-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpythonanywhere_wsgi.py
106 lines (86 loc) · 3.59 KB
/
pythonanywhere_wsgi.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
import datetime
import os
import sys
import pytz
from dotenv import load_dotenv
project_folder = os.path.expanduser('~/cluster-monitoring') # adjust as appropriate
load_dotenv(os.path.join(project_folder, '.env'))
w_secret = os.environ["SECRET_KEY"]
# add your project directory to the sys.path
path = '/home/clustermonitoring/cluster-monitoring/tempmon'
if path not in sys.path:
sys.path.append(path)
#get computer timezone
#current_time = datetime.datetime.now(pytz.utc)
#cet_tz = pytz.timezone('Europe/Vienna')
#is_cest = current_time.astimezone(cet_tz).tzname() == "CEST"
#if is_cest:
# os.environ["TZ"] = "CEST" #to make datetime.strptime work...
#else:
# os.environ["TZ"] = "CET"
os.environ["TZ"] = "UTC" #for datetime.strptime, was a problem if CET and CEST in the same file...
# need to pass the flask app as "application" for WSGI to work
# for a dash app, that is at app.server
# see https://plot.ly/dash/deployme
import hashlib
import hmac
import json
import git
from app import app
from flask import abort, request
def is_valid_signature(x_hub_signature, data, private_key):
hash_algorithm, github_signature = x_hub_signature.split('=', 1)
algorithm = hashlib.__dict__.get(hash_algorithm)
encoded_key = bytes(private_key, 'latin-1')
mac = hmac.new(encoded_key, msg=data, digestmod=algorithm)
return hmac.compare_digest(mac.hexdigest(), github_signature)
@app.server.route('/update_server', methods=['POST'])
def webhook():
if request.method != 'POST':
return 'OK'
else:
abort_code = 418
# Do initial validations on required headers
if 'X-Github-Event' not in request.headers:
abort(abort_code)
if 'X-Github-Delivery' not in request.headers:
abort(abort_code)
if 'X-Hub-Signature' not in request.headers:
abort(abort_code)
if not request.is_json:
abort(abort_code)
if 'User-Agent' not in request.headers:
abort(abort_code)
ua = request.headers.get('User-Agent')
if not ua.startswith('GitHub-Hookshot/'):
abort(abort_code)
event = request.headers.get('X-GitHub-Event')
if event == "ping":
return json.dumps({'msg': 'Hi!'})
if event != "push":
return json.dumps({'msg': "Wrong event type"})
x_hub_signature = request.headers.get('X-Hub-Signature')
# webhook content type should be application/json for request.data to have the payload
# request.data is empty in case of x-www-form-urlencoded
if not is_valid_signature(x_hub_signature, request.data, w_secret):
print('Deploy signature failed: {sig}'.format(sig=x_hub_signature))
abort(abort_code)
payload = request.get_json()
if payload is None:
print('Deploy payload is empty: {payload}'.format(
payload=payload))
abort(abort_code)
if payload['ref'] != 'refs/heads/main':
return json.dumps({'msg': 'Not main; ignoring'})
repo = git.Repo('cluster-monitoring')
origin = repo.remotes.origin
pull_info = origin.pull()
if len(pull_info) == 0:
return json.dumps({'msg': "Didn't pull any information from remote!"})
if pull_info[0].flags > 128:
return json.dumps({'msg': "Didn't pull any information from remote!"})
commit_hash = pull_info[0].commit.hexsha
build_commit = f'build_commit = "{commit_hash}"'
print(f'{build_commit}')
return 'Updated PythonAnywhere server to commit {commit}'.format(commit=commit_hash)
application = app.server