Merge branch 'development' into feature/context-provider-command

2025-07-04 10:18:31 +00:00 · 2020-10-17 20:21:30 +02:00 · 2020-10-17 20:21:30 +02:00 · eece0137ef
commit eece0137ef
parent 08b351605d 67c317e741
25 changed files with 766 additions and 477 deletions
--- a/docs/Hook-Definition.md
+++ b/docs/Hook-Definition.md
@ -1,5 +1,6 @@
 # Hook definition
-Hooks are defined as JSON objects. Please note that in order to be considered valid, a hook object must contain the `id` and `execute-command` properties. All other properties are considered optional.
+
+Hooks are defined as objects in the JSON or YAML hooks configuration file. Please note that in order to be considered valid, a hook object must contain the `id` and `execute-command` properties. All other properties are considered optional.

 ## Properties (keys)

--- a/docs/Hook-Examples.md
+++ b/docs/Hook-Examples.md
@ -1,5 +1,25 @@
-# Hook examples
-This page is still work in progress. Feel free to contribute!
+# Hook Examples
+
+Hooks are defined in a hooks configuration file in either JSON or YAML format,
+although the examples on this page all use the JSON format.
+
+🌱 This page is still a work in progress. Feel free to contribute!
+
+### Table of Contents
+
+* [Incoming Github webhook](#incoming-github-webhook)
+* [Incoming Bitbucket webhook](#incoming-bitbucket-webhook)
+* [Incoming Gitlab webhook](#incoming-gitlab-webhook)
+* [Incoming Gogs webhook](#incoming-gogs-webhook)
+* [Incoming Gitea webhook](#incoming-gitea-webhook)
+* [Slack slash command](#slack-slash-command)
+* [A simple webhook with a secret key in GET query](#a-simple-webhook-with-a-secret-key-in-get-query)
+* [JIRA Webhooks](#jira-webhooks)
+* [Pass File-to-command sample](#pass-file-to-command-sample)
+* [Incoming Scalr Webhook](#incoming-scalr-webhook)
+* [Travis CI webhook](#travis-ci-webhook)
+* [XML Payload](#xml-payload)
+* [Multipart Form Data](#multipart-form-data)

 ## Incoming Github webhook
 ```json
@ -30,7 +50,7 @@ This page is still work in progress. Feel free to contribute!
        {
          "match":
          {
-            "type": "payload-hash-sha1",
+            "type": "payload-hmac-sha1",
            "secret": "mysecret",
            "parameter":
            {
@ -150,7 +170,7 @@ Values in the request body can be accessed in the command or to the match rule b
        {
          "match":
          {
-            "type": "payload-hash-sha256",
+            "type": "payload-hmac-sha256",
            "secret": "mysecret",
            "parameter":
            {
@ -425,6 +445,57 @@ Travis sends webhooks as `payload=<JSON_STRING>`, so the payload needs to be par
 ]
 ```

+## JSON Array Payload
+
+If the JSON payload is an array instead of an object, `webhook` will process the payload and place it into a "root" object.
+Therefore, references to payload values must begin with `root.`.
+
+For example, given the following payload (taken from the Sendgrid Event Webhook documentation):
+```json
+[
+  {
+    "email": "example@test.com",
+    "timestamp": 1513299569,
+    "smtp-id": "<14c5d75ce93.dfd.64b469@ismtpd-555>",
+    "event": "processed",
+    "category": "cat facts",
+    "sg_event_id": "sg_event_id",
+    "sg_message_id": "sg_message_id"
+  },
+  {
+    "email": "example@test.com",
+    "timestamp": 1513299569,
+    "smtp-id": "<14c5d75ce93.dfd.64b469@ismtpd-555>",
+    "event": "deferred",
+    "category": "cat facts",
+    "sg_event_id": "sg_event_id",
+    "sg_message_id": "sg_message_id",
+    "response": "400 try again later",
+    "attempt": "5"
+  }
+]
+```
+
+A reference to the second item in the array would look like this:
+```json
+[
+  {
+    "id": "sendgrid",
+    "execute-command": "{{ .Hookecho }}",
+    "trigger-rule": {
+      "match": {
+        "type": "value",
+        "parameter": {
+          "source": "payload",
+          "name": "root.1.event"
+        },
+        "value": "deferred"
+      }
+    }
+  }
+]
+```
+
 ## XML Payload

 Given the following payload:
--- a/docs/Hook-Rules.md
+++ b/docs/Hook-Rules.md
@ -1,5 +1,20 @@
 # Hook rules

+### Table of Contents
+
+* [And](#and)
+* [Or](#or)
+* [Not](#not)
+* [Multi-level](#multi-level)
+* [Match](#match)
+  * [Match value](#match-value)
+  * [Match regex](#match-regex)
+  * [Match payload-hmac-sha1](#match-payload-hmac-sha1)
+  * [Match payload-hmac-sha256](#match-payload-hmac-sha256)
+  * [Match payload-hmac-sha512](#match-payload-hmac-sha512)
+  * [Match Whitelisted IP range](#match-whitelisted-ip-range)
+  * [Match scalr-signature](#match-scalr-signature)
+
 ## And
 *And rule* will evaluate to _true_, if and only if all of the sub rules evaluate to _true_.
 ```json
@ -95,7 +110,7 @@
                "source": "header",
                "name": "X-Hub-Signature"
            },
-            "type": "payload-hash-sha1",
+            "type": "payload-hmac-sha1",
            "secret": "mysecret"
        }
    },
@ -135,9 +150,7 @@

 *Please note:* Due to technical reasons, _number_ and _boolean_ values in the _match rule_ must be wrapped around with a pair of quotes.

-There are three different match rules:
-
-### 1. Match value
+### Match value
 ```json
 {
  "match":
@ -153,7 +166,7 @@ There are three different match rules:
 }
 ```

-### 2. Match regex
+### Match regex
 For the regex syntax, check out <http://golang.org/pkg/regexp/syntax/>
 ```json
 {
@ -170,12 +183,13 @@ For the regex syntax, check out <http://golang.org/pkg/regexp/syntax/>
 }
 ```

-### 3. Match payload-hash-sha1
+### Match payload-hmac-sha1
+Validate the HMAC of the payload using the SHA1 hash and the given *secret*.
 ```json
 {
  "match":
  {
-    "type": "payload-hash-sha1",
+    "type": "payload-hmac-sha1",
    "secret": "yoursecret",
    "parameter":
    {
@ -193,12 +207,13 @@ will be tried unless a match is found. For example:
 X-Hub-Signature: sha1=the-first-signature,sha1=the-second-signature
 ```

-### 4. Match payload-hash-sha256
+### Match payload-hmac-sha256
+Validate the HMAC of the payload using the SHA256 hash and the given *secret*.
 ```json
 {
  "match":
  {
-    "type": "payload-hash-sha256",
+    "type": "payload-hmac-sha256",
    "secret": "yoursecret",
    "parameter":
    {
@ -216,12 +231,13 @@ will be tried unless a match is found. For example:
 X-Hub-Signature: sha256=the-first-signature,sha256=the-second-signature
 ```

-### 5. Match payload-hash-sha512
+### Match payload-hmac-sha512
+Validate the HMAC of the payload using the SHA512 hash and the given *secret*.
 ```json
 {
  "match":
  {
-    "type": "payload-hash-sha512",
+    "type": "payload-hmac-sha512",
    "secret": "yoursecret",
    "parameter":
    {
@ -239,7 +255,7 @@ will be tried unless a match is found. For example:
 X-Hub-Signature: sha512=the-first-signature,sha512=the-second-signature
 ```

-### 6. Match Whitelisted IP range
+### Match Whitelisted IP range

 The IP can be IPv4- or IPv6-formatted, using [CIDR notation](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_blocks).  To match a single IP address only, use `/32`.

@ -253,7 +269,7 @@ The IP can be IPv4- or IPv6-formatted, using [CIDR notation](https://en.wikipedi
 }
 ```

-### 7. Match scalr-signature
+### Match scalr-signature

 The trigger rule checks the scalr signature and also checks that the request was signed less than 5 minutes before it was received. 
 A unqiue signing key is generated for each webhook endpoint URL you register in Scalr.
@ -267,4 +283,4 @@ Given the time check make sure that NTP is enabled on both your Scalr and webhoo
    "secret": "Scalr-provided signing key"
  }
 }
-```
+```
--- a/docs/Templates.md
+++ b/docs/Templates.md
@ -1,12 +1,12 @@
 # Templates in Webhook

-[`webhook`][w] can parse the `hooks.json` input file as a Go template when given the `-template` [CLI parameter](Webhook-Parameters.md).
+[`webhook`][w] can parse a hooks configuration file as a Go template when given the `-template` [CLI parameter](Webhook-Parameters.md).

-In additional to the [built-in Go template functions and features][tt], `webhook` provides a `getenv` template function for inserting environment variables into a `hooks.json` file.
+In additional to the [built-in Go template functions and features][tt], `webhook` provides a `getenv` template function for inserting environment variables into a templated configuration file.

 ## Example Usage

-In the example `hooks.json` file below, the `payload-hash-sha1` matching rule looks up the secret hash from the environment using the `getenv` template function.
+In the example JSON template file below (YAML is also supported), the `payload-hmac-sha1` matching rule looks up the HMAC secret from the environment using the `getenv` template function.
 Additionally, the result is piped through the built-in Go template function `js` to ensure that the result is a well-formed Javascript/JSON string.

 ```
@ -44,7 +44,7 @@ Additionally, the result is piped through the built-in Go template function `js`
        {
          "match":
          {
-            "type": "payload-hash-sha1",
+            "type": "payload-hmac-sha1",
            "secret": "{{ getenv "XXXTEST_SECRET" | js }}",
            "parameter":
            {