Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Add webhook templates documentation #122

Merged
merged 6 commits into from
Oct 2, 2023
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 41 additions & 0 deletions configuration/observability.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -145,3 +145,44 @@ X-Forwarded-Proto: https
You also have the ability to provide a signing secret for requests to your webhook. If you specify a signing secret, you will receive a request with the `X-Flipt-Webhook-Signature` header populated.

The value in the header is the request body HMAC sha256 signed with the signing secret you specified. On the webhook server, you can validate the signature by using the same signing secret. It is _strongly recommended_ that you do this to prevent requests to your webhook server that are from invalid origins.

#### Webhook Templates

Starting from [v1.28.0](https://github.com/flipt-io/flipt/releases/tag/v1.28.0), you can specify configuration for Flipt to send Webhooks to a URL with the Audit event properties you can template in the body of the request.
yquansah marked this conversation as resolved.
Show resolved Hide resolved

A sample configuration can look something like this:

```yaml
audit:
sinks:
webhook:
enabled: true
templates:
- url: https://example.com
headers:
Content-Type: application/json
Authorization: Bearer this-is-a-seret-token
body: |
{
"type": {{ .Type }},
"action": {{ .Action }}
}
```

This configuration tells Flipt to send a `POST` request when events need to be emitted to the URL `https://example.com` with the HTTP headers, `Content-Type` and `Authorization`, and the body which is a Go template that will be executed when an event comes in. The event structure looks like this:
yquansah marked this conversation as resolved.
Show resolved Hide resolved

```go
type Event struct {
Version string `json:"version"`
Type Type `json:"type"`
Action Action `json:"action"`

Metadata Metadata `json:"metadata"`

Payload interface{} `json:"payload"`

Timestamp string `json:"timestamp"`
}
```

and is located [here](https://github.com/flipt-io/flipt/blob/v1.28.0/internal/server/audit/audit.go#L51-L61) in code. So any of these values in the structure are fair game for however you want to construct your HTTP body template.
yquansah marked this conversation as resolved.
Show resolved Hide resolved
1 change: 1 addition & 0 deletions configuration/overview.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -248,6 +248,7 @@ These properties are as follows:
| audit.sinks.webhook.url | URL to send audit events to | | v1.27.0 |
| audit.sinks.webhook.signing_secret | Signing secret to use for verification of origin on webhook server | | v1.27.0 |
| audit.sinks.webhook.max_backoff_duration | Max exponential backoff duration for sending webhook upon failure | 15s | v1.27.0 |
| audit.sinks.webhook.templates[] | List of webhook templates for Flipt to send audit events to | | v1.28.0 |

### Tracing

Expand Down