From 20c7059fd8f996a2dbd12f4cd4557b5580695e7b Mon Sep 17 00:00:00 2001
From: southerntofu <southerntofu@thunix.net>
Date: Sat, 3 Oct 2020 12:55:17 -0400
Subject: [PATCH] Better discovery of scripts to test

---
 index.php | 45 ++++++++++++++++++++++++++++++++++-----------
 spec      |  2 +-
 2 files changed, 35 insertions(+), 12 deletions(-)

diff --git a/index.php b/index.php
index fc7f220..e25a865 100644
--- a/index.php
+++ b/index.php
@@ -73,9 +73,9 @@ function verify_token($secret, $claimed_secret) {
 // find_secret($repo_url)
 //   Find the secret corresponding to the repo_url, if any. Returns empty string otherwise
 function find_secret($repo_url) {
-    //$forgehook = getenv('FORGEHOOK') ? : 'forgehook';
-    // TODO: use in order ENV['FORGEHOOK'], ./forgehook, or PATH['forgehook']
-    $forgehook = './forgehook';
+    $forgehook = isset($_ENV['FORGEHOOK']) ? $_ENV['FORGEHOOK'] // from $ENV
+        : (file_exists('forgehook') ? './forgehook' // from current directory
+            : 'forgehook'); // from $PATH
 
     $repo = escapeshellarg($repo_url);
 
@@ -131,13 +131,37 @@ class GitlabWebhook {
     }
 }
 
+class GithubWebhook {
+    function __construct($payload) {
+        $this->data = json_to_array($payload);
+    }
+
+    function repo_url() {
+        $repo_url = isset($this->data["repository"]["html_url"]) ?
+            $this->data["repository"]["html_url"] : "";
+        if (empty($repo_url)) {
+            error('Could not find Github repository URL');
+        }
+        return $repo_url;
+    }
+
+    function secret() {
+        return extract_header("HTTP_X_HUB_SIGNATURE");
+    }
+}
+
 function notify($repo) {
-    $notify = getenv('FORGEHOOKNOTIFY') ? : 'forgehook-notify';
+    //$notify = getenv('FORGEHOOKNOTIFY') ? : 'forgehook-notify';
+    $notify = isset($_ENV['FORGEHOOKNOTIFY']) ? $_ENV['FORGEHOOKNOTIFY'] // from $ENV
+        : (file_exists('forgehook-notify') ? './forgehook-notify' // from current directory
+            : 'forgehook-notify'); // from $PATH
 
-    $output=shell_exec($notify." ".$repo);
+    $lines = [];
+    $status = NULL;
+    exec($notify." ".$repo, $lines, $status);
 
-    if ($output != NULL) {
-	    error("Notify failed (".$notify.") with:\n".$output);
+    if ($status != 0) {
+	    error("Notify failed (".$notify.") with:\n".print_r($lines));
     }
 }
 
@@ -150,10 +174,9 @@ function action() {
 
     switch($_GET['action']) {
         case 'github':
-            $claimed_secret = extract_header("HTTP_X_HUB_SIGNATURE");
-            $payload_array = json_to_array($payload);
-            // Gitea URL is same as Github, for the moment
-            $repo_url = find_url_gitea($payload_array);
+            $webhook = new GithubWebhook($payload);
+            $claimed_secret = $webhook->secret();
+            $repo_url = $webhook->repo_url();
             $secret = find_secret($repo_url);
             verify_signature($payload, $secret, $claimed_secret);
             notify($repo_url);
diff --git a/spec b/spec
index b016561..a72ceda 160000
--- a/spec
+++ b/spec
@@ -1 +1 @@
-Subproject commit b01656134c85eac50ecc60b4919d0f2fa577db84
+Subproject commit a72ceda21cfde2ed9e6e19f65e007f2bc8778660