Add webhook modeling to projects #2764
Conversation
agjohnson
added
the
PR: work in progress
agjohnson
force-pushed
the
project-integration-webhook
branch
2 times, most recently
from
24f800f to
841c4d5
Compare
|
There are a few places I noted required some more testing, and I owe docs here as well. This will require rebasing on master after #2745 is merged for better display. |
agjohnson
force-pushed
the
project-integration-webhook
branch
from
77fbfe6 to
5359231
Compare
agjohnson
added
PR: ready for review
and removed
PR: work in progress
docs/webhooks.rst
Outdated
| updated within seconds is an awesome feeling. | ||
| The primary method that Read the Docs uses to detect changes to your | ||
| documentation is through the use of *webhooks*. Webhooks are configured with | ||
| your repository provider and with each commit, merge, or other change to your |
There was a problem hiding this comment.
repository provider (like GitHub)?
docs/webhooks.rst
Outdated
| The primary method that Read the Docs uses to detect changes to your | ||
| documentation is through the use of *webhooks*. Webhooks are configured with | ||
| your repository provider and with each commit, merge, or other change to your | ||
| repository, Read the Docs is notified. When this happens, we determine if the |
There was a problem hiding this comment.
s/When this happens/When we recieve the webhook/
docs/webhooks.rst
Outdated
| Webhook creation | ||
| ---------------- | ||
|
|
||
| If you import a project using a connected account, a webhook will be set up |
docs/webhooks.rst
Outdated
| can click **Add integration** and select the integration type you'd like to add. | ||
| In order to set up a new webhook with your provider, you'll need the *webhook | ||
| URL*. You can get this URL by selecting the integration you just added on the | ||
| list of integrations. |
There was a problem hiding this comment.
You can get this URL by selecting the integration you just added on the list of integrations. sounds confusing, and could be more explicit. Should we be returning them to the detail page, instead of the listing, when they add a new integration?
There was a problem hiding this comment.
Perhaps, yeah. There's no good reason not to redirect the user there.
There was a problem hiding this comment.
Added redirect in 8eb590d
docs/webhooks.rst
Outdated
| integrations, this integration has a specific URL, found on the integration | ||
| detail page. This integration can either be added manually or may be created | ||
| automatically if you had previously set up a webhook with your provider | ||
| manually. |
There was a problem hiding this comment.
This integration can either be added manually or may be created automatically if you had previously set up a webhook with your provider manually. Not sure what this is saying. It I previously set it up manually its now automatic?
There was a problem hiding this comment.
If you previously created a webhook manually, it will automatically create an integration when we receive data. I can clarify here.
readthedocs/core/fields.py
Outdated
|
|
||
| def default_token(): | ||
| """Generate default value for token field""" | ||
| return ''.join([int_to_base36(randrange(sys.maxint)) for _ in range(2)]) |
There was a problem hiding this comment.
Does this need to be cryptographically secure, or is it just a hash? I feel like Django has a way to generate these that can't be guessed.
Either way, we should document the thread profile of it.
There was a problem hiding this comment.
This isn't a hash of any data in particular, so cryptographic security here isn't a concern. Randomization is the primary concern instead.
This was brought in from our auth token implementation, I'm not aware of a built-in token in Django. DRF uses this as a token generator:
https://github.com/encode/django-rest-framework/blob/master/rest_framework/authtoken/models.py#L37-L38
It might be best to replace this with the DRF version, as randrange(sys.maxint) has about 1:1000000000000000 chance of being 4 chars or less, or with concatenation of two of these strings, something like 1:1e-30 chance of being 8 characters or less.
| GITHUB_WEBHOOK = 'github_webhook' | ||
| BITBUCKET_WEBHOOK = 'bitbucket_webhook' | ||
| GITLAB_WEBHOOK = 'gitlab_webhook' | ||
| API_WEBHOOK = 'api_webhook' |
There was a problem hiding this comment.
Should these be defined in a constants.py file, instead of on the class directly?
There was a problem hiding this comment.
Django docs have recommended on the model class for these constants:
https://docs.djangoproject.com/en/1.11/ref/models/fields/#django.db.models.Field.choices
| project) | ||
| try: | ||
| log.debug('Bitbucket webhook update failure response: %s', | ||
| resp.json()) |
There was a problem hiding this comment.
Pretty sure I had a patch that removed the json() call because it blows up on non-JSON data. We should comment here if we don't want to capture non-JSON return data.
There was a problem hiding this comment.
Yeah, i commented on the last PR that I was fixing this way.
| that a webhook has ever been created on our side. Most providers don't | ||
| pass the webhook ID in either, so we default to just finding *any* | ||
| integration from the provider. This is not ideal, but the | ||
| :py:class:`WebhookView` view solves this by perfomring a lookup on the |
| token = self.request.data.get('token') | ||
| if token: | ||
| integration = self.get_integration() | ||
| obj = Project.objects.get(**kwargs) |
There was a problem hiding this comment.
Do we want to catch a DoesNotExist here?
There was a problem hiding this comment.
No, this is currently bubbling up to be caught in the calling function
|
This should be about set now. If the new changes look okay, we should get this merged and out this week. |
This will add
Integrationmodels, which include just webhooks for now. Thisextends the integrations page to list integrations, and allows for
per-integration syncing now as well. The brute force method of resyncing
webhooks will be replaced by this work.
See #2755 for more context on the the scope of this work. This also depends on #2745 and can be rebased after that is merged.
This work does not currently attempt to consolidate code, and there might be
some redundancy. The next phase of this work should be to consolidate the oauth
representations and remote modeling into a single place.