Merge branch 'abhinav/CODE-716' of _OKE5H2PQKOUfzFFDuD4FA/default/CODE/gitness (#322)

internal/api/controller/webhook/controller.go

@@ -7,7 +7,6 @@ package webhook
 import (
 	"context"
 	"fmt"
-
 	apiauth "github.com/harness/gitness/internal/api/auth"
 	"github.com/harness/gitness/internal/api/usererror"
 	"github.com/harness/gitness/internal/auth"
@@ -43,9 +42,8 @@ func NewController(
 	webhookService *webhook.Service,
 ) *Controller {
 	return &Controller{
-		allowLoopback:       allowLoopback,
-		allowPrivateNetwork: allowPrivateNetwork,
-
+		allowLoopback:         allowLoopback,
+		allowPrivateNetwork:   allowPrivateNetwork,
 		db:                    db,
 		authorizer:            authorizer,
 		webhookStore:          webhookStore,

internal/api/controller/webhook/create.go

@@ -30,6 +30,7 @@ func (c *Controller) Create(
 	session *auth.Session,
 	repoRef string,
 	in *CreateInput,
+	internal bool,
 ) (*types.Webhook, error) {
 	now := time.Now().UnixMilli()
 
@@ -39,7 +40,7 @@ func (c *Controller) Create(
 	}
 
 	// validate input
-	err = checkCreateInput(in, c.allowLoopback, c.allowPrivateNetwork)
+	err = checkCreateInput(in, c.allowLoopback, c.allowPrivateNetwork || internal)
 	if err != nil {
 		return nil, err
 	}
@@ -53,6 +54,7 @@ func (c *Controller) Create(
 		Updated:    now,
 		ParentID:   repo.ID,
 		ParentType: enum.WebhookParentRepo,
+		Internal:   internal,
 
 		// user input
 		DisplayName:           in.DisplayName,

internal/api/handler/webhook/create.go

@@ -32,7 +32,7 @@ func HandleCreate(webhookCtrl *webhook.Controller) http.HandlerFunc {
 			return
 		}
 
-		hook, err := webhookCtrl.Create(ctx, session, repoRef, in)
+		hook, err := webhookCtrl.Create(ctx, session, repoRef, in, false)
 		if err != nil {
 			render.TranslatedUserError(w, err)
 			return

internal/router/api.go

@@ -288,7 +288,7 @@ func setupRepos(r chi.Router,
 
 			SetupPullReq(r, pullreqCtrl)
 
-			SetupWebhook(r, webhookCtrl)
+			setupWebhook(r, webhookCtrl)
 
 			SetupChecks(r, checkCtrl)
 		})
@@ -401,7 +401,7 @@ func SetupPullReq(r chi.Router, pullreqCtrl *pullreq.Controller) {
 	})
 }
 
-func SetupWebhook(r chi.Router, webhookCtrl *webhook.Controller) {
+func setupWebhook(r chi.Router, webhookCtrl *webhook.Controller) {
 	r.Route("/webhooks", func(r chi.Router) {
 		r.Post("/", handlerwebhook.HandleCreate(webhookCtrl))
 		r.Get("/", handlerwebhook.HandleList(webhookCtrl))

internal/services/webhook/service.go

@@ -78,6 +78,9 @@ type Service struct {
 	secureHTTPClient   *http.Client
 	insecureHTTPClient *http.Client
 
+	secureHTTPClientInternal   *http.Client
+	insecureHTTPClientInternal *http.Client
+
 	config Config
 }
 
@@ -102,6 +105,9 @@ func NewService(ctx context.Context, config Config,
 		secureHTTPClient:   newHTTPClient(config.AllowLoopback, config.AllowPrivateNetwork, false),
 		insecureHTTPClient: newHTTPClient(config.AllowLoopback, config.AllowPrivateNetwork, true),
 
+		secureHTTPClientInternal:   newHTTPClient(config.AllowLoopback, true, false),
+		insecureHTTPClientInternal: newHTTPClient(config.AllowLoopback, true, true),
+
 		config: config,
 	}
 

internal/services/webhook/trigger.go

@@ -219,9 +219,14 @@ func (s *Service) executeWebhook(ctx context.Context, webhook *types.Webhook, tr
 
 	// Execute HTTP Request (insecure if requested)
 	var resp *http.Response
-	if webhook.Insecure {
+	switch {
+	case webhook.Internal && webhook.Insecure:
+		resp, err = s.insecureHTTPClientInternal.Do(req)
+	case webhook.Internal:
+		resp, err = s.secureHTTPClientInternal.Do(req)
+	case webhook.Insecure:
 		resp, err = s.insecureHTTPClient.Do(req)
-	} else {
+	default:
 		resp, err = s.secureHTTPClient.Do(req)
 	}
 

internal/store/database/migrate/postgres/0021_alter_table_webhook_add_internal_down.sql

@@ -0,0 +1 @@
+ALTER TABLE webhooks DROP COLUMN webhook_internal;

internal/store/database/migrate/postgres/0021_alter_table_webhook_add_internal_up.sql

@@ -0,0 +1,2 @@
+ALTER TABLE webhooks
+    ADD COLUMN webhook_internal BOOLEAN NOT NULL DEFAULT false;

internal/store/database/migrate/sqlite/0021_alter_table_webhook_add_internal_down.sql

@@ -0,0 +1 @@
+ALTER TABLE webhooks DROP COLUMN webhook_internal;

internal/store/database/migrate/sqlite/0021_alter_table_webhook_add_internal_up.sql

@@ -0,0 +1,2 @@
+ALTER TABLE webhooks
+    ADD COLUMN webhook_internal BOOLEAN NOT NULL DEFAULT false;

internal/store/database/webhook.go

@@ -45,6 +45,7 @@ type webhook struct {
 	CreatedBy int64    `db:"webhook_created_by"`
 	Created   int64    `db:"webhook_created"`
 	Updated   int64    `db:"webhook_updated"`
+	Internal  bool     `db:"webhook_internal"`
 
 	DisplayName           string      `db:"webhook_display_name"`
 	Description           string      `db:"webhook_description"`
@@ -72,7 +73,8 @@ const (
 		,webhook_enabled
 		,webhook_insecure
 		,webhook_triggers
-		,webhook_latest_execution_result`
+		,webhook_latest_execution_result
+		,webhook_internal`
 
 	webhookSelectBase = `
 	SELECT` + webhookColumns + `
@@ -116,6 +118,7 @@ func (s *WebhookStore) Create(ctx context.Context, hook *types.Webhook) error {
 			,webhook_insecure
 			,webhook_triggers
 			,webhook_latest_execution_result
+			,webhook_internal
 		) values (
 			:webhook_repo_id
 			,:webhook_space_id
@@ -130,6 +133,7 @@ func (s *WebhookStore) Create(ctx context.Context, hook *types.Webhook) error {
 			,:webhook_insecure
 			,:webhook_triggers
 			,:webhook_latest_execution_result
+			,:webhook_internal
 		) RETURNING webhook_id`
 
 	db := dbtx.GetAccessor(ctx, s.db)
@@ -166,6 +170,7 @@ func (s *WebhookStore) Update(ctx context.Context, hook *types.Webhook) error {
 			,webhook_insecure = :webhook_insecure
 			,webhook_triggers = :webhook_triggers
 			,webhook_latest_execution_result = :webhook_latest_execution_result
+			,webhook_internal = :webhook_internal
 		WHERE webhook_id = :webhook_id and webhook_version = :webhook_version - 1`
 
 	db := dbtx.GetAccessor(ctx, s.db)

types/webhook.go

@@ -19,6 +19,7 @@ type Webhook struct {
 	CreatedBy  int64              `json:"created_by"`
 	Created    int64              `json:"created"`
 	Updated    int64              `json:"updated"`
+	Internal   bool               `json:"-"`
 
 	DisplayName           string                       `json:"display_name"`
 	Description           string                       `json:"description"`