rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/tests/Feature/GithubWebhookTest.php
Andras Bacsai b931418c1e fix(github-webhook): handle unsupported event types gracefully 
Add validation in manual and normal webhook handlers to reject GitHub
event types other than 'push' and 'pull_request'. Unsupported events
now return a graceful response instead of potentially causing
downstream errors. Includes tests for ping events, unsupported event
types, and unknown events.
2026-03-23 21:33:40 +01:00

70 lines
2.3 KiB
PHP
Raw Blame History

<?php
describe('GitHub Manual Webhook', function () {
test('ping event returns pong', function () {
$response = $this->postJson('/webhooks/source/github/events/manual', [], [
'X-GitHub-Event' => 'ping',
]);
$response->assertOk();
$response->assertSee('pong');
});
test('unsupported event type returns graceful response instead of 500', function () {
$payload = [
'action' => 'published',
'registry_package' => [
'ecosystem' => 'CONTAINER',
'package_type' => 'CONTAINER',
'package_version' => [
'target_commitish' => 'main',
],
],
'repository' => [
'full_name' => 'test-org/test-repo',
'default_branch' => 'main',
],
];
$response = $this->postJson('/webhooks/source/github/events/manual', $payload, [
'X-GitHub-Event' => 'registry_package',
'X-Hub-Signature-256' => 'sha256=fake',
]);
$response->assertOk();
$response->assertSee('not supported');
});
test('unknown event type returns graceful response', function () {
$response = $this->postJson('/webhooks/source/github/events/manual', ['foo' => 'bar'], [
'X-GitHub-Event' => 'some_unknown_event',
'X-Hub-Signature-256' => 'sha256=fake',
]);
$response->assertOk();
$response->assertSee('not supported');
});
});
describe('GitHub Normal Webhook', function () {
test('unsupported event type returns graceful response instead of 500', function () {
$payload = [
'action' => 'published',
'registry_package' => [
'ecosystem' => 'CONTAINER',
],
'repository' => [
'full_name' => 'test-org/test-repo',
],
];
$response = $this->postJson('/webhooks/source/github/events', $payload, [
'X-GitHub-Event' => 'registry_package',
'X-GitHub-Hook-Installation-Target-Id' => '12345',
'X-Hub-Signature-256' => 'sha256=fake',
]);
// Should not be a 500 error - either 200 with "not supported" or "No GitHub App found"
$response->assertOk();
});
});
Reference in a new issue View git blame Copy permalink