Skip to content

Creating hooks with a secret token #170

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dj-wasabi opened this issue Oct 22, 2016 · 10 comments
Closed

Creating hooks with a secret token #170

dj-wasabi opened this issue Oct 22, 2016 · 10 comments
Labels
enhancement

Comments

@dj-wasabi
Copy link

I'm busy with creating some Ansible modules for doing things like, creating groups, users and projects in Gitlab. That all works perfectly, but now I'm busy with adding a webhook to a project. And specifically, configuring a webhook with a secret token.

Is this possible? I can't find it in the documentation. I was hoping to create a webhook with a secret token and I hope to be able to validate if the token is what it supposed to be.

Thanks in advance.
@gpocentek
Copy link
Contributor

From what I see in the docs and in the gitlab code defining a token for a hook is not supported by the Gitlab API, so I will not be able to add this feature in python-gitlab.

You can probably report a bug on Gitlab to request this feature.

@gpocentek
Copy link
Contributor

FYI: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7063

@dj-wasabi
Copy link
Author

Many thanks! Hope that it will be merged soon. 👍

@smcgivern
Copy link

@dj-wasabi I've just picked this up, I hope to get it in GitLab 8.14. I have one question for you:

I was hoping to create a webhook with a secret token and I hope to be able to validate if the token is what it supposed to be.

The way I'm implementing this is that we don't echo the token back, would this be a blocker for you? We don't show the token in the UI, so I'd like the API and UI to be consistent - and only showing the token on update adds some extra complexity to the API. Let me know what you think!

@pelallemant
Copy link

@smcgivern You don't have to make the token public. In the UI you can't look at it once you created the webhook, you should not allow the token to be available when fetching webhooks.

@dj-wasabi
Copy link
Author

@smcgivern No, its not a big deal. I only want to create a webhook and configure a secret token. If is not a big deal if I can read it, I just can update the Ansible module with a extra option to force the secret token update on every run or not.

@smcgivern
Copy link

This has been merged, it will be in GitLab 8.14: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7220

Thanks @gpocentek!

@gpocentek
Copy link
Contributor

@smcgivern Great! thank you :)

rymai added a commit to gitlabhq/gitlabhq that referenced this issue Nov 2, 2016
@rymai
Merge branch 'gpocentek/gitlab-ce-api-webhook-token' into 'master'
2023511 
This MR adds support for the `token` attribute in the project hook API.

Feature requested on a dependant project: python-gitlab/python-gitlab#170

See merge request !7220
@dj-wasabi
Copy link
Author

Thanks al!

@drzraf
Copy link

drzraf commented May 6, 2018

@dj-wasabi https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7220#note_71782207

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 9, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@smcgivern @drzraf @dj-wasabi @gpocentek @pelallemant