Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
This is a PHP script that can process PostCommitWebHooks from Google Code Project Hosting.
<?php
/*
https://gist.github.com/stefansundin/5224325
https://code.google.com/p/support/wiki/PostCommitWebHooks
To use PHP to verify the authentication hash, you can do this. It supports multiple projects and can also run svnsync. However, this requires you to make your web server user (often 'www-data') to be able to launch svnsync without sudo having to ask for a password:
$ sudo visudo
Then add this to the bottom (it's important that it is in the bottom!):
www-data ALL=(ALL) NOPASSWD:/usr/bin/svnsync
However, this is really much work for just running svnsync. I suggest that, if that's your only goal, set up a cronjob to run svnsync @daily (or @hourly). It's easier and more resistant to errors. Run with user that has access to your svnsync repo:
$ crontab -e
And add:
@daily svnsync sync --non-interactive --no-auth-cache --username svnsync file:///home/path/to/svnsync/for/proj1
*/
$auth_keys = array(
"proj1" => "0123456789abcdef",
"proj2" => "0123456789abcdef",
);
if (!isset($_SERVER["HTTP_GOOGLE_CODE_PROJECT_HOSTING_HOOK_HMAC"])) {
die("No authentication hash.");
}
$hmac = $_SERVER["HTTP_GOOGLE_CODE_PROJECT_HOSTING_HOOK_HMAC"];
$data = file_get_contents("php://input");
$json = json_decode($data, true);
if (!isset($json["project name"]) || !in_array($json["project name"],array_keys($auth_keys))) {
die("Invalid project name.");
}
$p = $json["project name"]; // This can also be retrieved from $_GET["p"] if you set up your url as ?p=%p
$digest = hash_hmac("md5", $data, $auth_keys[$p]);
if ($digest != $hmac) {
die("Invalid authentication hash.");
}
# Run svnsync with the correct user using sudo (remember to edit sudoers!)
system("sudo -u userwithaccesstosyncrep svnsync sync --non-interactive --no-auth-cache --username svnsync file:///home/path/to/svnsync/repo/for/$p");
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment