Satis webhook

webhook.php

<?php
// Initiate Symfony
require_once __DIR__ . '/vendor/autoload.php';

use Symfony\Component\Process\Process;

// Basic-Configuration
$config = [
    'bin'        => 'bin/satis',
    'json'       => 'satis.json',
    'webroot'    => '.',
    'user'       => null,
    'secretykey' => 'your-secret-key',
];

// Validation Testing
if (!file_exists($config['bin'])) {
    die('The Satis bin could not be found.');
}

if (!file_exists($config['json'])) {
    die('The satis.json file could not be found.');
}

if (!file_exists($config['webroot'])) {
    die('The webroot directory could not be found.');
}

// Switch to user
if (null !== $config['user']) {
    $command = sprintf('sudo -u %s -i', $config['user']);
    exec($command);
}

// Option 1: For direct update from Browser can use the package get parameter to pass the repo url to update. Eg., https://composer.yourdomain.com/?package=giturl
if (!empty($_GET['package'])) {
    $command = sprintf('%s build %s %s %s', $config['bin'], '--repository-url ' . htmlentities($_GET['package']), $config['json'], $config['webroot']);
} // Option 2: Gitlab Webhook
else {
    if (!empty($_SERVER["HTTP_X_GITLAB_TOKEN"])) {

        // Validate Secret Tocken
        if ($_SERVER["HTTP_X_GITLAB_TOKEN"] == $config['secretykey']) {
            $input = file_get_contents("php://input");
            $json = json_decode($input);
            if (!is_object($json)) {
                die('No valid JSON');
            }
            if ($json->object_kind == "push" || $json->object_kind == "tag_push") {
                $repoUrl = $json->repository->git_ssh_url;
                $command = sprintf('%s build %s %s %s', $config['bin'], '--repository-url ' . $repoUrl, $config['json'], $config['webroot']);
            } else {
                die("Invalid Push Event from Gitlab!");
            }
        } else {
            die("Invalid Gitlab Secret Key!");
        }
    } // Option 2: Github Webhook
    else {
        if (!empty($_SERVER["HTTP_X_HUB_SIGNATURE"])) {

            // Validate Secret Tocken
            $signature = $_SERVER['HTTP_X_HUB_SIGNATURE'];

            if ($signature) {
                $hash = "sha1=" . hash_hmac('sha1', file_get_contents("php://input"), $config['secretykey']);
                if (strcmp($signature, $hash) == 0) {
                    $payload = json_decode($_POST['payload']);
                    if (!is_object($payload)) {
                        die('No valid JSON');
                    }
                    $repoUrl = htmlentities($payload->repository->clone_url);
                    $command = sprintf('%s build %s %s %s', $config['bin'], '--repository-url ' . $repoUrl, $config['json'], $config['webroot']);
                } else {
                    die("Invalid Github Secret Key!");
                }
            } else {
                die("Invalid Github Secret Key!");
            }
        } // Prepare Default Shell-Command eg., For daily-cron
        else {
            $command = sprintf('%s build %s %s', $config['bin'], $config['json'], $config['webroot']);
        }
    }
}

// Final command to execute
if (!empty($command)) {
    $command = "/opt/alt/php-fpm73/usr/bin/php " . $command;

    // Execute final command to build Composer-server
    $exitCode = exec($command);

    // Error-handeling
    $process = new Process($command);
    $exitCode = $process->run(function ($type, $buffer) {
        if ('err' === $type) {
            echo '<br><strong>Error:</strong> ' . $buffer;
            error_log($buffer);
        } else {
            echo '.';
        }
    });

    $returnMsg = '<br><br>Satis mirror : ' . ($exitCode === 0 ? 'Successful rebuild ' . (!empty($_GET['package']) ? ' of package ' . htmlentities($_GET['package']) . '.' : ' of entire index!') : ' An error occured! : ' . print_r($exitCode, true));
} else {
    $returnMsg = "<br>No command found!";
}

echo "<br>" . $returnMsg . "\n";