{"id":14985975,"url":"https://github.com/distributhor/workflow-webhook","last_synced_at":"2025-05-15T19:09:08.058Z","repository":{"id":43679004,"uuid":"231406880","full_name":"distributhor/workflow-webhook","owner":"distributhor","description":"A Github workflow action to call a webhook with payload data from the event. Support for JSON or URL encoded endpoints.","archived":false,"fork":false,"pushed_at":"2024-11-22T08:19:23.000Z","size":1807,"stargazers_count":155,"open_issues_count":4,"forks_count":48,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-05-08T01:37:04.771Z","etag":null,"topics":["action","continuous-deployment","deployment","webhook","workflow","workflow-webhook"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/distributhor.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-01-02T15:17:49.000Z","updated_at":"2025-04-08T21:22:36.000Z","dependencies_parsed_at":"2023-01-05T05:03:09.029Z","dependency_job_id":"61f1f5b0-ff71-44fe-92a8-cc4b863ba9fe","html_url":"https://github.com/distributhor/workflow-webhook","commit_stats":{"total_commits":207,"total_committers":13,"mean_commits":"15.923076923076923","dds":"0.13526570048309183","last_synced_commit":"2381f0e9c7b6bf061fb1405bd0804b8706116369"},"previous_names":[],"tags_count":28,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/distributhor%2Fworkflow-webhook","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/distributhor%2Fworkflow-webhook/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/distributhor%2Fworkflow-webhook/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/distributhor%2Fworkflow-webhook/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/distributhor","download_url":"https://codeload.github.com/distributhor/workflow-webhook/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254404357,"owners_count":22065641,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["action","continuous-deployment","deployment","webhook","workflow","workflow-webhook"],"created_at":"2024-09-24T14:12:04.458Z","updated_at":"2025-05-15T19:09:08.035Z","avatar_url":"https://github.com/distributhor.png","language":"Shell","readme":"# Workflow Webhook Action\n\n[![GitHub Release][ico-release]][link-github-release]\n[![License][ico-license]](LICENSE)\n\nA Github workflow action to call a remote webhook endpoint with a JSON or form-urlencoded\npayload, and support for BASIC authentication. A hash signature is passed with each request, \nderived from the payload and a configurable secret token. The hash signature is \nidentical to that which a regular Github webhook would generate, and sent in a header \nfield named `X-Hub-Signature`. Therefore any existing Github webhook signature \nvalidation will continue to work. For more information on how to valiate the signature, \nsee \u003chttps://docs.github.com/webhooks/securing/\u003e.\n\nBy default, the values of the following GitHub workflow environment variables are sent in the \npayload: `GITHUB_REPOSITORY`, `GITHUB_REF`, `GITHUB_HEAD_REF`, `GITHUB_SHA`, `GITHUB_EVENT_NAME` \nand `GITHUB_WORKFLOW`. For more information on what is contained in these variables, see \n\u003chttps://help.github.com/en/actions/automating-your-workflow-with-github-actions/using-environment-variables\u003e. \n\nThese values map to the payload as follows:\n\n```json\n{\n    \"event\": \"GITHUB_EVENT_NAME\",\n    \"repository\": \"GITHUB_REPOSITORY\",\n    \"commit\": \"GITHUB_SHA\",\n    \"ref\": \"GITHUB_REF\",\n    \"head\": \"GITHUB_HEAD_REF\",\n    \"workflow\": \"GITHUB_WORKFLOW\"\n}\n```\n\nIf you are interested in receiving more comprehensive data about the GitHub event than just the \nabove fields, then the action can be configured to send the whole JSON payload of the GitHub event, \nas per the `GITHUB_EVENT_PATH` variable in the environment variable documentation referenced above. \nThe official documentation and reference for the payload itself can be found here: \n\u003chttps://developer.github.com/webhooks/event-payloads/\u003e, and the details on how to configure it, \nis further down in the **Usage** section of this README.\n\nAdditional (custom) data can also be added/merged to the payload (see further down).\n\n\n## Usage\n\nThe following are example snippets for a Github yaml workflow configuration. \u003cbr/\u003e\n\nSend the JSON (default) payload to a webhook:\n\n```yml\n    - name: Invoke deployment hook\n      uses: distributhor/workflow-webhook@v3\n      with:\n        webhook_url: ${{ secrets.WEBHOOK_URL }}\n        webhook_secret: ${{ secrets.WEBHOOK_SECRET }}\n```\n\nWill deliver a payload with the following properties:\n\n```json\n{\n    \"event\": \"push\",\n    \"repository\": \"owner/project\",\n    \"commit\": \"a636b6f0861bbee98039bf3df66ee13d8fbc9c74\",\n    \"ref\": \"refs/heads/master\",\n    \"head\": \"\",\n    \"workflow\": \"Build and deploy\",\n    \"requestID\": \"74b1912d19cfe780f1fada4b525777fd\"\n}\n```\n`requestID` contains a randomly generated identifier for each request. \n\n\u003cbr/\u003e\n\nAdd additional data to the payload:\n\n```yml\n    - name: Invoke deployment hook\n      uses: distributhor/workflow-webhook@v3\n      with:\n        webhook_url: ${{ secrets.WEBHOOK_URL }}\n        webhook_secret: ${{ secrets.WEBHOOK_SECRET }}\n        data: '{ \"weapon\": \"hammer\", \"drink\" : \"beer\" }'\n```\n\nThe additional information will become available on a `data` property,\nand now look like:\n\n```json\n{\n    \"event\": \"push\",\n    \"repository\": \"owner/project\",\n    \"commit\": \"a636b6f0861bbee98039bf3df66ee13d8fbc9c74\",\n    \"ref\": \"refs/heads/master\",\n    \"head\": \"\",\n    \"workflow\": \"Build and deploy\",\n    \"data\": {\n        \"weapon\": \"hammer\",\n        \"drink\": \"beer\"\n    },\n    \"requestID\": \"74b1912d19cfe780f1fada4b525777fd\"\n}\n```\n\nSend a form-urlencoded payload instead:\n\n```yml\n    - name: Invoke deployment hook\n      uses: distributhor/workflow-webhook@v3\n      with:\n        webhook_type: 'form-urlencoded'\n        webhook_url: ${{ secrets.WEBHOOK_URL }}\n        webhook_secret: ${{ secrets.WEBHOOK_SECRET }}\n        data: 'weapon=hammer\u0026drink=beer'\n```\n\nWill set the `Content-Type` header to `application/x-www-form-urlencoded` and deliver:\n\n```csv\n\"event=push\u0026repository=owner/project\u0026commit=a636b6f0....\u0026weapon=hammer\u0026drink=beer\"\n```\n\nFinally, if you prefer to receive the whole original GitHub payload as JSON (as opposed \nto the default JSON snippet above), then configure the webhook with a `webhook_type` of\n`json-extended`:\n\n```yml\n    - name: Invoke deployment hook\n      uses: distributhor/workflow-webhook@v3\n      with:\n        webhook_type: 'json-extended'\n        webhook_url: ${{ secrets.WEBHOOK_URL }}\n        webhook_secret: ${{ secrets.WEBHOOK_SECRET }}\n        data: '{ \"weapon\": \"hammer\", \"drink\" : \"beer\" }'\n```\n\nYou can still add custom JSON data, which will be available on a `data` property, included \non the GitHub payload. Importantly, the sending of the whole GitHub payload\nis only supported as JSON, and not currently available as urlencoded form parameters.\n\n## Arguments\n\n```yml \n  webhook_url: \"https://your.webhook\"\n```\n\n*Required*. The HTTP URI of the webhook endpoint to invoke. The endpoint must accept \nan HTTP POST request. \u003cbr/\u003e\u003cbr/\u003e\n\n\n```yml \n  webhook_secret: \"Y0uR5ecr3t\"\n```\n\nOptional. The secret with which to generate the signature hash. If no secret is configured,\nthen the URL itself will be used as the value with which to generate the signature hash.\nThis is useful for use-cases where the webhook URL might be an obscure, random or temporary\nlink. In general it is advisable to use a webhook secret.\u003cbr/\u003e\u003cbr/\u003e\n\n```yml \n  webhook_auth_type: \"bearer\"\n```\n\nThe type of authentication to use when invoking the webhook URL. Valid values are `basic`, \n`bearer` and `header`. Defaults to `basic` if not specified. In addition, if no value\nis set for `webhook_auth`, then it is assumed that no authentication is required, and this\nvalue, even if configured, will have no effect. It only takes effect when used in conjunction\nwith `webhook_auth`. The expectations for how each option behaves, is explained in the\n`webhook_auth` section below.\u003cbr/\u003e\u003cbr/\u003e\n\n```yml \n  webhook_auth: \"username:password\"\n  webhook_auth: \"Token:ABC\"\n  webhook_auth: \"ABC\"\n```\n\nThe credentials to be used for authentication of the the endpoint. If not configured,\nauthentication is assumed not to be required.\u003cbr/\u003e\u003cbr/\u003e\n\nIf the `webhook_auth_type` is set to `basic`, then this value is expected to be a \n`username:password` string, used for BASIC authentication against the endpoint. It must follow\nthis format, as specified in the `curl` man pages, since it is passed verbatim to the \n`curl -u` option.\u003cbr/\u003e\u003cbr/\u003e\n\nIf the `webhook_auth_type` is set to `bearer`, then this value is expected to be an \naccess token. It will set a header named `Authorization` with a value of `Bearer ${webhook_auth}`.\n\u003cbr/\u003e\u003cbr/\u003e\n\nIf the `webhook_auth_type` is set to `header`, then the expecation is to receive a string similar\nin format to `basic`, except that the delimiter (a colon) will delimit a header name and header\nvalue. For example a value of `Token:ABC` will set a header named `Token` with a value of `ABC`.\nIf no colon is present (no delimiter specified) then it will default to setting a header named\n`Authorization` of which the value will be whatever was configured for `${webhook_auth}`, \nie (no 'bearer') prefix. As an example, when configured with a value of `ABC`, a header named \n`Authorization` will be set to the value `ABC`.\n\u003cbr/\u003e\u003cbr/\u003e\n\n```yml \n  webhook_type: \"json | form-urlencoded | json-extended\"\n```\n\nThe default endpoint type is JSON. The argument is only required if you wish to send urlencoded form data. \nOtherwise it's optional. \u003cbr/\u003e\u003cbr/\u003e\n\n```yml\n  verbose: true\n```\n\nTo enable verbose output in curl set the argument `verbose` to `true`. The default value is `false`. See also: [`curl` docs on option `-v`](https://curl.se/docs/manpage.html#-v).\n\n:warning: **Warning:** This might lead to domain and IP leaking, as well as other security issues as the logs are public. \nSee also [#21](https://github.com/distributhor/workflow-webhook/issues/21) and [#22](https://github.com/distributhor/workflow-webhook/issues/22).\u003cbr/\u003e\u003cbr/\u003e\n\n\n```yml \n  silent: true\n```\n\nTo hide the output from curl set the argument `silent` to `true`. The default value is `false`.\u003cbr/\u003e\u003cbr/\u003e\n\n```yml \n  timeout: 30\n```\n\nTo set a maximum time, in seconds, by which to establish an initial connection to the server. Once a connection has been\nestablished, the option is not used in any further way with regards to the duration of connection.\u003cbr/\u003e\u003cbr/\u003e\n\n```yml\n  max_time: 30\n```\n\nTo set a maximum time, in seconds, by which the server needs to respond to the request.\nThis also includes the time needed for the server to respond. May be used in combination with `timeout`.\u003cbr/\u003e\u003cbr/\u003e\n\n```yml\n  curl_opts: '--speed-limit 5000'\n  curl_opts: '-H \"X-Beverage: Beer\"'\n```\n\nYou can use `curl_opts` to pass in arbitrary options to the curl request. NOTE: this is an experimental feature and not \nguaranteed to work for all options. The string configured here will be passed in verbatim to curl, and it is quite easy to \nbreak things when using it. For simple curl options it should work, but for others it may not suffice. Also, take care with \nescaping characters in YAML.\u003cbr/\u003e\u003cbr/\u003e\n\n```yml \n  verify_ssl: false\n```\n\nTo disable verification of SSL-certificates in curl set the argument `verify_ssl` to `false`. The default value is `true`. \nSee also: [`curl` docs on option `-k`](https://curl.se/docs/manpage.html#-k).\u003cbr/\u003e\u003cbr/\u003e\n\n\n```yml \n  event_name: 'NAME'\n```\n\nOptional. A custom event name sent to the webhook endpoint\u003cbr/\u003e\u003cbr/\u003e\n\n```yml \n  data: \"Additional JSON or URL encoded data\"\n```\n\n\nAdditional data to include in the payload. It is optional. This data will attempted to be \nmerged 'as-is' with the existing payload, and is expected to already be sanitized and valid.\n\nIn the case of JSON, the custom data will be available on a property named `data`, and it will be \nrun through a JSON validator. Invalid JSON will cause the action to break and exit. For example, using \nsingle quotes for JSON properties and values instead of double quotes, will show the \nfollowing (somewhat confusing) message in your workflow output: `Invalid numeric literal`. \nSuch messages are the direct output from the validation library \u003chttps://stedolan.github.io/jq/\u003e. \nThe supplied JSON must pass the validation run through `jq`.\n\n## Output\n\n```yml\n  response-body: 'The body of the webook response'\n```\n\n## License\n\nThe MIT License (MIT). Please see [License File](LICENSE) for more information.\n\n[ico-release]: https://img.shields.io/github/tag/distributhor/workflow-webhook.svg\n[ico-license]: https://img.shields.io/badge/license-MIT-brightgreen.svg\n[link-github-release]: https://github.com/distributhor/workflow-webhook/releases\n","funding_links":[],"categories":["Shell"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdistributhor%2Fworkflow-webhook","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdistributhor%2Fworkflow-webhook","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdistributhor%2Fworkflow-webhook/lists"}