Some time ago, I wanted to develop an interface to pull files from GitLab/GitHub through Webhook and upload specified OSS, so I looked for official documents of GitHub and GitLab.
Of course, the official documents are too long, especially the GitLab version built by the company may be inconsistent, so we can only look at the document information provided by the GitLab. For some problems encountered, we will look at the version.
Of course, I didn’t encounter any major problems except for the interface version, and I can check the problems according to the version. This is definitely an advantage of strictly following RESTful apis, which both GitHub and GitLab have done well.
Since GitLab and GitHub use two different interfaces, they are described separately here, but in the same way:
Pull the zip package, unzip, upload the file. Git Clone is another method, but I feel that git Clone is still too troublesome, so I choose to pull the compression package.
GitLab
Download package interface: docs.gitlab.com/ee/api/repo…
There are two parameters:
id (required) - The ID or URL-encoded path of the project owned by the authenticated user
sha (optional) - The commit SHA to download defaults to the tip of the default branchCopy the code
Two pieces of information are needed, the project ID and SHA, which can be obtained from Webhook:
const { checkout_sha: checkoutSha, project_id: projectId } = bodyCopy the code
Sha is passed in as a QueryString (GitHub is different from that). If sha is not passed, it defaults to the latest code for the master branch.
Of course, we’ll also set the Secret token, which is available through the X-Gitlab-token in the header.
And then we have information about GitLab.
If the content obtained in the API requires permissions, you can pass in the TOKEN using the private-token header.
GitHub
GitHub’s Webhook interface is a little different from GitLab’s. We use V3 Restful interface here.
For GitHub Webhook, the most important thing is how to calculate the secret Token to be consistent with what we originally set. GitHub is not as simple as GitLab, because you need to look at GitHub as a validation payloads from GitHub. If you cannot read Ruby, you need to look at GitHub as a validation payloads from GitHub.
const strBody = JSON.stringify(body); Const sign = crypto.createhMac ("sha1", const sign = crypto.createhMac ("sha1", SecretKey) // secretKey is the token.update (strBody).digest("hex"); Ctx.assert (ctx.header["x-hub-signature"].replace("sha1=", ") === sign, 403, "Wrong sign "); // Encrypt to hex ctx.assert(ctx.header[" x-Hub-signature "].replace("sha1=", ") === sign, 403, "Wrong sign ");Copy the code
Header x-hub-signature: sha1=value; sha1=value;
Second, GitHub needs to use x-Github-event in the header to determine the event type. Otherwise, an error may occur. Different events may send different content, so you need to do some special processing for ping. This will pass the GitHub check.
From the request body, you can also find the repository information and the corresponding commit information, as well as the Repo Org information.
const { repository, head, head_commit: headCommit } = body;Copy the code
The interfaces we need are:
https://github.com/${org}/${repositoryName}/archive/${sha}.zipCopy the code
Among them:
repositoryName = repository.name
sha = headCommit.idCopy the code
If authorization is required, write to header:
"Authorization": `token ${TOKEN}`Copy the code