OpenShift Gogs Configuration: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
No edit summary
 
(14 intermediate revisions by the same user not shown)
Line 2: Line 2:


* [[OpenShift_Gogs#Subjects|OpenShift Gogs]]
* [[OpenShift_Gogs#Subjects|OpenShift Gogs]]
=Configuration File Location=
OpenShift Gogs container gets its configuration from an "app.ini" file that is written on a persistent volume associated with a "cicd/gogs-config" claim. Once the external volume is identified, the configuration file is "app.ini" in the root of the volume.


=Configure a Webhook=
=Configure a Webhook=
Repository -> Settings -> Webhooks -> Add Webhook
Payload URL: https&#58;//openshift.default.svc.cluster.local/oapi/v1/namespaces/<''project-name''>/buildconfigs/<''buildconfig-name''>/webhooks/<''generic-webhook-secret-value''>/generic
Content Type: application/json
Secret: the same value that was used in the URL, though it is not 100% sure that OpenShift uses it. That value will be sent as a SHA256 HMAC hex digest of payload via 'X-Gogs-Signature' header.
"When should this webhook be triggered?" -> Let me choose what I need -> Push
Active.
==Wehook Target Does Not Have a Valid SSL Certificate==
When this happens, the webhook delivery attempt produces :
Delivery: Post https&#58;//openshift.default.svc.cluster.local/oapi/v1/namespaces/novaordis-dev/buildconfigs/novaordis-session-servlet/webhooks/generic: x509: certificate signed by unknown authority
See {{Internal|OpenShift_Gogs_Configuration#Turn_Off_TLS_Verification_when_Sending_Webhook|Turn Off TLS Verification when Sending Webhook}}
=Turn Off TLS Verification when Sending Webhook=
Locate the [[OpenShift_Gogs_Configuration#Configuration_File_Location|OpenShift Gogs configuration file]] and add the following at the bottom of it:
[webhook]
SKIP_TLS_VERIFY = true
Restart the container. Once the container stabilizes, the following setting should show "on": Verify with: Admin Panel -> Configuration -> Webhook Configuration -> Skip TLS Verify.

Latest revision as of 02:20, 7 December 2017

Internal

Configuration File Location

OpenShift Gogs container gets its configuration from an "app.ini" file that is written on a persistent volume associated with a "cicd/gogs-config" claim. Once the external volume is identified, the configuration file is "app.ini" in the root of the volume.

Configure a Webhook

Repository -> Settings -> Webhooks -> Add Webhook

Payload URL: https://openshift.default.svc.cluster.local/oapi/v1/namespaces/<project-name>/buildconfigs/<buildconfig-name>/webhooks/<generic-webhook-secret-value>/generic

Content Type: application/json

Secret: the same value that was used in the URL, though it is not 100% sure that OpenShift uses it. That value will be sent as a SHA256 HMAC hex digest of payload via 'X-Gogs-Signature' header.

"When should this webhook be triggered?" -> Let me choose what I need -> Push

Active.

Wehook Target Does Not Have a Valid SSL Certificate

When this happens, the webhook delivery attempt produces :

Delivery: Post https://openshift.default.svc.cluster.local/oapi/v1/namespaces/novaordis-dev/buildconfigs/novaordis-session-servlet/webhooks/generic: x509: certificate signed by unknown authority

See

Turn Off TLS Verification when Sending Webhook

Turn Off TLS Verification when Sending Webhook

Locate the OpenShift Gogs configuration file and add the following at the bottom of it:

[webhook]
SKIP_TLS_VERIFY = true

Restart the container. Once the container stabilizes, the following setting should show "on": Verify with: Admin Panel -> Configuration -> Webhook Configuration -> Skip TLS Verify.