def post_github_webhook(snap_name=None, github_owner=None, github_repo=None):
repo_url = flask.request.json["repository"]["html_url"]
gh_owner = flask.request.json["repository"]["owner"]["login"]
gh_repo = flask.request.json["repository"]["name"]
if snap_name:
lp_snap = launchpad.get_snap_by_store_name(snap_name)
else:
lp_snap = launchpad.get_snap(md5(repo_url.encode("UTF-8")).hexdigest())
# Check that this is the repo for this snap
if lp_snap["git_repository_url"] != repo_url:
return ("The repository does not match the one used by this Snap", 403)
github = GitHub()
if not github.validate_webhook_signature(
flask.request.data, flask.request.headers.get("X-Hub-Signature")):
return ("Invalid secret", 403)
validation = validate_repo(GITHUB_SNAPCRAFT_USER_TOKEN,
lp_snap["store_name"], gh_owner, gh_repo)
if not validation["success"]:
return (validation["error"]["message"], 400)
if launchpad.is_snap_building(lp_snap["store_name"]):
launchpad.cancel_snap_builds(lp_snap["store_name"])
launchpad.build_snap(lp_snap["store_name"])
return ("", 204)
def post_github_webhook(snap_name=None, github_owner=None, github_repo=None):
payload = flask.request.json
repo_url = payload["repository"]["html_url"]
gh_owner = payload["repository"]["owner"]["login"]
gh_repo = payload["repository"]["name"]
gh_default_branch = payload["repository"]["default_branch"]
# The first payload after the webhook creation
# doesn't contain a "ref" key
if "ref" in payload:
gh_event_branch = payload["ref"][11:]
else:
gh_event_branch = gh_default_branch
# Check the push event is in the default branch
if gh_default_branch != gh_event_branch:
return ("The push event is not for the default branch", 200)
if snap_name:
lp_snap = launchpad.get_snap_by_store_name(snap_name)
else:
lp_snap = launchpad.get_snap(md5(repo_url.encode("UTF-8")).hexdigest())
if not lp_snap:
return ("This repository is not linked with any Snap", 403)
# Check that this is the repo for this snap
if lp_snap["git_repository_url"] != repo_url:
return ("The repository does not match the one used by this Snap", 403)
github = GitHub()
signature = flask.request.headers.get("X-Hub-Signature")
if not github.validate_webhook_signature(flask.request.data, signature):
if not github.validate_bsi_webhook_secret(
gh_owner, gh_repo, flask.request.data, signature
):
return ("Invalid secret", 403)
validation = validate_repo(
GITHUB_SNAPCRAFT_USER_TOKEN, lp_snap["store_name"], gh_owner, gh_repo
)
if not validation["success"]:
return (validation["error"]["message"], 400)
if launchpad.is_snap_building(lp_snap["store_name"]):
launchpad.cancel_snap_builds(lp_snap["store_name"])
launchpad.build_snap(lp_snap["store_name"])
return ("", 204)
