Adding upstream version 1.34.4.

Signed-off-by: Daniel Baumann <daniel@debian.org>
2025-05-24 07:26:29 +02:00 · 2025-05-24 07:26:29 +02:00 · 4978089aab
commit 4978089aab
parent e393c3af3f
4963 changed files with 677545 additions and 0 deletions
--- a/plugins/inputs/webhooks/artifactory/artifactory_webhook.go
+++ b/plugins/inputs/webhooks/artifactory/artifactory_webhook.go
@ -0,0 +1,122 @@
+package artifactory
+
+import (
+	"crypto/hmac"
+	"crypto/sha1" //nolint:gosec // G505: Blocklisted import crypto/sha1: weak cryptographic primitive - sha1 hash is what is desired in this case
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+
+	"github.com/gorilla/mux"
+
+	"github.com/influxdata/telegraf"
+)
+
+type Webhook struct {
+	Path   string
+	Secret string
+	acc    telegraf.Accumulator
+	log    telegraf.Logger
+}
+
+// Register registers the webhook with the provided router
+func (awh *Webhook) Register(router *mux.Router, acc telegraf.Accumulator, log telegraf.Logger) {
+	router.HandleFunc(awh.Path, awh.eventHandler).Methods("POST")
+
+	awh.log = log
+	awh.log.Infof("Started webhooks_artifactory on %s", awh.Path)
+	awh.acc = acc
+}
+
+func (awh *Webhook) eventHandler(rw http.ResponseWriter, r *http.Request) {
+	defer r.Body.Close()
+	data, err := io.ReadAll(r.Body)
+	if err != nil {
+		rw.WriteHeader(http.StatusBadRequest)
+		return
+	}
+
+	if awh.Secret != "" && !checkSignature(awh.Secret, data, r.Header.Get("x-jfrog-event-auth")) {
+		awh.log.Error("Failed to check the artifactory webhook auth signature")
+		rw.WriteHeader(http.StatusBadRequest)
+		return
+	}
+
+	bodyFields := make(map[string]interface{})
+	err = json.Unmarshal(data, &bodyFields)
+	if err != nil {
+		rw.WriteHeader(http.StatusBadRequest)
+	}
+	et := fmt.Sprintf("%v", bodyFields["event_type"])
+	ed := fmt.Sprintf("%v", bodyFields["domain"])
+	ne, err := awh.newEvent(data, et, ed)
+
+	if err != nil {
+		rw.WriteHeader(http.StatusBadRequest)
+	}
+	if ne != nil {
+		nm := ne.newMetric()
+		awh.acc.AddFields("artifactory_webhooks", nm.Fields(), nm.Tags(), nm.Time())
+	}
+
+	rw.WriteHeader(http.StatusOK)
+}
+
+type newEventError struct {
+	s string
+}
+
+func (e *newEventError) Error() string {
+	return e.s
+}
+
+func (awh *Webhook) newEvent(data []byte, et, ed string) (event, error) {
+	awh.log.Debugf("New %v domain %v event received", ed, et)
+	switch ed {
+	case "artifact":
+		if et == "deployed" || et == "deleted" {
+			return generateEvent(data, &artifactDeploymentOrDeletedEvent{})
+		}
+		if et == "moved" || et == "copied" {
+			return generateEvent(data, &artifactMovedOrCopiedEvent{})
+		}
+		return nil, &newEventError{"Not a recognized event type"}
+	case "artifact_property":
+		return generateEvent(data, &artifactPropertiesEvent{})
+	case "docker":
+		return generateEvent(data, &dockerEvent{})
+	case "build":
+		return generateEvent(data, &buildEvent{})
+	case "release_bundle":
+		return generateEvent(data, &releaseBundleEvent{})
+	case "distribution":
+		return generateEvent(data, &distributionEvent{})
+	case "destination":
+		return generateEvent(data, &destinationEvent{})
+	}
+
+	return nil, &newEventError{"Not a recognized event type"}
+}
+
+func generateEvent(data []byte, event event) (event, error) {
+	err := json.Unmarshal(data, event)
+	if err != nil {
+		return nil, err
+	}
+	return event, nil
+}
+
+func checkSignature(secret string, data []byte, signature string) bool {
+	return hmac.Equal([]byte(signature), []byte(generateSignature(secret, data)))
+}
+
+func generateSignature(secret string, data []byte) string {
+	mac := hmac.New(sha1.New, []byte(secret))
+	if _, err := mac.Write(data); err != nil {
+		return err.Error()
+	}
+	result := mac.Sum(nil)
+	return "sha1=" + hex.EncodeToString(result)
+}