def clone_repository(payload): GIT_REPO = str(os.path.join(GIT_DIR, payload["delivery_id"])) if os.path.exists(GIT_REPO): shutil.rmtree(GIT_REPO) repo = git.Repo.init(GIT_REPO) origin = repo.create_remote("origin", payload["repository"]["ssh_url"]) with open(KEYFILE, "w") as f: f.write(utils.get_ssh_keys()[0]) with open(SSH_CONFIG_FILE, "w") as f: f.write("Host *\n\tStrictHostKeyChecking no") os.chmod(KEYFILE, 0600) os.chmod(SSH_CONFIG_FILE, 0600) if os.system("cd %s; ssh-agent bash -c 'ssh-add %s; git pull origin master'" % (GIT_REPO, KEYFILE)) == 0: os.unlink(KEYFILE) problems = [] for problem in os.listdir(GIT_REPO): problem = str(problem) if problem in [".", "..", ".git", ".exclude"]: continue if not os.path.isdir(os.path.join(GIT_REPO, problem)): continue files = os.listdir(os.path.join(GIT_REPO, problem)) for required_file in ["grader.py", "problem.yml", "description.md"]: if required_file not in files: raise WebException("Expected required file %s in '%s'." % (required_file, problem)) metadata = yaml.load(open(os.path.join(GIT_REPO, problem, "problem.yml"))) for required_key in ["title", "category", "value"]: if required_key not in metadata: raise WebException("Expected required key %s in 'problem.yml'." % required_key) problems.append(problem) # thread = threading.Thread(target=import_repository, args=(GIT_REPO, problems)) import_repository(GIT_REPO, problems) else: raise WebException("Failed to pull from remote.")
def get_settings(): settings_return = {} settings = Config.query.all() for setting in settings: if setting.key in ["public_key", "private_key"]: continue settings_return[setting.key] = setting.value if setting.key == "webhook_secret" and len(setting.value) > 1: dummy, settings_return["public_key"] = utils.get_ssh_keys() return settings_return
def github_webhook(): secret = utils.get_config("webhook_secret", "") if len(secret) == 0: raise WebException("A webhook has not been enabled for this platform. Set a secret to enable the webhook.") payload = request.get_data() hashed = hmac.new(secret, payload, hashlib.sha1) if request.headers["X-Hub-Signature"] != "sha1=%s" % hashed.hexdigest(): raise WebException("Forged request detected.") data = json.loads(payload) url = data["repository"]["ssh_url"] key, dummy = utils.get_ssh_keys() client = paramiko.SSHClient() client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) private_key = paramiko.RSAKey.from_private_key(StringIO(key)) try: client.connect(hostname="github.com", username="******", pkey=private_key) except paramiko.AuthenticationException: raise WebException("Github is denying access to this repository. Make sure the public key has been installed correctly.") data["delivery_id"] = request.headers["X-GitHub-Delivery"] # thread = threading.Thread(target=import_repository, args=(data)) clone_repository(data) return { "success": 1, "message": "Initiated import." }