OpenShift Gogs Configuration

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

Internal

Configuration File Location

OpenShift Gogs container gets its configuration from an "app.ini" file that is written on a persistent volume associated with a "cicd/gogs-config" claim. Once the external volume is identified, the configuration file is "app.ini" in the root of the volume.

Configure a Webhook

Repository -> Settings -> Webhooks -> Add Webhook

Payload URL: https://openshift.default.svc.cluster.local/oapi/v1/namespaces/<project-name>/buildconfigs/<buildconfig-name>/webhooks/<generic-webhook-secret-value>/generic

Content Type: application/json

Secret: the same value that was used in the URL, though it is not 100% sure that OpenShift uses it. That value will be sent as a SHA256 HMAC hex digest of payload via 'X-Gogs-Signature' header.

"When should this webhook be triggered?" -> Let me choose what I need -> Push

Active.

Wehook Target Does Not Have a Valid SSL Certificate

When this happens, the webhook delivery attempt produces :

Delivery: Post https://openshift.default.svc.cluster.local/oapi/v1/namespaces/novaordis-dev/buildconfigs/novaordis-session-servlet/webhooks/generic: x509: certificate signed by unknown authority

See

Turn Off TLS Verification when Sending Webhook

Turn Off TLS Verification when Sending Webhook

Locate the OpenShift Gogs configuration file and add the following at the bottom of it:

[webhook]
SKIP_TLS_VERIFY = true

Restart the container. Once the container stabilizes, the following setting should show "on": Verify with: Admin Panel -> Configuration -> Webhook Configuration -> Skip TLS Verify.