-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
120 lines (100 loc) · 2.65 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
const express = require("express");
const crypto = require("crypto");
const axios = require("axios");
const fs = require("fs");
const child_process = require("child_process");
const config = require("./config.json");
const { rejects } = require("assert");
const { resolve } = require("path");
const e = require("express");
const app = express();
app.use(express.json());
app.post("/webhook", (req, res) => {
const repo = req.body.repository.full_name;
const conf = config[repo];
if (!conf) {
return res.status(403).send("Repository unknown");
}
if (invalidSecret(conf.secret, req.get("X-Hub-Signature"), req.body)) {
return res.status(403).send("Secret is wrong");
}
const event = req.get("X-GitHub-Event");
const options = {
headers: {
Accept: "application/vnd.github.ant-man-preview+json",
Authorization: "token " + conf.token,
},
};
console.log(`${repo} ${event}`);
if (event === "deployment") {
const branch = branchByRef(req.body.deployment.ref);
deploy(
conf.branches[branch].path,
repo,
branch,
req.body.deployment.statuses_url,
options
);
} else if (event === "push") {
const branch = branchByRef(req.body.ref);
if (!conf.branches[branch]) {
return res.status(200).send("Irrelevant branch");
}
if (!conf.branches[branch].on.includes("push")) {
return res.status(200).send("Not listening for push on branch " + branch);
}
axios.post(
req.body.repository.deployments_url,
{
ref: req.body.ref,
},
options
);
} else {
return res.status(200).send("Irrelevant event");
}
return res.status(200).send("OK");
});
app.listen(80, () => {
console.log("Listening");
});
function invalidSecret(secret, sig, body) {
const hmac = crypto.createHmac("sha1", secret);
const digest = Buffer.from(
"sha1=" + hmac.update(JSON.stringify(body)).digest("hex"),
"utf8"
);
const checksum = Buffer.from(sig, "utf8");
return (
checksum.length !== digest.length ||
!crypto.timingSafeEqual(digest, checksum)
);
}
async function deploy(path, repo, branch, url, options) {
if (!fs.existsSync(path)) {
await exec(
`git clone https://github.com/${repo} ${path} && git checkout ${branch}`
);
}
const err = await exec(`git pull`, {
cwd: path,
});
console.log(err);
axios.post(
url,
{
state: err ? "error" : "success",
},
options
);
}
function branchByRef(ref) {
return ref.split("/")[2]; // Really bad
}
function exec(cmd, options) {
return new Promise((resolve, reject) => {
child_process.exec(cmd, options, (err) => {
resolve(err);
});
});
}