aboutsummaryrefslogtreecommitdiffstats
path: root/services/webhook
Commit message (Collapse)AuthorAgeFilesLines
* Add issue delete notifier (#34592)badhezi2025-06-251-0/+37
| | | | | | Fixes https://github.com/go-gitea/gitea/issues/34591 A reference regarding the deletion of issue webhooks on GitHub: https://docs.github.com/en/webhooks/webhook-events-and-payloads?actionType=deleted#issues
* Refactor wiki (#34805)wxiaoguang2025-06-221-1/+1
| | | Remove unclear code
* Fix Feishu webhook signature verification (#34788)Snowball_2332025-06-203-6/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | # Fix Feishu Webhook Signature Verification This PR implements proper signature verification for Feishu (Lark) webhooks according to the [official documentation](https://open.feishu.cn/document/client-docs/bot-v3/add-custom-bot). ## Changes - Implemented the `GenSign` function based on Feishu's official Go sample code - Modified the webhook request creation to include timestamp and signature in the payload when a secret is configured - Fixed the signature generation algorithm to properly use HMAC-SHA256 with the correct string format ## Implementation Details The signature verification works as follows: 1. When a webhook secret is provided, a timestamp is generated 2. The signature string is created using `timestamp + "\n" + secret` 3. The HMAC-SHA256 algorithm is applied to an empty string using the signature string as the key 4. The result is Base64 encoded to produce the final signature 5. Both timestamp and signature are added to the payload According to Feishu's documentation, the timestamp must be within 1 hour (3600 seconds) of the current time to be considered valid. ## Security Note Feishu emphasizes the importance of keeping webhook URLs secure. Do not disclose them on GitHub, blogs, or any public sites to prevent unauthorized use. ## References - [Feishu Custom Bot Documentation](https://open.feishu.cn/document/client-docs/bot-v3/add-custom-bot) --------- Co-authored-by: hiifong <i@hiif.ong> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add workflow_run api + webhook (#33964)ChristopherHX2025-06-2012-83/+139
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implements - https://docs.github.com/en/rest/actions/workflow-jobs?apiVersion=2022-11-28#list-jobs-for-a-workflow-run--code-samples - https://docs.github.com/en/rest/actions/workflow-jobs?apiVersion=2022-11-28#get-a-job-for-a-workflow-run--code-samples - https://docs.github.com/en/rest/actions/workflow-runs?apiVersion=2022-11-28#list-workflow-runs-for-a-repository - https://docs.github.com/en/rest/actions/workflow-runs?apiVersion=2022-11-28#get-a-workflow-run - `/actions/runs` for global + user + org (Gitea only) - `/actions/jobs` for global + user + org + repository (Gitea only) - workflow_run webhook + action trigger - limitations - workflow id is assigned to a string, this may result into problems in strongly typed clients Fixes - workflow_job webhook url to no longer contain the `runs/<run>` part to align with api - workflow instance does now use it's name inside the file instead of filename if set Refactoring - Moved a lot of logic from workflows/workflow_job into a shared module used by both webhook and api TODO - [x] Verify Keda Compatibility - [x] Edit Webhook API bug is resolved Closes https://github.com/go-gitea/gitea/issues/23670 Closes https://github.com/go-gitea/gitea/issues/23796 Closes https://github.com/go-gitea/gitea/issues/24898 Replaces https://github.com/go-gitea/gitea/pull/28047 and is much more complete --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Refactor some tests (#34580)wxiaoguang2025-06-031-1/+3
| | | | 1. use `test.MockVariableValue` as much as possible 2. avoid `time.Sleep` as much as possible
* Change "rejected" to "changes requested" in 3rd party PR review notification ↵Sebastian Weigand2025-05-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#34481) This PR changes 3rd party notifications wording on a PR review that requests changes and can be considered a follow up for #5858 to also fix #5857 in 3rd party notifications. The difference in the actual notification would be the following: ```diff - Pull request review rejected + Pull request review changes requested ``` While this is a simple string change at first look, it has a deeper UX meaning. # Motivation We could observe that some developers are hesitant to press the "Request changes" button since their peers first see that their changes were rejected, thus a more appropriate wording that also falls in line with the meaning and UI would be beneficial. ## Meaning Pressing the `Request changes` button in a PR review means that as a reviewer you are willing to merge the general change in a PR if changes requested review comments are implemented. Rejecting a PR on the other hand would be equivalent with closing it since that change isn't welcome at all (e.g. out of scope feature). ## Sync with UI The UI button says `request changes` and the other options ![image](https://github.com/user-attachments/assets/3766cc89-40d7-4c5e-9ff7-a0e1f6991ea6) ## Considered Problems This might break some automation for users who rely on string matching.
* Fix discord webhook 400 status code when description limit is exceeded (#34084)Mopcho2025-04-041-1/+8
| | | | | | | | | | | | Fixes [#34027](https://github.com/go-gitea/gitea/issues/34027) Discord does not allow for description bigger than 2048 bytes. If the description is bigger than that it will throw 400 and the event won't appear in discord. To fix that, in the createPayload method we now slice the description to ensure it doesn’t exceed the limit. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Enable addtional linters (#34085)TheFox0x72025-04-015-41/+43
| | | | | | | | enable mirror, usestdlibbars and perfsprint part of: https://github.com/go-gitea/gitea/issues/34083 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Enable testifylint rules (#34075)TheFox0x72025-03-313-4/+4
| | | | enable testifylint rules disabled in: https://github.com/go-gitea/gitea/pull/34054
* enable staticcheck QFxxxx rules (#34064)TheFox0x72025-03-291-6/+8
|
* Refactor functions to reduce repopath expose (#33892)Lunny Xiao2025-03-161-3/+3
|
* Add workflow_job webhook (#33694)ChristopherHX2025-03-1112-0/+208
| | | | | | | | | Provide external Integration information about the Queue lossly based on https://docs.github.com/en/webhooks/webhook-events-and-payloads?actionType=completed#workflow_job Naming conflicts between GitHub & Gitea are here, Blocked => Waiting, Waiting => Queued Rationale Enhancement for ephemeral runners management #33570
* Adjust appearence of commit status webhook (#33778)Denys Konovalov2025-03-032-5/+12
| | | | | | | | | | | | | | | | Some visual improvement for the commit status webhook message introduced by #33320 - use short commit SHA as already done in e. g. commit webhook - fix spacing, link text - do not set user link for internal gitea-actions user Before: ![grafik](https://github.com/user-attachments/assets/9c460846-c350-444c-89b5-8a0d5e26cb86) After: ![grafik](https://github.com/user-attachments/assets/05519cd8-6d8f-432b-bd9d-082de558a55a)
* Webhook add X-Gitea-Hook-Installation-Target-Type Header (#33752)ChristopherHX2025-03-013-4/+23
| | | | | | | | | | | | This is a X-GitHub Header port * repository for repository webhooks (matches GitHub) * organization for organization webhooks (matches GitHub) * user for user webhooks (Gitea specific) * system for system webhooks (Gitea specific) * default for default hooks needs testing (Gitea specific) - `X-Gitea-Hook-Installation-Target-Type` - `X-GitHub-Hook-Installation-Target-Type`
* Use test context in tests and new loop system in benchmarks (#33648)TheFox0x72025-02-209-22/+13
| | | | | | | | Replace all contexts in tests with go1.24 t.Context() --------- Co-authored-by: Giteabot <teabot@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Make actions URL in commit status webhooks absolute (#33620)Lunny Xiao2025-02-181-1/+7
| | | | | | | | | | Gitea Actions generated target url doesn't contain host and port. So we need to include them for external webhook visiting. Fix #33603 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix commit status events (#33320)Lunny Xiao2025-02-0411-0/+76
| | | | | | | | | | Fix #32873 Fix #33201 ~Fix #33244~ ~Fix #33302~ depends on ~#33396~ A part of this PR should be backported to v1.23 manually.
* Add tests for webhook and fix some webhook bugs (#33396)Lunny Xiao2025-01-3012-15/+54
| | | | | | This PR created a mock webhook server in the tests and added integration tests for generic webhooks. It also fixes bugs in package webhooks and pull request comment webhooks.
* Refactor webhook events (#33337)Lunny Xiao2025-01-231-8/+2
| | | | | | | Extract from #33320 This PR uses a map instead of a struct to store webhook event information. It removes many duplicated functions and makes the logic clearer.
* Refactor RefName (#33234)wxiaoguang2025-01-132-11/+7
| | | And fix some FIXMEs
* Test webhook email (#33033)wxiaoguang2024-12-301-0/+12
| | | Close #27918
* Add more load functions to make sure the reference object loaded (#32901)Lunny Xiao2024-12-191-0/+4
| | | Fix #32897
* Enable tenv and testifylint rules (#32852)TheFox0x72024-12-152-17/+17
| | | | Enables tenv and testifylint linters closes: https://github.com/go-gitea/gitea/issues/32842
* Only provide the commit summary for Discord webhook push events (#32432)Kemal Zebari2024-11-073-3/+17
| | | | | | | | | | | | Resolves #32371. #31970 should have just showed the commit summary, but `strings.SplitN()` was misused such that we did not perform any splitting at all and just used the message. This was not caught in the unit test made in that PR since the test commit summary was > 50 (which truncated away the commit description). This snapshot resolves this and adds another unit test to ensure that we only show the commit summary.
* Add new event commit status creation and webhook implementation (#27151)Lunny Xiao2024-11-071-0/+31
| | | | | | | | | | | This PR introduces a new event which is similar as Github's. When a new commit status submitted, the event will be trigged. That means, now we can receive all feedback from CI/CD system in webhooks or other notify systems. ref: https://docs.github.com/en/webhooks/webhook-events-and-payloads#status Fix #20749
* Support requested_reviewers data in comment webhook events (#26178)谈笑风生间2024-10-161-32/+42
| | | | | | | | | | | close #25833 Currently, the information for "requested_reviewers" is only included in the webhook event for reviews. I would like to suggest adding this information to the webhook event for "PullRequest comment" as well, as they both pertain to the "PullRequest" event. Also, The reviewer information for the Pull Request is not displayed when it is approved or rejected.
* Truncate commit message during Discord webhook push events (#31970)Kemal Zebari2024-09-243-3/+32
| | | Resolves #31668.
* Support allowed hosts for migrations to work with proxy (#32025)Jason Song2024-09-111-1/+1
|
* Refactor webhook (#31587)wxiaoguang2024-07-1014-177/+161
| | | | | | A more complete fix for #31588 1. Make "generic" code more readable 2. Clarify HTML or Markdown for the payload content
* Enable `unparam` linter (#31277)silverwind2024-06-119-9/+9
| | | | | | | | | | | | Enable [unparam](https://github.com/mvdan/unparam) linter. Often I could not tell the intention why param is unused, so I put `//nolint` for those cases like webhook request creation functions never using `ctx`. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: delvh <dev.lh@web.de>
* Enable more `revive` linter rules (#30608)silverwind2024-04-222-3/+0
| | | | | | | | | | | Noteable additions: - `redefines-builtin-id` forbid variable names that shadow go builtins - `empty-lines` remove unnecessary empty lines that `gofumpt` does not remove for some reason - `superfluous-else` eliminate more superfluous `else` branches Rules are also sorted alphabetically and I cleaned up various parts of `.golangci.yml`.
* Fix missed doer (#30231)Lunny Xiao2024-04-081-11/+11
| | | | | Fix #29879 Co-authored-by: Giteabot <teabot@gitea.io>
* Fix possible data race on tests (#30093)Lunny Xiao2024-03-261-1/+0
|
* Upgrade Go 1.22 and upgrade dependency (#29869)wxiaoguang2024-03-171-1/+0
|
* fix telegram webhook (#29864)Denys Konovalov2024-03-172-1/+12
| | | | | | | | | | | Fix #29837 which is a regression caused by https://github.com/go-gitea/gitea/pull/29145/files#diff-731445ee00f0f1bf2ff731f4f96ddcf51cdc53fd2faaf406eb3536fc292ea748L48. The line was probably removed by accident. --------- Co-authored-by: Giteabot <teabot@gitea.io>
* Add test for webhook (#29755)wxiaoguang2024-03-141-49/+29
| | | Follow #29690
* Fix broken webhooks (#29690)Lunny Xiao2024-03-101-1/+6
| | | Fix #29689
* Store webhook event in database (#29145)oliverpool2024-03-0722-1503/+1613
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactor the webhook logic, to have the type-dependent processing happen only in one place. --- ## Current webhook flow 1. An event happens 2. It is pre-processed (depending on the webhook type) and its body is added to a task queue 3. When the task is processed, some more logic (depending on the webhook type as well) is applied to make an HTTP request This means that webhook-type dependant logic is needed in step 2 and 3. This is cumbersome and brittle to maintain. Updated webhook flow with this PR: 1. An event happens 2. It is stored as-is and added to a task queue 3. When the task is processed, the event is processed (depending on the webhook type) to make an HTTP request So the only webhook-type dependent logic happens in one place (step 3) which should be much more robust. ## Consequences of the refactor - the raw event must be stored in the hooktask (until now, the pre-processed body was stored) - to ensure that previous hooktasks are correctly sent, a `payload_version` is added (version 1: the body has already been pre-process / version 2: the body is the raw event) So future webhook additions will only have to deal with creating an http.Request based on the raw event (no need to adjust the code in multiple places, like currently). Moreover since this processing happens when fetching from the task queue, it ensures that the queuing of new events (upon a `git push` for instance) does not get slowed down by a slow webhook. As a concrete example, the PR #19307 for custom webhooks, should be substantially smaller: - no need to change `services/webhook/deliver.go` - minimal change in `services/webhook/webhook.go` (add the new webhook to the map) - no need to change all the individual webhook files (since with this refactor the `*webhook_model.Webhook` is provided as argument)
* remove util.OptionalBool and related functions (#29513)65432024-03-021-3/+4
| | | | | | and migrate affected code _last refactoring bits to replace **util.OptionalBool** with **optional.Option[bool]**_
* Use `crypto/sha256` (#29386)KN4CK3R2024-02-251-1/+1
| | | | | | | | Go 1.21 improved the performance of `crypto/sha256`. It's now similar to `minio/sha256-simd`, so we should just use the standard libs. https://go.dev/doc/go1.21#crypto/sha256 https://go-review.googlesource.com/c/go/+/408795 https://github.com/multiformats/go-multihash/pull/173
* Abstract hash function usage (#28138)Adam Majer2023-12-131-0/+1
| | | | | | Refactor Hash interfaces and centralize hash function. This will allow easier introduction of different hash function later on. This forms the "no-op" part of the SHA256 enablement patch.
* Use db.Find instead of writing methods for every object (#28084)Lunny Xiao2023-11-241-2/+3
| | | | For those simple objects, it's unnecessary to write the find and count methods again and again.
* Fix Matrix and MSTeams nil dereference (#28089)KN4CK3R2023-11-1711-6/+155
| | | | | | | | | | Fixes #28088 Fixes #28094 Added missing tests. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix package webhook (#27839)Lunny Xiao2023-10-3111-1/+91
| | | | | | | Fix #23742 --------- Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Support allowed hosts for webhook to work with proxy (#27655)Jason Song2023-10-182-18/+58
| | | | | | | | | | | | | | | | | When `webhook.PROXY_URL` has been set, the old code will check if the proxy host is in `ALLOWED_HOST_LIST` or reject requests through the proxy. It requires users to add the proxy host to `ALLOWED_HOST_LIST`. However, it actually allows all requests to any port on the host, when the proxy host is probably an internal address. But things may be even worse. `ALLOWED_HOST_LIST` doesn't really work when requests are sent to the allowed proxy, and the proxy could forward them to any hosts. This PR fixes it by: - If the proxy has been set, always allow connectioins to the host and port. - Check `ALLOWED_HOST_LIST` before forwarding.
* Final round of `db.DefaultContext` refactor (#27587)JakobDev2023-10-141-3/+3
| | | Last part of #27065
* make writing main test easier (#27270)Lunny Xiao2023-09-281-2/+0
| | | | | | | | | This PR removed `unittest.MainTest` the second parameter `TestOptions.GiteaRoot`. Now it detects the root directory by current working directory. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix release URL in webhooks (#27182)John Olheiser2023-09-219-9/+9
|
* move repository deletion to service layer (#26948)Lunny Xiao2023-09-081-0/+1
| | | Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Move notification interface to services layer (#26915)Lunny Xiao2023-09-051-47/+46
| | | Extract from #22266
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-07 18:21:17 +0000