[FEATURE] GitHub events to come in via web hook

[eddiejaoude]

⭐ Suggestion

The GitHub Action to send events to our EddieHub API is not working well with forks.

I just remembered that this might be done better with GitHub webhooks https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads

💻 Use Cases

No response

❌ Related Problems

No response

[eddiejaoude]

Sorry @Cahllagerfeld what do you think?

[Cahllagerfeld]

I never used Webhooks iwth Github, I need to dig into it a bit

[eddiejaoude]

I used it a long time ago, I am happy to pair on it if it helps.

I think the API endpoint will need to be tweaked a bit to accept the data in a slightly different format (IIRC it will just be the top level object fields but everything underneath will be the same)

[Cahllagerfeld]

Do we need to handle authentication for the webhook, or doesn't this matter? My concern is that people can just use the webhook by sending requests there and data gets created

[eddiejaoude]

The web hook on GitHub will be given a token from us to use to send with the data (similar to GitHub secrets), so it will be a protected request https://docs.github.com/en/developers/webhooks-and-events/webhooks/securing-your-webhooks

[Cahllagerfeld]

My Ideas

• Create an dedicated endpoint for webhook communication - I'd leave the existing one, in case we want to use it as a regular endpoint in the future for another scenario
• Create a new Guard that secures the Endpoint based on the link you shared earlier and this gist
• create new interface for the webhook payload - we potentially need to do a mapping here

[eddiejaoude]

Sounds like great ideas 👍