mirror of
https://github.com/ansible/awx.git
synced 2026-05-16 13:57:39 -02:30
Drop Bitbucket support
since only the Bitbucket Server product supports signed payloads, bitbucket.org does not. And we are requiring signed payloads.
This commit is contained in:
Jeff Bradberry
@@ -4,7 +4,6 @@ from awx.api.views import (
|
|||||||
WebhookKeyView,
|
WebhookKeyView,
|
||||||
GithubWebhookReceiver,
|
GithubWebhookReceiver,
|
||||||
GitlabWebhookReceiver,
|
GitlabWebhookReceiver,
|
||||||
BitbucketWebhookReceiver,
|
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
@@ -12,5 +11,4 @@ urlpatterns = [
|
|||||||
url(r'^webhook_key/$', WebhookKeyView.as_view(), name='webhook_key'),
|
url(r'^webhook_key/$', WebhookKeyView.as_view(), name='webhook_key'),
|
||||||
url(r'^github/$', GithubWebhookReceiver.as_view(), name='webhook_receiver_github'),
|
url(r'^github/$', GithubWebhookReceiver.as_view(), name='webhook_receiver_github'),
|
||||||
url(r'^gitlab/$', GitlabWebhookReceiver.as_view(), name='webhook_receiver_gitlab'),
|
url(r'^gitlab/$', GitlabWebhookReceiver.as_view(), name='webhook_receiver_gitlab'),
|
||||||
url(r'^bitbucket/$', BitbucketWebhookReceiver.as_view(), name='webhook_receiver_bitbucket'),
|
|
||||||
]
|
]
|
||||||
|
|||||||
@@ -154,7 +154,6 @@ from awx.api.views.webhooks import ( # noqa
|
|||||||
WebhookKeyView,
|
WebhookKeyView,
|
||||||
GithubWebhookReceiver,
|
GithubWebhookReceiver,
|
||||||
GitlabWebhookReceiver,
|
GitlabWebhookReceiver,
|
||||||
BitbucketWebhookReceiver,
|
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -240,52 +240,3 @@ class GitlabWebhookReceiver(WebhookReceiverBase):
|
|||||||
# analysis by attackers.
|
# analysis by attackers.
|
||||||
if not hmac.compare_digest(force_bytes(obj.webhook_key), self.get_signature()):
|
if not hmac.compare_digest(force_bytes(obj.webhook_key), self.get_signature()):
|
||||||
raise PermissionDenied
|
raise PermissionDenied
|
||||||
|
|
||||||
|
|
||||||
class BitbucketWebhookReceiver(WebhookReceiverBase):
|
|
||||||
service = 'bitbucket'
|
|
||||||
|
|
||||||
ref_keys = {
|
|
||||||
# Bitbucket Server
|
|
||||||
'repo:refs_changed': 'changes.0.toHash',
|
|
||||||
'repo:comment:added': 'commit',
|
|
||||||
'repo:comment:edited': 'commit',
|
|
||||||
'repo:comment:deleted': 'commit',
|
|
||||||
'pr:opened': 'pullRequest.fromRef.latestCommit',
|
|
||||||
'pr:modified': 'pullRequest.fromRef.latestCommit',
|
|
||||||
'pr:reviewer:updated': 'pullRequest.fromRef.latestCommit',
|
|
||||||
'pr:reviewer:approved': 'pullRequest.fromRef.latestCommit',
|
|
||||||
'pr:reviewer:unapproved': 'pullRequest.fromRef.latestCommit',
|
|
||||||
'pr:reviewer:needs_work': 'pullRequest.fromRef.latestCommit',
|
|
||||||
'pr:merged': 'pullRequest.fromRef.latestCommit',
|
|
||||||
'pr:declined': 'pullRequest.fromRef.latestCommit',
|
|
||||||
'pr:deleted': 'pullRequest.fromRef.latestCommit',
|
|
||||||
'pr:comment:added': 'pullRequest.fromRef.latestCommit',
|
|
||||||
'pr:comment:edited': 'pullRequest.fromRef.latestCommit',
|
|
||||||
'pr:comment:deleted': 'pullRequest.fromRef.latestCommit',
|
|
||||||
|
|
||||||
# Bitbucket Cloud, aka bitbucket.org
|
|
||||||
'repo:push': 'push.changes.0.new.target.hash',
|
|
||||||
'repo:commit_comment_created': 'commit.hash',
|
|
||||||
'pullrequest:created': 'pullrequest.source.commit',
|
|
||||||
'pullrequest:updated': 'pullrequest.source.commit',
|
|
||||||
'pullrequest:approved': 'pullrequest.source.commit',
|
|
||||||
'pullrequest:unapproved': 'pullrequest.source.commit',
|
|
||||||
'pullrequest:fulfilled': 'pullrequest.source.commit',
|
|
||||||
'pullrequest:rejected': 'pullrequest.source.commit',
|
|
||||||
'pullrequest:comment_created': 'pullrequest.source.commit',
|
|
||||||
'pullrequest:comment_updated': 'pullrequest.source.commit',
|
|
||||||
'pullrequest:comment_deleted': 'pullrequest.source.commit',
|
|
||||||
}
|
|
||||||
|
|
||||||
def get_event_type(self):
|
|
||||||
return self.request.META.get('HTTP_X_EVENT_KEY')
|
|
||||||
|
|
||||||
def get_event_guid(self):
|
|
||||||
return self.request.META.get('HTTP_X_REQUEST_UUID')
|
|
||||||
|
|
||||||
def get_signature(self):
|
|
||||||
header_sig = self.request.META.get('HTTP_X_HUB_SIGNATURE')
|
|
||||||
if not header_sig:
|
|
||||||
raise PermissionDenied
|
|
||||||
return force_bytes(header_sig)
|
|
||||||
|
|||||||
@@ -24,7 +24,7 @@ class Migration(migrations.Migration):
|
|||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='jobtemplate',
|
model_name='jobtemplate',
|
||||||
name='webhook_service',
|
name='webhook_service',
|
||||||
field=models.CharField(blank=True, choices=[('github', 'Github'), ('gitlab', 'Gitlab'), ('bitbucket', 'Bitbucket')], max_length=16),
|
field=models.CharField(blank=True, choices=[('github', 'Github'), ('gitlab', 'Gitlab')], max_length=16),
|
||||||
),
|
),
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='workflowjobtemplate',
|
model_name='workflowjobtemplate',
|
||||||
@@ -39,6 +39,6 @@ class Migration(migrations.Migration):
|
|||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='workflowjobtemplate',
|
model_name='workflowjobtemplate',
|
||||||
name='webhook_service',
|
name='webhook_service',
|
||||||
field=models.CharField(blank=True, choices=[('github', 'Github'), ('gitlab', 'Gitlab'), ('bitbucket', 'Bitbucket')], max_length=16),
|
field=models.CharField(blank=True, choices=[('github', 'Github'), ('gitlab', 'Gitlab')], max_length=16),
|
||||||
),
|
),
|
||||||
]
|
]
|
||||||
|
|||||||
@@ -24,7 +24,7 @@ class Migration(migrations.Migration):
|
|||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='job',
|
model_name='job',
|
||||||
name='webhook_service',
|
name='webhook_service',
|
||||||
field=models.CharField(blank=True, choices=[('github', 'Github'), ('gitlab', 'Gitlab'), ('bitbucket', 'Bitbucket')], max_length=16),
|
field=models.CharField(blank=True, choices=[('github', 'Github'), ('gitlab', 'Gitlab')], max_length=16),
|
||||||
),
|
),
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='workflowjob',
|
model_name='workflowjob',
|
||||||
@@ -39,6 +39,6 @@ class Migration(migrations.Migration):
|
|||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='workflowjob',
|
model_name='workflowjob',
|
||||||
name='webhook_service',
|
name='webhook_service',
|
||||||
field=models.CharField(blank=True, choices=[('github', 'Github'), ('gitlab', 'Gitlab'), ('bitbucket', 'Bitbucket')], max_length=16),
|
field=models.CharField(blank=True, choices=[('github', 'Github'), ('gitlab', 'Gitlab')], max_length=16),
|
||||||
),
|
),
|
||||||
]
|
]
|
||||||
|
|||||||
@@ -1001,22 +1001,6 @@ ManagedCredentialType(
|
|||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
ManagedCredentialType(
|
|
||||||
namespace='bitbucket_token',
|
|
||||||
kind='token',
|
|
||||||
name=ugettext_noop('Bitbucket Personal Access Token'),
|
|
||||||
managed_by_tower=True,
|
|
||||||
inputs={
|
|
||||||
'fields': [{
|
|
||||||
'id': 'token',
|
|
||||||
'label': ugettext_noop('Token'),
|
|
||||||
'type': 'string',
|
|
||||||
'secret': True,
|
|
||||||
}],
|
|
||||||
'required': ['token'],
|
|
||||||
},
|
|
||||||
)
|
|
||||||
|
|
||||||
ManagedCredentialType(
|
ManagedCredentialType(
|
||||||
namespace='insights',
|
namespace='insights',
|
||||||
kind='insights',
|
kind='insights',
|
||||||
|
|||||||
@@ -498,7 +498,6 @@ class WebhookTemplateMixin(models.Model):
|
|||||||
SERVICES = [
|
SERVICES = [
|
||||||
('github', "Github"),
|
('github', "Github"),
|
||||||
('gitlab', "Gitlab"),
|
('gitlab', "Gitlab"),
|
||||||
('bitbucket', "Bitbucket"),
|
|
||||||
]
|
]
|
||||||
|
|
||||||
webhook_service = models.CharField(
|
webhook_service = models.CharField(
|
||||||
|
|||||||
@@ -79,7 +79,6 @@ def test_default_cred_types():
|
|||||||
'aws',
|
'aws',
|
||||||
'azure_kv',
|
'azure_kv',
|
||||||
'azure_rm',
|
'azure_rm',
|
||||||
'bitbucket_token',
|
|
||||||
'cloudforms',
|
'cloudforms',
|
||||||
'conjur',
|
'conjur',
|
||||||
'gce',
|
'gce',
|
||||||
|
|||||||
Reference in New Issue
Block a user