Refine Webhook trigger event #1325
Comments
Signed-off-by: tdruez <[email protected]>
…1325 Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
|
Currently, the webhook posts the project information and links to the results and summary. I think it would be good to have an option to send the entire results and summary when sending the webhook subscription. This would help in the context of using scancode.io as a purldb scan worker. We can set up multiple workers and give them an access key to purldb and they can get packages to scan and send back the results without requiring purldb to have access back to the scan workers to collect the scans. This simplifies setup for workers as we do not need to have the workers accessible from the internet, they just need to be able to connect to the purldb. We would be able to add more workers to purldb without any input on the purldb side. |
|
If we use more webhooks, I can see how having the possibility to have two web hooks can help: for instance, the scan is sent back to PurlDB and also DejaCode |
WebhookSubscription defines the Webhook behavior WebhookDelivery stores historical data about deliveries Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
Signed-off-by: tdruez <[email protected]>
|
The current state from #1338 was merged. There are still a few improvements required:
See also https://docs.github.com/en/webhooks/using-webhooks/validating-webhook-deliveries and https://docs.github.com/en/webhooks/using-webhooks/best-practices-for-using-webhooks |
|
@JonoYang Here's how the callback using webhook is handled in DejaCode:
I think in your case, the Webhook cannot directly callback the main PurlDB app but should instead callback the worker that would send the data to the main PurlDB (as the worker can authenticate with its API KEY) |
* Split the WebhookSubscription model in 2 models #1325 WebhookSubscription defines the Webhook behavior WebhookDelivery stores historical data about deliveries Signed-off-by: tdruez <[email protected]> * Add model migrations #1325 Signed-off-by: tdruez <[email protected]> * Display the Webhook deliveries in the run details view #1325 Signed-off-by: tdruez <[email protected]> * Add support for new Webhook model in API #1325 Signed-off-by: tdruez <[email protected]> * Improve the Webhook related tests #1325 Signed-off-by: tdruez <[email protected]> * Using proper webhookdeliveries for the related name #1325 Signed-off-by: tdruez <[email protected]> * Relate a webhook delivery with a pipeline run #1325 Signed-off-by: tdruez <[email protected]> * Refine API support for webhooks #1325 Signed-off-by: tdruez <[email protected]> * Send scan results to purldb in pipeline run #1287 * Update purldb-scan-worker.py to only create scan projects from download urls and to not track project status Signed-off-by: Jono Yang <[email protected]> * Filter using Q objects #1287 Signed-off-by: Jono Yang <[email protected]> * Move pipeline function logic to scanpipe.pipes.purldb #1287 * Remove poll_run_status Signed-off-by: Jono Yang <[email protected]> * Create test for check_project_run_statuses #1287 Signed-off-by: Jono Yang <[email protected]> * Update test for check_project_run_statuses #1287 Signed-off-by: Jono Yang <[email protected]> * Remove test for get_run_status #1287 Signed-off-by: Jono Yang <[email protected]> * Update project extra_data before executing it #1287 * Print message detailing new jobs from purldb Signed-off-by: Jono Yang <[email protected]> * Use existing queryset methods to get runs #1287 Signed-off-by: Jono Yang <[email protected]> * Update CHANGELOG.rst #1287 Signed-off-by: Jono Yang <[email protected]> * Display message on continue #1287 Signed-off-by: Jono Yang <[email protected]> * Add webhook subscription when creating scan project #1287 Signed-off-by: Jono Yang <[email protected]> * Update URLs #1287 Signed-off-by: Jono Yang <[email protected]> * Remove send_project_results pipeline #1287 Signed-off-by: Jono Yang <[email protected]> * Fix logic display logic #1287 Signed-off-by: Jono Yang <[email protected]> * Get webhook_url from purldb #1287 Signed-off-by: Jono Yang <[email protected]> * Update test expectations #1287 * Bump packageurl-python to 0.15.6 Signed-off-by: Jono Yang <[email protected]> * Update CHANGELOG.rst #1287 Signed-off-by: Jono Yang <[email protected]> * Fix test #1287 Signed-off-by: Jono Yang <[email protected]> --------- Signed-off-by: tdruez <[email protected]> Signed-off-by: Jono Yang <[email protected]> Co-authored-by: tdruez <[email protected]>
See discussion at #1320 (comment)
We need more control on event that trigger the Webhooks.
Also time to revisit #466 and add docs #1027
The text was updated successfully, but these errors were encountered: