derat
/
cloud-source-mirror
1
0
Fork 0
Code Issues Pull Requests Releases Activity
Cloud Function for mirroring arbitrary Git repos (e.g. on Codeberg) to Cloud Source Repositories
4 Commits
1 Branch
0 Tags
37 KiB
Go 100%
 
Go to file
Daniel Erat 6f9ae086d2
Add support for CLONE_URL_REGEXP variable. 		2023-04-18 14:32:00 -04:00
.gcloudignore Initial commit. 2023-04-15 16:57:25 -04:00
LICENSE Add license. 2023-04-15 17:38:21 -04:00
README.md Add support for CLONE_URL_REGEXP variable. 2023-04-18 14:32:00 -04:00
go.mod Initial commit. 2023-04-15 16:57:25 -04:00
mirror.go Add support for CLONE_URL_REGEXP variable. 2023-04-18 14:32:00 -04:00

README.md

cloud-source-mirror

This repository contains a Cloud Function that can be invoked by webhooks to mirror external Git repositories to Cloud Source Repositories. This lets Cloud Build access source code that's hosted outside of officially-supported (i.e. GitHub, GitLab, and Bitbucket) platforms. At present, only Gitea/Forgejo webhook calls (as sent by Codeberg) are supported.

Create Cloud Source repository

Go to https://source.cloud.google.com/ and add a new empty repository with the same name as the source repository (e.g. for user/my-repo, name the destination repository my-repo).

On the "Add code to your repository" screen, select the "Manually generated credentials" tab and then click the "Generate and store your Git credentials." link. Click through the OAuth prompt and save the long comma-separated cookie line for later use. It should look something like this:

source.developers.google.com,FALSE,/,TRUE,2147483647,o,git-some.user.gmail.com=...

Deploy and configure Cloud Function

Replace $GCP_PROJECT in the following command with the Google Cloud Project ID of the project in which the builds will be performed, or omit the --project flag if you only have a single project.

Deploy the MirrorToCloudSource Cloud Function by running a command similar to the following:

gcloud --project=$GCP_PROJECT functions deploy MirrorToCloudSource \
  --runtime=go119 --trigger-http

The Cloud Function is configured via environment variables, which can be set via the Google Cloud Console (by navigating to your project's Cloud Functions page, clicking the MirrorToCloudSource function, clicking "Edit", and expanding the "Runtime, build, connections and security settings" section).

See Using Environment Variables for more information about setting environment variables for Cloud Functions.

The following environment variables must be passed to the Cloud Function:

  • GCP_PROJECT - Google Cloud Project ID for Cloud Source Repositories, e.g. my-project.
  • SECRET_KEY - Shared key used to generate webhook signatures (create a long, random string).
  • GIT_COOKIE - Comma-separated HTTP cookie that was saved when setting up the destination repo in Cloud Source Repositories.

For added safety, you may also wish to set CLONE_URL_REGEXP to a regular expression matching URLs that you plan to mirror, e.g. ^https://codeberg\.org/my-name/.

Configure source repository

In the source repository's settings (e.g. on Codeberg), add a new Gitea webhook with the following settings:

  • Target URL - Cloud Function's URL, e.g. https://us-central1-my-project.cloudfunctions.net/SyncCloudSourceRepo
  • HTTP Method - POST
  • POST Content Type - application/json
  • Secret - shared key passed via SECRET_KEY environment variable
  • Trigger On: - Custom Events...; then under Repository Events, check Create, Delete, and Push
  • Branch filter - *

Miscellaneous notes

The HTTP cookie stuff used to authenticate with the destination repository is pretty disgusting, but I couldn't find anything else that would work.

Cloud Source Repositories seems to hardcode the default branch's name to master, so it displays a dumb "No commits on the default branch." message if you're using main instead.

Further reading