webhook

History

Hass_SEA 013415bbfc Add files via upload This pull request is to import into the upstream release the updates @AloysAugustin performed on folk scalr-tutorials/webhook to support scalr signing key with Adnanh/webhook. I've done a very basic copy accross and testing Add a new match rule type that checks for a Scalr webhook signature. The signature algorithm is described here: https://scalr-wiki.atlassian.net/wiki/spaces/docs/pages/6193247/Webhook+Security+and+Authentication An example match rule ifor a Scalr webhook will look like: "match": { "type": "scalr-signature", "secret": "<Scalr-provided signing key>" } adds Scalr webhook signature verification. To verify the Scalr signature on a hook, use a match rule similar to this example: [ { "id": "scalr-test", "execute-command": "test.sh", "trigger-rule": { "match": { "type": "scalr-signature", "secret": "Scalr-provided signing key" } } } ] Note that the trigger rule checks the scalr signature and checks that the request was signed less than 5 minutes before it was received. Please make sure that NTP is enabled on both your Scalr server and your webhook handler to prevent any issues.	2017-12-16 14:33:32 -08:00
..
hook_test.go	Add files via upload	2017-12-16 14:33:32 -08:00
hook.go	Add files via upload	2017-12-16 14:33:32 -08:00

This pull request is to import into the upstream release the updates @AloysAugustin performed on folk scalr-tutorials/webhook to support scalr signing key with Adnanh/webhook. I've done a very basic copy accross and testing

Add a new match rule type that checks for a Scalr webhook signature.
The signature algorithm is described here:
https://scalr-wiki.atlassian.net/wiki/spaces/docs/pages/6193247/Webhook+Security+and+Authentication

An example match rule ifor a Scalr webhook will look like:
"match": {
    "type": "scalr-signature",
    "secret": "<Scalr-provided signing key>"
}

adds Scalr webhook signature verification. To verify the Scalr signature on a hook, use a match rule similar to this example:

[
    {
        "id": "scalr-test",
        "execute-command": "test.sh",
        "trigger-rule": {
            "match": {
                "type": "scalr-signature",
                "secret": "Scalr-provided signing key"
            }
        }
    }
]

Note that the trigger rule checks the scalr signature and checks that the request was signed less than 5 minutes before it was received. Please make sure that NTP is enabled on both your Scalr server and your webhook handler to prevent any issues.

2017-12-16 14:33:32 -08:00

hook_test.go

Add files via upload

2017-12-16 14:33:32 -08:00

hook.go

Add files via upload

2017-12-16 14:33:32 -08:00