I have a Webhook with a Secret and when I run Test connection the response is 401 and the Request does not include the X-Hub-Signature header. This Webhook was working then started failing and troubleshooting revealed this. If I take one of the failed request and POST it with it's headers (including X-Hub-Signature) it works. It just stopped working from bitbucket.
@Rob_Decker I invested alot of time on this issue and finally fixed it by using the CEL expression interceptors, as following.
In this Trigger, we are using the overlays to add the "X-Hub-Signature" to the body of the payload, where expression value i.e., 1234567 doesn't matter it can be anything, we are just adding the HMAC to the body so that we will not get an error.
Note: By default there is no interceptor for the bitbucket CLOUD
apiVersion: triggers.tekton.dev/v1beta1
kind: Trigger
metadata:
name: energy
spec:
serviceAccountName: pipeline
interceptors:
- ref:
name: "cel"
params:
- name: "filter"
value: "header.match('X-Event-Key', 'repo:push')"
- name: "overlays"
value:
- key: X-Hub-Signature
expression: "1234567"
bindings:
- ref: energy
template:
ref: energy
I tried the Test Connection request with GET and it worked outside of bitbucket. The responses from within bitbucket and the outside tool are both from the same server where the request is being made but the bitbucket responses are requesting basic auth with a WWW-Authenticate header.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
did you ever get this working? I can't even see where to specify the secret for a webhook for repo on Bitbucket Cloud.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.