cursorius/webhooks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add repository vulnerability alert event

Browse Source
This commit is contained in:
jrousseau
2019-05-22 14:09:39 +02:00
parent 6edb377cee
commit 43ffb318d2
4 changed files with 120 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files
github/github.go
+42 -37
View File
@@ -28,43 +28,44 @@ type Event string
// GitHub hook types
const (
CheckRunEvent Event = "check_run"
CheckSuiteEvent Event = "check_suite"
CommitCommentEvent Event = "commit_comment"
CreateEvent Event = "create"
DeleteEvent Event = "delete"
DeploymentEvent Event = "deployment"
DeploymentStatusEvent Event = "deployment_status"
ForkEvent Event = "fork"
GollumEvent Event = "gollum"
InstallationEvent Event = "installation"
InstallationRepositoriesEvent Event = "installation_repositories"
IntegrationInstallationEvent Event = "integration_installation"
IssueCommentEvent Event = "issue_comment"
IssuesEvent Event = "issues"
LabelEvent Event = "label"
MemberEvent Event = "member"
MembershipEvent Event = "membership"
MilestoneEvent Event = "milestone"
OrganizationEvent Event = "organization"
OrgBlockEvent Event = "org_block"
PageBuildEvent Event = "page_build"
PingEvent Event = "ping"
ProjectCardEvent Event = "project_card"
ProjectColumnEvent Event = "project_column"
ProjectEvent Event = "project"
PublicEvent Event = "public"
PullRequestEvent Event = "pull_request"
PullRequestReviewEvent Event = "pull_request_review"
PullRequestReviewCommentEvent Event = "pull_request_review_comment"
PushEvent Event = "push"
ReleaseEvent Event = "release"
RepositoryEvent Event = "repository"
SecurityAdvisoryEvent Event = "security_advisory"
StatusEvent Event = "status"
TeamEvent Event = "team"
TeamAddEvent Event = "team_add"
WatchEvent Event = "watch"
CheckRunEvent Event = "check_run"
CheckSuiteEvent Event = "check_suite"
CommitCommentEvent Event = "commit_comment"
CreateEvent Event = "create"
DeleteEvent Event = "delete"
DeploymentEvent Event = "deployment"
DeploymentStatusEvent Event = "deployment_status"
ForkEvent Event = "fork"
GollumEvent Event = "gollum"
InstallationEvent Event = "installation"
InstallationRepositoriesEvent Event = "installation_repositories"
IntegrationInstallationEvent Event = "integration_installation"
IssueCommentEvent Event = "issue_comment"
IssuesEvent Event = "issues"
LabelEvent Event = "label"
MemberEvent Event = "member"
MembershipEvent Event = "membership"
MilestoneEvent Event = "milestone"
OrganizationEvent Event = "organization"
OrgBlockEvent Event = "org_block"
PageBuildEvent Event = "page_build"
PingEvent Event = "ping"
ProjectCardEvent Event = "project_card"
ProjectColumnEvent Event = "project_column"
ProjectEvent Event = "project"
PublicEvent Event = "public"
PullRequestEvent Event = "pull_request"
PullRequestReviewEvent Event = "pull_request_review"
PullRequestReviewCommentEvent Event = "pull_request_review_comment"
PushEvent Event = "push"
ReleaseEvent Event = "release"
RepositoryEvent Event = "repository"
RepositoryVulnerabilityAlertEvent Event = "repository_vulnerability_alert"
SecurityAdvisoryEvent Event = "security_advisory"
StatusEvent Event = "status"
TeamEvent Event = "team"
TeamAddEvent Event = "team_add"
WatchEvent Event = "watch"
)
// EventSubtype defines a GitHub Hook Event subtype
@@ -289,6 +290,10 @@ func (hook Webhook) Parse(r *http.Request, events ...Event) (interface{}, error)
var pl RepositoryPayload
err = json.Unmarshal([]byte(payload), &pl)
return pl, err
case RepositoryVulnerabilityAlertEvent:
var pl RepositoryVulnerabilityAlertPayload
err = json.Unmarshal([]byte(payload), &pl)
return pl, err
case SecurityAdvisoryEvent:
var pl SecurityAdvisoryPayload
err = json.Unmarshal([]byte(payload), &pl)
github/github_test.go
+11 -1
View File
@@ -453,13 +453,23 @@ func TestWebhooks(t *testing.T) {
"X-Hub-Signature": []string{"sha1=df442a8af41edd2d42ccdd997938d1d111b0f94e"},
},
},
{
name: "RepositoryVulnerabilityAlertEvent",
event: RepositoryVulnerabilityAlertEvent,
typ: RepositoryVulnerabilityAlertPayload{},
filename: "../testdata/github/repository-vulnerability-alert.json",
headers: http.Header{
"X-Github-Event": []string{"repository_vulnerability_alert"},
"X-Hub-Signature": []string{"sha1=c42c0649e7e06413bcd756763edbab48dff400db"},
},
},
{
name: "SecurityAdvisoryEvent",
event: SecurityAdvisoryEvent,
typ: SecurityAdvisoryPayload{},
filename: "../testdata/github/security-advisory.json",
headers: http.Header{
"X-Github-Event": []string{"security_advisory"},
"X-Github-Event": []string{"security_advisory"},
"X-Hub-Signature": []string{"sha1=6a71f24fa69f55469843a91dc3a5c3e29714a565"},
},
},
github/payload.go
+34
View File
@@ -5260,6 +5260,40 @@ type RepositoryPayload struct {
} `json:"sender"`
}
// RepositoryVulnerabilityAlertEvent contains the information for GitHub's repository_vulnerability_alert hook event.
type RepositoryVulnerabilityAlertPayload struct {
Action string `json:"action"`
Alert struct {
ID int64 `json:"id"`
Summary string `json:"summary"`
AffectedRange string `json:"affected_range"`
AffectedPackageName string `json:"affected_package_name"`
ExternalReference string `json:"external_reference"`
ExternalIdentifier string `json:"external_identifier"`
FixedIn string `json:"fixed_in"`
Dismisser struct {
Login string `json:"login"`
ID int64 `json:"id"`
NodeID string `json:"node_id"`
AvatarURL string `json:"avatar_url"`
GravatarID string `json:"gravatar_id"`
URL string `json:"url"`
HTMLURL string `json:"html_url"`
FollowersURL string `json:"followers_url"`
FollowingURL string `json:"following_url"`
GistsURL string `json:"gists_url"`
StarredURL string `json:"starred_url"`
SubscriptionsURL string `json:"subscriptions_url"`
OrganizationsURL string `json:"organizations_url"`
ReposURL string `json:"repos_url"`
EventsURL string `json:"events_url"`
ReceivedEventsURL string `json:"received_events_url"`
Type string `json:"type"`
SiteAdmin bool `json:"site_admin"`
} `json:"dismisser"`
} `json:"alert"`
}
// SecurityAdvisoryPayload contains the information for GitHub's security_advisory hook event.
type SecurityAdvisoryPayload struct {
Action string `json:"action"`
testdata/github/repository-vulnerability-alert.json
Vendored
+33
View File
@@ -0,0 +1,33 @@
{
"action": "dismiss",
"alert": {
"id": 7649605,
"affected_range": "0.2.0",
"affected_package_name": "many_versioned_gem",
"external_reference": "https://nvd.nist.gov/vuln/detail/CVE-2018-3728",
"external_identifier": "CVE-2018-3728",
"fixed_in": "0.2.5",
"dismisser": {
"login":"octocat",
"id":1,
"node_id": "MDQ6VXNlcjIxMDMxMDY3",
"avatar_url":"https://github.com/images/error/octocat_happy.gif",
"gravatar_id":"",
"url":"https://api.github.com/users/octocat",
"html_url":"https://github.com/octocat",
"followers_url":"https://api.github.com/users/octocat/followers",
"following_url":"https://api.github.com/users/octocat/following{/other_user}",
"gists_url":"https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url":"https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url":"https://api.github.com/users/octocat/subscriptions",
"organizations_url":"https://api.github.com/users/octocat/orgs",
"repos_url":"https://api.github.com/users/octocat/repos",
"events_url":"https://api.github.com/users/octocat/events{/privacy}",
"received_events_url":"https://api.github.com/users/octocat/received_events",
"type":"User",
"site_admin":true
},
"dismiss_reason": "No bandwidth to fix this",
"dismissed_at": "2017-10-25T00:00:00+00:00"
}
}