Update python-app.yml

frodo-repo · web-flow · commit 5f40444fe1d4 · 2025-02-20T16:09:19.000+05:30
diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml
@@ -13,11 +13,14 @@ jobs:
 
     steps:
       - name: Extract event details
-        run: |
-          echo "EVENT_PAYLOAD=$(jq -c . < $GITHUB_EVENT_PATH)" >> $GITHUB_ENV
+        run: echo "EVENT_PAYLOAD=$(jq -c . < $GITHUB_EVENT_PATH)" >> $GITHUB_ENV
 
-      - name: Call External API
+      - name: Call External API (with HMAC signature)
+        env:
+          WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}
         run: |
-          curl -X POST https://firstly-worthy-chamois.ngrok-free.app/github-webhook \
+          SIGNATURE=$(echo -n "$EVENT_PAYLOAD" | openssl dgst -sha256 -hmac "$WEBHOOK_SECRET" | cut -d " " -f2)
+          curl -X POST https://your-webhook-url/github-webhook \
           -H "Content-Type: application/json" \
+          -H "X-Hub-Signature-256: sha256=$SIGNATURE" \
           -d "$EVENT_PAYLOAD"
