[154477] contrib/buildbot-test

larryv at macports.org larryv at macports.org
Sun Oct 30 21:41:25 CET 2016 

Revision: 154477
          https://trac.macports.org/changeset/154477
Author:   larryv at macports.org
Date:     2016-10-30 21:41:25 +0100 (Sun, 30 Oct 2016)
Log Message:
-----------
buildbot: Store GitHub webhook secret in a text file

Apparently we want to publish our Buildbot config.json at some point, so
we can't store the secret there.

Modified Paths:
--------------
    contrib/buildbot-test/config.json.sample
    contrib/buildbot-test/master.cfg

Modified: contrib/buildbot-test/config.json.sample
===================================================================
--- contrib/buildbot-test/config.json.sample	2016-10-30 20:29:41 UTC (rev 154476)
+++ contrib/buildbot-test/config.json.sample	2016-10-30 20:41:25 UTC (rev 154477)
@@ -2,7 +2,6 @@
     "production":   false,
     "privkey":      "/var/keys/macports-privkey.pem",
     "buildboturl":  "http://domain.tld:8010/",
-    "githubsecret": "TOPSECRET",
     "slaveprefix":  "/opt/local",
     "toolsprefix":  "/opt/mports",
     "deploy": {

Modified: contrib/buildbot-test/master.cfg
===================================================================
--- contrib/buildbot-test/master.cfg	2016-10-30 20:29:41 UTC (rev 154476)
+++ contrib/buildbot-test/master.cfg	2016-10-30 20:41:25 UTC (rev 154477)
@@ -58,7 +58,7 @@
     'htpasswdfile': _path('htpasswd'),
 
     # GitHub. Repository URLs must have the ".git" suffix.
-    'githubsecret': '',
+    'githubsecretfile': _path('github.secret'),
     'baseurl': 'https://github.com/macports/macports-base.git',
     'mpbburl': 'https://github.com/macports/mpbb.git',
     'portsurl': 'https://github.com/macports/macports-ports.git',
@@ -143,10 +143,12 @@
 # [4]: https://developer.github.com/webhooks
 
 if config['production']:
+    with open(config['githubsecretfile']) as f:
+        githubsecret = f.readline().rstrip('\n')
     change_hook_kwargs = {
         'change_hook_dialects': {
             'github': {
-                'secret': config['githubsecret'].encode('utf-8'),
+                'secret': githubsecret,
                 'strict': True
                 }
             }
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macports.org/pipermail/macports-changes/attachments/20161030/4dac0a96/attachment-0002.html>

More information about the macports-changes mailing list