Documentation
¶
Overview ¶
Package webhooks provides webhook dispatch and formatting for push and scan notifications.
Index ¶
Constants ¶
const ( TriggerFirst = 0x01 // First-time scan (no previous scan record) TriggerAll = 0x02 // Every scan completion TriggerChanged = 0x04 // Vulnerability counts changed from previous TriggerPush = 0x08 // Image push (manifest stored) )
Webhook trigger bitmask constants
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Dispatcher ¶
type Dispatcher struct {
// contains filtered or unexported fields
}
Dispatcher handles webhook delivery for push and scan notifications. It reads webhooks from the appview DB and delivers payloads with Discord/Slack formatting and HMAC signing.
func NewDispatcher ¶
func NewDispatcher(database db.DBTX, meta atproto.AppviewMetadata) *Dispatcher
NewDispatcher creates a new webhook dispatcher
func (*Dispatcher) DeliverTest ¶
func (d *Dispatcher) DeliverTest(ctx context.Context, webhookID, userDID, userHandle string) (bool, error)
DeliverTest sends a test payload to a specific webhook (synchronous, single attempt)
func (*Dispatcher) DispatchForPush ¶
func (d *Dispatcher) DispatchForPush(ctx context.Context, event storage.PushWebhookEvent)
DispatchForPush fires matching webhooks after a manifest is pushed.
func (*Dispatcher) DispatchForScan ¶
func (d *Dispatcher) DispatchForScan(ctx context.Context, scan, previousScan *db.Scan, userHandle, tag, holdEndpoint string)
DispatchForScan fires matching webhooks after a scan record arrives via Jetstream. previousScan is nil for first-time scans. userHandle is used for payload enrichment.
type PushData ¶
type PushData struct {
PushedAt string `json:"pushed_at"`
Pusher string `json:"pusher"`
PusherDID string `json:"pusher_did"`
Tag string `json:"tag,omitempty"`
Digest string `json:"digest"`
}
PushData describes the push event
type PushRepository ¶
type PushRepository struct {
Name string `json:"name"`
Namespace string `json:"namespace"`
RepoName string `json:"repo_name"`
RepoURL string `json:"repo_url"`
MediaType string `json:"media_type"`
StarCount int `json:"star_count"`
PullCount int `json:"pull_count"`
}
PushRepository describes the repository that was pushed to
type PushWebhookPayload ¶
type PushWebhookPayload struct {
Trigger string `json:"trigger"`
PushData PushData `json:"push_data"`
Repository PushRepository `json:"repository"`
Hold PushHold `json:"hold"`
}
PushWebhookPayload is the JSON body sent for push events (Docker Hub-inspired format)
type WebhookManifestInfo ¶
type WebhookManifestInfo struct {
Digest string `json:"digest"`
Repository string `json:"repository"`
Tag string `json:"tag"`
UserDID string `json:"userDid"`
UserHandle string `json:"userHandle,omitempty"`
}
WebhookManifestInfo describes the scanned manifest
type WebhookPayload ¶
type WebhookPayload struct {
Trigger string `json:"trigger"`
HoldDID string `json:"holdDid"`
HoldEndpoint string `json:"holdEndpoint"`
Manifest WebhookManifestInfo `json:"manifest"`
Scan WebhookScanInfo `json:"scan"`
Previous *WebhookVulnCounts `json:"previous"`
}
WebhookPayload is the JSON body sent to webhook URLs
type WebhookScanInfo ¶
type WebhookScanInfo struct {
ScannedAt string `json:"scannedAt"`
ScannerVersion string `json:"scannerVersion"`
Vulnerabilities WebhookVulnCounts `json:"vulnerabilities"`
}
WebhookScanInfo describes the scan results
Source Files