Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow bitbucket webhook to check atlantis server #475

Merged
merged 1 commit into from
Feb 15, 2019
Merged

Allow bitbucket webhook to check atlantis server #475

merged 1 commit into from
Feb 15, 2019

Conversation

Zophar78
Copy link

No description provided.

@Zophar78 Zophar78 changed the title Allow bitbucket webhook to check atlantis server #474 Allow bitbucket webhook to check atlantis server Feb 13, 2019
@Zophar78
Copy link
Author

Fix #474

@codecov
Copy link

codecov bot commented Feb 13, 2019

Codecov Report

Merging #475 into master will not change coverage.
The diff coverage is 0%.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #475   +/-   ##
=======================================
  Coverage   70.58%   70.58%           
=======================================
  Files          63       63           
  Lines        4246     4246           
=======================================
  Hits         2997     2997           
  Misses       1028     1028           
  Partials      221      221
Impacted Files Coverage Δ
server/events_controller.go 53.87% <0%> (ø) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7d682b6...aa1d114. Read the comment docs.

@codecov
Copy link

codecov bot commented Feb 13, 2019
edited
Loading

Codecov Report

Merging #475 into master will decrease coverage by 0.04%.
The diff coverage is 0%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #475      +/-   ##
==========================================
- Coverage   70.58%   70.53%   -0.05%     
==========================================
  Files          63       63              
  Lines        4246     4249       +3     
==========================================
  Hits         2997     2997              
- Misses       1028     1031       +3     
  Partials      221      221
Impacted Files Coverage Δ
server/events_controller.go 53.19% <0%> (-0.69%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7d682b6...dd6c324. Read the comment docs.

lkysow
lkysow requested changes Feb 14, 2019
View reviewed changes
server/events_controller.go Outdated
@@ -169,7 +169,7 @@ func (e *EventsController) handleBitbucketServerPost(w http.ResponseWriter, r *h
e.respond(w, logging.Error, http.StatusBadRequest, "Unable to read body: %s %s=%s", err, bitbucketServerRequestIDHeader, reqID)
return
}
if len(e.BitbucketWebhookSecret) > 0 {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd like to pull this logic into a special check ahead of the rest of the code. I want to do this because I don't want there to be more conditionals where we're checking the webhook secret. I think that it might be confusing one day and we might refactor in a way that attackers could bypass the webhook secret checking.

	if eventType == bitbucketserver.DiagnosticsPingHeader {
		// Specially handle the diagnostics:ping event because Bitbucket Server
		// doesn't send the signature with this event for some reason.
		e.respond(w, logging.Info, http.StatusOK, "Successfully received %s event %s=%s", eventType, bitbucketServerRequestIDHeader, reqID)
		return
	}

server/events/vcs/bitbucketserver/models.go Outdated
@@ -1,6 +1,7 @@
package bitbucketserver

const (
DiagnosticsPing = "diagnostics:ping"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add Header to match the Others.

Suggested change
DiagnosticsPing = "diagnostics:ping"
DiagnosticsPingHeader = "diagnostics:ping"

@lkysow lkysow merged commit ba0271c into runatlantis:master Feb 15, 2019
@lkysow
Copy link
Member

lkysow commented Feb 15, 2019

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lkysow lkysow lkysow approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Zophar78 @lkysow