From 2ca81c05e4724f3b37c19e631addbc25c5e6e7c5 Mon Sep 17 00:00:00 2001
From: SebClem <seb6596@gmail.com>
Date: Mon, 6 Dec 2021 16:11:12 +0100
Subject: [PATCH] Add webhook

---
 defaults/main.yml         |  4 +++-
 handlers/main.yml         |  4 ++++
 tasks/main.yml            | 16 +++++++++++++++-
 templates/webhook.conf.j2 | 24 ++++++++++++++++++++++++
 4 files changed, 46 insertions(+), 2 deletions(-)
 create mode 100644 templates/webhook.conf.j2

diff --git a/defaults/main.yml b/defaults/main.yml
index 7400c44..57dec51 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -8,4 +8,6 @@ renovate_git_endpoint: ""
 renovate_git_token: ""
 renovate_platform: gitea
 renovate_github_token: ""
-renovate_log_level: info
\ No newline at end of file
+renovate_log_level: info
+renovate_bot_username: renovate-bot
+renovate_webhook_secret: ""
\ No newline at end of file
diff --git a/handlers/main.yml b/handlers/main.yml
index 4d440ca..74bed6a 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,2 +1,6 @@
 ---
 # handlers file for ansible-renovate-role
+- name: Restart webhook
+  service:
+    name: webhook
+    state: restarted
\ No newline at end of file
diff --git a/tasks/main.yml b/tasks/main.yml
index 2d3a8c9..1301da2 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -6,6 +6,11 @@
     name: python3-pip
     state: present
 
+- name: Install webhook
+  package:
+    name: webhook
+    state: present
+
 - name: Install requirements
   pip:
     name: '{{ item.name }}'
@@ -42,4 +47,13 @@
     minute: "0"
     job: "/etc/renovate/renovate"
     cron_file: renovate
-    user: root
\ No newline at end of file
+    user: root
+
+- name: add webhook conf
+  template:
+    src: webhook.conf.j2
+    dest: /etc/webhook.conf
+    owner: root
+    group: root
+    mode: u=rw,g=r,o=r
+  notify: Restart webhook
\ No newline at end of file
diff --git a/templates/webhook.conf.j2 b/templates/webhook.conf.j2
new file mode 100644
index 0000000..de5fb10
--- /dev/null
+++ b/templates/webhook.conf.j2
@@ -0,0 +1,24 @@
+- id: renovate
+  execute-command: "/etc/renovate/renovate"
+  pass-arguments-to-command:
+    - source: string
+      name: --autodiscover
+    - source: string
+      name: false
+    - source: payload
+      name: repository.full_name
+  trigger-rule:
+    and:
+      - not:
+          match:
+            type: value
+            value: {{ renovate_bot_username }}
+            parameter:
+              source: payload
+              name: sender.login
+      - match:
+          type: value
+          value: {{ renovate_webhook_secret }}
+          parameter:
+            source: payload
+            name: secret
\ No newline at end of file