Add Matrix webhook (#10831)

* Add Matrix webhook Signed-off-by: Till Faelligen <tfaelligen@gmail.com> * Add template and related translations for Matrix hook Signed-off-by: Till Faelligen <tfaelligen@gmail.com> * Add actual webhook routes and form Signed-off-by: Till Faelligen <tfaelligen@gmail.com> * Add missing file Signed-off-by: Till Faelligen <tfaelligen@gmail.com> * Update modules/webhook/matrix_test.go * Use stricter regex to replace URLs Signed-off-by: Till Faelligen <tfaelligen@gmail.com> * Escape url and text Signed-off-by: Till Faelligen <tfaelligen@gmail.com> * Remove unnecessary whitespace * Fix copy and paste mistake Co-Authored-By: Tulir Asokan <tulir@maunium.net> * Fix indention inconsistency * Use Authorization header instead of url parameter * Add raw commit information to webhook Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Tulir Asokan <tulir@maunium.net>
3 years ago · 828a27feeb
14 changed files with 645 additions and 1 deletions
--- a/models/webhook.go
+++ b/models/webhook.go
@ -559,6 +559,7 @@ const (
 	TELEGRAM
 	MSTEAMS
 	FEISHU
+	MATRIX
 )

 var hookTaskTypes = map[string]HookTaskType{
@ -570,6 +571,7 @@ var hookTaskTypes = map[string]HookTaskType{
 	"telegram": TELEGRAM,
 	"msteams":  MSTEAMS,
 	"feishu":   FEISHU,
+	"matrix":   MATRIX,
 }

 // ToHookTaskType returns HookTaskType by given name.
@ -596,6 +598,8 @@ func (t HookTaskType) Name() string {
 		return "msteams"
 	case FEISHU:
 		return "feishu"
+	case MATRIX:
+		return "matrix"
 	}
 	return ""
 }
--- a/modules/auth/repo_form.go
+++ b/modules/auth/repo_form.go
@ -313,6 +313,20 @@ func (f *NewTelegramHookForm) Validate(ctx *macaron.Context, errs binding.Errors
 	return validate(errs, ctx.Data, f, ctx.Locale)
 }

+// NewMatrixHookForm form for creating Matrix hook
+type NewMatrixHookForm struct {
+	HomeserverURL string `binding:"Required;ValidUrl"`
+	RoomID        string `binding:"Required"`
+	AccessToken   string `binding:"Required"`
+	MessageType   int
+	WebhookForm
+}
+
+// Validate validates the fields
+func (f *NewMatrixHookForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors {
+	return validate(errs, ctx.Data, f, ctx.Locale)
+}
+
 // NewMSTeamsHookForm form for creating MS Teams hook
 type NewMSTeamsHookForm struct {
 	PayloadURL string `binding:"Required;ValidUrl"`
--- a/modules/setting/webhook.go
+++ b/modules/setting/webhook.go
@ -36,7 +36,7 @@ func newWebhookService() {
 	Webhook.QueueLength = sec.Key("QUEUE_LENGTH").MustInt(1000)
 	Webhook.DeliverTimeout = sec.Key("DELIVER_TIMEOUT").MustInt(5)
 	Webhook.SkipTLSVerify = sec.Key("SKIP_TLS_VERIFY").MustBool()
-	Webhook.Types = []string{"gitea", "gogs", "slack", "discord", "dingtalk", "telegram", "msteams", "feishu"}
+	Webhook.Types = []string{"gitea", "gogs", "slack", "discord", "dingtalk", "telegram", "msteams", "feishu", "matrix"}
 	Webhook.PagingNum = sec.Key("PAGING_NUM").MustInt(10)
 	Webhook.ProxyURL = sec.Key("PROXY_URL").MustString("")
 	if Webhook.ProxyURL != "" {
--- a/modules/webhook/deliver.go
+++ b/modules/webhook/deliver.go
@ -73,6 +73,13 @@ func Deliver(t *models.HookTask) error {
 		return fmt.Errorf("Invalid http method for webhook: [%d] %v", t.ID, t.HTTPMethod)
 	}

+	if t.Type == models.MATRIX {
+		req, err = getMatrixHookRequest(t)
+		if err != nil {
+			return err
+		}
+	}
+
 	req.Header.Add("X-Gitea-Delivery", t.UUID)
 	req.Header.Add("X-Gitea-Event", t.EventType.Event())
 	req.Header.Add("X-Gitea-Signature", t.Signature)
--- a/modules/webhook/matrix.go
+++ b/modules/webhook/matrix.go
@ -0,0 +1,299 @@
+// Copyright 2020 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package webhook
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"html"
+	"net/http"
+	"regexp"
+	"strings"
+
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
+	api "code.gitea.io/gitea/modules/structs"
+)
+
+const matrixPayloadSizeLimit = 1024 * 64
+
+// MatrixMeta contains the Matrix metadata
+type MatrixMeta struct {
+	HomeserverURL string `json:"homeserver_url"`
+	Room          string `json:"room_id"`
+	AccessToken   string `json:"access_token"`
+	MessageType   int    `json:"message_type"`
+}
+
+var messageTypeText = map[int]string{
+	1: "m.notice",
+	2: "m.text",
+}
+
+// GetMatrixHook returns Matrix metadata
+func GetMatrixHook(w *models.Webhook) *MatrixMeta {
+	s := &MatrixMeta{}
+	if err := json.Unmarshal([]byte(w.Meta), s); err != nil {
+		log.Error("webhook.GetMatrixHook(%d): %v", w.ID, err)
+	}
+	return s
+}
+
+// MatrixPayloadUnsafe contains the (unsafe) payload for a Matrix room
+type MatrixPayloadUnsafe struct {
+	MatrixPayloadSafe
+	AccessToken string `json:"access_token"`
+}
+
+// safePayload "converts" a unsafe payload to a safe payload
+func (p *MatrixPayloadUnsafe) safePayload() *MatrixPayloadSafe {
+	return &MatrixPayloadSafe{
+		Body:          p.Body,
+		MsgType:       p.MsgType,
+		Format:        p.Format,
+		FormattedBody: p.FormattedBody,
+		Commits:       p.Commits,
+	}
+}
+
+// MatrixPayloadSafe contains (safe) payload for a Matrix room
+type MatrixPayloadSafe struct {
+	Body          string               `json:"body"`
+	MsgType       string               `json:"msgtype"`
+	Format        string               `json:"format"`
+	FormattedBody string               `json:"formatted_body"`
+	Commits       []*api.PayloadCommit `json:"io.gitea.commits,omitempty"`
+}
+
+// SetSecret sets the Matrix secret
+func (p *MatrixPayloadUnsafe) SetSecret(_ string) {}
+
+// JSONPayload Marshals the MatrixPayloadUnsafe to json
+func (p *MatrixPayloadUnsafe) JSONPayload() ([]byte, error) {
+	data, err := json.MarshalIndent(p, "", "  ")
+	if err != nil {
+		return []byte{}, err
+	}
+	return data, nil
+}
+
+// MatrixLinkFormatter creates a link compatible with Matrix
+func MatrixLinkFormatter(url string, text string) string {
+	return fmt.Sprintf(`<a href="%s">%s</a>`, html.EscapeString(url), html.EscapeString(text))
+}
+
+// MatrixLinkToRef Matrix-formatter link to a repo ref
+func MatrixLinkToRef(repoURL, ref string) string {
+	refName := git.RefEndName(ref)
+	switch {
+	case strings.HasPrefix(ref, git.BranchPrefix):
+		return MatrixLinkFormatter(repoURL+"/src/branch/"+refName, refName)
+	case strings.HasPrefix(ref, git.TagPrefix):
+		return MatrixLinkFormatter(repoURL+"/src/tag/"+refName, refName)
+	default:
+		return MatrixLinkFormatter(repoURL+"/src/commit/"+refName, refName)
+	}
+}
+
+func getMatrixCreatePayload(p *api.CreatePayload, matrix *MatrixMeta) (*MatrixPayloadUnsafe, error) {
+	repoLink := MatrixLinkFormatter(p.Repo.HTMLURL, p.Repo.FullName)
+	refLink := MatrixLinkToRef(p.Repo.HTMLURL, p.Ref)
+	text := fmt.Sprintf("[%s:%s] %s created by %s", repoLink, refLink, p.RefType, p.Sender.UserName)
+
+	return getMatrixPayloadUnsafe(text, nil, matrix), nil
+}
+
+// getMatrixDeletePayload composes Matrix payload for delete a branch or tag.
+func getMatrixDeletePayload(p *api.DeletePayload, matrix *MatrixMeta) (*MatrixPayloadUnsafe, error) {
+	refName := git.RefEndName(p.Ref)
+	repoLink := MatrixLinkFormatter(p.Repo.HTMLURL, p.Repo.FullName)
+	text := fmt.Sprintf("[%s:%s] %s deleted by %s", repoLink, refName, p.RefType, p.Sender.UserName)
+
+	return getMatrixPayloadUnsafe(text, nil, matrix), nil
+}
+
+// getMatrixForkPayload composes Matrix payload for forked by a repository.
+func getMatrixForkPayload(p *api.ForkPayload, matrix *MatrixMeta) (*MatrixPayloadUnsafe, error) {
+	baseLink := MatrixLinkFormatter(p.Forkee.HTMLURL, p.Forkee.FullName)
+	forkLink := MatrixLinkFormatter(p.Repo.HTMLURL, p.Repo.FullName)
+	text := fmt.Sprintf("%s is forked to %s", baseLink, forkLink)
+
+	return getMatrixPayloadUnsafe(text, nil, matrix), nil
+}
+
+func getMatrixIssuesPayload(p *api.IssuePayload, matrix *MatrixMeta) (*MatrixPayloadUnsafe, error) {
+	text, _, _, _ := getIssuesPayloadInfo(p, MatrixLinkFormatter, true)
+
+	return getMatrixPayloadUnsafe(text, nil, matrix), nil
+}
+
+func getMatrixIssueCommentPayload(p *api.IssueCommentPayload, matrix *MatrixMeta) (*MatrixPayloadUnsafe, error) {
+	text, _, _ := getIssueCommentPayloadInfo(p, MatrixLinkFormatter, true)
+
+	return getMatrixPayloadUnsafe(text, nil, matrix), nil
+}
+
+func getMatrixReleasePayload(p *api.ReleasePayload, matrix *MatrixMeta) (*MatrixPayloadUnsafe, error) {
+	text, _ := getReleasePayloadInfo(p, MatrixLinkFormatter, true)
+
+	return getMatrixPayloadUnsafe(text, nil, matrix), nil
+}
+
+func getMatrixPushPayload(p *api.PushPayload, matrix *MatrixMeta) (*MatrixPayloadUnsafe, error) {
+	var commitDesc string
+
+	if len(p.Commits) == 1 {
+		commitDesc = "1 commit"
+	} else {
+		commitDesc = fmt.Sprintf("%d commits", len(p.Commits))
+	}
+
+	repoLink := MatrixLinkFormatter(p.Repo.HTMLURL, p.Repo.FullName)
+	branchLink := MatrixLinkToRef(p.Repo.HTMLURL, p.Ref)
+	text := fmt.Sprintf("[%s] %s pushed %s to %s:<br>", repoLink, p.Pusher.UserName, commitDesc, branchLink)
+
+	// for each commit, generate a new line text
+	for i, commit := range p.Commits {
+		text += fmt.Sprintf("%s: %s - %s", MatrixLinkFormatter(commit.URL, commit.ID[:7]), commit.Message, commit.Author.Name)
+		// add linebreak to each commit but the last
+		if i < len(p.Commits)-1 {
+			text += "<br>"
+		}
+
+	}
+
+	return getMatrixPayloadUnsafe(text, p.Commits, matrix), nil
+}
+
+func getMatrixPullRequestPayload(p *api.PullRequestPayload, matrix *MatrixMeta) (*MatrixPayloadUnsafe, error) {
+	text, _, _, _ := getPullRequestPayloadInfo(p, MatrixLinkFormatter, true)
+
+	return getMatrixPayloadUnsafe(text, nil, matrix), nil
+}
+
+func getMatrixPullRequestApprovalPayload(p *api.PullRequestPayload, matrix *MatrixMeta, event models.HookEventType) (*MatrixPayloadUnsafe, error) {
+	senderLink := MatrixLinkFormatter(setting.AppURL+p.Sender.UserName, p.Sender.UserName)
+	title := fmt.Sprintf("#%d %s", p.Index, p.PullRequest.Title)
+	titleLink := fmt.Sprintf("%s/pulls/%d", p.Repository.HTMLURL, p.Index)
+	repoLink := MatrixLinkFormatter(p.Repository.HTMLURL, p.Repository.FullName)
+	var text string
+
+	switch p.Action {
+	case api.HookIssueReviewed:
+		action, err := parseHookPullRequestEventType(event)
+		if err != nil {
+			return nil, err
+		}
+
+		text = fmt.Sprintf("[%s] Pull request review %s: [%s](%s) by %s", repoLink, action, title, titleLink, senderLink)
+	}
+
+	return getMatrixPayloadUnsafe(text, nil, matrix), nil
+}
+
+func getMatrixRepositoryPayload(p *api.RepositoryPayload, matrix *MatrixMeta) (*MatrixPayloadUnsafe, error) {
+	senderLink := MatrixLinkFormatter(setting.AppURL+p.Sender.UserName, p.Sender.UserName)
+	repoLink := MatrixLinkFormatter(p.Repository.HTMLURL, p.Repository.FullName)
+	var text string
+
+	switch p.Action {
+	case api.HookRepoCreated:
+		text = fmt.Sprintf("[%s] Repository created by %s", repoLink, senderLink)
+	case api.HookRepoDeleted:
+		text = fmt.Sprintf("[%s] Repository deleted by %s", repoLink, senderLink)
+	}
+
+	return getMatrixPayloadUnsafe(text, nil, matrix), nil
+}
+
+// GetMatrixPayload converts a Matrix webhook into a MatrixPayloadUnsafe
+func GetMatrixPayload(p api.Payloader, event models.HookEventType, meta string) (*MatrixPayloadUnsafe, error) {
+	s := new(MatrixPayloadUnsafe)
+
+	matrix := &MatrixMeta{}
+	if err := json.Unmarshal([]byte(meta), &matrix); err != nil {
+		return s, errors.New("GetMatrixPayload meta json:" + err.Error())
+	}
+
+	switch event {
+	case models.HookEventCreate:
+		return getMatrixCreatePayload(p.(*api.CreatePayload), matrix)
+	case models.HookEventDelete:
+		return getMatrixDeletePayload(p.(*api.DeletePayload), matrix)
+	case models.HookEventFork:
+		return getMatrixForkPayload(p.(*api.ForkPayload), matrix)
+	case models.HookEventIssues, models.HookEventIssueAssign, models.HookEventIssueLabel, models.HookEventIssueMilestone:
+		return getMatrixIssuesPayload(p.(*api.IssuePayload), matrix)
+	case models.HookEventIssueComment, models.HookEventPullRequestComment:
+		return getMatrixIssueCommentPayload(p.(*api.IssueCommentPayload), matrix)
+	case models.HookEventPush:
+		return getMatrixPushPayload(p.(*api.PushPayload), matrix)
+	case models.HookEventPullRequest, models.HookEventPullRequestAssign, models.HookEventPullRequestLabel,
+		models.HookEventPullRequestMilestone, models.HookEventPullRequestSync:
+		return getMatrixPullRequestPayload(p.(*api.PullRequestPayload), matrix)
+	case models.HookEventPullRequestReviewRejected, models.HookEventPullRequestReviewApproved, models.HookEventPullRequestReviewComment:
+		return getMatrixPullRequestApprovalPayload(p.(*api.PullRequestPayload), matrix, event)
+	case models.HookEventRepository:
+		return getMatrixRepositoryPayload(p.(*api.RepositoryPayload), matrix)
+	case models.HookEventRelease:
+		return getMatrixReleasePayload(p.(*api.ReleasePayload), matrix)
+	}
+
+	return s, nil
+}
+
+func getMatrixPayloadUnsafe(text string, commits []*api.PayloadCommit, matrix *MatrixMeta) *MatrixPayloadUnsafe {
+	p := MatrixPayloadUnsafe{}
+	p.AccessToken = matrix.AccessToken
+	p.FormattedBody = text
+	p.Body = getMessageBody(text)
+	p.Format = "org.matrix.custom.html"
+	p.MsgType = messageTypeText[matrix.MessageType]
+	p.Commits = commits
+	return &p
+}
+
+var urlRegex = regexp.MustCompile(`<a [^>]*?href="([^">]*?)">(.*?)</a>`)
+
+func getMessageBody(htmlText string) string {
+	htmlText = urlRegex.ReplaceAllString(htmlText, "[$2]($1)")
+	htmlText = strings.ReplaceAll(htmlText, "<br>", "\n")
+	return htmlText
+}
+
+// getMatrixHookRequest creates a new request which contains an Authorization header.
+// The access_token is removed from t.PayloadContent
+func getMatrixHookRequest(t *models.HookTask) (*http.Request, error) {
+	payloadunsafe := MatrixPayloadUnsafe{}
+	if err := json.Unmarshal([]byte(t.PayloadContent), &payloadunsafe); err != nil {
+		log.Error("Matrix Hook delivery failed: %v", err)
+		return nil, err
+	}
+
+	payloadsafe := payloadunsafe.safePayload()
+
+	var payload []byte
+	var err error
+	if payload, err = json.MarshalIndent(payloadsafe, "", "  "); err != nil {
+		return nil, err
+	}
+	if len(payload) >= matrixPayloadSizeLimit {
+		return nil, fmt.Errorf("getMatrixHookRequest: payload size %d > %d", len(payload), matrixPayloadSizeLimit)
+	}
+	t.PayloadContent = string(payload)
+
+	req, err := http.NewRequest("POST", t.URL, strings.NewReader(string(payload)))
+	if err != nil {
+		return nil, err
+	}
+
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Add("Authorization", "Bearer "+payloadunsafe.AccessToken)
+
+	return req, nil
+}
--- a/modules/webhook/matrix_test.go
+++ b/modules/webhook/matrix_test.go
@ -0,0 +1,156 @@
+// Copyright 2020 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package webhook
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/models"
+	api "code.gitea.io/gitea/modules/structs"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestMatrixIssuesPayloadOpened(t *testing.T) {
+	p := issueTestPayload()
+	sl := &MatrixMeta{}
+
+	p.Action = api.HookIssueOpened
+	pl, err := getMatrixIssuesPayload(p, sl)
+	require.Nil(t, err)
+	require.NotNil(t, pl)
+	assert.Equal(t, "[[test/repo](http://localhost:3000/test/repo)] Issue opened: [#2 crash](http://localhost:3000/test/repo/issues/2) by [user1](https://try.gitea.io/user1)", pl.Body)
+	assert.Equal(t, "[<a href=\"http://localhost:3000/test/repo\">test/repo</a>] Issue opened: <a href=\"http://localhost:3000/test/repo/issues/2\">#2 crash</a> by <a href=\"https://try.gitea.io/user1\">user1</a>", pl.FormattedBody)
+
+	p.Action = api.HookIssueClosed
+	pl, err = getMatrixIssuesPayload(p, sl)
+	require.Nil(t, err)
+	require.NotNil(t, pl)
+	assert.Equal(t, "[[test/repo](http://localhost:3000/test/repo)] Issue closed: [#2 crash](http://localhost:3000/test/repo/issues/2) by [user1](https://try.gitea.io/user1)", pl.Body)
+	assert.Equal(t, "[<a href=\"http://localhost:3000/test/repo\">test/repo</a>] Issue closed: <a href=\"http://localhost:3000/test/repo/issues/2\">#2 crash</a> by <a href=\"https://try.gitea.io/user1\">user1</a>", pl.FormattedBody)
+}
+
+func TestMatrixIssueCommentPayload(t *testing.T) {
+	p := issueCommentTestPayload()
+
+	sl := &MatrixMeta{}
+
+	pl, err := getMatrixIssueCommentPayload(p, sl)
+	require.Nil(t, err)
+	require.NotNil(t, pl)
+
+	assert.Equal(t, "[[test/repo](http://localhost:3000/test/repo)] New comment on issue [#2 crash](http://localhost:3000/test/repo/issues/2) by [user1](https://try.gitea.io/user1)", pl.Body)
+	assert.Equal(t, "[<a href=\"http://localhost:3000/test/repo\">test/repo</a>] New comment on issue <a href=\"http://localhost:3000/test/repo/issues/2\">#2 crash</a> by <a href=\"https://try.gitea.io/user1\">user1</a>", pl.FormattedBody)
+}
+
+func TestMatrixPullRequestCommentPayload(t *testing.T) {
+	p := pullRequestCommentTestPayload()
+
+	sl := &MatrixMeta{}
+
+	pl, err := getMatrixIssueCommentPayload(p, sl)
+	require.Nil(t, err)
+	require.NotNil(t, pl)
+
+	assert.Equal(t, "[[test/repo](http://localhost:3000/test/repo)] New comment on pull request [#2 Fix bug](http://localhost:3000/test/repo/pulls/2) by [user1](https://try.gitea.io/user1)", pl.Body)
+	assert.Equal(t, "[<a href=\"http://localhost:3000/test/repo\">test/repo</a>] New comment on pull request <a href=\"http://localhost:3000/test/repo/pulls/2\">#2 Fix bug</a> by <a href=\"https://try.gitea.io/user1\">user1</a>", pl.FormattedBody)
+}
+
+func TestMatrixReleasePayload(t *testing.T) {
+	p := pullReleaseTestPayload()
+
+	sl := &MatrixMeta{}
+
+	pl, err := getMatrixReleasePayload(p, sl)
+	require.Nil(t, err)
+	require.NotNil(t, pl)
+
+	assert.Equal(t, "[[test/repo](http://localhost:3000/test/repo)] Release created: [v1.0](http://localhost:3000/test/repo/src/v1.0) by [user1](https://try.gitea.io/user1)", pl.Body)
+	assert.Equal(t, "[<a href=\"http://localhost:3000/test/repo\">test/repo</a>] Release created: <a href=\"http://localhost:3000/test/repo/src/v1.0\">v1.0</a> by <a href=\"https://try.gitea.io/user1\">user1</a>", pl.FormattedBody)
+}
+
+func TestMatrixPullRequestPayload(t *testing.T) {
+	p := pullRequestTestPayload()
+
+	sl := &MatrixMeta{}
+
+	pl, err := getMatrixPullRequestPayload(p, sl)
+	require.Nil(t, err)
+	require.NotNil(t, pl)
+
+	assert.Equal(t, "[[test/repo](http://localhost:3000/test/repo)] Pull request opened: [#2 Fix bug](http://localhost:3000/test/repo/pulls/12) by [user1](https://try.gitea.io/user1)", pl.Body)
+	assert.Equal(t, "[<a href=\"http://localhost:3000/test/repo\">test/repo</a>] Pull request opened: <a href=\"http://localhost:3000/test/repo/pulls/12\">#2 Fix bug</a> by <a href=\"https://try.gitea.io/user1\">user1</a>", pl.FormattedBody)
+}
+
+func TestMatrixHookRequest(t *testing.T) {
+	h := &models.HookTask{
+		PayloadContent: `{
+  "body": "[[user1/test](http://localhost:3000/user1/test)] user1 pushed 1 commit to [master](http://localhost:3000/user1/test/src/branch/master):\n[5175ef2](http://localhost:3000/user1/test/commit/5175ef26201c58b035a3404b3fe02b4e8d436eee): Merge pull request 'Change readme.md' (#2) from add-matrix-webhook into master\n\nReviewed-on: http://localhost:3000/user1/test/pulls/2\n - user1",
+  "msgtype": "m.notice",
+  "format": "org.matrix.custom.html",
+  "formatted_body": "[\u003ca href=\"http://localhost:3000/user1/test\"\u003euser1/test\u003c/a\u003e] user1 pushed 1 commit to \u003ca href=\"http://localhost:3000/user1/test/src/branch/master\"\u003emaster\u003c/a\u003e:\u003cbr\u003e\u003ca href=\"http://localhost:3000/user1/test/commit/5175ef26201c58b035a3404b3fe02b4e8d436eee\"\u003e5175ef2\u003c/a\u003e: Merge pull request 'Change readme.md' (#2) from add-matrix-webhook into master\n\nReviewed-on: http://localhost:3000/user1/test/pulls/2\n - user1",
+  "io.gitea.commits": [
+    {
+      "id": "5175ef26201c58b035a3404b3fe02b4e8d436eee",
+      "message": "Merge pull request 'Change readme.md' (#2) from add-matrix-webhook into master\n\nReviewed-on: http://localhost:3000/user1/test/pulls/2\n",
+      "url": "http://localhost:3000/user1/test/commit/5175ef26201c58b035a3404b3fe02b4e8d436eee",
+      "author": {
+        "name": "user1",
+        "email": "user@mail.com",
+        "username": ""
+      },
+      "committer": {
+        "name": "user1",
+        "email": "user@mail.com",
+        "username": ""
+      },
+      "verification": null,
+      "timestamp": "0001-01-01T00:00:00Z",
+      "added": null,
+      "removed": null,
+      "modified": null
+    }
+  ],
+  "access_token": "dummy_access_token"
+}`,
+	}
+
+	wantPayloadContent := `{
+  "body": "[[user1/test](http://localhost:3000/user1/test)] user1 pushed 1 commit to [master](http://localhost:3000/user1/test/src/branch/master):\n[5175ef2](http://localhost:3000/user1/test/commit/5175ef26201c58b035a3404b3fe02b4e8d436eee): Merge pull request 'Change readme.md' (#2) from add-matrix-webhook into master\n\nReviewed-on: http://localhost:3000/user1/test/pulls/2\n - user1",
+  "msgtype": "m.notice",
+  "format": "org.matrix.custom.html",
+  "formatted_body": "[\u003ca href=\"http://localhost:3000/user1/test\"\u003euser1/test\u003c/a\u003e] user1 pushed 1 commit to \u003ca href=\"http://localhost:3000/user1/test/src/branch/master\"\u003emaster\u003c/a\u003e:\u003cbr\u003e\u003ca href=\"http://localhost:3000/user1/test/commit/5175ef26201c58b035a3404b3fe02b4e8d436eee\"\u003e5175ef2\u003c/a\u003e: Merge pull request 'Change readme.md' (#2) from add-matrix-webhook into master\n\nReviewed-on: http://localhost:3000/user1/test/pulls/2\n - user1",
+  "io.gitea.commits": [
+    {
+      "id": "5175ef26201c58b035a3404b3fe02b4e8d436eee",
+      "message": "Merge pull request 'Change readme.md' (#2) from add-matrix-webhook into master\n\nReviewed-on: http://localhost:3000/user1/test/pulls/2\n",
+      "url": "http://localhost:3000/user1/test/commit/5175ef26201c58b035a3404b3fe02b4e8d436eee",
+      "author": {
+        "name": "user1",
+        "email": "user@mail.com",
+        "username": ""
+      },
+      "committer": {
+        "name": "user1",
+        "email": "user@mail.com",
+        "username": ""
+      },
+      "verification": null,
+      "timestamp": "0001-01-01T00:00:00Z",
+      "added": null,
+      "removed": null,
+      "modified": null
+    }
+  ]
+}`
+
+	req, err := getMatrixHookRequest(h)
+	require.Nil(t, err)
+	require.NotNil(t, req)
+
+	assert.Equal(t, "Bearer dummy_access_token", req.Header.Get("Authorization"))
+	assert.Equal(t, wantPayloadContent, h.PayloadContent)
+}
--- a/modules/webhook/webhook.go
+++ b/modules/webhook/webhook.go
@ -119,6 +119,11 @@ func prepareWebhook(w *models.Webhook, repo *models.Repository, event models.Hoo
 		if err != nil {
 			return fmt.Errorf("GetFeishuPayload: %v", err)
 		}
+	case models.MATRIX:
+		payloader, err = GetMatrixPayload(p, event, w.Meta)
+		if err != nil {
+			return fmt.Errorf("GetMatrixPayload: %v", err)
+		}
 	default:
 		p.SetSecret(w.Secret)
 		payloader = p
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@ -1436,6 +1436,7 @@ settings.slack_channel = Channel
 settings.add_discord_hook_desc = Integrate <a href="%s">Discord</a> into your repository.
 settings.add_dingtalk_hook_desc = Integrate <a href="%s">Dingtalk</a> into your repository.
 settings.add_telegram_hook_desc = Integrate <a href="%s">Telegram</a> into your repository.
+settings.add_matrix_hook_desc = Integrate <a href="%s">Matrix</a> into your repository.
 settings.add_msteams_hook_desc = Integrate <a href="%s">Microsoft Teams</a> into your repository.
 settings.add_feishu_hook_desc = Integrate <a href="%s">Feishu</a> into your repository.
 settings.deploy_keys = Deploy Keys
@ -1505,6 +1506,10 @@ settings.edit_protected_branch = Edit
 settings.protected_branch_required_approvals_min = Required approvals cannot be negative.
 settings.bot_token = Bot Token
 settings.chat_id = Chat ID
+settings.matrix.homeserver_url = Homeserver URL
+settings.matrix.room_id = Room ID
+settings.matrix.access_token = Access Token
+settings.matrix.message_type = Message Type
 settings.archive.button = Archive Repo
 settings.archive.header = Archive This Repo
 settings.archive.text = Archiving the repo will make it entirely read-only. It is hidden from the dashboard, cannot be committed to and no issues or pull-requests can be created.
--- a/public/img/matrix.svg
+++ b/public/img/matrix.svg
@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 19.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+     viewBox="0 0 520 520" style="enable-background:new 0 0 520 520;" xml:space="preserve">
+<path d="M13.7,11.9v496.2h35.7V520H0V0h49.4v11.9H13.7z"/>
+    <path d="M166.3,169.2v25.1h0.7c6.7-9.6,14.8-17,24.2-22.2c9.4-5.3,20.3-7.9,32.5-7.9c11.7,0,22.4,2.3,32.1,6.8
+	c9.7,4.5,17,12.6,22.1,24c5.5-8.1,13-15.3,22.4-21.5c9.4-6.2,20.6-9.3,33.5-9.3c9.8,0,18.9,1.2,27.3,3.6c8.4,2.4,15.5,6.2,21.5,11.5
+	c6,5.3,10.6,12.1,14,20.6c3.3,8.5,5,18.7,5,30.7v124.1h-50.9V249.6c0-6.2-0.2-12.1-0.7-17.6c-0.5-5.5-1.8-10.3-3.9-14.3
+	c-2.2-4.1-5.3-7.3-9.5-9.7c-4.2-2.4-9.9-3.6-17-3.6c-7.2,0-13,1.4-17.4,4.1c-4.4,2.8-7.9,6.3-10.4,10.8c-2.5,4.4-4.2,9.4-5,15.1
+	c-0.8,5.6-1.3,11.3-1.3,17v103.3h-50.9v-104c0-5.5-0.1-10.9-0.4-16.3c-0.2-5.4-1.3-10.3-3.1-14.9c-1.8-4.5-4.8-8.2-9-10.9
+	c-4.2-2.7-10.3-4.1-18.5-4.1c-2.4,0-5.6,0.5-9.5,1.6c-3.9,1.1-7.8,3.1-11.5,6.1c-3.7,3-6.9,7.3-9.5,12.9c-2.6,5.6-3.9,13-3.9,22.1
+	v107.6h-50.9V169.2H166.3z"/>
+    <path d="M506.3,508.1V11.9h-35.7V0H520v520h-49.4v-11.9H506.3z"/>
+</svg>
--- a/routers/repo/webhook.go
+++ b/routers/repo/webhook.go
@ -417,6 +417,58 @@ func TelegramHooksNewPost(ctx *context.Context, form auth.NewTelegramHookForm) {
 	ctx.Redirect(orCtx.Link)
 }

+// MatrixHooksNewPost response for creating a Matrix hook
+func MatrixHooksNewPost(ctx *context.Context, form auth.NewMatrixHookForm) {
+	ctx.Data["Title"] = ctx.Tr("repo.settings")
+	ctx.Data["PageIsSettingsHooks"] = true
+	ctx.Data["PageIsSettingsHooksNew"] = true
+	ctx.Data["Webhook"] = models.Webhook{HookEvent: &models.HookEvent{}}
+
+	orCtx, err := getOrgRepoCtx(ctx)
+	if err != nil {
+		ctx.ServerError("getOrgRepoCtx", err)
+		return
+	}
+
+	if ctx.HasError() {
+		ctx.HTML(200, orCtx.NewTemplate)
+		return
+	}
+
+	meta, err := json.Marshal(&webhook.MatrixMeta{
+		HomeserverURL: form.HomeserverURL,
+		Room:          form.RoomID,
+		AccessToken:   form.AccessToken,
+		MessageType:   form.MessageType,
+	})
+	if err != nil {
+		ctx.ServerError("Marshal", err)
+		return
+	}
+
+	w := &models.Webhook{
+		RepoID:          orCtx.RepoID,
+		URL:             fmt.Sprintf("%s/_matrix/client/r0/rooms/%s/send/m.room.message", form.HomeserverURL, form.RoomID),
+		ContentType:     models.ContentTypeJSON,
+		HookEvent:       ParseHookEvent(form.WebhookForm),
+		IsActive:        form.Active,
+		HookTaskType:    models.MATRIX,
+		Meta:            string(meta),
+		OrgID:           orCtx.OrgID,
+		IsSystemWebhook: orCtx.IsSystemWebhook,
+	}
+	if err := w.UpdateEvent(); err != nil {
+		ctx.ServerError("UpdateEvent", err)
+		return
+	} else if err := models.CreateWebhook(w); err != nil {
+		ctx.ServerError("CreateWebhook", err)
+		return
+	}
+
+	ctx.Flash.Success(ctx.Tr("repo.settings.add_hook_success"))
+	ctx.Redirect(orCtx.Link)
+}
+
 // MSTeamsHooksNewPost response for creating MS Teams hook
 func MSTeamsHooksNewPost(ctx *context.Context, form auth.NewMSTeamsHookForm) {
 	ctx.Data["Title"] = ctx.Tr("repo.settings")
@ -594,6 +646,8 @@ func checkWebhook(ctx *context.Context) (*orgRepoCtx, *models.Webhook) {
 		ctx.Data["DiscordHook"] = webhook.GetDiscordHook(w)
 	case models.TELEGRAM:
 		ctx.Data["TelegramHook"] = webhook.GetTelegramHook(w)
+	case models.MATRIX:
+		ctx.Data["MatrixHook"] = webhook.GetMatrixHook(w)
 	}

 	ctx.Data["History"], err = w.History(1)
@ -861,6 +915,49 @@ func TelegramHooksEditPost(ctx *context.Context, form auth.NewTelegramHookForm)
 	ctx.Redirect(fmt.Sprintf("%s/%d", orCtx.Link, w.ID))
 }

+// MatrixHooksEditPost response for editing a Matrix hook
+func MatrixHooksEditPost(ctx *context.Context, form auth.NewMatrixHookForm) {
+	ctx.Data["Title"] = ctx.Tr("repo.settings")
+	ctx.Data["PageIsSettingsHooks"] = true
+	ctx.Data["PageIsSettingsHooksEdit"] = true
+
+	orCtx, w := checkWebhook(ctx)
+	if ctx.Written() {
+		return
+	}
+	ctx.Data["Webhook"] = w
+
+	if ctx.HasError() {
+		ctx.HTML(200, orCtx.NewTemplate)
+		return
+	}
+	meta, err := json.Marshal(&webhook.MatrixMeta{
+		HomeserverURL: form.HomeserverURL,
+		Room:          form.RoomID,
+		AccessToken:   form.AccessToken,
+		MessageType:   form.MessageType,
+	})
+	if err != nil {
+		ctx.ServerError("Marshal", err)
+		return
+	}
+	w.Meta = string(meta)
+	w.URL = fmt.Sprintf("%s/_matrix/client/r0/rooms/%s/send/m.room.message", form.HomeserverURL, form.RoomID)
+
+	w.HookEvent = ParseHookEvent(form.WebhookForm)
+	w.IsActive = form.Active
+	if err := w.UpdateEvent(); err != nil {
+		ctx.ServerError("UpdateEvent", err)
+		return
+	} else if err := models.UpdateWebhook(w); err != nil {
+		ctx.ServerError("UpdateWebhook", err)
+		return
+	}
+
+	ctx.Flash.Success(ctx.Tr("repo.settings.update_hook_success"))
+	ctx.Redirect(fmt.Sprintf("%s/%d", orCtx.Link, w.ID))
+}
+
 // MSTeamsHooksEditPost response for editing MS Teams hook
 func MSTeamsHooksEditPost(ctx *context.Context, form auth.NewMSTeamsHookForm) {
 	ctx.Data["Title"] = ctx.Tr("repo.settings")
--- a/routers/routes/routes.go
+++ b/routers/routes/routes.go
@ -470,6 +470,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 			m.Post("/discord/new", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksNewPost)
 			m.Post("/dingtalk/new", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksNewPost)
 			m.Post("/telegram/new", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksNewPost)
+			m.Post("/matrix/new", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksNewPost)
 			m.Post("/msteams/new", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksNewPost)
 			m.Post("/feishu/new", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksNewPost)
 			m.Get("/:id", repo.WebHooksEdit)
@ -479,6 +480,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 			m.Post("/discord/:id", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksEditPost)
 			m.Post("/dingtalk/:id", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksEditPost)
 			m.Post("/telegram/:id", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksEditPost)
+			m.Post("/matrix/:id", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksEditPost)
 			m.Post("/msteams/:id", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksEditPost)
 			m.Post("/feishu/:id", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksEditPost)
 		})
@ -577,6 +579,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 					m.Post("/discord/new", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksNewPost)
 					m.Post("/dingtalk/new", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksNewPost)
 					m.Post("/telegram/new", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksNewPost)
+					m.Post("/matrix/new", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksNewPost)
 					m.Post("/msteams/new", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksNewPost)
 					m.Post("/feishu/new", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksNewPost)
 					m.Get("/:id", repo.WebHooksEdit)
@ -586,6 +589,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 					m.Post("/discord/:id", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksEditPost)
 					m.Post("/dingtalk/:id", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksEditPost)
 					m.Post("/telegram/:id", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksEditPost)
+					m.Post("/matrix/:id", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksEditPost)
 					m.Post("/msteams/:id", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksEditPost)
 					m.Post("/feishu/:id", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksEditPost)
 				})
@ -643,6 +647,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 				m.Post("/discord/new", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksNewPost)
 				m.Post("/dingtalk/new", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksNewPost)
 				m.Post("/telegram/new", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksNewPost)
+				m.Post("/matrix/new", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksNewPost)
 				m.Post("/msteams/new", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksNewPost)
 				m.Post("/feishu/new", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksNewPost)
 				m.Get("/:id", repo.WebHooksEdit)
@ -653,6 +658,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 				m.Post("/discord/:id", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksEditPost)
 				m.Post("/dingtalk/:id", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksEditPost)
 				m.Post("/telegram/:id", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksEditPost)
+				m.Post("/matrix/:id", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksEditPost)
 				m.Post("/msteams/:id", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksEditPost)
 				m.Post("/feishu/:id", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksEditPost)

--- a/templates/repo/settings/webhook/list.tmpl
+++ b/templates/repo/settings/webhook/list.tmpl
@ -29,6 +29,9 @@
 				<a class="item" href="{{.BaseLink}}/feishu/new">
 					<img class="img-10" src="{{StaticUrlPrefix}}/img/feishu.png">Feishu
 				</a>
+				<a class="item" href="{{.BaseLink}}/matrix/new">
+                	<img class="img-10" src="{{StaticUrlPrefix}}/img/matrix.svg">Matrix
+				</a>
 			</div>
 		</div>
 	</div>
--- a/templates/repo/settings/webhook/matrix.tmpl
+++ b/templates/repo/settings/webhook/matrix.tmpl
@ -0,0 +1,31 @@
+{{if eq .HookType "matrix"}}
+	<p>{{.i18n.Tr "repo.settings.add_matrix_hook_desc" "https://matrix.org/" | Str2html}}</p>
+	<form class="ui form" action="{{.BaseLink}}/matrix/{{or .Webhook.ID "new"}}" method="post">
+		{{.CsrfTokenHtml}}
+		<div class="required field {{if .Err_HomeserverURL}}error{{end}}">
+			<label for="homeserver_url">{{.i18n.Tr "repo.settings.matrix.homeserver_url"}}</label>
+			<input id="homeserver_url" name="homeserver_url" type="text" value="{{.MatrixHook.HomeserverURL}}" autofocus required>
+		</div>
+		<div class="required field {{if .Err_Room}}error{{end}}">
+        	<label for="room_id">{{.i18n.Tr "repo.settings.matrix.room_id"}}</label>
+          	<input id="room_id" name="room_id" type="text" value="{{.MatrixHook.Room}}" required>
+        </div>
+    	<div class="required field {{if .Err_AccessToken}}error{{end}}">
+    		<label for="access_token">{{.i18n.Tr "repo.settings.matrix.access_token"}}</label>
+    		<input id="access_token" name="access_token" type="text" value="{{.MatrixHook.AccessToken}}" required>
+    	</div>
+    	<div class="field">
+    		<label>{{.i18n.Tr "repo.settings.matrix.message_type"}}</label>
+     		<div class="ui selection dropdown">
+	     		<input type="hidden" id="message_type" name="message_type" value="{{if .MatrixHook.MessageType}}{{.MatrixHook.MessageType}}{{else}}1{{end}}">
+    	 		<div class="default text"></div>
+     				<i class="dropdown icon"></i>
+     				<div class="menu">
+     					<div class="item" data-value="1">m.notice</div>
+     					<div class="item" data-value="2">m.text</div>
+     				</div>
+     			</div>
+     	</div>
+		{{template "repo/settings/webhook/settings" .}}
+	</form>
+{{end}}
--- a/templates/repo/settings/webhook/new.tmpl
+++ b/templates/repo/settings/webhook/new.tmpl
@ -23,6 +23,8 @@
 					<img class="img-13" src="{{StaticUrlPrefix}}/img/msteams.png">
 				{{else if eq .HookType "feishu"}}
 					<img class="img-13" src="{{StaticUrlPrefix}}/img/feishu.png">
+				{{else if eq .HookType "matrix"}}
+					<img class="img-13" src="{{StaticUrlPrefix}}/img/matrix.svg">
 				{{end}}
 			</div>
 		</h4>
@ -35,6 +37,7 @@
 			{{template "repo/settings/webhook/telegram" .}}
 			{{template "repo/settings/webhook/msteams" .}}
 			{{template "repo/settings/webhook/feishu" .}}
+			{{template "repo/settings/webhook/matrix" .}}
 		</div>

 		{{template "repo/settings/webhook/history" .}}