Closed sibasankarnayak closed 2 years ago
@mickmister to generate the webhook secret, what do you think about using the methodology used in Jira?
FYI, @sibasankar-demansol. The Jira plugin adds the following to plugings.json
which adds a webhook secret generation field.
https://github.com/mattermost/mattermost-plugin-jira/blob/master/plugin.json#L31-L36
I also think we should add documentation to the README for this process.
@jfrerich now we do use the webhook secret from plugin console to validate the token via callback url from web hook
Can you let me know how can i add those to documentation
@sibasankar-demansol, I'm sorry. I was looking at a completely different plugin code base when I tried failed to see the webhook secret in the plugin console.
The documentation for this configuration will be located here https://github.com/mattermost/mattermost-plugin-bitbucket/blob/master/docs/admin-guide/configuration.md
I think the following change to configuration.md
would suffice.
Mattermost Bitbucket Webhook - <repository_name>
, replacing repository_name
with the name of your repository.https://your-mattermost-url.com/plugins/bitbucket/webhook/your-webhook-secret
https://your-mattermost-url.com
with your Mattermost deployment's Site URL.your-webhook-secret
with the secret generated in System Console > Plugins > Bitbucket > Webhook SecretI think the following change to
configuration.md
would suffice.
Set the following values:
- Title:
Mattermost Bitbucket Webhook - <repository_name>
, replacingrepository_name
with the name of your repository.URL:
https://your-mattermost-url.com/plugins/bitbucket/webhook/your-webhook-secret
- replace
https://your-mattermost-url.com
with your Mattermost deployment's Site URL.- replace
your-webhook-secret
with the secret generated in System Console > Plugins > Bitbucket > Webhook Secret
@jfrerich Added into documentation
Is there a way to not pass the secret as part of the URL i.e. via a query parameter?
in bitbucket i didn't find any way to configure the webhooksecret via request headers , seems we can pass it through URL itself
Deferring testing to next release testing cc @DHaussermann
added a token which is the webhook secret which gets generated while configuring the bitbucket plugin and cross checked when ever any call happens to webhook
ticket here https://github.com/mattermost/mattermost-plugin-bitbucket/issues/24