Webhooks GitLab
Les webhooks envoient des notifications HTTP a chaque evenement :
Configuration
# Settings > Webhooks
URL: https://my-service.example.com/gitlab-webhook
Secret Token: mon-secret-token
Trigger events:
- Push events
- Merge request events
- Pipeline events
- Tag push eventsRecevoir un webhook (Node.js)
const express = require("express");
const crypto = require("crypto");
const app = express();
app.use(express.json());
app.post("/gitlab-webhook", (req, res) => {
// Verifier le token
const token = req.headers["x-gitlab-token"];
if (token !== process.env.GITLAB_WEBHOOK_SECRET) {
return res.status(401).send("Unauthorized");
}
const event = req.headers["x-gitlab-event"];
const payload = req.body;
switch (event) {
case "Push Hook":
console.log(`Push on ${payload.ref} by ${payload.user_name}`);
break;
case "Merge Request Hook":
console.log(`MR ${payload.object_attributes.action}: ${payload.object_attributes.title}`);
break;
case "Pipeline Hook":
console.log(`Pipeline ${payload.object_attributes.status} on ${payload.object_attributes.ref}`);
break;
}
res.status(200).send("OK");
});
app.listen(3000);Automatisation avec CI/CD
# Nettoyage automatique des anciennes branches
cleanup-branches:
stage: maintenance
script:
- |
# Supprimer les branches mergees de plus de 30 jours
curl -s --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
"$CI_API_V4_URL/projects/$CI_PROJECT_ID/repository/branches?merged=true" | \
jq -r '.[].name' | \
grep -v "^main$" | \
while read branch; do
curl -s --request DELETE \
--header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
"$CI_API_V4_URL/projects/$CI_PROJECT_ID/repository/branches/$branch"
echo "Deleted: $branch"
done
rules:
- if: $CI_PIPELINE_SOURCE == "schedule"Astuce : Combinez les scheduled pipelines avec l'API pour automatiser la maintenance : nettoyage de branches, rotation de tokens, rapport de vulnerabilites.