7 $request = new Request
;
8 $response = new Response
;
9 $response->setResponseCode(500);
12 $owners = explode(",", getenv("owners") ?
: "m6w6");
13 $mirror = getenv("mirror") ?
: "/var/github";
14 $secret = getenv("secret") ?
: trim(file_get_contents("$mirror/.secret"));
16 $sig = $request->getHeader("X-Hub-Signature");
17 $evt = $request->getHeader("X-Github-Event");
20 $response->setResponseCode(400);
21 $response->setContentType("message/http");
22 $response->getBody()->append($request);
23 return $response->send();
26 foreach ((new Params($sig))->params
as $algo => $mac) {
27 if ($mac["value"] !== hash_hmac($algo, $request->getBody(), $secret)) {
28 $response->setResponseCode(403);
29 $response->getBody()->append("Invalid signature");
30 return $response->send();
36 $response->setResponseCode(202);
37 $response->getBody()->append("Not a configured event");
40 $response->setResponseCode(204);
41 $response->setResponseStatus("PONG");
44 if (!($json = json_decode($request->getBody()))) {
45 $response->setResponseCode(415);
46 $response->setContentType($request->getHeader("Content-Type"));
47 $response->getBody()->append($request->getBody());
48 } elseif (!in_array($json->repository
->owner
->name
, $owners, true)) {
49 $response->setResponseCode(403);
50 $response->getBody()->append("Invalid owner");
52 $repo = $json->repository
->full_name
;
53 $path = $mirror . "/" . $repo;
54 if (is_dir($path) && chdir($path)) {
55 passthru("git fetch -vp 2>&1", $rv);
57 $response->setResponseCode(200);
59 } elseif (mkdir($path, 0755, true) && chdir($path)) {
60 $source = escapeshellarg($json->repository
->clone_url
);
61 passthru("git clone --mirror $source . 2>&1", $rv);
63 $response->setResponseCode(200);