != nil {
w.WriteHeader(http.StatusNotFound)
return
}
if commit.Status == model.StatusStarted ||
commit.Status == model.StatusEnqueue {
w.WriteHeader(http.StatusConflict)
return
}
commit.Status = model.StatusEnqueue
commit.Started = 0
commit.Finished = 0
commit.Duration = 0
if err := datastore.PutCommit(ctx, commit); err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
owner, err := datastore.GetUser(ctx, repo.UserID)
if err != nil {
w.WriteHeader(http.StatusBadRequest)
return
}
// Request a new token and update
user_token, err := remote.GetToken(owner)
if user_token != nil {
owner.Access = user_token.AccessToken
owner.Secret = user_token.RefreshToken
owner.TokenExpiry = user_token.Expiry
datastore.PutUser(ctx, owner)
} else if err != nil {
w.WriteHeader(http.StatusBadRequest)
return
}
// drop the items on the queue
go worker.Do(ctx, &worker.Work{
User: owner,
Repo: repo,
Commit: commit,
Host: httputil.GetURL(r),
})
w.WriteHeader(http.StatusOK)
}
// getUserJWT is a helper function that parses the User ID
// and retrieves the User data from a JWT Token.
func getUserJWT(c context.Context, token string) *model.User {
var t, err = jwt.Parse(token, func(t *jwt.Token) (interface{}, error) {
return []byte(*secret), nil
})
if err != nil || !t.Valid {
return nil
}
var userid, ok = t.Claims["user_id"].(float64)
if !ok {
return nil
}
var user, _ = datastore.GetUser(c, int64(userid))
return user
}
// PostHook accepts a post-commit hook and parses the payload
// in order to trigger a build. The payload is specified to the
// remote system (ie GitHub) and will therefore get parsed by
// the appropriate remote plugin.
//
// GET /api/hook/:host
//
func PostHook(c web.C, w http.ResponseWriter, r *http.Request) {
var ctx = context.FromC(c)
var host = c.URLParams["host"]
var token = c.URLParams["token"]
var remote = remote.Lookup(host)
if remote == nil {
w.WriteHeader(http.StatusNotFound)
return
}
// parse the hook payload
hook, err := remote.ParseHook(r)
if err != nil {
log.Printf("Unable to parse hook. %s\n", err)
w.WriteHeader(http.StatusBadRequest)
return
}
// in some cases we have neither a hook nor error. An example
// would be GitHub sending a ping request to the URL, in which
// case we'll just exit quiely with an 'OK'
shouldSkip, _ := regexp.MatchString(`\[(?i:ci *skip|skip *ci)\]`, hook.Message)
if hook == nil || shouldSkip {
w.WriteHeader(http.StatusOK)
return
}
// fetch the repository from the database
repo, err := datastore.GetRepoName(ctx, remote.GetHost(), hook.Owner, hook.Repo)
if err != nil {
w.WriteHeader(http.StatusNotFound)
return
}
// each hook contains a token to verify the sender. If the token
// is not provided or does not match, exit
if len(repo.Token) == 0 || repo.Token != token {
log.Printf("Rejected post commit hook for %s. Token mismatch\n", repo.Name)
w.WriteHeader(http.StatusUnauthorized)
return
}
if repo.Active == false ||
(repo.PostCommit == false && len(hook.PullRequest) == 0) ||
(repo.PullRequest == false && len(hook.PullRequest) != 0) {
w.WriteHeader(http.StatusNotFound)
return
}
// fetch the user from the database that owns this repo
user, err := datastore.GetUser(ctx, repo.UserID)
if err != nil {
w.WriteHeader(http.StatusNotFound)
return
}
// Request a new token and update
user_token, err := remote.GetToken(user)
if user_token != nil {
user.Access = user_token.AccessToken
user.Secret = user_token.RefreshToken
user.TokenExpiry = user_token.Expiry
datastore.PutUser(ctx, user)
} else if err != nil {
log.Printf("Unable to refresh token. %s\n", err)
w.WriteHeader(http.StatusBadRequest)
return
}
// fetch the .drone.yml file from the database
yml, err := remote.GetScript(user, repo, hook)
if err != nil {
log.Printf("Unable to fetch .drone.yml file. %s\n", err)
w.WriteHeader(http.StatusBadRequest)
return
}
// verify the commit hooks branch matches the list of approved
// branches (unless it is a pull request). Note that we don't really
// care if parsing the yaml fails here.
s, _ := script.ParseBuild(string(yml))
if len(hook.PullRequest) == 0 && !s.MatchBranch(hook.Branch) {
w.WriteHeader(http.StatusOK)
return
}
commit := model.Commit{
RepoID: repo.ID,
Status: model.StatusEnqueue,
Sha: hook.Sha,
Branch: hook.Branch,
PullRequest: hook.PullRequest,
Timestamp: hook.Timestamp,
Message: hook.Message,
Config: string(yml),
}
commit.SetAuthor(hook.Author)
// inserts the commit into the database
if err := datastore.PostCommit(ctx, &commit); err != nil {
log.Printf("Unable to persist commit %s@%s. %s\n", commit.Sha, commit.Branch, err)
w.WriteHeader(http.StatusBadRequest)
return
}
owner, err := datastore.GetUser(ctx, repo.UserID)
if err != nil {
log.Printf("Unable to retrieve repository owner. %s.\n", err)
w.WriteHeader(http.StatusBadRequest)
return
}
// drop the items on the queue
go worker.Do(ctx, &worker.Work{
User: owner,
Repo: repo,
Commit: &commit,
Host: httputil.GetURL(r),
})
w.WriteHeader(http.StatusOK)
}
