search

keel-hq / keel

Kubernetes Operator to automate Helm, DaemonSet, StatefulSet & Deployment updates
https://keel.sh
Mozilla Public License 2.0
2.44k stars 283 forks source link

GitHub webhook is outdated? #575

Open aku opened 3 years ago

aku commented 3 years ago

It seems that GitHub Packages web hook is outdated. The code here https://github.com/keel-hq/keel/blob/master/pkg/http/github_webhook_trigger.go does not match the payload sent by GitHub which results in errors

Example of payload:

{
  "zen": "Non-blocking is better than blocking.",
  "hook_id": 123456,
  "hook": {
    "type": "Repository",
    "id": 123456,
    "name": "web",
    "active": true,
    "events": [
      "registry_package"
    ],
    "config": {
      "content_type": "form",
      "insecure_ssl": "1",
      "url": "https://keel.internal.bhoomi.ai/v1/webhooks/github"
    },
    "updated_at": "2021-01-11T22:36:53Z",
    "created_at": "2021-01-11T22:36:53Z",
    "url": "https://api.github.com/repos/<user_name>/<repo_name>/hooks/123456",
    "test_url": "https://api.github.com/repos/<user_name>/<repo_name>/hooks/123456/test",
    "ping_url": "https://api.github.com/repos/<user_name>/<repo_name>/hooks/123456/pings",
    "last_response": {
      "code": null,
      "status": "unused",
      "message": null
    }
  },
  "repository": {
    "id": 123456,
    "node_id": "MDEwOlJlcG9zaXRvcnkzMjA1MDQ4MTc=",
    "name": "<repo_name>",
    "full_name": "<user_name>/<repo_name>",
    "private": false,
    "owner": {
      "login": "<user_name>",
      "id": 123456,
      "node_id": "MDQ6VXNlcjY3ODU5Ng==",
      "avatar_url": "https://avatars3.githubusercontent.com/u/123456?v=4",
      "gravatar_id": "",
      "url": "https://api.github.com/users/<user_name>",
      "html_url": "https://github.com/<user_name>",
      "followers_url": "https://api.github.com/users/<user_name>/followers",
      "following_url": "https://api.github.com/users/<user_name>/following{/other_user}",
      "gists_url": "https://api.github.com/users/<user_name>/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/<user_name>/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/<user_name>/subscriptions",
      "organizations_url": "https://api.github.com/users/<user_name>/orgs",
      "repos_url": "https://api.github.com/users/<user_name>/repos",
      "events_url": "https://api.github.com/users/<user_name>/events{/privacy}",
      "received_events_url": "https://api.github.com/users/<user_name>/received_events",
      "type": "User",
      "site_admin": false
    },
    "html_url": "https://github.com/<user_name>/<repo_name>",
    "description": null,
    "fork": false,
    "url": "https://api.github.com/repos/<user_name>/<repo_name>",
    "forks_url": "https://api.github.com/repos/<user_name>/<repo_name>/forks",
    "keys_url": "https://api.github.com/repos/<user_name>/<repo_name>/keys{/key_id}",
    "collaborators_url": "https://api.github.com/repos/<user_name>/<repo_name>/collaborators{/collaborator}",
    "teams_url": "https://api.github.com/repos/<user_name>/<repo_name>/teams",
    "hooks_url": "https://api.github.com/repos/<user_name>/<repo_name>/hooks",
    "issue_events_url": "https://api.github.com/repos/<user_name>/<repo_name>/issues/events{/number}",
    "events_url": "https://api.github.com/repos/<user_name>/<repo_name>/events",
    "assignees_url": "https://api.github.com/repos/<user_name>/<repo_name>/assignees{/user}",
    "branches_url": "https://api.github.com/repos/<user_name>/<repo_name>/branches{/branch}",
    "tags_url": "https://api.github.com/repos/<user_name>/<repo_name>/tags",
    "blobs_url": "https://api.github.com/repos/<user_name>/<repo_name>/git/blobs{/sha}",
    "git_tags_url": "https://api.github.com/repos/<user_name>/<repo_name>/git/tags{/sha}",
    "git_refs_url": "https://api.github.com/repos/<user_name>/<repo_name>/git/refs{/sha}",
    "trees_url": "https://api.github.com/repos/<user_name>/<repo_name>/git/trees{/sha}",
    "statuses_url": "https://api.github.com/repos/<user_name>/<repo_name>/statuses/{sha}",
    "languages_url": "https://api.github.com/repos/<user_name>/<repo_name>/languages",
    "stargazers_url": "https://api.github.com/repos/<user_name>/<repo_name>/stargazers",
    "contributors_url": "https://api.github.com/repos/<user_name>/<repo_name>/contributors",
    "subscribers_url": "https://api.github.com/repos/<user_name>/<repo_name>/subscribers",
    "subscription_url": "https://api.github.com/repos/<user_name>/<repo_name>/subscription",
    "commits_url": "https://api.github.com/repos/<user_name>/<repo_name>/commits{/sha}",
    "git_commits_url": "https://api.github.com/repos/<user_name>/<repo_name>/git/commits{/sha}",
    "comments_url": "https://api.github.com/repos/<user_name>/<repo_name>/comments{/number}",
    "issue_comment_url": "https://api.github.com/repos/<user_name>/<repo_name>/issues/comments{/number}",
    "contents_url": "https://api.github.com/repos/<user_name>/<repo_name>/contents/{+path}",
    "compare_url": "https://api.github.com/repos/<user_name>/<repo_name>/compare/{base}...{head}",
    "merges_url": "https://api.github.com/repos/<user_name>/<repo_name>/merges",
    "archive_url": "https://api.github.com/repos/<user_name>/<repo_name>/{archive_format}{/ref}",
    "downloads_url": "https://api.github.com/repos/<user_name>/<repo_name>/downloads",
    "issues_url": "https://api.github.com/repos/<user_name>/<repo_name>/issues{/number}",
    "pulls_url": "https://api.github.com/repos/<user_name>/<repo_name>/pulls{/number}",
    "milestones_url": "https://api.github.com/repos/<user_name>/<repo_name>/milestones{/number}",
    "notifications_url": "https://api.github.com/repos/<user_name>/<repo_name>/notifications{?since,all,participating}",
    "labels_url": "https://api.github.com/repos/<user_name>/<repo_name>/labels{/name}",
    "releases_url": "https://api.github.com/repos/<user_name>/<repo_name>/releases{/id}",
    "deployments_url": "https://api.github.com/repos/<user_name>/<repo_name>/deployments",
    "created_at": "2020-12-11T07:52:16Z",
    "updated_at": "2021-01-11T22:23:29Z",
    "pushed_at": "2021-01-11T22:23:27Z",
    "git_url": "git://github.com/<user_name>/<repo_name>.git",
    "ssh_url": "git@github.com:<user_name>/<repo_name>.git",
    "clone_url": "https://github.com/<user_name>/<repo_name>.git",
    "svn_url": "https://github.com/<user_name>/<repo_name>",
    "homepage": null,
    "size": 18,
    "stargazers_count": 0,
    "watchers_count": 0,
    "language": "Go",
    "has_issues": true,
    "has_projects": true,
    "has_downloads": true,
    "has_wiki": true,
    "has_pages": false,
    "forks_count": 0,
    "mirror_url": null,
    "archived": false,
    "disabled": false,
    "open_issues_count": 0,
    "license": null,
    "forks": 0,
    "open_issues": 0,
    "watchers": 0,
    "default_branch": "main"
  },
  "sender": {
    "login": "<user_name>",
    "id": 123456,
    "node_id": "MDQ6VXNlcjY3ODU5Ng==",
    "avatar_url": "https://avatars3.githubusercontent.com/u/123456?v=4",
    "gravatar_id": "",
    "url": "https://api.github.com/users/<user_name>",
    "html_url": "https://github.com/<user_name>",
    "followers_url": "https://api.github.com/users/<user_name>/followers",
    "following_url": "https://api.github.com/users/<user_name>/following{/other_user}",
    "gists_url": "https://api.github.com/users/<user_name>/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/<user_name>/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/<user_name>/subscriptions",
    "organizations_url": "https://api.github.com/users/<user_name>/orgs",
    "repos_url": "https://api.github.com/users/<user_name>/repos",
    "events_url": "https://api.github.com/users/<user_name>/events{/privacy}",
    "received_events_url": "https://api.github.com/users/<user_name>/received_events",
    "type": "User",
    "site_admin": false
  }
}
DingGGu commented 3 years ago

This is not an actual webhook registry_package event.

It just checks what the webhook sends to keel, but Keel didn't implement it. So, you can safely ignore this error.

However Github registry_package event is working fine.

aku commented 3 years ago

@DingGGu could you clarify?

I've exposed Keel's endpoint (/v1/webhooks/github) on my site (lets say https://mysite.com/webhook) Then I've configured GitHub to call this web hook when package is updated

Screenshot 2021-02-25 at 15 55 13 Screenshot 2021-02-25 at 15 54 07

However, it does not work 'cause Keel receives data mentioned above and can't handle it

What am I missing here? Can I use keel with GitHub Container Registry?

DingGGu commented 3 years ago

Currently, Keel does not support Github Container Registry. ghcr.io/.../...

It only works with Github Package (Legacy version of Github Container Registry) that image name starts with docker.pkg.github.com/.../.../...

I submitted pull request(https://github.com/keel-hq/keel/pull/583) for ghcr yesterday.

aku commented 3 years ago

@DingGGu cool! looking forward to test it

carljmosca commented 3 years ago

This appears to have been merged. Why is this still open? ghcr.io does not appear to be working for me...is that the reason?

immanuelfodor commented 3 years ago

Yes, it's also not working for me

carljmosca commented 3 years ago

There is a commented out version of the call to addJob in watcher.go (line 192) which includes the credentials.

    // err = w.addJob(imageRef, registryUsername, registryPassword, schedule)
    err = w.addJob(image, image.PollSchedule)

It appears that addJob now includes a call to GetCredentials but I don't know what it's expecting for this use case...can anyone provide details on what secret and/or environment variables are expected for ghcr.io? Guessing I missed it in the docs?

Ra0k commented 3 years ago

Hey, I would be also interested in an answer.