in ghd-notifier.py [0:0]
def main():
# Grab all GitHub WebHook IP ranges and save them, so we can check if an
# incoming request is originating from one of these IP addresses.
webhook_ips = requests.get("https://api.github.com/meta").json()["hooks"]
allowed_ips = [netaddr.IPNetwork(ip) for ip in webhook_ips]
# Init Flask...
app = flask.Flask(__name__)
# This will make Flask react to requests aimed at /hook, which the GitHub
# webhook service will be calling.
@app.route("/hook", methods=["POST", "PUT"])
def parse_request():
# Get the IP address, the request is originating from.
# (I assume the "X-Forwarded-For" is used when using tools like ngrok
# to forward requests to protected locations, "flask.request.remote_addr"
# contains the ip in the direct access case)
this_ip = netaddr.IPAddress(flask.request.headers.get("X-Forwarded-For") or flask.request.remote_addr)
# Check if this incoming request is originating from one of the
# GitHub webhook IP addresses. Deny the request, if it's not.
allowed = any(this_ip in ip for ip in allowed_ips)
if not allowed:
return "No content\n"
# Process the incoming message.
content = flask.request.json
# GitHub Discussion notifications are all expected to have a "discussion" element.
if "discussion" in content:
# If this is a comment action, it will also contain a "comment" element
if "comment" in content:
logmsg = parse_comment_action(content)
# Otherwise it's a basic "create", "edit", "close" operation.
else:
logmsg = parse_thread_action(content)
log.log(level=logging.WARNING, msg=logmsg)
return "Delivered\n"
# Disable werkzeug request logging to stdout
log = logging.getLogger("werkzeug")
log.setLevel(logging.WARNING)
# Start up the app (Starts the Flask webserver)
app.run(host="127.0.0.1", port=8084, debug=False)