Skip to content

navied/secure-webhook

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits

.github/workflows

.github/workflows

 
 

dist

dist

 
 

src

src

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

action.yaml

action.yaml

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

Repository files navigation

Secure-Webhook

Securely call Webhook endpoint after your Action finishes

Usage

Sending a json string, url, and hmacSecret are required fields, and data is optional.

- name: Webhook
  uses: navied/secure-actions-webhook@0.2.0
  with:
    url: https://example.com
    data: '{ "example": "data" }'
    hmacSecret: ${{ secrets.HMAC_SECRET }}

The request will include the header X-Hub-Signature, which is the hmac signature of the raw body just like in Github webhooks, and also the header X-Hub-SHA which is the SHA of the commit running the github action.

Verify it on your endpoint for integrity.

Credit

Thanks to https://github.com/koraykoska/secure-actions-webhook for providing the base signature generation code.

About

Securely call CD servers / notification services after your Action finishes

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

4 forks
Report repository

Releases 11

0.2.1: Merge pull request #1 from lamka02sk/patch-1 Latest
May 13, 2021
+ 10 releases

Packages

No packages published

Languages

  • JavaScript 100.0%