Webhook add X-Gitea-Hook-Installation-Target-Type Header (#33752)

This is a X-GitHub Header port * repository for repository webhooks (matches GitHub) * organization for organization webhooks (matches GitHub) * user for user webhooks (Gitea specific) * system for system webhooks (Gitea specific) * default for default hooks needs testing (Gitea specific) - `X-Gitea-Hook-Installation-Target-Type` - `X-GitHub-Hook-Installation-Target-Type`
2025-10-26 12:27:06 +00:00 · 2025-03-01 07:50:49 +01:00
parent 698ae7aa5b
commit b684f51d20
4 changed files with 25 additions and 4 deletions
--- a/services/webhook/deliver.go
+++ b/services/webhook/deliver.go
@@ -18,6 +18,7 @@ import (
 	"sync"
 	"time"

+	user_model "code.gitea.io/gitea/models/user"
 	webhook_model "code.gitea.io/gitea/models/webhook"
 	"code.gitea.io/gitea/modules/graceful"
 	"code.gitea.io/gitea/modules/hostmatcher"
@@ -92,10 +93,10 @@ func newDefaultRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook
 	}

 	body = []byte(t.PayloadContent)
-	return req, body, addDefaultHeaders(req, []byte(w.Secret), t, body)
+	return req, body, addDefaultHeaders(req, []byte(w.Secret), w, t, body)
 }

-func addDefaultHeaders(req *http.Request, secret []byte, t *webhook_model.HookTask, payloadContent []byte) error {
+func addDefaultHeaders(req *http.Request, secret []byte, w *webhook_model.Webhook, t *webhook_model.HookTask, payloadContent []byte) error {
 	var signatureSHA1 string
 	var signatureSHA256 string
 	if len(secret) > 0 {
@@ -112,10 +113,27 @@ func addDefaultHeaders(req *http.Request, secret []byte, t *webhook_model.HookTa

 	event := t.EventType.Event()
 	eventType := string(t.EventType)
+	targetType := "default"
+	if w.IsSystemWebhook {
+		targetType = "system"
+	} else if w.RepoID != 0 {
+		targetType = "repository"
+	} else if w.OwnerID != 0 {
+		owner, err := user_model.GetUserByID(req.Context(), w.OwnerID)
+		if owner != nil && err == nil {
+			if owner.IsOrganization() {
+				targetType = "organization"
+			} else {
+				targetType = "user"
+			}
+		}
+	}
+
 	req.Header.Add("X-Gitea-Delivery", t.UUID)
 	req.Header.Add("X-Gitea-Event", event)
 	req.Header.Add("X-Gitea-Event-Type", eventType)
 	req.Header.Add("X-Gitea-Signature", signatureSHA256)
+	req.Header.Add("X-Gitea-Hook-Installation-Target-Type", targetType)
 	req.Header.Add("X-Gogs-Delivery", t.UUID)
 	req.Header.Add("X-Gogs-Event", event)
 	req.Header.Add("X-Gogs-Event-Type", eventType)
@@ -125,6 +143,7 @@ func addDefaultHeaders(req *http.Request, secret []byte, t *webhook_model.HookTa
 	req.Header["X-GitHub-Delivery"] = []string{t.UUID}
 	req.Header["X-GitHub-Event"] = []string{event}
 	req.Header["X-GitHub-Event-Type"] = []string{eventType}
+	req.Header["X-GitHub-Hook-Installation-Target-Type"] = []string{targetType}
 	return nil
 }

--- a/services/webhook/matrix.go
+++ b/services/webhook/matrix.go
@@ -56,7 +56,7 @@ func newMatrixRequest(_ context.Context, w *webhook_model.Webhook, t *webhook_mo
 	}
 	req.Header.Set("Content-Type", "application/json")

-	return req, body, addDefaultHeaders(req, []byte(w.Secret), t, body) // likely useless, but has always been sent historially
+	return req, body, addDefaultHeaders(req, []byte(w.Secret), w, t, body) // likely useless, but has always been sent historially
 }

 const matrixPayloadSizeLimit = 1024 * 64
--- a/services/webhook/payloader.go
+++ b/services/webhook/payloader.go
@@ -107,7 +107,7 @@ func newJSONRequest[T any](pc payloadConvertor[T], w *webhook_model.Webhook, t *
 	req.Header.Set("Content-Type", "application/json")

 	if withDefaultHeaders {
-		return req, body, addDefaultHeaders(req, []byte(w.Secret), t, body)
+		return req, body, addDefaultHeaders(req, []byte(w.Secret), w, t, body)
 	}
 	return req, body, nil
 }
--- a/tests/integration/repo_webhook_test.go
+++ b/tests/integration/repo_webhook_test.go
@@ -530,7 +530,9 @@ func Test_WebhookStatus(t *testing.T) {
 	var triggeredEvent string
 	provider := newMockWebhookProvider(func(r *http.Request) {
 		assert.Contains(t, r.Header["X-Github-Event-Type"], "status", "X-GitHub-Event-Type should contain status")
+		assert.Contains(t, r.Header["X-Github-Hook-Installation-Target-Type"], "repository", "X-GitHub-Hook-Installation-Target-Type should contain repository")
 		assert.Contains(t, r.Header["X-Gitea-Event-Type"], "status", "X-Gitea-Event-Type should contain status")
+		assert.Contains(t, r.Header["X-Gitea-Hook-Installation-Target-Type"], "repository", "X-Gitea-Hook-Installation-Target-Type should contain repository")
 		assert.Contains(t, r.Header["X-Gogs-Event-Type"], "status", "X-Gogs-Event-Type should contain status")
 		content, _ := io.ReadAll(r.Body)
 		var payload api.CommitStatusPayload