diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index a3c69d5..0000000 --- a/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -FROM node:12.10.0-alpine - -LABEL "version"="0.1.0" -LABEL "repository"="https://github.com/navied/secure-webhook" -LABEL "homepage"="https://github.com/navied/secure-webhook" -LABEL "maintainer"="@navied" -LABEL "com.github.actions.name"="Secure Webhook" -LABEL "com.github.actions.description"="Post data and an hmac signature to an endpoint" -LABEL "com.github.actions.icon"="message-square" -LABEL "com.github.actions.color"="gray-dark" - -# Add the entry point -RUN mkdir /app -ADD main.js /app/main.js -ADD package.json /app/package.json -ADD entrypoint.sh /app/entrypoint.sh -RUN chmod +x /app/entrypoint.sh - -RUN cd /app -WORKDIR /app -RUN npm install - -# Load the entry point -ENTRYPOINT ["/app/entrypoint.sh"] \ No newline at end of file diff --git a/README.md b/README.md index 7c91cce..927b7b4 100644 --- a/README.md +++ b/README.md @@ -1,35 +1,24 @@ # Secure-Webhook -Securely call CD servers / notification services after your Action finishes - -## Credit - -Thanks goes to https://github.com/koraykoska/secure-actions-webhook +Securely call Webhook endpoint after your Action finishes ## Usage -Sending a string: +Sending a json string, ``url``, and ``hmacSecret`` are required fields, and ``data`` is optional. ```yaml - name: Webhook - uses: navied/secure-actions-webhook@0.1.3 - env: - REQUEST_URI: ${{ secrets.REQUEST_URI }} - REQUEST_DATA: "something_interesting" - HMAC_SECRET: ${{ secrets.HMAC_SECRET }} + uses: navied/secure-actions-webhook@0.2.0 + with: + url: https://example.com + data: '{ "example": "data" }' + hmacSecret: ${{ secrets.HMAC_SECRET }} ``` -Sending a json string: +The request will include the header `X-Hub-Signature`, which is the hmac signature of the raw body just like in Github webhooks, and also the header `X-Hub-SHA` which is the SHA of the commit running the github action. -```yaml -- name: Webhook - uses: navied/secure-actions-webhook@0.1.3 - env: - REQUEST_URI: ${{ secrets.REQUEST_URI }} - REQUEST_DATA: '{ "something": "interesting" }' - HMAC_SECRET: "secret_used_to_generate_signature" -``` +Verify it on your endpoint for integrity. -The request will include the header `X-Hub-Signature`, which is the hmac signature of the raw body just like in Github webhooks. +## Credit -Verify it on your endpoint for integrity. +Thanks to https://github.com/koraykoska/secure-actions-webhook for providing the base signature generation code. \ No newline at end of file diff --git a/entrypoint.sh b/entrypoint.sh deleted file mode 100755 index e75362e..0000000 --- a/entrypoint.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh -set -eu - -node /app/main.js