Versions Compared

Old Version 1

changes.mady.by.user Karl Henselin

Saved on

compared with

New Version Current

changes.mady.by.user Karl Henselin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This page contains examples of provider match and function scripts for some common providers. 

...

This sample provider match script for Bitbucket validates based on a token passed in the query parameters . Bitbucket server offers hmac encryption similar to Github but Bitbucket Cloud does not at the time of this writing.and on the HMAC secret. 

Bitbucket Provider Match Script
Code Block
languagegroovy
LOG.fine("Evaluating Bitbucket for incoming message");
def match = false;

//Pass this token in a query parameter called 'token'
def bitbucketToken = 'REPLACE_ME';
 
// validating based on token and user agent headers
def userAgent = HTTP_HEADERS.get('user-agent');
def token = QUERY_PARAMS.get('token');
def bitbucketSecret = 'REPLACE_ME';
 
if (token && userAgent)
{
  //validate token matches what we expect in FlexDeploy
  //It's recommended to store the token as an encrypted provider property but it is not done here for completeness sake
  LOG.fine("Using token ${token} and user agent ${userAgent}");
  if (token.equals(bitbucketToken))
  {
    if(userAgent.toLowerCase().equals('bitbucket-webhooks/2.0'))
    {
.equals('bitbucket-webhooks/2.0'))
    {

// perform checks and functions to ensure an incoming message is valid and matches this provider
LOG.fine("Evaluating GitHub for incoming message");
def match = false;


// validating based on GitHub secret
if (HTTP_HEADERS['user-agent'] && HTTP_HEADERS['user-agent'].toLowerCase().contains('github-hookshot'))
{
    //generate hmac string, be sure to replace with your bitbucket secret
    def HMAC_RESULT = HMAC.generateHmacSHA256(FLX_PRISTINE_PAYLOAD, bitbucketSecret);
    def matchRECEIVED_HMAC = trueHTTP_HEADERS['x-hub-signature'];
    }
  }match = RECEIVED_HMAC && RECEIVED_HMAC.contains(HMAC_RESULT);
}
 
LOG.fine("Bitbucket provider is a match: ${match}");
return match;

...

This sample Bitbucket function script manages FlexDeploy builds and project streams with the assumption it will be triggered from a Bitbucket push event. 

Info

Bitbucket does not send changed files in the push event, but that information is available via the diffstat API. The getChangeLogs function will use that API and as such requires a valid user/password to make the api call. It is recommended that BITBUCKET_USER and BITBUCKET_PASSWORD provider properties are created for passing to this function.


Bitbucket Push Function Script

...

This function finds projects affected by a push from Azure Repos, gets the change logs, and builds relevant projects. The Azure push event includes branch created/deleted events, but Azure allows filtering webhooks to send by branch. In this case, webhooks will be received from Azure only for push events from main branches.

Info

Azure Repos does not send changed files in the push event, but that information is available via their commits API. The getChangeLogs function will use that API and as such requires a valid user/personal access token to make the API call. It is recommended that provider properties are created for passing to this function.


Info

AZURE.buildProjects

the AZURE object also includes a simplified buildProjects method like the other providers above which can be used in replacement of the below sample.

...

Code Block
languagegroovy
//Execute FLEXDEPLOY functions on an incoming webhook message
import flexagon.fd.model2.pojo.ScanResultPojo;

def functionName = "sonarqube";
LOG.info("Running function: ${functionName}");
def scanId = PAYLOAD.taskId;
def url = PAYLOAD.project.url;
def projectKey = PAYLOAD.project.key;
def status = PAYLOAD.status;

//Check is success status
boolean isStatusSuccess = status.equalsIgnoreCase('SUCCESS')

//find sonar qube base url
def baseUrl = url.substring(0, url.lastIndexOf('/')); 

//It's recommended to sleep a few seconds for Sonar server to be ready to send the results.
//Prevents the sonar scan from finishing before FlexDeploy processes the endpoint results, in case the scan is very fast.
Thread.sleep(5*1000) // 5 sec sleep

//get sonar results
ScanResultPojo pojo = FLEXDEPLOY.getScanResultForSonarqube(baseUrl,projectKey)

//update scan result
// The project id is the first argument. It is optional. The match to the project is found from the taskId if the projectId isn't given, which works if FlexDeploy kicked off the scan.
FLEXDEPLOY.updateScanResult(null, scanId, pojo, isStatusSuccess)

ServiceNow

See ServiceNow integration Integration with FlexDeploy via Incoming Webhook for more details.

...