Openwhisk: Document how to fire a trigger with a webhook

Created on 23 May 2016  Â·  5Comments  Â·  Source: apache/openwhisk

The document docs/triggers_rules.md describes a trigger, then describes a rule. It will be good continue the doc on how to fire the trigger externally for example a webhook to finaly the concepts, or webhook -> rule (trigger (feed) -> action)

documentation

Most helpful comment

AFAICS, fully handling github webhooks means:

  • access to headers required (e.g. X-GitHub-Event including the event type, or X-Hub-Signature for validating a custom secret)
  • including the ow api key in the webhook url exposes it to everyone who can see the webhook in the github settings, which would give them write access to the namespace, which isn't always applicable
  • other webhooks (not Github) might require synchronous responses for an initial challenge

Because of this, I don't think exposing the trigger url as webhook as employed in the current /whisk.system/github is a practical approach. Rather one needs a web action in front as the actual webhook:

  • Authentication for github would verify the secret in the X-Hub-Signature (configured as default param on the action, for example).
  • It can respond to challenges etc.
  • The web action would then internally fire a trigger.
  • Also, this web action could then dispatch different event types from the webhook to different triggers, e.g. triggers github_push, github_issue... :

    github -> web action (webhook) -> trigger (event type 1) -> rule 1 -> action 1
    -> rule 2 -> action 2
    -> trigger (event type 2) -> rule 3 -> action 3
    ...

Thoughts?

All 5 comments

I expect this content and I am working on it for our project. Do you have an example?

@lfzCarlosC You can take a look at webhook.js.
webhook.js will register a webhook in github which will invoke a trigger in OpenWhisk.

I just want to plus one this. The API docs (https://github.com/openwhisk/openwhisk/blob/master/docs/reference.md#rest-api) document this, but the actual Trigger docs should as well.

AFAICS, fully handling github webhooks means:

  • access to headers required (e.g. X-GitHub-Event including the event type, or X-Hub-Signature for validating a custom secret)
  • including the ow api key in the webhook url exposes it to everyone who can see the webhook in the github settings, which would give them write access to the namespace, which isn't always applicable
  • other webhooks (not Github) might require synchronous responses for an initial challenge

Because of this, I don't think exposing the trigger url as webhook as employed in the current /whisk.system/github is a practical approach. Rather one needs a web action in front as the actual webhook:

  • Authentication for github would verify the secret in the X-Hub-Signature (configured as default param on the action, for example).
  • It can respond to challenges etc.
  • The web action would then internally fire a trigger.
  • Also, this web action could then dispatch different event types from the webhook to different triggers, e.g. triggers github_push, github_issue... :

    github -> web action (webhook) -> trigger (event type 1) -> rule 1 -> action 1
    -> rule 2 -> action 2
    -> trigger (event type 2) -> rule 3 -> action 3
    ...

Thoughts?

You are correct
here is a discussion, I name it “Web Trigger” where it doesn’t require coding it can be done via annotations

https://github.com/apache/incubator-openwhisk/issues/3558

Was this page helpful?
0 / 5 - 0 ratings

Related issues

YangZhou1997 picture YangZhou1997  Â·  5Comments

j4zzcat picture j4zzcat  Â·  3Comments

jthomas picture jthomas  Â·  5Comments

antengj picture antengj  Â·  4Comments

Daniel15 picture Daniel15  Â·  4Comments