feature flag enables static webhook secret

CHANGELOG.md

@@ -8,10 +8,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 - ui support for deployment list and summary.
 - ui support for promoting and rolling back builds.
+- feature flag to use static secret when signing webhooks, from @chiraggadasc.
 
 ### Fixed
 - ui branch list improperly capped.
 
+### Changed
+- upgrade drone/envsubst dependency
+- upgrade drone/go-scm dependency
+
 ## [1.8.1] - 2020-06-23
 ### Fixed
 - support for gitea api pagination, repository sync hanging.

go.mod

@@ -15,9 +15,9 @@ require (
 	github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/drone/drone-go v1.0.6
 	github.com/drone/drone-runtime v1.1.1-0.20200623162453-61e33e2cab5d
-	github.com/drone/drone-ui v0.0.0-20200701154614-cdf6511bab83
+	github.com/drone/drone-ui v0.0.0-20200701170131-2b91a041998b
 	github.com/drone/drone-yaml v1.2.4-0.20200326192514-6f4d6dfb39e4
-	github.com/drone/envsubst v1.0.1
+	github.com/drone/envsubst v1.0.3-0.20200709231038-aa43e1c1a629
 	github.com/drone/go-license v1.0.2
 	github.com/drone/go-login v1.0.4-0.20190311170324-2a4df4f242a2
 	github.com/drone/go-scm v1.7.1-0.20200621203823-3731ec1f1136

go.sum

@@ -85,11 +85,15 @@ github.com/drone/drone-ui v0.0.0-20200326185831-e0249bf04e88 h1:rW4xP+m+Q92mfv81
 github.com/drone/drone-ui v0.0.0-20200326185831-e0249bf04e88/go.mod h1:NBtVWW7NNJpD9+huMD/5TAE1db2nrEh0i35/9Rf1MPI=
 github.com/drone/drone-ui v0.0.0-20200701154614-cdf6511bab83 h1:53WSXPPQVD9Q5JhrUPWQIUVvwwdHhfaGOTwHSI3ko9E=
 github.com/drone/drone-ui v0.0.0-20200701154614-cdf6511bab83/go.mod h1:NBtVWW7NNJpD9+huMD/5TAE1db2nrEh0i35/9Rf1MPI=
+github.com/drone/drone-ui v0.0.0-20200701170131-2b91a041998b h1:8VfphhR5arTUOFGf8KpNkEBf2z99kuC/YdnasY75Xus=
+github.com/drone/drone-ui v0.0.0-20200701170131-2b91a041998b/go.mod h1:NBtVWW7NNJpD9+huMD/5TAE1db2nrEh0i35/9Rf1MPI=
 github.com/drone/drone-ui v0.8.2 h1:YWnkXxMicTy9SbiwLFGg57CZTirUzNrDcjgLUk1fPkU=
 github.com/drone/drone-yaml v1.2.4-0.20200326192514-6f4d6dfb39e4 h1:XsstoCeXC2t8lA9OLTdoFwckaptqahxwjCWsenySfX8=
 github.com/drone/drone-yaml v1.2.4-0.20200326192514-6f4d6dfb39e4/go.mod h1:QsqliFK8nG04AHFN9tTn9XJomRBQHD4wcejWW1uz/10=
 github.com/drone/envsubst v1.0.1 h1:NOOStingM2sbBwsIUeQkKUz8ShwCUzmqMxWrpXItfPE=
 github.com/drone/envsubst v1.0.1/go.mod h1:bkZbnc/2vh1M12Ecn7EYScpI4YGYU0etwLJICOWi8Z0=
+github.com/drone/envsubst v1.0.3-0.20200709231038-aa43e1c1a629 h1:rIaZZalMGGPb2cU/+ypuggZ8aMlpa17RUlJUtsMv8pw=
+github.com/drone/envsubst v1.0.3-0.20200709231038-aa43e1c1a629/go.mod h1:N2jZmlMufstn1KEqvbHjw40h1KyTmnVzHcSc9bFiJ2g=
 github.com/drone/go-license v1.0.2 h1:7OwndfYk+Lp/cGHkxe4HUn/Ysrrw3WYH2pnd99yrkok=
 github.com/drone/go-license v1.0.2/go.mod h1:fGRHf+F1cEaw3YVYiJ6js3G3dVhcxyS617RnNRUMsms=
 github.com/drone/go-login v1.0.4-0.20190311170324-2a4df4f242a2 h1:RGpgNkowJc5LAVn/ZONx70qmnaTA0z/3hHPzTBdAEO8=

handler/api/repos/enable.go

@@ -16,6 +16,7 @@ package repos
 
 import (
 	"net/http"
+	"os"
 
 	"github.com/drone/drone/core"
 	"github.com/drone/drone/handler/api/render"
@@ -26,6 +27,12 @@ import (
 	"github.com/go-chi/chi"
 )
 
+// FEATURE FLAG enables a static secret value used to sign
+// incoming requests routed through a proxy. This was implemented
+// based on feedback from @chiraggadasc and and should not be
+// removed until we have a permanent solution in place.
+var staticSigner = os.Getenv("DRONE_FEATURE_SERVER_PROXY_SECRET")
+
 // HandleEnable returns an http.HandlerFunc that processes http
 // requests to enable a repository in the system.
 func HandleEnable(
@@ -65,6 +72,10 @@ func HandleEnable(
 			repo.Timeout = 60
 		}
 
+		if staticSigner != "" {
+			repo.Signer = staticSigner
+		}
+
 		err = hooks.Create(r.Context(), user, repo)
 		if err != nil {
 			render.InternalError(w, err)