diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..be20bef --- /dev/null +++ b/.gitignore @@ -0,0 +1,132 @@ +# Created by .ignore support plugin (hsz.mobi) +### Python template +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# C extensions +*.so + +# Distribution / packaging +.Python +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +pip-wheel-metadata/ +share/python-wheels/ +*.egg-info/ +.installed.cfg +*.egg +MANIFEST + +# PyInstaller +# Usually these files are written by a python script from a template +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.nox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*.cover +*.py,cover +.hypothesis/ +.pytest_cache/ + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py +db.sqlite3 +db.sqlite3-journal + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# Jupyter Notebook +.ipynb_checkpoints + +# IPython +profile_default/ +ipython_config.py + +# pyenv +.python-version + +# pipenv +# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. +# However, in case of collaboration, if having platform-specific dependencies or dependencies +# having no cross-platform support, pipenv may install dependencies that don't work, or not +# install all needed dependencies. +#Pipfile.lock + +# PEP 582; used by e.g. github.com/David-OConnor/pyflow +__pypackages__/ + +# Celery stuff +celerybeat-schedule +celerybeat.pid + +# SageMath parsed files +*.sage.py + +# Environments +.env +.venv +env/ +venv/ +ENV/ +env.bak/ +venv.bak/ + +# Spyder project settings +.spyderproject +.spyproject + +# Rope project settings +.ropeproject + +# mkdocs documentation +/site + +# mypy +.mypy_cache/ +.dmypy.json +dmypy.json + +# Pyre type checker +.pyre/ + diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..4c3d8e4 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,7 @@ +FROM python:slim +RUN apt-get update && apt-get install -y libpq-dev +ADD . /python-flask +EXPOSE 5443 +WORKDIR /python-flask +RUN pip install -r requirements.txt +CMD [ "python3", "PMwebhook.py"] diff --git a/PMwebhook.py b/PMwebhook.py new file mode 100644 index 0000000..6b78dea --- /dev/null +++ b/PMwebhook.py @@ -0,0 +1,72 @@ +import urllib3 +from urllib3.exceptions import InsecureRequestWarning # for insecure https warnings +urllib3.disable_warnings(InsecureRequestWarning) # disable insecure https warnings +import json +import psycopg2 +from flask import Flask, request +from flask_basicauth import BasicAuth +from kubernetes import client, config +import base64 + +# Load Kubernetes configuration +config.load_incluster_config() + +# Access the secret +v1 = client.CoreV1Api() +secret = v1.read_namespaced_secret("webhook-secrets", "pm2pg") + +WEBHOOK_USERNAME = base64.b64decode(secret.data['username']).decode('utf-8') +WEBHOOK_PASSWORD = base64.b64decode(secret.data['password']).decode('utf-8') +DB_USER = base64.b64decode(secret.data['db_user']).decode('utf-8') +DB_PASSWORD = base64.b64decode(secret.data['db_password']).decode('utf-8') +DB_NAME = base64.b64decode(secret.data['db_name']).decode('utf-8') +DB_HOST = base64.b64decode(secret.data['db_host']).decode('utf-8') +DB_PORT = base64.b64decode(secret.data['db_port']).decode('utf-8') + +save_webhook_output_file = "webhooklogs.json" + +app = Flask(__name__) + +app.config['BASIC_AUTH_USERNAME'] = WEBHOOK_USERNAME +app.config['BASIC_AUTH_PASSWORD'] = WEBHOOK_PASSWORD +app.config['BASIC_AUTH_FORCE'] = True + +# Establish database connection +connection = psycopg2.connect( + user=DB_USER, + password=DB_PASSWORD, + database=DB_NAME, + host=DB_HOST, + port=DB_PORT +) +print("Database connection to {} successful".format(DB_NAME)) + + +basic_auth = BasicAuth(app) + +@app.route('/') +@basic_auth.required +def index(): + return '

Im Alive

', 200 + +@app.route('/api', methods=['POST']) +@basic_auth.required +def webhook(): + if request.method == 'POST': + print('Webhook Received') + request_json = request.json + + print('Payload: ') + print(json.dumps(request_json,indent=4)) + + + with open(save_webhook_output_file, 'a') as filehandle: + filehandle.write('%s\n' % json.dumps(request_json,indent=4)) + filehandle.write('= - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - \n') + + return 'Webhook notification received', 202 + else: + return 'POST Method not supported', 405 + +if __name__ == '__main__': + app.run(ssl_context='adhoc', host='0.0.0.0', port=5443, debug=True) diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..e48650b --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,6 @@ +version: "3.8" +services: + app: + build: . + ports: + - "5443:5443" \ No newline at end of file diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..d6c3d0c --- /dev/null +++ b/requirements.txt @@ -0,0 +1,8 @@ +Flask==2.0.3 +requests==2.25.1 +Flask_BasicAuth==0.2.0 +urllib3==1.26.5 +cryptography==3.4.7 +Werkzeug==2.0.3 +psycopg2-binary +kubernetes==18.20.0 diff --git a/webhooklogs.json b/webhooklogs.json new file mode 100644 index 0000000..e69de29