Triggering Statis builds via GitLab Webhook

Triggering Statis builds via GitLab Webhook

In our "old" Jenkins set-up things were simple: The Jenkins master and Satis were running on the same host thus Jenkins could easily invoke Satis via a command-line call. Unfortunately GitLab does not allow that. The only option which is currently available in GitLab is to trigger Satis via a webhook. Neither Satis itself or Satisfy which we actually use provide support for webhooks. Thus we extended Satisfy with a simple controller which invokes the Satis cli command. Definitely not the best solution but it works for us.

To make things a bit more secure we added a check for the secret token that Gitlab can send along when calling a webhook. Additionally the server does only accept connections from our internal network:

if ($request->headers->get('X-Gitlab-Token') !== 
    $app['']) {
    return new JsonResponse([
        'message' => 'Not authenticated, X-Gitlab-Token is invalid.'
    ], Response::HTTP_UNAUTHORIZED);

Since GitLab sends multiple requests during a build - we currently only listen for build events - we need to check the status field in the request for a value of "success". Whenever a build fails we do not want to trigger a Satis rebuild:

if ($request->request->get('build_status') !== 'success') { 
    return new JsonResponse([ 'message' => 'Invalid build status.' ]); 

Tags: , ,

Eintrag von Stephan Hochdörfer am 23.02.2017

comments powered by Disqus