OpenShift Gogs Configuration: Difference between revisions
(11 intermediate revisions by the same user not shown) | |||
Line 2: | Line 2: | ||
* [[OpenShift_Gogs#Subjects|OpenShift Gogs]] | * [[OpenShift_Gogs#Subjects|OpenShift Gogs]] | ||
=Configuration File Location= | |||
OpenShift Gogs container gets its configuration from an "app.ini" file that is written on a persistent volume associated with a "cicd/gogs-config" claim. Once the external volume is identified, the configuration file is "app.ini" in the root of the volume. | |||
=Configure a Webhook= | =Configure a Webhook= | ||
Line 7: | Line 11: | ||
Repository -> Settings -> Webhooks -> Add Webhook | Repository -> Settings -> Webhooks -> Add Webhook | ||
Payload URL: https://openshift.default.svc.cluster.local/oapi/v1/namespaces/<''project-name''>/buildconfigs/<''buildconfig-name''>/webhooks/<''generic-webhook-secret-value''>/generic | |||
Content Type: application/json | |||
Secret: the same value that was used in the URL, though it is not 100% sure that OpenShift uses it. That value will be sent as a SHA256 HMAC hex digest of payload via 'X-Gogs-Signature' header. | |||
When should this webhook be triggered | "When should this webhook be triggered?" -> Let me choose what I need -> Push | ||
Active. | Active. | ||
==Wehook Target Does Not Have a Valid SSL Certificate== | |||
When this happens, the webhook delivery attempt produces : | |||
Delivery: Post https://openshift.default.svc.cluster.local/oapi/v1/namespaces/novaordis-dev/buildconfigs/novaordis-session-servlet/webhooks/generic: x509: certificate signed by unknown authority | |||
See {{Internal|OpenShift_Gogs_Configuration#Turn_Off_TLS_Verification_when_Sending_Webhook|Turn Off TLS Verification when Sending Webhook}} | |||
=Turn Off TLS Verification when Sending Webhook= | |||
Locate the [[OpenShift_Gogs_Configuration#Configuration_File_Location|OpenShift Gogs configuration file]] and add the following at the bottom of it: | |||
[webhook] | |||
SKIP_TLS_VERIFY = true | |||
Restart the container. Once the container stabilizes, the following setting should show "on": Verify with: Admin Panel -> Configuration -> Webhook Configuration -> Skip TLS Verify. |
Latest revision as of 02:20, 7 December 2017
Internal
Configuration File Location
OpenShift Gogs container gets its configuration from an "app.ini" file that is written on a persistent volume associated with a "cicd/gogs-config" claim. Once the external volume is identified, the configuration file is "app.ini" in the root of the volume.
Configure a Webhook
Repository -> Settings -> Webhooks -> Add Webhook
Payload URL: https://openshift.default.svc.cluster.local/oapi/v1/namespaces/<project-name>/buildconfigs/<buildconfig-name>/webhooks/<generic-webhook-secret-value>/generic
Content Type: application/json
Secret: the same value that was used in the URL, though it is not 100% sure that OpenShift uses it. That value will be sent as a SHA256 HMAC hex digest of payload via 'X-Gogs-Signature' header.
"When should this webhook be triggered?" -> Let me choose what I need -> Push
Active.
Wehook Target Does Not Have a Valid SSL Certificate
When this happens, the webhook delivery attempt produces :
Delivery: Post https://openshift.default.svc.cluster.local/oapi/v1/namespaces/novaordis-dev/buildconfigs/novaordis-session-servlet/webhooks/generic: x509: certificate signed by unknown authority
See
Turn Off TLS Verification when Sending Webhook
Locate the OpenShift Gogs configuration file and add the following at the bottom of it:
[webhook] SKIP_TLS_VERIFY = true
Restart the container. Once the container stabilizes, the following setting should show "on": Verify with: Admin Panel -> Configuration -> Webhook Configuration -> Skip TLS Verify.