chore: update gitops

jsam · jsam · commit e6df050e15f3 · 2025-11-17T14:07:37.000+01:00
diff --git a/EVENTS.md b/EVENTS.md
@@ -0,0 +1,163 @@
+# GitHub Webhook Events Reference
+
+This document lists all GitHub webhook events that are NOT essential for core GitOps deployment workflows. These events are available but not prioritized for implementation in this library.
+
+## Collaboration & Project Management
+
+### Issues & Comments
+- **`issues`** - Issue opened, closed, edited, assigned, etc.
+- **`issue_comment`** - Comment on issue or pull request
+- **`commit_comment`** - Comment on a commit
+
+### Pull Request Reviews
+- **`pull_request_review`** - Pull request review submitted
+- **`pull_request_review_comment`** - Comment on PR diff
+- **`pull_request_review_thread`** - PR review thread activity
+
+### Projects
+- **`project`** - Project (classic) created, edited, deleted
+- **`project_card`** - Project card moved, created, deleted
+- **`project_column`** - Project column created, updated, deleted
+- **`projects_v2`** - Project (new) activity
+- **`projects_v2_item`** - Project item activity  
+- **`projects_v2_status_update`** - Project status update
+
+### Discussions
+- **`discussion`** - Discussion created, edited, deleted, etc.
+- **`discussion_comment`** - Comment on a discussion
+
+### Other Collaboration
+- **`label`** - Label created, edited, deleted
+- **`milestone`** - Milestone created, edited, deleted, etc.
+- **`gollum`** - Wiki page created or updated
+
+## Repository & Organization Management
+
+### Repository Events
+- **`repository`** - Repository created, deleted, archived, renamed, etc.
+- **`repository_dispatch`** - Custom webhook event triggered via API
+- **`repository_import`** - Repository import activity
+- **`public`** - Repository visibility changed to public
+- **`fork`** - Repository forked
+
+### Team & Member Management
+- **`member`** - Collaborator added, removed, or permissions changed
+- **`membership`** - User added/removed from team
+- **`team`** - Team created, deleted, edited
+- **`team_add`** - Team added to repository
+- **`organization`** - Organization settings changed
+- **`org_block`** - User blocked/unblocked from organization
+
+### Repository Settings
+- **`branch_protection_rule`** - Branch protection rule created, edited, deleted
+- **`branch_protection_configuration`** - Branch protection configuration changed
+- **`repository_ruleset`** - Repository ruleset activity
+- **`deploy_key`** - Deploy key added or removed
+- **`custom_property`** - Custom property changed
+- **`custom_property_values`** - Custom property values updated
+
+## Security & Compliance
+
+### Security Alerts
+- **`code_scanning_alert`** - Code scanning alert created, fixed, dismissed
+- **`secret_scanning_alert`** - Secret detected in code
+- **`secret_scanning_alert_location`** - Secret location detected
+- **`secret_scanning_scan`** - Secret scanning scan completed
+- **`dependabot_alert`** - Dependabot alert created, fixed, dismissed
+- **`repository_vulnerability_alert`** - Vulnerability alert (legacy)
+
+### Security Advisory
+- **`security_advisory`** - Security advisory published
+- **`repository_advisory`** - Repository security advisory
+- **`security_and_analysis`** - Security and analysis settings changed
+
+### Deployment Protection
+- **`deployment_protection_rule`** - Deployment protection rule activity
+- **`deployment_review`** - Deployment review requested/approved
+
+## GitHub Apps & Integrations
+
+### Installation
+- **`installation`** - GitHub App installed, uninstalled, suspended
+- **`installation_repositories`** - Repositories added/removed from installation
+- **`installation_target`** - Installation moved to different account
+- **`github_app_authorization`** - User authorizes/revokes GitHub App
+
+### Workflow Management
+- **`workflow_dispatch`** - Workflow manually triggered (for workflow visibility, not deployment)
+- **`workflow_job`** - Individual job status (detailed monitoring, not essential for GitOps)
+
+### Metadata
+- **`meta`** - Webhook itself is modified or deleted
+
+## Community & Engagement
+
+- **`star`** - Repository starred or unstarred
+- **`watch`** - User starts/stops watching repository
+- **`sponsorship`** - Sponsorship tier created, cancelled, changed
+
+## Package Management
+
+- **`package`** - GitHub Packages published, updated, deleted
+- **`registry_package`** - Container registry package activity
+
+## GitHub Pages
+
+- **`page_build`** - GitHub Pages site build attempt (success/failure)
+
+## Marketplace
+
+- **`marketplace_purchase`** - GitHub Marketplace app purchased, cancelled, changed
+
+## Other Events
+
+- **`merge_group`** - Merge queue activity
+- **`personal_access_token_request`** - PAT request in organization
+- **`sub_issues`** - Sub-issue activity (tasklists)
+- **`issue_dependencies`** - Issue dependency tracking
+
+## Notes
+
+**Total events: 65**
+
+These events are useful for:
+- Building GitHub dashboards and analytics
+- Issue/PR automation and bots
+- Security monitoring and compliance
+- Team collaboration tools
+- Community engagement tracking
+- Project management automation
+
+However, they are **not required** for the core GitOps use case of:
+1. Syncing manifest repositories
+2. Managing deployment environments
+3. Tracking deployment status
+4. Triggering deployments on code changes
+
+## Using Unknown Events
+
+The library handles all these events gracefully:
+
+```rust
+match event {
+    WebhookEvent::Push(push_event) => {
+        // Handle GitOps sync
+    }
+    WebhookEvent::Unknown(event_type) => {
+        // Log and ignore non-essential events
+        println!("Received non-essential event: {}", event_type);
+    }
+    _ => {}
+}
+```
+
+If you need to implement any of these events, you can:
+1. Add the event struct to `webhook.rs`
+2. Add a variant to `WebhookEvent` enum
+3. Add parsing logic to `WebhookVerifier::parse_event()`
+4. Submit a PR to the library
+
+## Resources
+
+- [Complete GitHub Webhook Events List](https://docs.github.com/en/webhooks/webhook-events-and-payloads)
+- [GitHub Webhook Event Payloads](https://docs.github.com/en/webhooks/webhook-events-and-payloads)
diff --git a/TODO.md b/TODO.md
@@ -0,0 +1,111 @@
+# TODO: GitOps Essential Events
+
+This file tracks webhook events essential for GitOps deployment workflows.
+
+## Currently Implemented ✅
+
+- [x] `push` - Push commits to a branch (triggers sync and reconciliation)
+- [x] `ping` - Webhook configuration test
+
+## Essential for GitOps Deployment
+
+### Core GitOps Events
+
+- [ ] **`pull_request`** - PR workflow for preview environments
+  - Used for: Creating preview/staging environments on PR open
+  - Action: Deploy PR branch, run tests, create deployment preview
+  - Key data: PR number, branch, base branch, action (opened/closed/merged)
+
+- [ ] **`create`** - Branch or tag created
+  - Used for: Tracking new branches for environment provisioning
+  - Action: Initialize environment for new branch if needed
+  - Key data: ref, ref_type (branch/tag), repository
+
+- [ ] **`delete`** - Branch or tag deleted  
+  - Used for: Cleanup of environments when branches are deleted
+  - Action: Tear down preview environments, cleanup resources
+  - Key data: ref, ref_type (branch/tag), repository
+
+### Deployment Tracking Events
+
+- [ ] **`deployment`** - Deployment created
+  - Used for: Tracking deployment requests
+  - Action: Record deployment intent, prepare environment
+  - Key data: deployment id, environment, ref, sha
+
+- [ ] **`deployment_status`** - Deployment status changed
+  - Used for: Monitoring deployment progress (pending/success/failure)
+  - Action: Update deployment status, notify on completion
+  - Key data: deployment id, state, environment, target_url
+
+- [ ] **`release`** - Release published
+  - Used for: Production deployments triggered by releases
+  - Action: Deploy to production environment
+  - Key data: tag_name, name, body, prerelease flag
+
+### CI/CD Integration Events
+
+- [ ] **`check_run`** - Check run activity
+  - Used for: Waiting for CI checks before deployment
+  - Action: Gate deployments on successful checks
+  - Key data: status, conclusion, check suite, app
+
+- [ ] **`check_suite`** - Check suite activity
+  - Used for: Overall CI/CD pipeline status
+  - Action: Trigger deployments when all checks pass
+  - Key data: status, conclusion, head_branch, head_sha
+
+- [ ] **`workflow_run`** - GitHub Actions workflow completed
+  - Used for: Triggering deployments after build workflows
+  - Action: Deploy artifacts after successful builds
+  - Key data: conclusion, workflow name, head_branch, artifacts
+
+- [ ] **`status`** - Commit status updated
+  - Used for: Legacy CI status tracking
+  - Action: Gate deployments based on commit status
+  - Key data: state, context, target_url, sha
+
+## Implementation Priority
+
+1. **Phase 1 (Core)**: `pull_request`, `create`, `delete` - Environment lifecycle
+2. **Phase 2 (Deployment)**: `deployment`, `deployment_status`, `release` - Deployment tracking
+3. **Phase 3 (CI/CD)**: `check_run`, `check_suite`, `workflow_run`, `status` - CI integration
+
+## GitOps Use Cases
+
+### Use Case 1: Preview Environments
+```
+pull_request[opened] → Create preview env → Deploy PR branch
+pull_request[synchronize] → Update preview env → Deploy latest commit
+pull_request[closed] → Destroy preview env → Cleanup resources
+```
+
+### Use Case 2: Branch-based Deployment
+```
+push[main] → Sync manifests → Deploy to staging
+release[published] → Sync manifests → Deploy to production
+delete[branch] → Cleanup → Remove environment
+```
+
+### Use Case 3: CI-Gated Deployment
+```
+push[develop] → Wait for checks
+check_suite[completed, success] → Deploy to dev environment
+workflow_run[completed, build] → Deploy artifacts
+```
+
+### Use Case 4: Deployment Status Tracking
+```
+deployment[created] → Start deployment
+deployment_status[in_progress] → Update progress
+deployment_status[success] → Mark complete
+deployment_status[failure] → Rollback
+```
+
+## Non-GitOps Events
+
+All other webhook events (issues, comments, stars, security alerts, etc.) are tracked in [EVENTS.md](./EVENTS.md) but are not essential for GitOps deployment workflows.
+
+## Resources
+
+- [GitHub Webhook Events Documentation](https://docs.github.com/en/webhooks/webhook-events-and-payloads)
