backend/git_service: check repo URLs from webhook

Since we are cloning a private repo we are using `ssh_url` in our case.

Signed-off-by: Jakub Sokołowski <jakub@status.im>

spiffworkflow-backend/src/spiffworkflow_backend/services/git_service.py

@@ -197,14 +197,13 @@ class GitService:
                 f" body: {webhook}"
             )
 
-        clone_url = webhook["repository"]["clone_url"]
+        config_clone_url = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL"]
-        if (
+        repo = webhook["repository"]
-            clone_url
+        valid_clone_urls = [repo["clone_url"], repo["git_url"], repo["ssh_url"]]
-            != current_app.config["SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL"]
+        if config_clone_url not in valid_clone_urls:
-        ):
             raise GitCloneUrlMismatchError(
-                "Configured clone url does not match clone url from webhook:"
+                "Configured clone url does not match the repo URLs from webhook: %s =/= %s"
-                f" {clone_url}"
+                % (config_clone_url, valid_clone_urls)
             )
 
         if "ref" not in webhook: