Skip to content

Commit fb29205

Browse files
heurtematteheurtematte
committed
feat: use bot token to create org hook
Signed-off-by: sebastien.heurtematte <[email protected]>
1 parent f490314 commit fb29205

File tree

1 file changed

+16
-5
lines changed

1 file changed

+16
-5
lines changed

github/create_webhook.sh

Lines changed: 16 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -14,10 +14,13 @@ set -o nounset
1414
set -o pipefail
1515

1616
IFS=$'\n\t'
17-
SCRIPT_FOLDER="$(dirname "$(readlink -f "${0}")")"
18-
CI_ADMIN_ROOT="${SCRIPT_FOLDER}/.."
1917

20-
TOKEN="$("${CI_ADMIN_ROOT}/utils/local_config.sh" "get_var" "access_token" "github")"
18+
SCRIPT_FOLDER="$(dirname "$(readlink -f "${BASH_SOURCE[0]}")")"
19+
#shellcheck disable=SC1091
20+
source "${SCRIPT_FOLDER}/../pass/pass_wrapper.sh"
21+
22+
GITHUB_PASS_DOMAIN="github.com"
23+
2124
#shellcheck disable=SC2089
2225
EVENTS='["push","pull_request"]'
2326

@@ -47,13 +50,16 @@ org() {
4750
exit 1
4851
fi
4952

53+
local pw_store_path="bots/${project_name}/${GITHUB_PASS_DOMAIN}"
54+
local bot_token=$(passw cbi "${pw_store_path}/api-token")
55+
5056
echo "Creating organization webhook..."
5157

5258
local response
5359
response="$(curl -sS\
5460
-X POST \
5561
-H "Accept: application/vnd.github+json" \
56-
-H "Authorization: Bearer ${TOKEN}"\
62+
-H "Authorization: Bearer ${bot_token}"\
5763
-H "X-GitHub-Api-Version: 2022-11-28" \
5864
"https://api.github.com/orgs/${org}/hooks" \
5965
-d '{"name":"web","active":true,"events":'${EVENTS}',"config":{"url":"'${webhook_url}'","content_type":"json"}}')"
@@ -62,6 +68,7 @@ org() {
6268
echo "ERROR:"
6369
printf " Message: %s\n" "$(echo "${response}" | jq '.message')"
6470
printf " Errors/Message: %s\n" "$(echo "${response}" | jq '.errors[].message')"
71+
exit 1
6572
fi
6673
}
6774

@@ -71,6 +78,7 @@ repo() {
7178
local short_name="${project_name##*.}"
7279
local webhook_url="https://ci.eclipse.org/${short_name}/github-webhook/"
7380

81+
7482
# check that project name is not empty
7583
if [[ -z "${project_name}" ]]; then
7684
printf "ERROR: a project name must be given.\n"
@@ -83,13 +91,16 @@ repo() {
8391
exit 1
8492
fi
8593

94+
local pw_store_path="bots/${project_name}/${GITHUB_PASS_DOMAIN}"
95+
local bot_token=$(passw cbi "${pw_store_path}/api-token")
96+
8697
echo "Creating repo webhook..."
8798

8899
local response
89100
response="$(curl -sS\
90101
-X POST \
91102
-H "Accept: application/vnd.github+json" \
92-
-H "Authorization: Bearer ${TOKEN}"\
103+
-H "Authorization: Bearer ${bot_token}"\
93104
-H "X-GitHub-Api-Version: 2022-11-28" \
94105
"https://api.github.com/repos/${repo}/hooks" \
95106
-d '{"name":"web","active":true,"events":'${EVENTS}',"config":{"url":"'${webhook_url}'","content_type":"json"}}')"

0 commit comments

Comments
 (0)