Skip to content
message-square

GitHub Action

Secure Actions Webhook

0.1.2 Latest version

Secure Actions Webhook

message-square

Secure Actions Webhook

Post data and an hmac signature to an endpoint

Installation

Copy and paste the following snippet into your .yml file.

              

- name: Secure Actions Webhook

uses: koraykoska/[email protected]

Learn more about this action in koraykoska/secure-actions-webhook

Choose a version

secure-actions-webhook

Securely call CD servers / notification services after your Action finishes

Usage

Sending a string:

- name: Webhook
  uses: ybrin/[email protected]
  env:
    REQUEST_URI: ${{ secrets.REQUEST_URI }}
    REQUEST_DATA: "something_interesting"
    HMAC_SECRET: ${{ secrets.HMAC_SECRET }}

Sending a json string:

- name: Webhook
  uses: ybrin/[email protected]
  env:
    REQUEST_URI: ${{ secrets.REQUEST_URI }}
    REQUEST_DATA: '{ "something": "interesting" }'
    HMAC_SECRET: "secret_used_to_generate_signature"

The request will include the header X-Hub-Signature, which is the hmac signature of the raw body just like in Github webhooks (sha1=<hmac_signature>).
Verify it on your endpoint for integrity.