Easy way to let RhodeCode inform other applications (Fisheye, Jenkins, etc) about pushed changes

tcsabina · 2018-10-05 07:28:58 UTC

Dear Support,

What is the easiest way to configure a kind of hook between RhodeCode and other applications like Jenkins or Fisheye/Crucible, so RhodeCode can inform these other application that someone pushed something.

Currently we have a setup that all these other application are regularly polling all repos in RhodeCode. But that would be much elegant if RhodeCode could inform these others that there is a change.

I’ve managed to setup a hook between Fisheye and Rhodecode, using the ‘changegroup’ hook. It is an entry in the .hgrc file within the repository’s directory on the RhodeCode server.
But I have some problems with this approach:
Giving direct (login) access to the rhodecode server for users is something I will not do. So it is a manual labor for the system admin for all repository, which is cumbersome.

Is there a way to configure these hooks on the web interface?

Or alternatively, if hooks are not the best thing for this, what shall we use?

Kind regards,
Tamas

tcsabina · 2018-10-05 07:31:36 UTC

This is the hook that can trigger a Fisheye/Crucible update if there is a push on a particular repository:

[hooks]
changegroup = /usr/bin/curl -X PUT -H “X-Api-Key: 5ff05a009046--------------------d86dde52” -H “Content-Type: application/json” http://server1/fisheye/rest-service-fecru/admin/repositories/my_repo/incremental-index

API key, server- and repository name changed for confidential reasons.

marcin · 2018-10-05 08:34:03 UTC

Jenkins has a dedicated integration in EE edition, so using the integration framework you can just check the push type event, and configure Jenkins endpoint.

The second case can be done via Webhook integration. You simply specify the endpoint URL template:
e.g http://server1/fisheye/rest-service-fecru/admin/repositories/${repo_name}/incremental-index

And this global webhook will call this endpoint replacing repo_name with specific repository name from RhodeCode.

It allows setting a custom Header and also triggering a call using BasicAuth

Hope this helps,

tcsabina · 2018-10-15 23:12:04 UTC

Hi Marcin,

Sorry for the late reply, but I was not able to pick this up sooner…

Anyways, I am not able to make this working .
I am playing around with the Fisheye/Crucible trigger first (leaving now Jenkins).
I’ve created a webhook
Defined the URL
Defined the Custom Header Key: X-Api-Key
Defined the Custom Header Value:
Call method: POST
Events: repository push

no secret token
no username+password
I don’t think I need these, as the curl way of triggering from the command line works fine without any secret token or user+password.

But pushing to a repo where this webhook is assigned does not trigger a Fisheye/Crucible scan.

I am not sure if the webhook not called at all, or the Fisheye server ignores the incoming stuff. How could I debug this? Is there a dedicated log file for webhooks? Are the webhook calls/executions logged at all?

Thanks,
Tamas

marcin · 2018-10-16 07:38:22 UTC

If you enable DEBUG log-level (https://docs.rhodecode.com/RhodeCode-Enterprise/admin/enable-debug.html#debug-and-logging-configuration)

You’ll be able to see the request and response in details. That should help getting this sorted out

tcsabina · 2018-10-23 20:05:21 UTC

Hi Marcin,

I got a bit further:
I’ve managed to discover and solve 1 problem:
The repositories are in a repository group. Because of this, the {repo_name) becomes repo_group/repo_name. This was a problem as under Fisheye the "repo_group" string in the url was not valid. I came across this by defining an extra field (repo_shortname) for the repository, and using the {extra:repo_shortname) in the url of the webhook.

However there is another issue that I cannot seem to solve:
the defined custom header key and value seems not to be passed to the webhook. Whenever there is a push, rhodecode simply tries to access the defined url, but without these extra fields.
And without these extra fields Fisheye simple replies with a 405.

My assumption that the extra custom header key and value is not passed is simply based on the log. I don’t see these extra fields in the log file, only see that there is an http access.

Is the log reliable? If the extra custom header is not in the log, could we agree that it is not passed?

If yes, why is the custom header key+value is not passed whenever the webhook is triggered?
If no, how can I check if the custom header key+value is passed? Based on Fisheye reply (405), it is a pure http access attempt without the extra stuff…

Thanks in advance,
Tamas

marcin · 2018-10-23 20:19:20 UTC

Hi Tamas,

The headers aren’t shown in the logs for security purpose. They might contain sensitive information, thus we don’t show this in logs which shouldn’t store/show any passwords or other sensitive information.

Based on the code, the headers should be properly sent, but both key and value must be set.
Here’s the pre-call headers composition: https://code.rhodecode.com/rhodecode-enterprise-ce/files/59b28fe5e1537b44b6be2a8c706f64a8f7af0e6f/rhodecode/integrations/types/webhook.py#L258

Probably you could edit this file in your installation and add some extra logging into that line to make sure things are sent properly.

Best,