diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index 89ab07682..54f6636b9 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -93,4 +93,4 @@ To explicitly enable metrics, use `matrix_hookshot_metrics_enabled: true`. This ### Collision with matrix-appservice-webhooks -If you are also running [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), it reserves its namespace by the default setting `matrix_appservice_webhooks_user_prefix: '_webhook_'`. You should take care if you modify its or hookshot's prefix that they do not collide with each other's namespace (default `matrix_hookshot_generic_user_id_prefix: '_webhooks_'`). +If you are also running [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), it reserves its namespace by the default setting `matrix_appservice_webhooks_user_prefix: '_webhook_'`. You should take care if you modify its or hookshot's prefix that they do not collide with each other's namespace (default `matrix_hookshot_generic_userIdPrefix: '_webhooks_'`). diff --git a/roles/custom/matrix-bridge-hookshot/defaults/main.yml b/roles/custom/matrix-bridge-hookshot/defaults/main.yml index 4e6965847..a81d4706a 100644 --- a/roles/custom/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/custom/matrix-bridge-hookshot/defaults/main.yml @@ -52,7 +52,7 @@ matrix_hookshot_webhook_endpoint: "{{ matrix_hookshot_public_endpoint }}/webhook # You need to create a GitHub app to enable this and fill in the empty variables below # https://matrix-org.github.io/matrix-hookshot/setup/github.html matrix_hookshot_github_enabled: false -matrix_hookshot_github_appid: '' +matrix_hookshot_github_auth_id: '' # Set this variable to the contents of the generated and downloaded GitHub private key: # matrix_hookshot_github_private_key: | # -----BEGIN RSA PRIVATE KEY----- @@ -61,7 +61,7 @@ matrix_hookshot_github_appid: '' # Alternatively, leave it empty and do it manually or use matrix-aux instead, see docs/matrix-bridge-hookshot.md for info. matrix_hookshot_github_private_key: '' matrix_hookshot_github_private_key_file: 'private-key.pem' -matrix_hookshot_github_secret: '' # "Webhook secret" on the GitHub App page +matrix_hookshot_github_webhook_secret: '' # "Webhook secret" on the GitHub App page matrix_hookshot_github_oauth_enabled: false # You need to configure oauth settings only when you have enabled oauth (optional) matrix_hookshot_github_oauth_id: '' # "Client ID" on the GitHub App page @@ -69,14 +69,17 @@ matrix_hookshot_github_oauth_secret: '' # "Client Secret" on the GitHub App pag # Default value of matrix_hookshot_github_oauth_endpoint: "/hookshot/webhooks/oauth" matrix_hookshot_github_oauth_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/oauth" matrix_hookshot_github_oauth_uri: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_github_oauth_endpoint }}" + # These are the default settings mentioned here and don't need to be modified: https://matrix-org.github.io/matrix-hookshot/usage/room_configuration/github_repo.html#configuration -matrix_hookshot_github_ignore_hooks: "{}" -matrix_hookshot_github_command_prefix: '!gh' -matrix_hookshot_github_showIssueRoomLink: false # noqa var-naming -matrix_hookshot_github_pr_diff: "{enabled: false, maxLines: 5}" -matrix_hookshot_github_including_labels: '' -matrix_hookshot_github_excluding_labels: '' -matrix_hookshot_github_hotlink_prefix: "#" +matrix_hookshot_github_defaultOptions_ignoreHooks: {} # noqa var-naming +matrix_hookshot_github_defaultOptions_commandPrefix: '!gh' # noqa var-naming +matrix_hookshot_github_defaultOptions_showIssueRoomLink: false # noqa var-naming +matrix_hookshot_github_defaultOptions_prDiff: # noqa var-naming + enabled: false + maxLines: 5 +matrix_hookshot_github_defaultOptions_includingLabels: '' # noqa var-naming +matrix_hookshot_github_defaultOptions_excludingLabels: '' # noqa var-naming +matrix_hookshot_github_defaultOptions_hotlinkIssues_prefix: "#" # noqa var-naming matrix_hookshot_gitlab_enabled: true @@ -91,7 +94,7 @@ matrix_hookshot_gitlab_instances: url: https://gitlab.com # This will be the "Secret token" you have to enter into all GitLab instances for authentication -matrix_hookshot_gitlab_secret: '' +matrix_hookshot_gitlab_webhook_secret: '' matrix_hookshot_figma_enabled: false @@ -104,17 +107,17 @@ matrix_hookshot_figma_publicUrl: "{{ matrix_hookshot_urlprefix }}{{ matrix_hooks # teamId: your-team-id # accessToken: your-personal-access-token # passcode: your-webhook-passcode - +matrix_hookshot_figma_instances: {} matrix_hookshot_jira_enabled: false # Get the these values from https://matrix-org.github.io/matrix-hookshot/setup/jira.html#jira-oauth -matrix_hookshot_jira_secret: '' +matrix_hookshot_jira_webhook_secret: '' matrix_hookshot_jira_oauth_enabled: false -matrix_hookshot_jira_oauth_id: '' -matrix_hookshot_jira_oauth_secret: '' +matrix_hookshot_jira_oauth_client_id: '' +matrix_hookshot_jira_oauth_client_secret: '' # Default value of matrix_hookshot_jira_oauth_endpoint: "/hookshot/webhooks/jira/oauth" matrix_hookshot_jira_oauth_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/jira/oauth" -matrix_hookshot_jira_oauth_uri: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_jira_oauth_endpoint }}" +matrix_hookshot_jira_oauth_redirect_uri: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_jira_oauth_endpoint }}" # No need to change these @@ -122,10 +125,10 @@ matrix_hookshot_generic_enabled: true # Default value of matrix_hookshot_generic_endpoint: "/hookshot/webhooks" matrix_hookshot_generic_endpoint: "{{ matrix_hookshot_webhook_endpoint }}" # urlprefix gets updated with protocol & port in group_vars/matrix_servers -matrix_hookshot_generic_urlprefix: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_generic_endpoint }}" -matrix_hookshot_generic_allow_js_transformation_functions: false +matrix_hookshot_generic_urlPrefix: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_generic_endpoint }}" +matrix_hookshot_generic_allowJsTransformationFunctions: false # If you're also using matrix-appservice-webhooks, take care that these prefixes don't overlap -matrix_hookshot_generic_user_id_prefix: '_webhooks_' +matrix_hookshot_generic_userIdPrefix: '_webhooks_' matrix_hookshot_feeds_enabled: true diff --git a/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml b/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml index 3392f1b64..91d29eceb 100644 --- a/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml +++ b/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml @@ -1,5 +1,34 @@ --- +- name: (Deprecation) Catch and report renamed Hookshot variables + ansible.builtin.fail: + msg: >- + Your configuration contains a variable, which now has a different name. + Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). + when: "item.old in vars" + with_items: + - {'old': 'matrix_hookshot_feeds_interval', 'new': 'matrix_hookshot_feeds_pollIntervalSeconds'} + - {'old': 'matrix_hookshot_generic_urlprefix', 'new': 'matrix_hookshot_generic_urlPrefix'} + - {'old': 'matrix_hookshot_generic_allow_js_transformation_functions', 'new': 'matrix_hookshot_generic_allowJsTransformationFunctions'} + - {'old': 'matrix_hookshot_generic_user_id_prefix', 'new': 'matrix_hookshot_generic_userIdPrefix'} + - {'old': 'matrix_hookshot_github_secret', 'new': 'matrix_hookshot_github_webhook_secret'} + - {'old': 'matrix_hookshot_github_appid', 'new': 'matrix_hookshot_github_auth_id'} + - {'old': 'matrix_hookshot_github_oauth_id', 'new': 'matrix_hookshot_github_oauth_client_id'} + - {'old': 'matrix_hookshot_github_oauth_secret', 'new': 'matrix_hookshot_github_oauth_client_secret'} + - {'old': 'matrix_hookshot_github_oauth_uri', 'new': 'matrix_hookshot_github_oauth_redirect_uri'} + - {'old': 'matrix_hookshot_github_ignore_hooks', 'new': 'matrix_hookshot_github_defaultOptions_ignoreHooks'} + - {'old': 'matrix_hookshot_github_command_prefix', 'new': 'matrix_hookshot_github_defaultOptions_commandPrefix'} + - {'old': 'matrix_hookshot_github_showIssueRoomLink', 'new': 'matrix_hookshot_github_defaultOptions_showIssueRoomLink'} + - {'old': 'matrix_hookshot_github_pr_diff', 'new': 'matrix_hookshot_github_defaultOptions_prDiff'} + - {'old': 'matrix_hookshot_github_including_labels', 'new': 'matrix_hookshot_github_defaultOptions_includingLabels'} + - {'old': 'matrix_hookshot_github_excluding_labels', 'new': 'matrix_hookshot_github_defaultOptions_excludingLabels'} + - {'old': 'matrix_hookshot_github_hotlink_prefix', 'new': 'matrix_hookshot_github_defaultOptions_hotlinkIssues_prefix'} + - {'old': 'matrix_hookshot_jira_secret', 'new': 'matrix_hookshot_jira_webhook_secret'} + - {'old': 'matrix_hookshot_jira_oauth_id', 'new': 'matrix_hookshot_jira_oauth_client_id'} + - {'old': 'matrix_hookshot_jira_oauth_secret', 'new': 'matrix_hookshot_jira_oauth_client_secret'} + - {'old': 'matrix_hookshot_jira_oauth_uri', 'new': 'matrix_hookshot_jira_oauth_client_secret'} + - {'old': 'matrix_hookshot_gitlab_secret', 'new': 'matrix_hookshot_gitlab_webhook_secret'} + - name: Fail if required settings not defined ansible.builtin.fail: msg: >- @@ -15,8 +44,8 @@ You need to define a required configuration setting (`{{ item }}`) to enable GitHub. when: "matrix_hookshot_github_enabled and vars[item] == ''" with_items: - - "matrix_hookshot_github_appid" - - "matrix_hookshot_github_secret" + - "matrix_hookshot_github_auth_id" + - "matrix_hookshot_github_webhook_secret" - name: Fail if required GitHub OAuth settings not defined ansible.builtin.fail: @@ -24,8 +53,8 @@ You need to define a required configuration setting (`{{ item }}`) to enable GitHub OAuth. when: "matrix_hookshot_github_oauth_enabled and vars[item] == ''" with_items: - - "matrix_hookshot_github_oauth_id" - - "matrix_hookshot_github_oauth_secret" + - "matrix_hookshot_github_oauth_client_id" + - "matrix_hookshot_github_oauth_client_secret" - name: Fail if required Jira settings not defined ansible.builtin.fail: @@ -33,7 +62,7 @@ You need to define a required configuration setting (`{{ item }}`) to enable Jira. when: "matrix_hookshot_jira_enabled and vars[item] == ''" with_items: - - "matrix_hookshot_jira_secret" + - "matrix_hookshot_jira_webhook_secret" - name: Fail if required Jira OAuth settings not defined ansible.builtin.fail: @@ -41,14 +70,14 @@ You need to define a required configuration setting (`{{ item }}`) to enable Jira OAuth. when: "matrix_hookshot_jira_oauth_enabled and vars[item] == ''" with_items: - - "matrix_hookshot_jira_oauth_id" - - "matrix_hookshot_jira_oauth_secret" + - "matrix_hookshot_jira_oauth_client_id" + - "matrix_hookshot_jira_oauth_client_secret" - name: Fail if required Figma settings not defined ansible.builtin.fail: msg: >- - You need to define at least one Figma instance to enable Figma. - when: "matrix_hookshot_figma_enabled and matrix_hookshot_figma_instances is undefined" + You need to define at least one Figma instance in `matrix_hookshot_figma_instances` to enable Figma. + when: "matrix_hookshot_figma_enabled and matrix_hookshot_figma_instances | length == 0" - name: Fail if required provisioning settings not defined ansible.builtin.fail: @@ -58,15 +87,6 @@ with_items: - "matrix_hookshot_provisioning_secret" -- name: (Deprecation) Catch and report renamed Hookshot variables - ansible.builtin.fail: - msg: >- - Your configuration contains a variable, which now has a different name. - Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). - when: "item.old in vars" - with_items: - - {'old': 'matrix_hookshot_feeds_interval', 'new': 'matrix_hookshot_feeds_pollIntervalSeconds'} - - name: (Deprecation) Catch and report old metrics usage ansible.builtin.fail: msg: >- diff --git a/roles/custom/matrix-bridge-hookshot/templates/config.yml.j2 b/roles/custom/matrix-bridge-hookshot/templates/config.yml.j2 index 527afafaf..2eded104d 100644 --- a/roles/custom/matrix-bridge-hookshot/templates/config.yml.j2 +++ b/roles/custom/matrix-bridge-hookshot/templates/config.yml.j2 @@ -14,69 +14,68 @@ github: auth: # Authentication for the GitHub App. # - id: {{ matrix_hookshot_github_appid }} + id: {{ matrix_hookshot_github_auth_id | to_json }} privateKeyFile: /data/{{ matrix_hookshot_github_private_key_file }} webhook: # Webhook settings for the GitHub app. # - secret: {{ matrix_hookshot_github_secret|to_json }} + secret: {{ matrix_hookshot_github_webhook_secret | to_json }} {% if matrix_hookshot_github_oauth_enabled %} oauth: # (Optional) Settings for allowing users to sign in via OAuth. # - client_id: {{ matrix_hookshot_github_oauth_id }} - client_secret: {{ matrix_hookshot_github_oauth_secret|to_json }} - redirect_uri: {{ matrix_hookshot_github_oauth_uri }} + client_id: {{ matrix_hookshot_github_oauth_client_id | to_json }} + client_secret: {{ matrix_hookshot_github_oauth_client_secret | to_json }} + redirect_uri: {{ matrix_hookshot_github_oauth_redirect_uri | to_json }} {% endif %} defaultOptions: # (Optional) Default options for GitHub connections. # - ignoreHooks: {{ matrix_hookshot_github_ignore_hooks }} - commandPrefix: "{{ matrix_hookshot_github_command_prefix }}" - showIssueRoomLink: {{ matrix_hookshot_github_showIssueRoomLink }} - prDiff: {{ matrix_hookshot_github_pr_diff }} - includingLabels:{{ matrix_hookshot_github_including_labels }} - excludingLabels: {{ matrix_hookshot_github_excluding_labels }} + ignoreHooks: {{ matrix_hookshot_github_defaultOptions_ignoreHooks | to_json }} + commandPrefix: {{ matrix_hookshot_github_defaultOptions_commandPrefix | to_json }} + showIssueRoomLink: {{ matrix_hookshot_github_defaultOptions_showIssueRoomLink | to_json }} + prDiff: {{ matrix_hookshot_github_defaultOptions_prDiff | to_json }} + includingLabels: {{ matrix_hookshot_github_defaultOptions_includingLabels | to_json }} + excludingLabels: {{ matrix_hookshot_github_defaultOptions_excludingLabels | to_json }} hotlinkIssues: - prefix: "{{ matrix_hookshot_github_hotlink_prefix }}" + prefix: {{ matrix_hookshot_github_defaultOptions_hotlinkIssues_prefix | to_json }} {% endif %} {% if matrix_hookshot_gitlab_enabled %} gitlab: # (Optional) Configure this to enable GitLab support # - instances: - {{ matrix_hookshot_gitlab_instances }} + instances: {{ matrix_hookshot_gitlab_instances | to_json }} webhook: - secret: {{ matrix_hookshot_gitlab_secret|to_json }} + secret: {{ matrix_hookshot_gitlab_webhook_secret | to_json }} {% endif %} {% if matrix_hookshot_figma_enabled %} figma: # (Optional) Configure this to enable Figma support # - publicUrl: {{ matrix_hookshot_figma_publicUrl }} - instances: {{ matrix_hookshot_figma_instances }} + publicUrl: {{ matrix_hookshot_figma_publicUrl | to_json }} + instances: {{ matrix_hookshot_figma_instances | to_json }} {% endif %} {% if matrix_hookshot_jira_enabled %} jira: # (Optional) Configure this to enable Jira support # webhook: - secret: {{ matrix_hookshot_jira_secret|to_json }} + secret: {{ matrix_hookshot_jira_webhook_secret | to_json }} {% if matrix_hookshot_jira_oauth_enabled %} oauth: - client_id: {{ matrix_hookshot_jira_oauth_id|to_json }} - client_secret: {{ matrix_hookshot_jira_oauth_secret|to_json }} - redirect_uri: {{ matrix_hookshot_jira_oauth_uri }} + client_id: {{ matrix_hookshot_jira_oauth_client_id | to_json }} + client_secret: {{ matrix_hookshot_jira_oauth_client_secret | to_json }} + redirect_uri: {{ matrix_hookshot_jira_oauth_redirect_uri | to_json }} {% endif %} {% endif %} {% if matrix_hookshot_generic_enabled %} generic: # (Optional) Support for generic webhook events. `allowJsTransformationFunctions` will allow users to write short transformation snippets in code, and thus is unsafe in untrusted environments # - enabled: {{ matrix_hookshot_generic_enabled }} - urlPrefix: {{ matrix_hookshot_generic_urlprefix }} - allowJsTransformationFunctions: {{ matrix_hookshot_generic_allow_js_transformation_functions }} - userIdPrefix: {{ matrix_hookshot_generic_user_id_prefix|to_json }} + enabled: {{ matrix_hookshot_generic_enabled | to_json }} + urlPrefix: {{ matrix_hookshot_generic_urlPrefix | to_json }} + allowJsTransformationFunctions: {{ matrix_hookshot_generic_allowJsTransformationFunctions | to_json }} + userIdPrefix: {{ matrix_hookshot_generic_userIdPrefix | to_json }} {% endif %} {% if matrix_hookshot_feeds_enabled %} feeds: @@ -90,7 +89,7 @@ feeds: provisioning: # (Optional) Provisioning API for integration managers # - secret: {{ matrix_hookshot_provisioning_secret|to_json }} + secret: {{ matrix_hookshot_provisioning_secret | to_json }} {% endif %} passFile: # A passkey used to encrypt tokens stored inside the bridge. @@ -100,12 +99,12 @@ passFile: bot: # (Optional) Define profile information for the bot user # - displayname: {{ matrix_hookshot_bot_displayname }} - avatar: {{ matrix_hookshot_bot_avatar }} + displayname: {{ matrix_hookshot_bot_displayname | to_json }} + avatar: {{ matrix_hookshot_bot_avatar | to_json }} metrics: # (Optional) Prometheus metrics support # - enabled: {{ matrix_hookshot_metrics_enabled }} + enabled: {{ matrix_hookshot_metrics_enabled | to_json }} logging: # (Optional) Logging settings. You can have a severity debug,info,warn,error # @@ -114,20 +113,20 @@ logging: widgets: # (Optional) EXPERIMENTAL support for complimentary widgets # - addToAdminRooms: {{ matrix_hookshot_widgets_addToAdminRooms }} + addToAdminRooms: {{ matrix_hookshot_widgets_addToAdminRooms | to_json }} {% if matrix_hookshot_widgets_roomSetupWidget_enabled %} roomSetupWidget: - addOnInvite: {{ matrix_hookshot_widgets_roomSetupWidget_addOnInvite }} + addOnInvite: {{ matrix_hookshot_widgets_roomSetupWidget_addOnInvite | to_json }} {% endif %} {% if not matrix_hookshot_widgets_disallowedIpRanges is in [None, ''] %} - disallowedIpRanges: {{ matrix_hookshot_widgets_disallowedIpRanges }} + disallowedIpRanges: {{ matrix_hookshot_widgets_disallowedIpRanges | to_json }} {% endif %} - publicUrl: {{ matrix_hookshot_widgets_publicUrl }} + publicUrl: {{ matrix_hookshot_widgets_publicUrl | to_json }} branding: - widgetTitle: {{ matrix_hookshot_widgets_branding_widgetTitle }} + widgetTitle: {{ matrix_hookshot_widgets_branding_widgetTitle | to_json }} {% endif %} {% if matrix_hookshot_permissions %} -permissions: {{ matrix_hookshot_permissions }} +permissions: {{ matrix_hookshot_permissions | to_json }} {% endif %} listeners: # (Optional) HTTP Listener configuration.