Webhook authentication

gempain · October 20, 2020, 10:00pm

Hi there,

Is there a way to authenticate webhooks sent by:

notify:
  webhooks:
    - url: https://my.company.com

I though of adding a token query param:

    -  https://my.company.com?token=$TOKEN

But my environment variable TOKEN is not being injected.

Is there any way to add headers using environment variables ? How do you guys make sure that no one else but you calls your webhook endpoints ? Is this notify property documented anywhere ?

Thanks a lot, and keep up the great work !

Henna · October 21, 2020, 5:32pm

Hi @gempain,

The notify feature has been deprecated and is no longer supported by CircleCI. Do you mind clarifying your use case so I can make a suggestion?

Are you trying to emulate a slack webhook? if so, you can use CircleCI’s Slack Orb. You can also check out CircleCI’s Orb Registry.

gempain · October 21, 2020, 10:14pm

@Henna thanks for the response.

I want to notify my server when jobs succeed and when they fail. I need a POST request with a payload with the job ID or pipeline number, and a way to authenticate using a project environment variable. There is a webhook orb which seems unmaintained. It doesn’t provide a token mechanism but I can create my own orb.

My problem with orbs is that you have to call them in every job, and I want something global.

version: 2.1
orbs:
  webhook: eddiewebb/webhook@volatile
jobs:
  build:
    docker:
      - image: 'node:12'
    steps:
      - run: echo "build"
      - webhook/notify:
          endpoint: 'https://my.url'
          token: $TOKEN
  test:
    steps:
      - run: echo "test"
      - webhook/notify:
          endpoint: 'https://my.url'
          token: $TOKEN

Can you clarify how to bind a project environment variable to an orb:

token: <<parameters.TOKEN>>
# or 
token: "<<parameters.TOKEN>>"
# or
token: $TOKEN

gempain · October 22, 2020, 1:48pm

@Henna

I just realized something… webhooks are sent AFTER the build has finished. Unfortunately, orbs are executed as regular jobs, so when the orb performs the HTTP post, the workflow status is still “running”…

Why did you guys decided to no longer support webhooks without providing a viable alternative ?

Henna · October 22, 2020, 9:46pm

For issues with orbs, it is best to reach out to the orbs maintainer by creating an issue on GitHub : https://github.com/eddiewebb/circleci-webhook-orb

You can pass in an environment variable using the following syntax: $TOKEN

Henna · October 22, 2020, 9:47pm

I found this feature request : Workflow level webhook notifications. Please feel free to vote and comment on it. If the idea gets enough votes and comments, it will be prioritized.

Topic		Replies	Views
Using Environment Variables inside Circle.yml Build Environment notifications , api , circle-yml	23	24652	June 18, 2018
Webhooks and Build Notifications for Circle 2.0 Build Environment	1	908	March 5, 2019
Leveraging CircleCI API to include build logs in Slack notifications Support Solutions	14	5228	August 24, 2021
Unable to get project Environment Variables set in project Build Environment	5	1249	September 17, 2020
Slack application authentication (Not web-hooks) Build Environment	0	674	July 20, 2021

Webhook authentication

Related topics