OpenShift Gogs Configuration: Difference between revisions
| Line 11: | Line 11: | ||
Repository -> Settings -> Webhooks -> Add Webhook | Repository -> Settings -> Webhooks -> Add Webhook | ||
Payload URL: https://openshift.default.svc.cluster.local/oapi/v1/namespaces/<''project-name''>/buildconfigs/<''buildconfig-name''>/webhooks/generic | Payload URL: https://openshift.default.svc.cluster.local/oapi/v1/namespaces/<''project-name''>/buildconfigs/<''buildconfig-name''>/webhooks/<''generic-webhook-secret-value''>/generic | ||
Content Type: application/json | Content Type: application/json | ||
When should this webhook be triggered | Secret: the same value that was used in the URL, though it is not 100% sure that OpenShift uses it. That value will be sent as a SHA256 HMAC hex digest of payload via 'X-Gogs-Signature' header. | ||
"When should this webhook be triggered?" -> Let me choose what I need -> Push | |||
Active. | Active. | ||
Latest revision as of 02:20, 7 December 2017
Internal
Configuration File Location
OpenShift Gogs container gets its configuration from an "app.ini" file that is written on a persistent volume associated with a "cicd/gogs-config" claim. Once the external volume is identified, the configuration file is "app.ini" in the root of the volume.
Configure a Webhook
Repository -> Settings -> Webhooks -> Add Webhook
Payload URL: https://openshift.default.svc.cluster.local/oapi/v1/namespaces/<project-name>/buildconfigs/<buildconfig-name>/webhooks/<generic-webhook-secret-value>/generic
Content Type: application/json
Secret: the same value that was used in the URL, though it is not 100% sure that OpenShift uses it. That value will be sent as a SHA256 HMAC hex digest of payload via 'X-Gogs-Signature' header.
"When should this webhook be triggered?" -> Let me choose what I need -> Push
Active.
Wehook Target Does Not Have a Valid SSL Certificate
When this happens, the webhook delivery attempt produces :
Delivery: Post https://openshift.default.svc.cluster.local/oapi/v1/namespaces/novaordis-dev/buildconfigs/novaordis-session-servlet/webhooks/generic: x509: certificate signed by unknown authority
See
Turn Off TLS Verification when Sending Webhook
Locate the OpenShift Gogs configuration file and add the following at the bottom of it:
[webhook] SKIP_TLS_VERIFY = true
Restart the container. Once the container stabilizes, the following setting should show "on": Verify with: Admin Panel -> Configuration -> Webhook Configuration -> Skip TLS Verify.