Node.js GitHub Bot
The Node.js Foundation members use this bot to help manage the repositories of the GitHub organization.
It executes scripts in response to events that are pushed to it via GitHub webhooks. All repositories that use this bot have the same webhook url & secret configured (there is only 1 bot instance). Org-wide webhooks are not allowed.
Contributing
Please do, contributions are more than welcome! See CONTRIBUTING.md.
Environment Variables
GITHUB_TOKEN
The GitHub API token for your account (or bot account) that will be used to make API calls to GitHub. The account must have proper access to perform the actions required by your script.GITHUB_WEBHOOK_SECRET
The webhook secret that GitHub signs the POSTed payloads with. This is created when the webhook is defined. The default ishush-hush
.JENKINS_WORKER_IPS
List of valid Jenkins worker IPs allowed to push PR status updates, split by comma:192.168.1.100,192.168.1.101
.JENKINS_API_CREDENTIALS
(optional)
For scripts that communicate with Jenkins on http://ci.nodejs.org. The Jenkins API token is visible on your own profile pagehttps://ci.nodejs.org/user/<YOUR_GITHUB_USERNAME>/configure
, by clicking the "show API token" button. Also See: https://wiki.jenkins-ci.org/display/JENKINS/Authenticating+scripted+clientsJENKINS_JOB_URL_<REPO_NAME>
(optional)
Only required for the trigger Jenkins build script, to know which job to trigger a build for when repository collaborator posts a comment to the bot. E.g.JENKINS_JOB_URL_NODE=https://ci.nodejs.org/job/node-test-pull-request
JENKINS_BUILD_TOKEN_<REPO_NAME>
(optional)
Only required for the trigger Jenkins build script. The authentication token configured for a particular Jenkins job, for remote scripts to trigger builds remotely. Found on the job configuration page inBuild Triggers -> Trigger builds remotely (e.g., from scripts)
.LOGIN_CREDENTIALS
Username and password used to protected the log files exposed in /logs. Expected format:username:password
.KEEP_LOGS
Number of days to keep rotated log files, defaults to10
if not set.LOGS_DIR
Directory where logs should be written and exposed by the/logs
endpoint.
Developing Locally
The bot will try to load a .env
file at the root of the project if it exists to set environment varaibles. You will need to create one similar to this:
GITHUB_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
SSE_RELAY=https://hook-relay.example.com
Note the additional SSE_RELAY
variable:
When developing locally, it is difficult to setup a GitHub webhook
pointing to the computer you are developing on. An easy workaround is to set the SSE_RELAY
to the url of
a SSE relay server that will send the GitHub events via
Server Sent Events instead. Another option
is to use ngrok.
You can use the TestOrgPleaseIgnore GitHub Organization, to test
your changes. Actions performed on the repos there will be sent to
the SSE Relay. If you use your own Organization/Repository,
remember to set the webhook Secret to the same value as GITHUB_WEBHOOK_SECRET
(default hush-hush
), and
to change the content type to application/json
(default on the GitHub interface is
application/x-www-form-urlencoded
, which will not work with the bot).
The GITHUB_WEBHOOK_SECRET
environment variable is not required when using the relay.
Run the bot:
$ npm start
When developing a script, it is likely that you will only want to run the script(s) that you are working on. You may pass an additional glob argument to specify which scripts to run.
$ SCRIPTS=./scripts/my-new-event-handler.js npm start