github: store secret in config file

This commit is contained in:
Antoine Martin 2021-09-12 20:27:05 +02:00
parent cd6badb9a0
commit 5e14944fb6
3 changed files with 7 additions and 3 deletions

View file

@ -17,4 +17,6 @@ pub struct ProloloConfig {
/// ID of the Matrix room where the bot should post messages. The bot will only accept /// ID of the Matrix room where the bot should post messages. The bot will only accept
/// invitations to this room. /// invitations to this room.
pub matrix_room_id: RoomId, pub matrix_room_id: RoomId,
/// Secret used to verify HMAC signature of GitHub webhooks
pub github_secret: String,
} }

View file

@ -14,7 +14,7 @@ mod config;
use config::ProloloConfig; use config::ProloloConfig;
mod webhooks; mod webhooks;
use webhooks::{github_webhook, EventSender}; use webhooks::{github::GitHubSecret, github_webhook, EventSender};
#[derive(Clap)] #[derive(Clap)]
#[clap(version = "0.1")] #[clap(version = "0.1")]
@ -35,6 +35,7 @@ async fn main() -> anyhow::Result<()> {
.context("couldn't parse config file")?; .context("couldn't parse config file")?;
let (sender, receiver) = unbounded_channel(); let (sender, receiver) = unbounded_channel();
let github_secret = config.github_secret.clone();
let prololo = Prololo::new(config).context("failed to create prololo bot")?; let prololo = Prololo::new(config).context("failed to create prololo bot")?;
prololo.init().await.context("failed to init prololo bot")?; prololo.init().await.context("failed to init prololo bot")?;
@ -42,6 +43,7 @@ async fn main() -> anyhow::Result<()> {
let rocket = rocket::build() let rocket = rocket::build()
.mount("/", routes![github_webhook]) .mount("/", routes![github_webhook])
.manage(EventSender(sender)); .manage(EventSender(sender))
.manage(GitHubSecret(github_secret));
rocket.launch().await.map_err(|err| anyhow::anyhow!(err)) rocket.launch().await.map_err(|err| anyhow::anyhow!(err))
} }

View file

@ -15,7 +15,7 @@ use crate::webhooks::{Event, EventSender};
const X_GITHUB_EVENT: &str = "X-GitHub-Event"; const X_GITHUB_EVENT: &str = "X-GitHub-Event";
struct GitHubSecret(String); pub struct GitHubSecret(pub String);
#[rocket::post("/api/webhooks/github", data = "<payload>")] #[rocket::post("/api/webhooks/github", data = "<payload>")]
pub fn github_webhook( pub fn github_webhook(