feat: 添加git webhook文件

public/gitea_webhook.php

@@ -0,0 +1,60 @@
+<?php
+
+try {
+
+    $secret_key = 'Aa-1221';
+
+    // check for POST request
+    if ($_SERVER['REQUEST_METHOD'] != 'POST') {
+        error_log('FAILED - not POST - '. $_SERVER['REQUEST_METHOD']);
+        exit();
+    }
+    
+    // get content type
+    $content_type = isset($_SERVER['CONTENT_TYPE']) ? strtolower(trim($_SERVER['CONTENT_TYPE'])) : '';
+    
+    if ($content_type != 'application/json') {
+        error_log('FAILED - not application/json - '. $content_type);
+        exit();
+    }
+    
+    // get payload
+    $payload = trim(file_get_contents("php://input"));
+    
+    if (empty($payload)) {
+        error_log('FAILED - no payload');
+        exit();
+    }
+    
+    // get header signature
+    $header_signature = isset($_SERVER['HTTP_X_GITEA_SIGNATURE']) ? $_SERVER['HTTP_X_GITEA_SIGNATURE'] : '';
+    
+    if (empty($header_signature)) {
+        error_log('FAILED - header signature missing');
+        exit();
+    }
+    
+    // calculate payload signature
+    $payload_signature = hash_hmac('sha256', $payload, $secret_key, false);
+    
+    // check payload signature against header signature
+    if ($header_signature !== $payload_signature) {
+        error_log('FAILED - payload signature');
+        exit();
+    }
+    
+    // convert json to array
+    $decoded = json_decode($payload, true);
+    
+    // check for json decode errors
+    if (json_last_error() !== JSON_ERROR_NONE) {
+        error_log('FAILED - json decode - '. json_last_error());
+        exit();
+    }
+    
+    exec('sudo git pull origin dev --rebase 2>&1', $result);
+    
+    var_export($result);exit;
+} catch (\Throwable $th) {
+    var_export($th->getMessage());
+}