Webhook-tunnel

ngrok is good to make a tunnel for private network.

But in my case, to make a hook between GitHub and Jenkins in my local, I worry few things below.

• Someone can guess my ngrok URL mapped brute force,
• and there is no way to protect my Jenkins access except Basic authentication supported by ngrok
• but that method cannot be supported by GitHub Webhook.

Of course, introducing nginx to expose only Jenkins' Webhook URL and use ngrok that path, everything would be alright. But I can only 1 online ngrok process under free plan.

So I made it.

Architecture

GitHub -> APIGW/λ -> SQS (Public network)
   (Private network) SQS <- polling server -> Jenkins

Quick start

1. Copy from .envrc.example to .envrc for environment variables. (feat. direnv)
2. Deploy github-to-sqs into AWS. (yarn && yarn deploy)
3. Make a hook between the deployed URL and GitHub repository. (GitHub Repository > Settings > Webhooks > Add webhook / Just the push event)
   
4. Install Jenkins locally. (docker run -p 8080:8080 jenkins/jenkins:lts)
5. Setup sqs-to-local locally. (yarn && yarn build && ./dist/main-linux)
6. Generate GitHub Personal access token with repo scope. (GitHub > Settings > Developer settings > Personal access tokens > Generate new token > Select scopes / repo / repo:status)
   
7. Add it to Jenkins. (Manage Jenkins > Configure > GitHub > GitHub Server / Credentials > Add / Secret text)
   
8. Create a job and make some pushes!
   

Environment variables

Checkout .envrc file please. These are common configurations.

Other specific configuration would be placed each .envrc.example of subdirectory. All subprojects have their .envrc.example to manage their specific configuration.

• GitHub-to-SQS
• SQS-to-Local

Environment variables for logging

Sometimes cloudwatch is too slow. For this reason, using slack as a logger's destination is often very convenient.

License

MIT