diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 6cb0abaa63..a247976655 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -48,20 +48,8 @@ make all Follow [README](README.md#install) to install components. ## Changing Types -If you're making a change to the `pkg/apis` package, please ensure you re-run the K8 code-generator scripts found in the `/hack` folder. +If you're making a change to the `pkg/apis` package, please ensure you re-run: -* Ensure you have the `generate-groups.sh` script at the path: `vendor/k8s.io/code-generator/`. -* Install `gen-crd-api-reference-docs` - -``` -go get github.com/ahmetb/gen-crd-api-reference-docs -cd $GOPATH/src/github.com/ahmetb/gen-crd-api-reference-docs -go build -``` - -* [install pandoc](https://pandoc.org/installing.html) - -* Regenerate the code and documentation ``` make codegen diff --git a/api/event-source.html b/api/event-source.html index e5c91557c6..c8d1325463 100644 --- a/api/event-source.html +++ b/api/event-source.html @@ -1615,6 +1615,7 @@

GithubEventSource +(Optional)

APIToken refers to a K8s secret containing github api token

diff --git a/api/event-source.md b/api/event-source.md index 5efa68f6db..f7765d6dcf 100644 --- a/api/event-source.md +++ b/api/event-source.md @@ -1650,9 +1650,7 @@ Repository refers to GitHub repo name i.e. argo-events Kubernetes core/v1.SecretKeySelector -

APIToken refers to a K8s secret containing github api token -

diff --git a/eventsources/sources/github/start.go b/eventsources/sources/github/start.go index 313db3bff4..8e2989e3d3 100644 --- a/eventsources/sources/github/start.go +++ b/eventsources/sources/github/start.go @@ -90,13 +90,7 @@ func (router *Router) HandleRoute(writer http.ResponseWriter, request *http.Requ return } - hook := router.hook - secret := "" - if s, ok := hook.Config["secret"]; ok { - secret = s.(string) - } - - body, err := parseValidateRequest(request, []byte(secret)) + body, err := parseValidateRequest(request, []byte(router.hookSecret)) if err != nil { logger.Desugar().Error("request is not valid event notification, discarding it", zap.Error(err)) common.SendErrorResponse(writer, err.Error()) @@ -142,6 +136,20 @@ func (router *Router) PostActivate() error { "repository", githubEventSource.Repository, ) + logger.Info("retrieving webhook secret credentials...") + if githubEventSource.WebhookSecret != nil { + webhookSecretCreds, err := router.getCredentials(githubEventSource.WebhookSecret) + if err != nil { + return errors.Errorf("failed to retrieve webhook secret. err: %+v", err) + } + router.hookSecret = webhookSecretCreds.secret + } + + if githubEventSource.APIToken == nil || githubEventSource.Webhook.URL == "" { + logger.Info("no api credential or webhook url specified, skipping webhook creation...") + return nil + } + logger.Info("retrieving api token credentials...") apiTokenCreds, err := router.getCredentials(githubEventSource.APIToken) if err != nil { @@ -169,13 +177,8 @@ func (router *Router) PostActivate() error { hookConfig["insecure_ssl"] = "0" } - logger.Info("retrieving webhook secret credentials...") - if githubEventSource.WebhookSecret != nil { - webhookSecretCreds, err := router.getCredentials(githubEventSource.WebhookSecret) - if err != nil { - return errors.Errorf("failed to retrieve webhook secret. err: %+v", err) - } - hookConfig["secret"] = webhookSecretCreds.secret + if router.hookSecret != "" { + hookConfig["secret"] = router.hookSecret } router.hook = &gh.Hook{ @@ -253,6 +256,15 @@ func (router *Router) PostInactivate() error { githubEventSource := router.githubEventSource + if githubEventSource.APIToken == nil || githubEventSource.Webhook.URL == "" { + logger := router.route.Logger.With( + "repository", githubEventSource.Repository, + ) + + logger.Info("no api credential or webhook url specified, skipping webhook deletion...") + return nil + } + if githubEventSource.DeleteHookOnFinish { logger := router.route.Logger.With( "repository", githubEventSource.Repository, diff --git a/eventsources/sources/github/types.go b/eventsources/sources/github/types.go index 250a1341aa..6a0afef23e 100644 --- a/eventsources/sources/github/types.go +++ b/eventsources/sources/github/types.go @@ -56,6 +56,8 @@ type Router struct { githubClient *github.Client // hook represents a GitHub (web and service) hook for a repository. hook *github.Hook + // hookSecret is a GitHub webhook secret + hookSecret string } // cred stores the api access token or webhook secret diff --git a/eventsources/sources/github/validate.go b/eventsources/sources/github/validate.go index 88ad4926c0..9800938022 100644 --- a/eventsources/sources/github/validate.go +++ b/eventsources/sources/github/validate.go @@ -37,9 +37,6 @@ func validate(githubEventSource *v1alpha1.GithubEventSource) error { if githubEventSource.Owner == "" { return fmt.Errorf("owner cannot be empty") } - if githubEventSource.APIToken == nil { - return fmt.Errorf("api token can't be empty") - } if githubEventSource.Events == nil || len(githubEventSource.Events) < 1 { return fmt.Errorf("events must be defined") } diff --git a/examples/event-sources/github.yaml b/examples/event-sources/github.yaml index db12de5415..a44afb7c3c 100644 --- a/examples/event-sources/github.yaml +++ b/examples/event-sources/github.yaml @@ -34,6 +34,8 @@ spec: - "*" # apiToken refers to K8s secret that stores the github api token + # if apiToken is provided controller will create webhook on GitHub repo + # +optional apiToken: # Name of the K8s secret that contains the access token name: github-access @@ -55,6 +57,22 @@ spec: active: true # The media type used to serialize the payloads contentType: json + + example-without-api-credentials: + owner: "argoproj" + repository: "argo" + webhook: + endpoint: "/push" + port: "13000" + method: "POST" + events: + - "*" + webhookSecret: + name: github-access + key: secret + insecure: true + active: true + contentType: "json" # example-with-secure-connection: # owner: "argoproj" diff --git a/pkg/apis/eventsource/v1alpha1/types.go b/pkg/apis/eventsource/v1alpha1/types.go index f23b5f3172..04df397e5e 100644 --- a/pkg/apis/eventsource/v1alpha1/types.go +++ b/pkg/apis/eventsource/v1alpha1/types.go @@ -519,6 +519,7 @@ type GithubEventSource struct { Events []string `json:"events" protobuf:"bytes,5,rep,name=events"` // APIToken refers to a K8s secret containing github api token + // +optional APIToken *corev1.SecretKeySelector `json:"apiToken,omitempty" protobuf:"bytes,6,opt,name=apiToken"` // WebhookSecret refers to K8s secret containing GitHub webhook secret // https://developer.github.com/webhooks/securing/