OpenShift Gogs Configuration: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
 
(5 intermediate revisions by the same user not shown)
Line 2: Line 2:


* [[OpenShift_Gogs#Subjects|OpenShift Gogs]]
* [[OpenShift_Gogs#Subjects|OpenShift Gogs]]
=Configuration File Location=
OpenShift Gogs container gets its configuration from an "app.ini" file that is written on a persistent volume associated with a "cicd/gogs-config" claim. Once the external volume is identified, the configuration file is "app.ini" in the root of the volume.


=Configure a Webhook=
=Configure a Webhook=
Line 7: Line 11:
Repository -> Settings -> Webhooks -> Add Webhook
Repository -> Settings -> Webhooks -> Add Webhook


Payload URL: https&#58;//openshift.default.svc.cluster.local/oapi/v1/namespaces/<''project-name''>/buildconfigs/<''buildconfig-name''>/webhooks/<''generic-webhook-secret-value''>/generic


Payload URL: https&#58;//openshift.default.svc.cluster.local/oapi/v1/namespaces/<''project-name''>/buildconfigs/<''buildconfig-name''>/webhooks/generic
Content Type: application/json


Content Type: application/json
Secret: the same value that was used in the URL, though it is not 100% sure that OpenShift uses it. That value will be sent as a SHA256 HMAC hex digest of payload via 'X-Gogs-Signature' header.


When should this webhook be triggered: Let me choose what I need -> Push
"When should this webhook be triggered?" -> Let me choose what I need -> Push


Active.
Active.
Line 24: Line 29:
See {{Internal|OpenShift_Gogs_Configuration#Turn_Off_TLS_Verification_when_Sending_Webhook|Turn Off TLS Verification when Sending Webhook}}
See {{Internal|OpenShift_Gogs_Configuration#Turn_Off_TLS_Verification_when_Sending_Webhook|Turn Off TLS Verification when Sending Webhook}}


=Turn Off TLS Verification when Sending Webhook=


Alternative:  
Locate the [[OpenShift_Gogs_Configuration#Configuration_File_Location|OpenShift Gogs configuration file]] and add the following at the bottom of it:


[webhook]
  SKIP_TLS_VERIFY = true
  SKIP_TLS_VERIFY = true


in config map.
Restart the container. Once the container stabilizes, the following setting should show "on": Verify with: Admin Panel -> Configuration -> Webhook Configuration -> Skip TLS Verify.
 
=Turn Off TLS Verification when Sending Webhook=
 
Pass SKIP_TLS_VERIFY=true in the container's environment.
 
Verify with: Admin Panel -> Configuration -> Webhook Configuration -> Skip TLS Verify.

Latest revision as of 02:20, 7 December 2017

Internal

Configuration File Location

OpenShift Gogs container gets its configuration from an "app.ini" file that is written on a persistent volume associated with a "cicd/gogs-config" claim. Once the external volume is identified, the configuration file is "app.ini" in the root of the volume.

Configure a Webhook

Repository -> Settings -> Webhooks -> Add Webhook

Payload URL: https://openshift.default.svc.cluster.local/oapi/v1/namespaces/<project-name>/buildconfigs/<buildconfig-name>/webhooks/<generic-webhook-secret-value>/generic

Content Type: application/json

Secret: the same value that was used in the URL, though it is not 100% sure that OpenShift uses it. That value will be sent as a SHA256 HMAC hex digest of payload via 'X-Gogs-Signature' header.

"When should this webhook be triggered?" -> Let me choose what I need -> Push

Active.

Wehook Target Does Not Have a Valid SSL Certificate

When this happens, the webhook delivery attempt produces :

Delivery: Post https://openshift.default.svc.cluster.local/oapi/v1/namespaces/novaordis-dev/buildconfigs/novaordis-session-servlet/webhooks/generic: x509: certificate signed by unknown authority

See

Turn Off TLS Verification when Sending Webhook

Turn Off TLS Verification when Sending Webhook

Locate the OpenShift Gogs configuration file and add the following at the bottom of it:

[webhook]
SKIP_TLS_VERIFY = true

Restart the container. Once the container stabilizes, the following setting should show "on": Verify with: Admin Panel -> Configuration -> Webhook Configuration -> Skip TLS Verify.