OpenShift Gogs Configuration: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
 
Line 11: Line 11:
Repository -> Settings -> Webhooks -> Add Webhook
Repository -> Settings -> Webhooks -> Add Webhook


Payload URL: https&#58;//openshift.default.svc.cluster.local/oapi/v1/namespaces/<''project-name''>/buildconfigs/<''buildconfig-name''>/webhooks/generic
Payload URL: https&#58;//openshift.default.svc.cluster.local/oapi/v1/namespaces/<''project-name''>/buildconfigs/<''buildconfig-name''>/webhooks/<''generic-webhook-secret-value''>/generic


Content Type: application/json
Content Type: application/json


When should this webhook be triggered: Let me choose what I need -> Push
Secret: the same value that was used in the URL, though it is not 100% sure that OpenShift uses it. That value will be sent as a SHA256 HMAC hex digest of payload via 'X-Gogs-Signature' header.
 
"When should this webhook be triggered?" -> Let me choose what I need -> Push


Active.
Active.

Latest revision as of 02:20, 7 December 2017

Internal

Configuration File Location

OpenShift Gogs container gets its configuration from an "app.ini" file that is written on a persistent volume associated with a "cicd/gogs-config" claim. Once the external volume is identified, the configuration file is "app.ini" in the root of the volume.

Configure a Webhook

Repository -> Settings -> Webhooks -> Add Webhook

Payload URL: https://openshift.default.svc.cluster.local/oapi/v1/namespaces/<project-name>/buildconfigs/<buildconfig-name>/webhooks/<generic-webhook-secret-value>/generic

Content Type: application/json

Secret: the same value that was used in the URL, though it is not 100% sure that OpenShift uses it. That value will be sent as a SHA256 HMAC hex digest of payload via 'X-Gogs-Signature' header.

"When should this webhook be triggered?" -> Let me choose what I need -> Push

Active.

Wehook Target Does Not Have a Valid SSL Certificate

When this happens, the webhook delivery attempt produces :

Delivery: Post https://openshift.default.svc.cluster.local/oapi/v1/namespaces/novaordis-dev/buildconfigs/novaordis-session-servlet/webhooks/generic: x509: certificate signed by unknown authority

See

Turn Off TLS Verification when Sending Webhook

Turn Off TLS Verification when Sending Webhook

Locate the OpenShift Gogs configuration file and add the following at the bottom of it:

[webhook]
SKIP_TLS_VERIFY = true

Restart the container. Once the container stabilizes, the following setting should show "on": Verify with: Admin Panel -> Configuration -> Webhook Configuration -> Skip TLS Verify.