-
Notifications
You must be signed in to change notification settings - Fork 0
/
autodeploy.py
31 lines (27 loc) · 1.29 KB
/
autodeploy.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
from flask import Blueprint, request
import hmac
import subprocess
SUPER_SECRET_KEY = open('deploy_secret_key.txt', mode='r').read().strip()
blueprint = Blueprint('autodeployment', __name__, template_folder='templates')
@blueprint.route('/deploy', methods=['POST'])
def autodeploy():
res = SUPER_SECRET_KEY
# чтение hexdigest'а запроса
header_hex_digest = request.headers.get('X-Hub-Signature')
if header_hex_digest is None:
return 'No hash header'
sha_name, signature = header_hex_digest.split('=')
if sha_name != 'sha1':
return 'Wrong sha type'
res += '\n' + signature
if request.data:
hasher = hmac.new(SUPER_SECRET_KEY.encode('utf-8'), msg=request.data, digestmod='sha1')
res += '\n' + hasher.hexdigest()
# проверка совпадения присланного hexdigest и вычисленного
if (not hmac.compare_digest(hasher.hexdigest(), signature)
or request.json['ref'].split('/', 2)[2] != 'deploy'):
return res + '\nSomething went wrong'
# установка обновлений и перезапуск сервиса
subprocess.call(['/usr/bin/git', 'pull'])
subprocess.call(['/usr/bin/sudo', 'systemctl', 'restart', 'webhome'])
return res