feat: allow projects with branches/envs

Dockerfile

@@ -0,0 +1,34 @@
+# Start from the official Golang base image version 1.22
+FROM golang:1.22-alpine as builder
+
+# Set the Current Working Directory inside the container
+WORKDIR /app
+
+# Copy go mod and sum files
+COPY go.mod go.sum ./
+
+# Download all dependencies. Dependencies will be cached if the go.mod and go.sum files are not changed
+RUN go mod download
+
+# Copy the source code into the container
+COPY . .
+
+# Build the Go app
+RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o webhook-listener .
+
+# Start a new stage from scratch using a slim version of Alpine for a smaller image size
+FROM alpine:latest  
+
+WORKDIR /root/
+
+# Copy the Pre-built binary file from the previous stage
+COPY --from=builder /app/webhook-listener .
+
+# Environment variable for the port, set a default value if not provided
+ENV PORT=62082
+
+# Expose the port specified by the PORT environment variable
+EXPOSE $PORT
+
+# Command to run the executable, modified to use the environment variable for the port
+CMD ["./webhook-listener"]

Makefile

@@ -0,0 +1,19 @@
+BINARY_DIR=bin
+BINARY_NAME=webhook-listener
+COVERAGE_DIR=coverage
+
+lint:
+	golangci-lint run ./...
+goreportcard:
+	goreportcard-cli -v
+test: 
+	go test ./...
+test-coverage:
+	rm -rf ${COVERAGE_DIR}
+	mkdir ${COVERAGE_DIR}
+	go test -v -coverprofile ${COVERAGE_DIR}/cover.out ./...
+	go tool cover -html ${COVERAGE_DIR}/cover.out -o ${COVERAGE_DIR}/cover.html
+build:
+	rm -rf ${BINARY_DIR}
+	mkdir ${BINARY_DIR}
+	env GOOS=linux CGO_ENABLED=0 GOARCH=amd64 go build -o ./${BINARY_DIR}/${BINARY_NAME} main.go	

build.sh

@@ -0,0 +1,45 @@
+#!/bin/bash
+
+# Define variables
+IMAGE_NAME="gitea-webhook-listener"
+DOCKERFILE_PATH="./"
+VERSION_FILE="version.txt"
+REGISTRY="registry.fungimail.llc"
+NAMESPACE="urko"
+
+# Version management
+if [ ! -f "$VERSION_FILE" ]; then
+    echo "Version file not found, creating one with version 1..."
+    echo "1" > $VERSION_FILE
+fi
+
+VERSION=$(cat $VERSION_FILE)
+echo "Current version is $VERSION."
+
+# Increment the version
+VERSION=$((VERSION+1))
+echo "Incrementing to new version $VERSION..."
+echo $VERSION > $VERSION_FILE
+
+# Step 1: Build the Docker image with the new version tag
+echo "Building Docker image $IMAGE_NAME:$VERSION..."
+docker build -t $IMAGE_NAME:$VERSION $DOCKERFILE_PATH
+
+# Step 1b: Tag the image for the registry with version
+FULL_IMAGE_NAME_VERSION="${REGISTRY}/${NAMESPACE}/${IMAGE_NAME}:${VERSION}"
+echo "Tagging image for registry as $FULL_IMAGE_NAME_VERSION..."
+docker tag $IMAGE_NAME:$VERSION $FULL_IMAGE_NAME_VERSION
+
+# Step 1c: Tag the image for the registry with 'latest'
+FULL_IMAGE_NAME_LATEST="${REGISTRY}/${NAMESPACE}/${IMAGE_NAME}:latest"
+echo "Tagging image for registry as $FULL_IMAGE_NAME_LATEST..."
+docker tag $IMAGE_NAME:$VERSION $FULL_IMAGE_NAME_LATEST
+
+# Step 1d: Push the versioned image to the Docker registry
+echo "Pushing $FULL_IMAGE_NAME_VERSION to the Docker registry..."
+docker push $FULL_IMAGE_NAME_VERSION
+
+# Step 1e: Push the latest image to the Docker registry
+echo "Pushing $FULL_IMAGE_NAME_LATEST to the Docker registry..."
+docker push $FULL_IMAGE_NAME_LATEST
+

internal/gitea.go

@@ -0,0 +1,184 @@
+package internal
+
+import "time"
+
+type WebhookPayload struct {
+	Ref        string `json:"ref"`
+	Before     string `json:"before"`
+	After      string `json:"after"`
+	CompareURL string `json:"compare_url"`
+	Commits    []struct {
+		ID      string `json:"id"`
+		Message string `json:"message"`
+		URL     string `json:"url"`
+		Author  struct {
+			Name     string `json:"name"`
+			Email    string `json:"email"`
+			Username string `json:"username"`
+		} `json:"author"`
+		Committer struct {
+			Name     string `json:"name"`
+			Email    string `json:"email"`
+			Username string `json:"username"`
+		} `json:"committer"`
+		Verification any      `json:"verification"`
+		Timestamp    string   `json:"timestamp"`
+		Added        []any    `json:"added"`
+		Removed      []any    `json:"removed"`
+		Modified     []string `json:"modified"`
+	} `json:"commits"`
+	TotalCommits int `json:"total_commits"`
+	HeadCommit   struct {
+		ID      string `json:"id"`
+		Message string `json:"message"`
+		URL     string `json:"url"`
+		Author  struct {
+			Name     string `json:"name"`
+			Email    string `json:"email"`
+			Username string `json:"username"`
+		} `json:"author"`
+		Committer struct {
+			Name     string `json:"name"`
+			Email    string `json:"email"`
+			Username string `json:"username"`
+		} `json:"committer"`
+		Verification any      `json:"verification"`
+		Timestamp    string   `json:"timestamp"`
+		Added        []any    `json:"added"`
+		Removed      []any    `json:"removed"`
+		Modified     []string `json:"modified"`
+	} `json:"head_commit"`
+	Repository struct {
+		ID    int `json:"id"`
+		Owner struct {
+			ID                int       `json:"id"`
+			Login             string    `json:"login"`
+			LoginName         string    `json:"login_name"`
+			FullName          string    `json:"full_name"`
+			Email             string    `json:"email"`
+			AvatarURL         string    `json:"avatar_url"`
+			Language          string    `json:"language"`
+			IsAdmin           bool      `json:"is_admin"`
+			LastLogin         time.Time `json:"last_login"`
+			Created           time.Time `json:"created"`
+			Restricted        bool      `json:"restricted"`
+			Active            bool      `json:"active"`
+			ProhibitLogin     bool      `json:"prohibit_login"`
+			Location          string    `json:"location"`
+			Website           string    `json:"website"`
+			Description       string    `json:"description"`
+			Visibility        string    `json:"visibility"`
+			FollowersCount    int       `json:"followers_count"`
+			FollowingCount    int       `json:"following_count"`
+			StarredReposCount int       `json:"starred_repos_count"`
+			Username          string    `json:"username"`
+		} `json:"owner"`
+		Name            string    `json:"name"`
+		FullName        string    `json:"full_name"`
+		Description     string    `json:"description"`
+		Empty           bool      `json:"empty"`
+		Private         bool      `json:"private"`
+		Fork            bool      `json:"fork"`
+		Template        bool      `json:"template"`
+		Parent          any       `json:"parent"`
+		Mirror          bool      `json:"mirror"`
+		Size            int       `json:"size"`
+		Language        string    `json:"language"`
+		LanguagesURL    string    `json:"languages_url"`
+		HTMLURL         string    `json:"html_url"`
+		URL             string    `json:"url"`
+		Link            string    `json:"link"`
+		SSHURL          string    `json:"ssh_url"`
+		CloneURL        string    `json:"clone_url"`
+		OriginalURL     string    `json:"original_url"`
+		Website         string    `json:"website"`
+		StarsCount      int       `json:"stars_count"`
+		ForksCount      int       `json:"forks_count"`
+		WatchersCount   int       `json:"watchers_count"`
+		OpenIssuesCount int       `json:"open_issues_count"`
+		OpenPrCounter   int       `json:"open_pr_counter"`
+		ReleaseCounter  int       `json:"release_counter"`
+		DefaultBranch   string    `json:"default_branch"`
+		Archived        bool      `json:"archived"`
+		CreatedAt       time.Time `json:"created_at"`
+		UpdatedAt       time.Time `json:"updated_at"`
+		ArchivedAt      time.Time `json:"archived_at"`
+		Permissions     struct {
+			Admin bool `json:"admin"`
+			Push  bool `json:"push"`
+			Pull  bool `json:"pull"`
+		} `json:"permissions"`
+		HasIssues       bool `json:"has_issues"`
+		InternalTracker struct {
+			EnableTimeTracker                bool `json:"enable_time_tracker"`
+			AllowOnlyContributorsToTrackTime bool `json:"allow_only_contributors_to_track_time"`
+			EnableIssueDependencies          bool `json:"enable_issue_dependencies"`
+		} `json:"internal_tracker"`
+		HasWiki                       bool      `json:"has_wiki"`
+		HasPullRequests               bool      `json:"has_pull_requests"`
+		HasProjects                   bool      `json:"has_projects"`
+		HasReleases                   bool      `json:"has_releases"`
+		HasPackages                   bool      `json:"has_packages"`
+		HasActions                    bool      `json:"has_actions"`
+		IgnoreWhitespaceConflicts     bool      `json:"ignore_whitespace_conflicts"`
+		AllowMergeCommits             bool      `json:"allow_merge_commits"`
+		AllowRebase                   bool      `json:"allow_rebase"`
+		AllowRebaseExplicit           bool      `json:"allow_rebase_explicit"`
+		AllowSquashMerge              bool      `json:"allow_squash_merge"`
+		AllowRebaseUpdate             bool      `json:"allow_rebase_update"`
+		DefaultDeleteBranchAfterMerge bool      `json:"default_delete_branch_after_merge"`
+		DefaultMergeStyle             string    `json:"default_merge_style"`
+		DefaultAllowMaintainerEdit    bool      `json:"default_allow_maintainer_edit"`
+		AvatarURL                     string    `json:"avatar_url"`
+		Internal                      bool      `json:"internal"`
+		MirrorInterval                string    `json:"mirror_interval"`
+		MirrorUpdated                 time.Time `json:"mirror_updated"`
+		RepoTransfer                  any       `json:"repo_transfer"`
+	} `json:"repository"`
+	Pusher struct {
+		ID                int       `json:"id"`
+		Login             string    `json:"login"`
+		LoginName         string    `json:"login_name"`
+		FullName          string    `json:"full_name"`
+		Email             string    `json:"email"`
+		AvatarURL         string    `json:"avatar_url"`
+		Language          string    `json:"language"`
+		IsAdmin           bool      `json:"is_admin"`
+		LastLogin         time.Time `json:"last_login"`
+		Created           time.Time `json:"created"`
+		Restricted        bool      `json:"restricted"`
+		Active            bool      `json:"active"`
+		ProhibitLogin     bool      `json:"prohibit_login"`
+		Location          string    `json:"location"`
+		Website           string    `json:"website"`
+		Description       string    `json:"description"`
+		Visibility        string    `json:"visibility"`
+		FollowersCount    int       `json:"followers_count"`
+		FollowingCount    int       `json:"following_count"`
+		StarredReposCount int       `json:"starred_repos_count"`
+		Username          string    `json:"username"`
+	} `json:"pusher"`
+	Sender struct {
+		ID                int       `json:"id"`
+		Login             string    `json:"login"`
+		LoginName         string    `json:"login_name"`
+		FullName          string    `json:"full_name"`
+		Email             string    `json:"email"`
+		AvatarURL         string    `json:"avatar_url"`
+		Language          string    `json:"language"`
+		IsAdmin           bool      `json:"is_admin"`
+		LastLogin         time.Time `json:"last_login"`
+		Created           time.Time `json:"created"`
+		Restricted        bool      `json:"restricted"`
+		Active            bool      `json:"active"`
+		ProhibitLogin     bool      `json:"prohibit_login"`
+		Location          string    `json:"location"`
+		Website           string    `json:"website"`
+		Description       string    `json:"description"`
+		Visibility        string    `json:"visibility"`
+		FollowersCount    int       `json:"followers_count"`
+		FollowingCount    int       `json:"following_count"`
+		StarredReposCount int       `json:"starred_repos_count"`
+		Username          string    `json:"username"`
+	} `json:"sender"`
+}

kit/config/config.go

@@ -7,10 +7,13 @@ import (
 )
 
 type Config struct {
-	Secret     string `yaml:"secret"`
-	Port       int    `yaml:"port"`
-	BinaryPath string `yaml:"binary_path"`
-	ScriptPath string `yaml:"script_path"`
+	Secret   string                             `yaml:"secret"`
+	Port     int                                `yaml:"port"`
+	Projects map[string]map[string]ConfigScript `yaml:"projects"`
+}
+type ConfigScript struct {
+	BinaryPath string `yaml:"binary"`
+	ScriptPath string `yaml:"script"`
 }
 
 func LoadConfig(path string) (*Config, error) {

main.go

@@ -1,31 +1,38 @@
 package main
 
 import (
-	"crypto/hmac"
-	"crypto/sha256"
-	"encoding/hex"
 	"encoding/json"
 	"fmt"
 	"io"
+	"log"
 	"net/http"
 	"os"
 	"os/exec"
+	"path"
+	"runtime"
+	"strings"
 
+	"gitea.urkob.com/urko/gitea-webhook-listener/internal"
 	"gitea.urkob.com/urko/gitea-webhook-listener/kit/config"
 )
 
 func main() {
-	cfg, err := config.LoadConfig(".configs/app.yml")
-	if err != nil {
-		panic(err)
+	cfgFile := os.Getenv("CONFIG_FILE")
+	if cfgFile == "" {
+		// Get root path
+		_, filename, _, _ := runtime.Caller(0)
+		cfgFile = path.Join(path.Dir(filename), "configs", "app.yml")
 	}
-	http.HandleFunc("/payload", handlePayload(cfg.Secret, cfg.BinaryPath, cfg.ScriptPath))
+	cfg, err := config.LoadConfig(cfgFile)
+	if err != nil {
+		log.Fatalf("Error loading config: %v", err)
+	}
+	http.HandleFunc("/", handlePayload(cfg.Secret, cfg.Projects))
 	http.ListenAndServe(fmt.Sprintf(":%d", cfg.Port), nil)
 }
 
-func handlePayload(secret, binaryPath, scriptPath string) func(w http.ResponseWriter, r *http.Request) {
+func handlePayload(secret string, projects map[string]map[string]config.ConfigScript) func(w http.ResponseWriter, r *http.Request) {
 	return (func(w http.ResponseWriter, r *http.Request) {
-
 		// Read the request body
 		body, err := io.ReadAll(r.Body)
 		if err != nil {
@@ -34,26 +41,41 @@ func handlePayload(secret, binaryPath, scriptPath string) func(w http.ResponseWr
 		}
 		defer r.Body.Close()
 
-		// Verify the signature
-		if !verifySignature(body, r.Header.Get("X-Hub-Signature-256"), []byte(secret)) {
+		authHeader := r.Header.Get("Authorization")
+		if authHeader != secret {
 			http.Error(w, "Signatures didn't match", http.StatusUnauthorized)
 			return
 		}
 
-		// Parse the JSON payload
-		var payload interface{}
-		err = json.Unmarshal(body, &payload)
-		if err != nil {
-			http.Error(w, "Failed to parse JSON payload", http.StatusBadRequest)
+		if !r.URL.Query().Has("project") {
+			http.Error(w, "", http.StatusBadRequest)
 			return
 		}
 
-		// TODO: Do something with the payload
-		fmt.Fprintf(w, "I got some JSON: %v", payload)
-
-		if err := execute(binaryPath, scriptPath); err != nil {
-			panic(err)
+		project := r.URL.Query().Get("project")
+		proj, found := projects[project]
+		if !found {
+			http.Error(w, "not found", http.StatusNotFound)
+			return
 		}
+		var payload internal.WebhookPayload
+		if err = json.Unmarshal(body, &payload); err != nil {
+			http.Error(w, "Failed to parse JSON payload", http.StatusBadRequest)
+			return
+		}
+		branchName := strings.Split(payload.Ref, "/")[len(strings.Split(payload.Ref, "/"))-1]
+
+		scr, found := proj[branchName]
+		if !found {
+			http.Error(w, "not found", http.StatusNotFound)
+			return
+		}
+
+		go func() {
+			if err := execute(scr.BinaryPath, scr.ScriptPath); err != nil {
+				log.Println(err)
+			}
+		}()
 	})
 }
 
@@ -68,13 +90,3 @@ func execute(binaryPath, scriptPath string) error {
 
 	return nil
 }
-
-func verifySignature(payload []byte, signature string, secret []byte) bool {
-	// Compute the expected signature
-	mac := hmac.New(sha256.New, secret)
-	mac.Write(payload)
-	expectedSignature := hex.EncodeToString(mac.Sum(nil))
-
-	// Compare the expected signature with the actual signature
-	return hmac.Equal([]byte(signature), []byte("sha256="+expectedSignature))
-}