GitHubにプッシュしたときに、Backlogにコメントを書き込む仕組みの作り方(AWS Lambda使用)【前編】

How to create a mechanism to write comments to Backlog when pushing to GitHub (using AWS Lambda) [Part 1]

Backlog 's Git repository has a function that automatically comments that it has been pushed to the issue when you write the issue key in the commit message and push it.

■ Surprisingly convenient? Issue key link
https://backlog.com/en/blog/issue-key-link/#commit

This function is very convenient, but due to the specifications of the project, Backlog 's Git repository may not be used.

So, this time, I would like to implement a similar function using the webhook function of the GitHub repository and AWS Lambda.

<Contents>

(0) Things to prepare

(1) Configure AWS Lambda and Amazon API Gateway

(2) GitHub webhook settings

(3) GitHub authentication with AWS Lambda

(4) Uploading the axios package (Part 2)

(5) Call Backlog API (Part 2)

(6) AWS Usage Fee (Part 2)

(0) Things to prepare

・AWS account ・Backlog account ・GitHub account

(1) Configure AWS Lambda and Amazon API Gateway

■ Build a basic web application - Module 2: Build a serverless function
https://aws.amazon.com/jp/getting-started/hands-on/build-web-app-s3-lambda-api-gateway-dynamodb/module-two/?e=gs2020&p=build-a-web -app-intro

Basically follow the tutorial above.
Open the AWS Lambda console and click "Create function".

Function name: commentBacklogWithGithubCommit
Runtime: Node.js 14.x
will do.

Now I have a function that returns a response to a request like this:

 { statusCode: 200, body: JSON.stringify('Hello from Lambda!'), }

However, at this point, there is no url to send a request to this function.

Next, create the url.

From the AWS Lambda dashboard, open the details of the " commentBacklogWithGithubCommit " created earlier.

Click "Add trigger" and add API Gateway with the following settings.

Be sure to check Cross-origin resource sharing (CORS).
A URL (endpoint) has now been created for invoking the AWS Lambda function.

If you open the "API endpoint" of the trigger, you will see ""Hello from Lambda!"".

Next, the ANY method is currently set in the endpoint, but the GitHub webhook calls it with the POST method, so we will modify it.

From the Amazon API Gateway console, open the detail page of "commentBacklogWithGithubCommit-API", press "Route" on the left menu, "ANY" in the middle, then press "Edit", and set ANY to POST on the opened setting screen. change.

Now, accessing with get returns an internal server error, and accessing with POST returns "Hello from Lambda!".
In addition, I used Postman for the POST transmission test, but I will omit the explanation of Postman.

(2) GitHub webhook settings

Set up webhooks on GitHub.
On the GitHub repository page, select "Settings" "Webhooks" and press "Add webhook".

Payload URL is the API endpoint of API Gateway,
For Content type, select "application/json",
Enter a random string for Secret.

After that, with the default settings, press "Add webhook" to complete the settings.

Once configured, pushing any changes to this repository will automatically make a request to the API endpoint.
You can check the history of sent requests from the "Recent Deliveries" tab on the details page of the relevant webhook, and you can send repeated requests by pressing the Redeliver button. After that, we will test with this Redeliver.

(3) GitHub authentication with AWS Lambda

Next, when a request is received on the AWS Lambda side, add a mechanism to authenticate whether it is really a webhook request from GitHub.

On the details page for the function "commentBacklogWithGithubCommit",
From "Environment Variables" on the "Settings" tab, register it under the name "GITHUB_SECRET".

Next, implement the functionality to authenticate in code.

 exports.handler = async (event) => { // ヘッダ取得 const headers = event.headers; // ボディ取得 const body = event.body; // バリデーション実行、およびエラー時の処理 if (! isValid(body, headers)) { 
// return error
 const response = {
 statusCode: 500,
 body: 'Given signature is invalid',
 };
 return response;
 }

 // return a normal response
 const response = {
 statusCode: 200,
 body: JSON.stringify('Hello from Lambda!'),
 };
 return response;

 function isValid(body, headers) {
 const crypto = require('crypto');
 const hmac = crypto.createHmac('sha1', process.env.GITHUB_SECRET);
 hmac.update(body, 'utf8');
 const signature = 'sha1=' + hmac.digest('hex');
 return signature === headers['x-hub-signature'];
 }
 };

Now we only accept requests from GitHub webhooks.

This is getting long, so the first half is over.
Continued in the second half.

■ How to create a mechanism to write comments to Backlog when pushing to GitHub (using AWS Lambda) [Part 2]
https://fourmix-blog.myshopify.com/blogs/aws/220118_2

Author name: Molly

Front-end engineer who loves React.

1 of 3