⭐ Suggestion

The GitHub Action to send events to our EddieHub API is not working well with forks.

I just remembered that this might be done better with GitHub webhooks
https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads

💻 Use Cases

No response

❌ Related Problems

No response

Sorry @Cahllagerfeld what do you think?

I never used Webhooks iwth Github, I need to dig into it a bit

I used it a long time ago, I am happy to pair on it if it helps.

I think the API endpoint will need to be tweaked a bit to accept the data in a slightly different format (IIRC it will just be the top level object fields but everything underneath will be the same)

Do we need to handle authentication for the webhook, or doesn't this matter? My concern is that people can just use the webhook by sending requests there and data gets created

The web hook on GitHub will be given a token from us to use to send with the data (similar to GitHub secrets), so it will be a protected request
https://docs.github.com/en/developers/webhooks-and-events/webhooks/securing-your-webhooks

My Ideas

• Create an dedicated endpoint for webhook communication - I'd leave the existing one, in case we want to use it as a regular endpoint in the future for another scenario
• Create a new Guard that secures the Endpoint based on the link you shared earlier and this gist
• create new interface for the webhook payload - we potentially need to do a mapping here

Sounds like great ideas 👍