puppet_webhook 1.4.0 → 1.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA256:
-  metadata.gz: 906dfa13bf22e727fd153eff673db49f0122e7fa5417ef213177f9bb5e210abc
-  data.tar.gz: db34a880e6a705920606229f35f5f9e48eeec57b64f583335ac3253d1041f042
+SHA1:
+  metadata.gz: 653632cd922c85c60f40066bea79580609626cc1
+  data.tar.gz: d2a72dae7db871ac46c8d1353e6ae43aaab761c5
 SHA512:
-  metadata.gz: bd6610589cdd23e673ae70ad39cdea36c042bf64dc73c785bebfdc550b792be616f431a451f425c7a21e6acae7ebb2b6c6c9847d251dec6d7d7266a6922d6b17
-  data.tar.gz: 79860c041ffe00bbca6b39e2a025a3818805b8fb960143e7a262dfe665feeaf2c0d0cfad42384f25c3111f0f9ea3e3202137b157bd3ce81ea0f2a6b241165b95
+  metadata.gz: d0214e6440b6ccb26e0bff3f28f0756f512e0f7235618a50d05e6859fe42095f8b42359ee358ec4cc1d39174ea2661dc9d8504a9b47b6f88fe80a20317dc02a5
+  data.tar.gz: c198a88fa0849cb8588e70b81d0c07be6d85955954a6a150ed5e972440e483e3f1ea1abdfa51c009918c7f8698fbb0dca4a46d2bc0f284193bcfcf5f26496c97

data/CHANGELOG.md

@@ -4,6 +4,24 @@ All notable changes to this project will be documented in this file.
 Each new release typically also includes the latest modulesync defaults.
 These should not affect the functionality of the module.
 
+## [v1.5.0](https://github.com/voxpupuli/puppet_webhook/tree/v1.5.0) (2018-11-01)
+[Full Changelog](https://github.com/voxpupuli/puppet_webhook/compare/v1.4.0...v1.5.0)
+
+**Implemented enhancements:**
+
+- Add tests to validate posts to the module route  [\#37](https://github.com/voxpupuli/puppet_webhook/pull/37) ([dhollinger](https://github.com/dhollinger))
+
+**Fixed bugs:**
+
+- puppet\_webhook is not compatible with Ruby \< 2.2.2 [\#56](https://github.com/voxpupuli/puppet_webhook/issues/56)
+
+**Merged pull requests:**
+
+- Bitbucket Server \(stash\) detection / JSON updates [\#61](https://github.com/voxpupuli/puppet_webhook/pull/61) ([ChetHosey](https://github.com/ChetHosey))
+- Stray payload reference [\#60](https://github.com/voxpupuli/puppet_webhook/pull/60) ([ChetHosey](https://github.com/ChetHosey))
+- Changed minimum versions to Puppet 5/Ruby 2.2 [\#58](https://github.com/voxpupuli/puppet_webhook/pull/58) ([ChetHosey](https://github.com/ChetHosey))
+- Add tests for the DataParsers helper module [\#55](https://github.com/voxpupuli/puppet_webhook/pull/55) ([dhollinger](https://github.com/dhollinger))
+
 ## [v1.4.0](https://github.com/voxpupuli/puppet_webhook/tree/v1.4.0) (2018-05-02)
 [Full Changelog](https://github.com/voxpupuli/puppet_webhook/compare/v1.3.0...v1.4.0)
 
@@ -98,4 +116,4 @@ These should not affect the functionality of the module.
 
 
 
-\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
+\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*

data/README.md

@@ -19,8 +19,8 @@ puppet_webhook is a Sinatra-based application receiving REST-based calls to trig
 
 ## Prerequisites
 
-* Ruby 2.1.9 or greater
-* Puppet 4.7.1 or greater
+* Ruby 2.2.0 or greater
+* Puppet 5.0.0 or greater
 * r10k gem
 * *Optional*: MCollective and MCollective-r10k (Provides one form of multi-master syncronization)
     * Currently Mcollective-r10k is only available from [puppet-r10k](https://github.com/voxpupuli/puppet-r10k)

data/lib/helpers/data_parsers.rb

@@ -7,16 +7,12 @@ module DataParsers # rubocop:disable Style/Documentation
     sanitized
   end
 
-  def normalize(str)
-    settings.allow_uppercase ? str : str.downcase
+  def normalize(allow_upper, str)
+    allow_upper ? str : str.downcase
   end
 
-  def verify_signature(payload_body)
-    signature = 'sha1=' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha1'), settings.github_secret, payload_body)
+  def verify_signature(secret, payload_body)
+    signature = 'sha1=' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha1'), secret, payload_body)
     throw(:halt, [500, "Signatures didn't match!\n"]) unless Rack::Utils.secure_compare(signature, request.env['HTTP_X_HUB_SIGNATURE'])
   end
-
-  def payload
-    env['parsed_body']
-  end
 end

data/lib/helpers/tasks.rb

@@ -67,6 +67,7 @@ module Tasks # rubocop:disable Style/Documentation
 
   def notification(message)
     return unless settings.chatops || settings.slack_webhook
+
     slack_settings if settings.chatops == false && settings.slack_webhook != false
     PuppetWebhook::Chatops.new(settings.chatops_service,
                                settings.chatops_url,
@@ -100,8 +101,8 @@ module Tasks # rubocop:disable Style/Documentation
   def slack_proxy
     uri = URI(settings.slack_proxy_url)
     http_options = {
-      proxy_address:  uri.hostname,
-      proxy_port:     uri.port,
+      proxy_address: uri.hostname,
+      proxy_port: uri.port,
       proxy_from_env: false
     }
     http_options
@@ -110,6 +111,7 @@ module Tasks # rubocop:disable Style/Documentation
   def types?
     return false unless settings.respond_to?(:generate_types=)
     return false if settings.generate_types.nil?
+
     settings.generate_types
   end
 

data/lib/parsers/webhook_parser.rb

@@ -10,8 +10,8 @@ module Sinatra
         @data = parse_data(body)
         @vcs = detect_vcs
         {
-          branch:    branch,
-          deleted:   deleted?,
+          branch: branch,
+          deleted: deleted?,
           module_name: repo_name.sub(%r{^.*-}, ''),
           repo_name: repo_name,
           repo_user: repo_user
@@ -24,6 +24,7 @@ module Sinatra
         return 'stash'     if stash_webhook?
         return 'bitbucket' if bitbucket_webhook?
         return 'tfs'       if tfs_webhook?
+
         raise StandardError, 'payload not recognised'
       end
 
@@ -39,19 +40,20 @@ module Sinatra
 
       # stash/bitbucket server
       def stash_webhook?
-        # https://confluence.atlassian.com/bitbucketserver/post-service-webhook-for-bitbucket-server-776640367.html
-        env.key?('HTTP_X_ATLASSIAN_TOKEN')
+        # https://confluence.atlassian.com/bitbucketserver/event-payload-938025882.html
+        env.key?('HTTP_X_EVENT_KEY') && env.key?('HTTP_X_REQUEST_ID')
       end
 
       def bitbucket_webhook?
         # https://confluence.atlassian.com/bitbucket/event-payloads-740262817.html
-        env.key?('HTTP_X_EVENT_KEY')
+        env.key?('HTTP_X_EVENT_KEY') && env.key?('HTTP_X_HOOK_UUID')
       end
 
       def tfs_webhook?
         # https://docs.microsoft.com/en-us/vsts/service-hooks/services/webhooks
         return false unless @data.key? 'resource'
         return false unless @data.key? 'eventType'
+
         true
       end
 
@@ -66,9 +68,10 @@ module Sinatra
         when 'gitlab'
           @data['ref'].sub('refs/heads/', '')
         when 'stash'
-          @data['refChanges'][0]['refId'].sub('refs/heads/', '')
+          @data['changes'][0]['refId'].sub('refs/heads/', '')
         when 'bitbucket'
           return @data['push']['changes'][0]['new']['name'] unless deleted?
+
           @data['push']['changes'][0]['old']['name']
         when 'tfs'
           @data['resource']['refUpdates'][0]['name'].sub('refs/heads/', '')
@@ -82,7 +85,7 @@ module Sinatra
         when 'gitlab'
           @data['after'] == '0000000000000000000000000000000000000000'
         when 'stash'
-          @data['refChanges'][0]['type'] == 'DELETE'
+          @data['changes'][0]['type'] == 'DELETE'
         when 'bitbucket'
           @data['push']['changes'][0]['closed']
         when 'tfs'

data/lib/puppet_webhook.rb

@@ -17,7 +17,7 @@ class PuppetWebhook < Sinatra::Base # rubocop:disable Style/Documentation
         'application/json' => Sinatra::Parsers::WebhookJsonParser.new,
         'application/x-www-form-urlencoded' => Sinatra::Parsers::WebhookWWWFormURLEncodedParser.new
       },
-      handlers:  {
+      handlers: {
         'application/json' => proc { |e, type|
           [400, { 'Content-Type' => type }, [{ error: e.to_s }.to_json]]
         }
@@ -52,6 +52,8 @@ class PuppetWebhook < Sinatra::Base # rubocop:disable Style/Documentation
   set :command_prefix, 'umask 0022;' unless settings.respond_to? :command_prefix=
   set :github_secret, nil unless settings.respond_to? :github_secret=
   set :repository_events, nil unless settings.respond_to? :respository_events=
+  set :user, 'puppet' unless settings.respond_to? :user=
+  set :pass, 'puppet' unless settings.respond_to? :pass=
 
   # Deprecated Settings
   set :slack_webhook, false unless settings.respond_to? :slack_webhook=

data/lib/routes/module.rb

@@ -14,9 +14,9 @@ module Sinatra
 
           # TODO: Move these two lines of code into the parser
           decoded = request.body.read
-          verify_signature(decoded) if verify_signature?
+          verify_signature(settings.github_secret, decoded) if verify_signature?
 
-          module_name = payload[:module_name]
+          module_name = env['parsed_body'][:module_name]
 
           module_name = sanitize_input(module_name)
           LOGGER.info("Deploying module #{module_name}")

data/lib/routes/payload.rb

@@ -6,7 +6,6 @@ module Sinatra
     module Payload
       def self.registered(puppet_webhook)
         puppet_webhook.post '/payload' do # rubocop:disable Metrics/BlockLength
-          LOGGER.info "parsed payload contained: #{payload}"
           protected! if settings.protected
           request.body.rewind # in case someone already read it
 
@@ -19,18 +18,18 @@ module Sinatra
                     else
                       request.body.read
                     end
-          verify_signature(decoded) if verify_signature?
+          verify_signature(settings.github_secret, decoded) if verify_signature?
           data = JSON.parse(decoded, quirks_mode: true)
 
           # Iterate the data structure to determine what's should be deployed
-          branch = payload[:branch]
+          branch = env['parsed_body'][:branch]
 
           # If prefix is enabled in our config file, determine what the prefix should be
           prefix = case settings.prefix
                    when :repo
-                     payload[:repo_name]
+                     env['parsed_body'][:repo_name]
                    when :user
-                     payload[:repo_user]
+                     env['parsed_body'][:repo_user]
                    when :command, TrueClass
                      run_prefix_command(data.to_json)
                    when String
@@ -39,7 +38,7 @@ module Sinatra
 
           # When a branch is being deleted, a deploy against it will result in a failure, as it no longer exists.
           # Instead, deploy the default branch, which will purge deleted branches per the user's configuration
-          deleted = payload[:deleted]
+          deleted = env['parsed_body'][:deleted]
 
           branch = if deleted
                      settings.default_branch
@@ -51,9 +50,9 @@ module Sinatra
           # The best we can do is just deploy all environments by passing nil to
           # deploy() if we don't know the correct branch.
           env = if prefix.nil? || prefix.empty? || branch.nil? || branch.empty?
-                  normalize(branch)
+                  normalize(settings.allow_uppercase, branch)
                 else
-                  normalize("#{prefix}_#{branch}")
+                  normalize(settings.allow_uppercase, "#{prefix}_#{branch}")
                 end
 
           if ignore_env?(env)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: puppet_webhook
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 1.5.0
 platform: ruby
 authors:
 - Vox Pupuli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-05-02 00:00:00.000000000 Z
+date: 2018-11-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json
@@ -164,6 +164,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
@@ -274,7 +288,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.1.9
+      version: 2.2.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -282,7 +296,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.7.6
+rubygems_version: 2.6.14
 signing_key: 
 specification_version: 4
 summary: Sinatra Webhook Server for Puppet/R10K