Skip to content

Commit

Permalink
Merge pull request #12 from niklasstoffers/dev
Browse files Browse the repository at this point in the history 
Fix token verification, HTTPS middleware and wrong usage of merge request id
  • Loading branch information
@mergify
mergify[bot] authored Dec 13, 2023
2 parents 797dbd6 + c3a7dd9 commit 1ce9388
Show file tree
Hide file tree
Showing 4 changed files with 6 additions and 5 deletions.
2 changes: 1 addition & 1 deletion .env.docker
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ APP_PORT=8000
GITLAB_HOST=https://gitlab.com/
GITLAB_ACCESS_TOKEN=abc
GITLAB_WEBHOOK_TOKEN=abc
TRUSTED_HOSTS_ONLY=true
TRUSTED_HOSTS_ONLY=false
USE_SSL=false
SSL_KEYFILE=/path/to/keyfile
SSL_CERTFILE=/path/to/certfile
Expand Down
1 change: 1 addition & 0 deletions docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ services:
container_name: gitlab-auto-approve
image: gitlab-auto-approve
build: .
restart: always
ports:
- '${APP_PORT}:80'
environment:
Expand Down
2 changes: 1 addition & 1 deletion src/comment_event.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ class ObjectAttributes(BaseModel):
note: str

class MergeRequest(BaseModel):
id: int
iid: int

class CommentEvent(BaseModel):
user: User
Expand Down
6 changes: 3 additions & 3 deletions src/main.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
from urllib.parse import urlparse
import uvicorn

async def verify_token(x_gitlab_token: Annotated[str | None, Header()] = None):
async def verify_token(x_gitlab_token: Annotated[str | None, Header(alias = 'X-Gitlab-Token')] = None):
if x_gitlab_token is None or x_gitlab_token != config.webhook_token:
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)

Expand All @@ -27,15 +27,15 @@ def check_author(event: CommentEvent):

def approve(event: CommentEvent):
project: Project = gl.projects.get(event.project.id)
merge_request: ProjectMergeRequest = project.mergerequests.get(event.merge_request.id)
merge_request: ProjectMergeRequest = project.mergerequests.get(event.merge_request.iid)
if config.approval.message is not None:
merge_request.notes.create({'body': config.approval.message})
merge_request.approve()

app = None
if config.ssl.enable:
app = FastAPI(ssl_keyfile=config.ssl.key_file, ssl_certfile=config.ssl.cert_file)
app.add_middlware(HTTPSRedirectMiddleware)
app.add_middleware(HTTPSRedirectMiddleware)
else:
app = FastAPI()

Expand Down

0 comments on commit 1ce9388

Please sign in to comment.