Dokploy/dokploy
1
0
Fork 0
mirror of https://github.com/Dokploy/dokploy synced 2025-06-26 18:27:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(webhooks): update github webhook validation

Browse Source
This commit is contained in:
Mauricio Siu
2024-09-01 14:51:03 -06:00
parent e609714f1e
commit f05c811bdc
2 changed files with 106 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
apps/dokploy/pages/api/deploy/github.ts
View File

@@ -1,6 +1,6 @@
import { findAdmin } from "@/server/api/services/admin";
import { db } from "@/server/db";
import { applications, compose } from "@/server/db/schema";
import { applications, compose, githubProvider } from "@/server/db/schema";
import type { DeploymentJob } from "@/server/queues/deployments-queue";
import { myQueue } from "@/server/queues/queueSetup";
import { Webhooks } from "@octokit/webhooks";
@@ -19,18 +19,26 @@ export default async function handler(
return;
}
if (!admin.githubWebhookSecret) {
res.status(200).json({ message: "Github Webhook Secret not set" });
const signature = req.headers["x-hub-signature-256"];
const github = req.body;
const githubResult = await db.query.githubProvider.findFirst({
where: eq(githubProvider.githubInstallationId, github.installation.id),
});
if (!githubResult) {
res.status(400).json({ message: "Github Installation not found" });
return;
}
if (!githubResult.githubWebhookSecret) {
res.status(400).json({ message: "Github Webhook Secret not set" });
return;
}
const webhooks = new Webhooks({
secret: admin.githubWebhookSecret,
secret: githubResult.githubWebhookSecret,
});
const signature = req.headers["x-hub-signature-256"];
const github = req.body;
const verified = await webhooks.verify(
JSON.stringify(github),
signature as string,