docs: update notification doc (#782)

apache · Sep 5, 2024 · 35bf1f7 · 35bf1f7
1 parent f3f24c0
commit 35bf1f7
Showing 1 changed file with 31 additions and 11 deletions.
diff --git a/docs/DeveloperManuals/Notifications.md b/docs/DeveloperManuals/Notifications.md
@@ -5,26 +5,46 @@ description: >
 sidebar_position: 4
 ---
 
-## Request
-Example request
-```
-POST /lake/notify?nouce=3-FDXxIootApWxEVtz&sign=424c2f6159bd9e9828924a53f9911059433dc14328a031e91f9802f062b495d5
-
-{"TaskID":39,"PluginName":"jenkins","CreatedAt":"2021-09-30T15:28:00.389+08:00","UpdatedAt":"2021-09-30T15:28:00.785+08:00"}
-```
-
 ## Configuration
-If you want to use the notification feature, you should add two configuration key to `.env` file.
+
+If you want to receive a notification on pipeline finished, you need to add the following two keys to the Environment Variables (i.e. the `.env` file).
 ```shell
 # .env
-# notification request url, e.g.: http://example.com/lake/notify
+# notification request url, e.g.: 
 NOTIFICATION_ENDPOINT=
 # secret is used to calculate signature
 NOTIFICATION_SECRET=
 ```
 
+- `NOTIFICATION_ENDPOINT` The fully qualified URL of your notification receiver.
+- `NOTIFICATION_SECRET` Used to sign the request data, allowing you to verify whether the request is sent by a legitimate sender. You can leave this empty if verification is not needed. See [Signature](#signature) for the algorithm detail.
+
+## Notification Request
+
+Example of request you would receive
+```
+POST http://example.com/lake/notify?nouce=3-FDXxIootApWxEVtz&sign=424c2f6159bd9e9828924a53f9911059433dc14328a031e91f9802f062b495d5
+
+{
+  "ProjectName": "projectName",
+  "PipelineID": 39,
+  "BeganAt": "2024-09-05T15:08:00.389+08:00",
+  "FinishedAT": "2024-09-05T15:28:00.389+08:00",
+  "Status":"TASK_COMPLETED",
+  "CreatedAt":"2024-09-05T15:08:00.389+08:00",
+  "UpdatedAt":"2024-09-05T15:28:00.785+08:00"
+}
+```
+
+- `nonce`: A unique value to prevent replay attacks.
+- `sign`: A signature for verifying the request's authenticity.
+
+
 ## Signature
-You should check the signature before accepting the notification request. We use sha256 algorithm to calculate the checksum.
+
+
+The signature ensures that the request is sent by an authorized sender and has not been tampered with. You should verify the signature before processing the notification. The signature is calculated using the sha256 algorithm.
+
 ```go
 // calculate checksum
 sum := sha256.Sum256([]byte(requestBody + NOTIFICATION_SECRET + nouce))