finga/webhookey
1
0
Fork 0
Code Issues 5 Pull requests Projects Releases Wiki Activity
webhookey/README.md
finga ee32424f8c Use signature field for verification 
Instead of looking for a "secret" field hmac is used. Therefore the
raw payload is hashed with all secrets consecutively in order to
validate its content. If the content is certified the established
behaviour is pursued..
2021-03-28 04:18:35 +02:00

93 lines
2.7 KiB
Markdown
Raw Blame History

# Webhookey
Webhookey is a webserver listening for requests as for example sent by
gitea's webhooks. Further, Webhookey allows you to specifiy rules
which are matched against the data received to trigger certain
actions.
## Build
### Install Rust
The Rust toolchain needs to be installed:
``` sh
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
```
Further, for Rocket we need to have the nightly toolchain installed:
``` sh
rustup toolchain install nightly
```
### Build Webhookey
The webhookey project can be built for development:
``` sh
cargo b
```
or for releasing:
``` sh
cargo b --release
```
### Install Webhookey
When a Rust toolchain installed you can also install Webhookey
directly without cloning it manualy:
``` sh
cargo install --git https://git.onders.org/finga/webhookey.git webhookey
```
or from within the project:
``` sh
cargo install webhookey
```
### Run Webhookey
Webhookey can either be run from the project directory with:
``` sh
cargo b
```
or you can copy the produced binary somewhere else from
`webhookey/target/{debug, release}/webhookey` depending on which one
you built.
## Configuration
Configuration syntax is YAML and has to be done in following order:
Right now there is only the configuration parameter for hooks, here
each hook has to be configured, It contains following fields:
- command: String for a command to be executed when all filters
match. Pointers ([RFC 6901](https://tools.ietf.org/html/rfc6901)) to
JSON fields may be used to be replaced with data from the JSON data
with `{{ /field/pointed/to }}`. Further `{{ event }}` and `{{
signature }}` are valid variables as they contain the values from
the regarding header fields of the http request.
- secrets: List of secrets.
- filters: List of filters.
Each filter must have following fields:
- pointer: pointer to the JSON field according to [RFC
6901](https://tools.ietf.org/html/rfc6901)
- regex: regular expression which has to match the field pointed to by
the pointer
### Configuration paths
Following locations are checked for a configuration file:
- `/etc/webhookey/config.yml`
- `<config_dir>/webhookey/config.yml`
- `./config.yml`
Whereas `<config_dir>` depends on the platform:
- Linux: `$XDG_CONFIG_HOME` or `$HOME/.config`
- macOS: `$HOME/Library/Application Support`
- Windows: `{FOLDERID_RoamingAppData}`
# TODOs
## Use `clap` to parse command line arguments
## Implement the functionality to reply to certain webhooks
## Configure rocket via config.yml
## Security
### https support
basically supported, but related to "Configure rocket via config.yml".
### Authentication features
### Secure cookies?
## Use proptest or quickcheck for tests of parsers
Reference in a new issue View git blame Copy permalink