Sprayproxy can be used to forward events from GitHub to backend servers that can process the event. This document will show you how to configure Sprayproxy to forward these events.
- Deploy Sprayproxy with a publicly accessible endpoint.
- Create a GitHub App that is configured to forward the events of your choice (ex: pull requests, push events).
- Set the Webhook URL to the sprayproxy's endpoint.
- Secure the webhook by setting a webhook secret.
- Record this secret's value in a secure location, such as Vault or a cloud provider secret manager.
-
Create a secret named
gh-webhook-secret, whose data should be they key/value pairGH_APP_WEBHOOK_SECRET: <secret-value>. Consider using a secured mechanism for syncing the webhook secret, such as the External Secrets Operator. -
Set the
GH_APP_WEBHOOK_SECRETenvironment variable in sprayproxy's deployment to match the webhook secret value above. This value should be stored in a Kubernetes secret that can be referenced using the envFrom value option. Use following [Kustomize] patch as an example:apiVersion: apps/v1 kind: Deployment metadata: name: sprayproxy namespace: sprayproxy spec: containers: - name: sprayproxy envFrom: secretRef: name: gh-webhook-secret