diff options
author | Lunny Xiao <xiaolunwen@gmail.com> | 2019-11-09 05:25:53 +0800 |
---|---|---|
committer | techknowlogick <techknowlogick@gitea.io> | 2019-11-08 16:25:53 -0500 |
commit | 55bdc9aa38177f75fdae4cb96e98bf465d7ecb2a (patch) | |
tree | 621333fde9de8cec79dac36bcaced0e4b499dfb3 /modules | |
parent | 016a5d0438e551d4630819683dd6dc4fccb0cb51 (diff) | |
download | gitea-55bdc9aa38177f75fdae4cb96e98bf465d7ecb2a.tar.gz gitea-55bdc9aa38177f75fdae4cb96e98bf465d7ecb2a.zip |
Webhook support custom proxy (#8760)
* Webhook support custom proxy
* Add glob support on webhook proxy host rules
* fix app.ini.sample
* improve code and app.ini.sample
* update cheetsheet about added webhook options
Diffstat (limited to 'modules')
-rw-r--r-- | modules/setting/webhook.go | 21 | ||||
-rw-r--r-- | modules/webhook/deliver.go | 36 | ||||
-rw-r--r-- | modules/webhook/deliver_test.go | 39 |
3 files changed, 93 insertions, 3 deletions
diff --git a/modules/setting/webhook.go b/modules/setting/webhook.go index b0e7d66ad2..4a953616f1 100644 --- a/modules/setting/webhook.go +++ b/modules/setting/webhook.go @@ -4,6 +4,12 @@ package setting +import ( + "net/url" + + "code.gitea.io/gitea/modules/log" +) + var ( // Webhook settings Webhook = struct { @@ -12,11 +18,16 @@ var ( SkipTLSVerify bool Types []string PagingNum int + ProxyURL string + ProxyURLFixed *url.URL + ProxyHosts []string }{ QueueLength: 1000, DeliverTimeout: 5, SkipTLSVerify: false, PagingNum: 10, + ProxyURL: "", + ProxyHosts: []string{}, } ) @@ -27,4 +38,14 @@ func newWebhookService() { Webhook.SkipTLSVerify = sec.Key("SKIP_TLS_VERIFY").MustBool() Webhook.Types = []string{"gitea", "gogs", "slack", "discord", "dingtalk", "telegram", "msteams"} Webhook.PagingNum = sec.Key("PAGING_NUM").MustInt(10) + Webhook.ProxyURL = sec.Key("PROXY_URL").MustString("") + if Webhook.ProxyURL != "" { + var err error + Webhook.ProxyURLFixed, err = url.Parse(Webhook.ProxyURL) + if err != nil { + log.Error("Webhook PROXY_URL is not valid") + Webhook.ProxyURL = "" + } + } + Webhook.ProxyHosts = sec.Key("PROXY_HOSTS").Strings(",") } diff --git a/modules/webhook/deliver.go b/modules/webhook/deliver.go index 54f20171fa..b262505cea 100644 --- a/modules/webhook/deliver.go +++ b/modules/webhook/deliver.go @@ -12,11 +12,13 @@ import ( "net/http" "net/url" "strings" + "sync" "time" "code.gitea.io/gitea/models" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" + "github.com/gobwas/glob" "github.com/unknwon/com" ) @@ -182,7 +184,36 @@ func DeliverHooks() { } } -var webhookHTTPClient *http.Client +var ( + webhookHTTPClient *http.Client + once sync.Once + hostMatchers []glob.Glob +) + +func webhookProxy() func(req *http.Request) (*url.URL, error) { + if setting.Webhook.ProxyURL == "" { + return http.ProxyFromEnvironment + } + + once.Do(func() { + for _, h := range setting.Webhook.ProxyHosts { + if g, err := glob.Compile(h); err == nil { + hostMatchers = append(hostMatchers, g) + } else { + log.Error("glob.Compile %s failed: %v", h, err) + } + } + }) + + return func(req *http.Request) (*url.URL, error) { + for _, v := range hostMatchers { + if v.Match(req.URL.Host) { + return http.ProxyURL(setting.Webhook.ProxyURLFixed)(req) + } + } + return http.ProxyFromEnvironment(req) + } +} // InitDeliverHooks starts the hooks delivery thread func InitDeliverHooks() { @@ -191,7 +222,7 @@ func InitDeliverHooks() { webhookHTTPClient = &http.Client{ Transport: &http.Transport{ TLSClientConfig: &tls.Config{InsecureSkipVerify: setting.Webhook.SkipTLSVerify}, - Proxy: http.ProxyFromEnvironment, + Proxy: webhookProxy(), Dial: func(netw, addr string) (net.Conn, error) { conn, err := net.DialTimeout(netw, addr, timeout) if err != nil { @@ -199,7 +230,6 @@ func InitDeliverHooks() { } return conn, conn.SetDeadline(time.Now().Add(timeout)) - }, }, } diff --git a/modules/webhook/deliver_test.go b/modules/webhook/deliver_test.go new file mode 100644 index 0000000000..cfc99d796a --- /dev/null +++ b/modules/webhook/deliver_test.go @@ -0,0 +1,39 @@ +// Copyright 2019 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package webhook + +import ( + "net/http" + "net/url" + "testing" + + "code.gitea.io/gitea/modules/setting" + "github.com/stretchr/testify/assert" +) + +func TestWebhookProxy(t *testing.T) { + setting.Webhook.ProxyURL = "http://localhost:8080" + setting.Webhook.ProxyURLFixed, _ = url.Parse(setting.Webhook.ProxyURL) + setting.Webhook.ProxyHosts = []string{"*.discordapp.com", "discordapp.com"} + + var kases = map[string]string{ + "https://discordapp.com/api/webhooks/xxxxxxxxx/xxxxxxxxxxxxxxxxxxx": "http://localhost:8080", + "http://s.discordapp.com/assets/xxxxxx": "http://localhost:8080", + "http://github.com/a/b": "", + } + + for reqURL, proxyURL := range kases { + req, err := http.NewRequest("POST", reqURL, nil) + assert.NoError(t, err) + + u, err := webhookProxy()(req) + assert.NoError(t, err) + if proxyURL == "" { + assert.Nil(t, u) + } else { + assert.EqualValues(t, proxyURL, u.String()) + } + } +} |